npm - libmodulor - Versions diffs - 0.27.0 → 0.29.0 - Mend

libmodulor 0.27.0 → 0.29.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (208) hide show

package/dist/esm/target/lib/openapi/types.d.ts ADDED Viewed

@@ -0,0 +1,109 @@
+import type { DataType, FreeTextLong, FreeTextShort, HTTPMethod, HTTPStatusNumber, JSONSchemaType, SemVerVersion, URL } from '../../../dt/index.js';
+import type { ProductName } from '../../../product/index.js';
+import type { FQUCInputName, FQUCOPI0Name, FQUCOPI1Name, UCFieldKey } from '../../../uc/index.js';
+import type { StringKeys } from '../../../utils/index.js';
+import type { AUTHORIZATION_HEADER_NAME, AuthCookieName, PublicApiKeyHeaderName } from '../shared.js';
+export type OpenAPIPathName = string;
+export type OpenAPIDescription = FreeTextLong;
+export type OpenAPISchemaName = FQUCInputName | FQUCOPI0Name | FQUCOPI1Name | `Error`;
+export type OpenAPISchemaRef = `#/components/schemas/${OpenAPISchemaName}`;
+export type OpenAPISummary = FreeTextShort;
+export type OpenAPIProperty<T extends DataType> = JSONSchemaType & {
+    enum?: T[];
+    examples?: T[];
+};
+export interface OpenAPISchema<T extends object> {
+    additionalProperties: false;
+    properties: Record<StringKeys<T>, OpenAPIProperty<any>>;
+    required?: StringKeys<T>[];
+    type: 'object';
+}
+export type OpenAPISecurityItem = Partial<Record<keyof OpenAPISecuritySchemes, []>>;
+export type OpenAPISecurity = OpenAPISecurityItem[];
+export interface OpenAPISecurityScheme {
+    description?: OpenAPIDescription;
+}
+export interface OpenAPISecuritySchemes {
+    apiKey?: OpenAPISecurityScheme & {
+        bearerFormat: 'Bearer';
+        in: 'header';
+        name: typeof AUTHORIZATION_HEADER_NAME;
+        type: 'apiKey';
+    };
+    basic?: OpenAPISecurityScheme & {
+        scheme: 'basic';
+        type: 'http';
+    };
+    jwt?: OpenAPISecurityScheme & {
+        in: 'cookie';
+        name: AuthCookieName;
+        type: 'apiKey';
+    };
+    publicApiKey?: OpenAPISecurityScheme & {
+        in: 'header';
+        name: PublicApiKeyHeaderName;
+        type: 'apiKey';
+    };
+}
+export interface OpenAPIComponents {
+    securitySchemes: OpenAPISecuritySchemes;
+    schemas: Record<OpenAPISchemaName, OpenAPISchema<any>>;
+}
+export interface OpenAPIParameter {
+    description?: OpenAPIDescription;
+    in: 'path' | 'query';
+    name: UCFieldKey;
+    required: boolean;
+    schema: OpenAPIProperty<any>;
+}
+export interface OpenAPIPath {
+    description?: OpenAPIDescription;
+    parameters?: OpenAPIParameter[];
+    requestBody?: OpenAPIRequestBody;
+    responses: OpenAPIResponses;
+    security?: OpenAPISecurity;
+    summary?: OpenAPISummary;
+    tags?: string[];
+}
+export interface OpenAPIInnerContent {
+    schema: {
+        $ref: OpenAPISchemaRef;
+    } | OpenAPISchema<any>;
+}
+export type OpenAPIContent = {
+    'application/json': OpenAPIInnerContent;
+} | {
+    'multipart/form-data': OpenAPIInnerContent & {
+        encoding?: Record<UCFieldKey, {
+            style: 'form';
+            explode: boolean;
+        }>;
+    };
+};
+export interface OpenAPIRequestBody {
+    content: OpenAPIContent;
+    description?: OpenAPIDescription;
+    required: boolean;
+}
+export type OpenAPIPaths = Record<OpenAPIPathName, Partial<Record<Lowercase<HTTPMethod>, OpenAPIPath>>>;
+export interface OpenAPIResponse {
+    content: OpenAPIContent;
+    description: OpenAPIDescription;
+}
+export type OpenAPIResponses = Partial<Record<HTTPStatusNumber, OpenAPIResponse>>;
+export interface OpenAPIServer {
+    description?: OpenAPIDescription;
+    url: URL;
+}
+export interface OpenAPISpec {
+    components: OpenAPIComponents;
+    info: {
+        description?: OpenAPIDescription;
+        title: ProductName;
+        summary?: OpenAPISummary;
+        version: SemVerVersion;
+    };
+    openapi: '3.1.0';
+    paths: OpenAPIPaths;
+    servers: OpenAPIServer[];
+}

package/dist/esm/target/lib/rn/input.d.ts CHANGED Viewed

@@ -2,6 +2,9 @@ import type { TextInputProps } from 'react-native';
 import { type DataType, type ErrorMessage } from '../../../dt/index.js';
 import { type UCInputField } from '../../../uc/index.js';
 export interface RNInputDef {
+    /**
+     * Internal types that are not part of the spec
+     */
     internal?: undefined;
     /**
      * Fields that are part of {@link TextInputProps}

package/dist/esm/target/lib/server/AuthCookieCreator.d.ts CHANGED Viewed

@@ -1,10 +1,11 @@
 import type { JWT, Timestamp } from '../../../dt/index.js';
 import type { JWTManager, SettingsManager, Worker } from '../../../std/index.js';
+import type { HTTPCookieSameSite } from '../../../utils/index.js';
 import type { ServerManagerSettings } from '../../lib/server/ServerManager.js';
 export interface CookieOpts {
     expires: Date;
     httpOnly: boolean;
-    sameSite: 'strict';
+    sameSite: HTTPCookieSameSite;
     secure: boolean;
     signed: boolean;
 }

package/dist/esm/target/lib/server/AuthenticationChecker.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { type Provider } from 'inversify';
+import { type Factory } from 'inversify';
 import type { AppManifest } from '../../../app/index.js';
 import type { Logger, Worker } from '../../../std/index.js';
 import { type UC, type UCAuth, type UCDef, type UCInput, type UCOPIBase, type UCPolicy } from '../../../uc/index.js';
@@ -23,8 +23,8 @@ export declare class AuthenticationChecker implements Worker<Input, Promise<Outp
     private jwtAuthenticationChecker;
     private privateApiKeyAuthenticationChecker;
     private logger;
-    private ucPolicyProvider;
-    constructor(basicAuthenticationChecker: BasicAuthenticationChecker, jwtAuthenticationChecker: JWTAuthenticationChecker, privateApiKeyAuthenticationChecker: PrivateApiKeyAuthenticationChecker, logger: Logger, ucPolicyProvider: Provider<UCPolicy>);
+    private ucPolicyFactory;
+    constructor(basicAuthenticationChecker: BasicAuthenticationChecker, jwtAuthenticationChecker: JWTAuthenticationChecker, privateApiKeyAuthenticationChecker: PrivateApiKeyAuthenticationChecker, logger: Logger, ucPolicyFactory: Factory<UCPolicy>);
     exec<I extends UCInput | undefined = undefined, OPI0 extends UCOPIBase | undefined = undefined, OPI1 extends UCOPIBase | undefined = undefined>({ authCookie, authorizationHeader, uc, }: Input<I, OPI0, OPI1>): Promise<Output>;
 }
 export {};

package/dist/esm/target/lib/server/AuthenticationChecker.js CHANGED Viewed

@@ -21,13 +21,13 @@ let AuthenticationChecker = class AuthenticationChecker {
     jwtAuthenticationChecker;
     privateApiKeyAuthenticationChecker;
     logger;
-    ucPolicyProvider;
-    constructor(basicAuthenticationChecker, jwtAuthenticationChecker, privateApiKeyAuthenticationChecker, logger, ucPolicyProvider) {
+    ucPolicyFactory;
+    constructor(basicAuthenticationChecker, jwtAuthenticationChecker, privateApiKeyAuthenticationChecker, logger, ucPolicyFactory) {
         this.basicAuthenticationChecker = basicAuthenticationChecker;
         this.jwtAuthenticationChecker = jwtAuthenticationChecker;
         this.privateApiKeyAuthenticationChecker = privateApiKeyAuthenticationChecker;
         this.logger = logger;
-        this.ucPolicyProvider = ucPolicyProvider;
+        this.ucPolicyFactory = ucPolicyFactory;
     }
     async exec({ authCookie, authorizationHeader, uc, }) {
         this.logger.trace('Checking auth', {
@@ -43,7 +43,7 @@ let AuthenticationChecker = class AuthenticationChecker {
             return output;
         }
         const authType = sec?.authType ?? DEFAULT_UC_SEC_AT;
-        const policy = (await this.ucPolicyProvider(server.policy));
+        const policy = (await this.ucPolicyFactory(server.policy));
         const canBeExecutedPreAuth = await policy.canBeExecutedPreAuth();
         if (canBeExecutedPreAuth) {
             const { allowed } = await policy.exec({
@@ -101,7 +101,7 @@ AuthenticationChecker = __decorate([
     __param(1, inject(JWTAuthenticationChecker)),
     __param(2, inject(PrivateApiKeyAuthenticationChecker)),
     __param(3, inject('Logger')),
-    __param(4, inject('Provider<UCPolicy>')),
+    __param(4, inject('Factory<UCPolicy>')),
     __metadata("design:paramtypes", [BasicAuthenticationChecker,
         JWTAuthenticationChecker,
         PrivateApiKeyAuthenticationChecker, Object, Function])

package/dist/esm/target/lib/server/ServerBooter.d.ts CHANGED Viewed

@@ -2,9 +2,10 @@ import { ProductUCsLoader } from '../../../product/index.js';
 import type { Configurable, EmailManager, FSManager, I18nManager, JobManager, Logger, SettingsManager, Worker } from '../../../std/index.js';
 import { type UCManager } from '../../../uc/index.js';
 import type { TargetEntrypointInput } from '../entrypoint.js';
+import { OpenAPISpecBuilder } from '../openapi/OpenAPISpecBuilder.js';
 import { ServerInstaller } from './ServerInstaller.js';
 import type { ServerManager, ServerManagerSettings } from './ServerManager.js';
-type S = Pick<ServerManagerSettings, 'server_static_dir_path' | 'server_tmp_path'>;
+type S = Pick<ServerManagerSettings, 'server_expose_openapi_spec' | 'server_expose_openapi_spec_at' | 'server_static_dir_path' | 'server_tmp_path'>;
 type Input = TargetEntrypointInput & {
     autoMountUCs?: boolean;
 };
@@ -13,13 +14,14 @@ export declare class ServerBooter implements Configurable<S>, Worker<Input, Prom
     private fsManager;
     private i18nManager;
     private jobManager;
+    private openAPISpecBuilder;
     private logger;
     private productUCsLoader;
     private serverManager;
     private serverInstaller;
     private settingsManager;
     private ucManager;
-    constructor(emailManager: EmailManager, fsManager: FSManager, i18nManager: I18nManager, jobManager: JobManager, logger: Logger, productUCsLoader: ProductUCsLoader, serverManager: ServerManager, serverInstaller: ServerInstaller, settingsManager: SettingsManager<S>, ucManager: UCManager);
+    constructor(emailManager: EmailManager, fsManager: FSManager, i18nManager: I18nManager, jobManager: JobManager, openAPISpecBuilder: OpenAPISpecBuilder, logger: Logger, productUCsLoader: ProductUCsLoader, serverManager: ServerManager, serverInstaller: ServerInstaller, settingsManager: SettingsManager<S>, ucManager: UCManager);
     s(): S;
     exec({ appsRootPath, autoMountUCs, srcImporter, }: Input): Promise<void>;
     private mountUC;

package/dist/esm/target/lib/server/ServerBooter.js CHANGED Viewed

@@ -11,8 +11,9 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
     return function (target, key) { decorator(target, key, paramIndex); }
 };
 import { inject, injectable } from 'inversify';
-import { ProductUCsLoader } from '../../../product/index.js';
+import { ProductUCsLoader, } from '../../../product/index.js';
 import { ucHTTPContract, } from '../../../uc/index.js';
+import { OpenAPISpecBuilder } from '../openapi/OpenAPISpecBuilder.js';
 import { shouldMountUC } from './funcs.js';
 import { ServerInstaller } from './ServerInstaller.js';
 let ServerBooter = class ServerBooter {
@@ -20,17 +21,19 @@ let ServerBooter = class ServerBooter {
     fsManager;
     i18nManager;
     jobManager;
+    openAPISpecBuilder;
     logger;
     productUCsLoader;
     serverManager;
     serverInstaller;
     settingsManager;
     ucManager;
-    constructor(emailManager, fsManager, i18nManager, jobManager, logger, productUCsLoader, serverManager, serverInstaller, settingsManager, ucManager) {
+    constructor(emailManager, fsManager, i18nManager, jobManager, openAPISpecBuilder, logger, productUCsLoader, serverManager, serverInstaller, settingsManager, ucManager) {
         this.emailManager = emailManager;
         this.fsManager = fsManager;
         this.i18nManager = i18nManager;
         this.jobManager = jobManager;
+        this.openAPISpecBuilder = openAPISpecBuilder;
         this.logger = logger;
         this.productUCsLoader = productUCsLoader;
         this.serverManager = serverManager;
@@ -40,6 +43,8 @@ let ServerBooter = class ServerBooter {
     }
     s() {
         return {
+            server_expose_openapi_spec: this.settingsManager.get()('server_expose_openapi_spec'),
+            server_expose_openapi_spec_at: this.settingsManager.get()('server_expose_openapi_spec_at'),
             server_static_dir_path: this.settingsManager.get()('server_static_dir_path'),
             server_tmp_path: this.settingsManager.get()('server_tmp_path'),
         };
@@ -55,13 +60,18 @@ let ServerBooter = class ServerBooter {
         await this.emailManager.verify();
         this.logger.info('Initializing server manager');
         await this.serverManager.init();
+        const mountedUCs = [];
         if (autoMountUCs) {
             const ucs = await this.productUCsLoader.exec({
                 appsRootPath,
                 srcImporter,
             });
             for await (const uc of ucs) {
-                await this.mountUC(uc);
+                const mounted = await this.mountUC(uc);
+                if (!mounted) {
+                    continue;
+                }
+                mountedUCs.push(uc);
             }
         }
         const staticDirPath = this.s().server_static_dir_path;
@@ -76,6 +86,17 @@ let ServerBooter = class ServerBooter {
         if (!(await this.fsManager.exists(tmpDirPath))) {
             await this.fsManager.mkdir(tmpDirPath);
         }
+        if (this.s().server_expose_openapi_spec) {
+            const at = this.s().server_expose_openapi_spec_at;
+            this.logger.info('Mounting OpenAPI spec', {
+                at,
+                mountedUCs: mountedUCs.length,
+            });
+            const { spec } = await this.openAPISpecBuilder.exec({
+                ucs: mountedUCs,
+            });
+            await this.serverManager.mountOpenAPISpec(spec, at);
+        }
         await this.serverManager.warmUp();
         await this.serverManager.start();
     }
@@ -88,7 +109,7 @@ let ServerBooter = class ServerBooter {
             this.logger.debug(`Not mounting ${mountingPoint}`, {
                 reason: shouldNotMountReason,
             });
-            return;
+            return false;
         }
         this.logger.info(`Mounting ${mountingPoint}`, {
             contract,
@@ -96,6 +117,7 @@ let ServerBooter = class ServerBooter {
         });
         await this.ucManager.initServer(uc);
         await this.serverManager.mount(uc.appManifest, uc.def, contract);
+        return true;
     }
 };
 ServerBooter = __decorate([
@@ -104,12 +126,13 @@ ServerBooter = __decorate([
     __param(1, inject('FSManager')),
     __param(2, inject('I18nManager')),
     __param(3, inject('JobManager')),
-    __param(4, inject('Logger')),
-    __param(5, inject(ProductUCsLoader)),
-    __param(6, inject('ServerManager')),
-    __param(7, inject(ServerInstaller)),
-    __param(8, inject('SettingsManager')),
-    __param(9, inject('UCManager')),
-    __metadata("design:paramtypes", [Object, Object, Object, Object, Object, ProductUCsLoader, Object, ServerInstaller, Object, Object])
+    __param(4, inject(OpenAPISpecBuilder)),
+    __param(5, inject('Logger')),
+    __param(6, inject(ProductUCsLoader)),
+    __param(7, inject('ServerManager')),
+    __param(8, inject(ServerInstaller)),
+    __param(9, inject('SettingsManager')),
+    __param(10, inject('UCManager')),
+    __metadata("design:paramtypes", [Object, Object, Object, Object, OpenAPISpecBuilder, Object, ProductUCsLoader, Object, ServerInstaller, Object, Object])
 ], ServerBooter);
 export { ServerBooter };

package/dist/esm/target/lib/server/ServerManager.d.ts CHANGED Viewed

@@ -1,12 +1,11 @@
 import type { AppManifest } from '../../../app/index.js';
-import type { ApiKey, DirPath, FilePath, HostPort, Password, URL, Username } from '../../../dt/index.js';
+import type { ApiKey, DirPath, FilePath, HostPort, HTTPMethod, Password, URL, URLPath, Username } from '../../../dt/index.js';
 import type { Settings } from '../../../std/index.js';
 import type { UCDef, UCHTTPContract, UCInput, UCManager, UCOPIBase } from '../../../uc/index.js';
-import type { Initializable } from '../../../utils/index.js';
+import type { HTTPCSPValue } from '../../../utils/http/types.js';
+import type { HTTPCookieSameSite, HTTPHeaderName, Initializable } from '../../../utils/index.js';
+import type { OpenAPISpec } from '../openapi/types.js';
 import type { AuthCookieName, PublicApiKeyHeaderName } from '../shared.js';
-export type ServerManagerCSPDefType = 'defaultSrc' | 'imgSrc' | 'scriptSrc';
-export type ServerManagerCSPDefValue = URL[];
-export type ServerManagerCSPDef = Record<ServerManagerCSPDefType, ServerManagerCSPDefValue>;
 export interface ServerManagerAuthSettings {
     server_basic_auth_entries: Record<Username, Password>;
     server_private_api_key_entries: ApiKey[];
@@ -17,11 +16,17 @@ export interface ServerManagerSettings extends ServerManagerAuthSettings, Settin
     server_binding_port: HostPort;
     server_cookies_http_only: boolean;
     server_cookies_name_auth: AuthCookieName;
-    server_cookies_same_site: 'strict';
+    server_cookies_same_site: HTTPCookieSameSite;
     server_cookies_secure: boolean;
-    server_csp_default_src: ServerManagerCSPDefValue;
-    server_csp_img_src: ServerManagerCSPDefValue;
-    server_csp_script_src: ServerManagerCSPDefValue;
+    server_csp_default_src: HTTPCSPValue;
+    server_csp_img_src: HTTPCSPValue;
+    server_csp_script_src: HTTPCSPValue;
+    server_cors_credentials: boolean;
+    server_cors_headers: HTTPHeaderName[];
+    server_cors_methods: HTTPMethod[];
+    server_cors_origins: URL[];
+    server_expose_openapi_spec: boolean;
+    server_expose_openapi_spec_at: URLPath;
     server_public_api_key_header_name: PublicApiKeyHeaderName;
     server_public_url: URL;
     server_ssl_fullchain_path: FilePath | null;
@@ -46,6 +51,11 @@ export interface ServerManager extends Initializable {
      * @param contract
      */
     mountSync<I extends UCInput | undefined = undefined, OPI0 extends UCOPIBase | undefined = undefined, OPI1 extends UCOPIBase | undefined = undefined>(appManifest: AppManifest, ucd: UCDef<I, OPI0, OPI1>, contract: UCHTTPContract): void;
+    /**
+     * Mount the OpenAPI spec
+     * @param spec
+     */
+    mountOpenAPISpec(spec: OpenAPISpec, at: URLPath): Promise<void>;
     /**
      * Mount the static directory at `/`
      * @param dirPath

package/dist/esm/target/lib/server/ServerRequestHandler.d.ts CHANGED Viewed

@@ -58,7 +58,6 @@ export declare class ServerRequestHandler implements Worker<Input, Promise<Outpu
     private requestLogger;
     private settingsManager;
     private ucBuilder;
-    private static AUTHORIZATION_HEADER_NAME;
     private static X_FORWARDED_PROTO_HEADER_NAME;
     constructor(authCookieCreator: AuthCookieCreator, authenticationChecker: AuthenticationChecker, customerFacingErrorBuilder: CustomerFacingErrorBuilder, publicApiKeyChecker: PublicApiKeyChecker, requestChecker: RequestChecker, requestLogger: RequestLogger, settingsManager: SettingsManager<S>, ucBuilder: UCBuilder);
     s(): S;

package/dist/esm/target/lib/server/ServerRequestHandler.js CHANGED Viewed

@@ -14,6 +14,7 @@ var ServerRequestHandler_1;
 import { inject, injectable } from 'inversify';
 import { IllegalArgumentError, isEmptyJSON } from '../../../error/index.js';
 import { UCBuilder, UCOutputReader, UCOutputSideEffectType, } from '../../../uc/index.js';
+import { AUTHORIZATION_HEADER_NAME } from '../shared.js';
 import { AuthCookieCreator, } from './AuthCookieCreator.js';
 import { AuthenticationChecker } from './AuthenticationChecker.js';
 import { CustomerFacingErrorBuilder } from './CustomerFacingErrorBuilder.js';
@@ -30,7 +31,6 @@ let ServerRequestHandler = class ServerRequestHandler {
     requestLogger;
     settingsManager;
     ucBuilder;
-    static AUTHORIZATION_HEADER_NAME = 'Authorization';
     static X_FORWARDED_PROTO_HEADER_NAME = 'X-Forwarded-Proto';
     constructor(authCookieCreator, authenticationChecker, customerFacingErrorBuilder, publicApiKeyChecker, requestChecker, requestLogger, settingsManager, ucBuilder) {
         this.authCookieCreator = authCookieCreator;
@@ -73,7 +73,7 @@ let ServerRequestHandler = class ServerRequestHandler {
             });
             const { auth } = await this.authenticationChecker.exec({
                 authCookie: await cookie(this.s().server_cookies_name_auth),
-                authorizationHeader: await header(ServerRequestHandler_1.AUTHORIZATION_HEADER_NAME),
+                authorizationHeader: await header(AUTHORIZATION_HEADER_NAME),
                 uc,
             });
             if (auth) {

package/dist/esm/target/lib/server/consts.d.ts CHANGED Viewed

@@ -1,5 +1,9 @@
+import type { HTTPMethod } from '../../../dt/index.js';
+import type { HTTPHeaderName } from '../../../utils/index.js';
 import type { ServerManagerSettings } from './ServerManager.js';
 /**
  * @see TARGET_DEFAULT_SERVER_CLIENT_MANAGER_SETTINGS
  */
 export declare const TARGET_DEFAULT_SERVER_MANAGER_SETTINGS: ServerManagerSettings;
+export declare const TARGET_USUAL_SERVER_MANAGER_CORS_HEADERS: HTTPHeaderName[];
+export declare const TARGET_USUAL_SERVER_MANAGER_CORS_METHODS: HTTPMethod[];

package/dist/esm/target/lib/server/consts.js CHANGED Viewed

@@ -10,9 +10,15 @@ export const TARGET_DEFAULT_SERVER_MANAGER_SETTINGS = {
     server_cookies_name_auth: 'auth',
     server_cookies_same_site: 'strict',
     server_cookies_secure: true,
+    server_cors_credentials: false,
+    server_cors_headers: [],
+    server_cors_methods: [],
+    server_cors_origins: [],
     server_csp_default_src: [],
     server_csp_img_src: [],
     server_csp_script_src: [],
+    server_expose_openapi_spec: false,
+    server_expose_openapi_spec_at: '/api/openapi.json',
     server_private_api_key_entries: [],
     server_public_api_key_entries: [unsafeDefaultSetting()],
     server_public_api_key_header_name: 'X-API-Key',
@@ -23,3 +29,19 @@ export const TARGET_DEFAULT_SERVER_MANAGER_SETTINGS = {
     server_stop_mode: 'patient',
     server_tmp_path: 'tmp',
 };
+export const TARGET_USUAL_SERVER_MANAGER_CORS_HEADERS = [
+    'Accept',
+    'Authorization',
+    'Content-Type',
+    'Cookie',
+    'Origin',
+    'X-Requested-With',
+];
+export const TARGET_USUAL_SERVER_MANAGER_CORS_METHODS = [
+    'DELETE',
+    'GET',
+    'HEAD',
+    'OPTIONS',
+    'POST',
+    'PUT',
+];

package/dist/esm/target/lib/server-express/CORSMiddlewareBuilder.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import type { RequestHandler } from 'express';
+import type { Configurable, SettingsManager, Worker } from '../../../std/index.js';
+import type { ServerManagerSettings } from '../server/ServerManager.js';
+interface Input {
+}
+type Output = RequestHandler;
+type S = Pick<ServerManagerSettings, 'server_cors_credentials' | 'server_cors_headers' | 'server_cors_methods' | 'server_cors_origins' | 'server_public_api_key_header_name'>;
+export declare class CORSMiddlewareBuilder implements Configurable<S>, Worker<Input, Output> {
+    private settingsManager;
+    constructor(settingsManager: SettingsManager<S>);
+    s(): S;
+    exec(_input: Input): Output;
+    private fmt;
+}
+export {};

package/dist/esm/target/lib/server-express/CORSMiddlewareBuilder.js ADDED Viewed

@@ -0,0 +1,55 @@
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+import { inject, injectable } from 'inversify';
+let CORSMiddlewareBuilder = class CORSMiddlewareBuilder {
+    settingsManager;
+    constructor(settingsManager) {
+        this.settingsManager = settingsManager;
+    }
+    s() {
+        return {
+            server_cors_credentials: this.settingsManager.get()('server_cors_credentials'),
+            server_cors_headers: this.settingsManager.get()('server_cors_headers'),
+            server_cors_methods: this.settingsManager.get()('server_cors_methods'),
+            server_cors_origins: this.settingsManager.get()('server_cors_origins'),
+            server_public_api_key_header_name: this.settingsManager.get()('server_public_api_key_header_name'),
+        };
+    }
+    exec(_input) {
+        return (req, res, next) => {
+            res.header('Access-Control-Allow-Credentials', String(this.s().server_cors_credentials));
+            res.header('Access-Control-Allow-Headers', this.fmt([
+                ...this.s().server_cors_headers,
+                this.s().server_public_api_key_header_name,
+            ]));
+            res.header('Access-Control-Allow-Methods', this.fmt(this.s().server_cors_methods));
+            const { origin } = req.headers;
+            if (origin) {
+                const electedOrigin = this.s().server_cors_origins.find((o) => o.startsWith(origin));
+                if (electedOrigin) {
+                    res.header('Access-Control-Allow-Origin', electedOrigin);
+                }
+            }
+            next();
+        };
+    }
+    fmt(arr) {
+        return arr.join(', ');
+    }
+};
+CORSMiddlewareBuilder = __decorate([
+    injectable(),
+    __param(0, inject('SettingsManager')),
+    __metadata("design:paramtypes", [Object])
+], CORSMiddlewareBuilder);
+export { CORSMiddlewareBuilder };

package/dist/esm/target/lib/server-express/funcs.d.ts CHANGED Viewed

@@ -7,9 +7,10 @@ import type { UCDef, UCHTTPContract, UCInput, UCManager, UCOPIBase } from '../..
 import type { CustomerFacingErrorBuilder } from '../server/CustomerFacingErrorBuilder.js';
 import type { ServerManagerSettings } from '../server/ServerManager.js';
 import type { ServerRequestHandler, ServerRequestHandlerReq, ServerRequestHandlerRes } from '../server/ServerRequestHandler.js';
+import type { CORSMiddlewareBuilder } from './CORSMiddlewareBuilder.js';
 import type { HelmetMiddlewareBuilder } from './HelmetMiddlewareBuilder.js';
 export declare function buildHandler<I extends UCInput | undefined = undefined, OPI0 extends UCOPIBase | undefined = undefined, OPI1 extends UCOPIBase | undefined = undefined>(appManifest: AppManifest, ucd: UCDef<I, OPI0, OPI1>, contract: UCHTTPContract, serverRequestHandler: ServerRequestHandler, ucManager: UCManager): RequestHandler;
-export declare function init(helmetMB: HelmetMiddlewareBuilder, loggerLevel: LoggerLevel, serverTmpPath: ServerManagerSettings['server_tmp_path']): Express;
+export declare function init(corsMB: CORSMiddlewareBuilder, helmetMB: HelmetMiddlewareBuilder, loggerLevel: LoggerLevel, serverTmpPath: ServerManagerSettings['server_tmp_path']): Express;
 export declare function mountHandler(contract: UCHTTPContract, express: Express, handler: RequestHandler): void;
 export declare function postInit(app: Express, customerFacingErrorBuilder: CustomerFacingErrorBuilder): void;
 export declare function toFile(f: fileUpload.UploadedFile): File;

package/dist/esm/target/lib/server-express/funcs.js CHANGED Viewed

@@ -12,12 +12,16 @@ export function buildHandler(appManifest, ucd, contract, serverRequestHandler, u
                 // Nothing to do
                 break;
             case 'stream': {
+                let streamedOnce = false;
                 execOpts = {
                     stream: {
                         onClose: async () => {
-                            throw new Error('execOpts.stream.onClose needs to be set in the UC ServerMain');
+                            if (streamedOnce) {
+                                throw new Error('execOpts.stream.onClose needs to be set in the UC ServerMain');
+                            }
                         },
                         onData: async (output) => {
+                            streamedOnce = true;
                             if (!output) {
                                 return;
                             }
@@ -72,9 +76,10 @@ export function buildHandler(appManifest, ucd, contract, serverRequestHandler, u
     };
     return handler;
 }
-export function init(helmetMB, loggerLevel, serverTmpPath) {
+export function init(corsMB, helmetMB, loggerLevel, serverTmpPath) {
     const app = express();
     app.use(helmetMB.exec({}));
+    app.use(corsMB.exec({}));
     app.use(fileUpload({
         createParentPath: true,
         debug: loggerLevel === 'trace',

package/dist/esm/target/lib/server-hono/CORSMiddlewareBuilder.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import type { MiddlewareHandler } from 'hono';
+import type { Configurable, SettingsManager, Worker } from '../../../std/index.js';
+import type { ServerManagerSettings } from '../server/ServerManager.js';
+interface Input {
+}
+type Output = MiddlewareHandler;
+type S = Pick<ServerManagerSettings, 'server_cors_credentials' | 'server_cors_headers' | 'server_cors_methods' | 'server_cors_origins' | 'server_public_api_key_header_name'>;
+export declare class CORSMiddlewareBuilder implements Configurable<S>, Worker<Input, Output> {
+    private settingsManager;
+    constructor(settingsManager: SettingsManager<S>);
+    s(): S;
+    exec(_input: Input): Output;
+}
+export {};

package/dist/esm/target/{node-express-server/middlewares/PublicApiKeyCheckerMiddlewareBuilder.js → lib/server-hono/CORSMiddlewareBuilder.js} RENAMED Viewed

@@ -10,35 +10,37 @@ var __metadata = (this && this.__metadata) || function (k, v) {
 var __param = (this && this.__param) || function (paramIndex, decorator) {
     return function (target, key) { decorator(target, key, paramIndex); }
 };
+import { cors } from 'hono/cors';
 import { inject, injectable } from 'inversify';
-import { PublicApiKeyChecker } from '../../lib/server/PublicApiKeyChecker.js';
-let PublicApiKeyCheckerMiddlewareBuilder = class PublicApiKeyCheckerMiddlewareBuilder {
-    publicApiKeyChecker;
+let CORSMiddlewareBuilder = class CORSMiddlewareBuilder {
     settingsManager;
-    constructor(publicApiKeyChecker, settingsManager) {
-        this.publicApiKeyChecker = publicApiKeyChecker;
+    constructor(settingsManager) {
         this.settingsManager = settingsManager;
     }
     s() {
         return {
+            server_cors_credentials: this.settingsManager.get()('server_cors_credentials'),
+            server_cors_headers: this.settingsManager.get()('server_cors_headers'),
+            server_cors_methods: this.settingsManager.get()('server_cors_methods'),
+            server_cors_origins: this.settingsManager.get()('server_cors_origins'),
             server_public_api_key_header_name: this.settingsManager.get()('server_public_api_key_header_name'),
         };
     }
-    exec({ checkType }) {
-        return async (req, _res, nextFn) => {
-            const value = req.header(this.s().server_public_api_key_header_name);
-            await this.publicApiKeyChecker.exec({
-                checkType,
-                value,
-            });
-            nextFn();
-        };
+    exec(_input) {
+        return cors({
+            allowHeaders: [
+                ...this.s().server_cors_headers,
+                this.s().server_public_api_key_header_name,
+            ],
+            allowMethods: this.s().server_cors_methods,
+            credentials: true,
+            origin: this.s().server_cors_origins,
+        });
     }
 };
-PublicApiKeyCheckerMiddlewareBuilder = __decorate([
+CORSMiddlewareBuilder = __decorate([
     injectable(),
-    __param(0, inject(PublicApiKeyChecker)),
-    __param(1, inject('SettingsManager')),
-    __metadata("design:paramtypes", [PublicApiKeyChecker, Object])
-], PublicApiKeyCheckerMiddlewareBuilder);
-export { PublicApiKeyCheckerMiddlewareBuilder };
+    __param(0, inject('SettingsManager')),
+    __metadata("design:paramtypes", [Object])
+], CORSMiddlewareBuilder);
+export { CORSMiddlewareBuilder };