rivetkit 2.0.34 → 2.0.36

package/src/utils/endpoint-parser.test.ts

@@ -1,189 +1,202 @@
 import { describe, expect, test } from "vitest";
-import { zodParseEndpoint, EndpointSchema } from "./endpoint-parser";
-
-describe("zodParseEndpoint", () => {
-	describe("full auth syntax", () => {
-		test("parses namespace and token from endpoint", () => {
-			const result = zodParseEndpoint("https://foo:bar@api.rivet.dev");
-			expect(result.endpoint).toBe("https://api.rivet.dev/");
-			expect(result.namespace).toBe("foo");
-			expect(result.token).toBe("bar");
-		});
-
-		test("parses with port", () => {
-			const result = zodParseEndpoint("https://foo:bar@api.rivet.dev:8080");
-			expect(result.endpoint).toBe("https://api.rivet.dev:8080/");
-			expect(result.namespace).toBe("foo");
-			expect(result.token).toBe("bar");
-		});
-
-		test("parses with path", () => {
-			const result = zodParseEndpoint("https://foo:bar@api.rivet.dev/v1/actors");
-			expect(result.endpoint).toBe("https://api.rivet.dev/v1/actors");
-			expect(result.namespace).toBe("foo");
-			expect(result.token).toBe("bar");
-		});
-
-		test("throws on query string", () => {
-			expect(() =>
-				zodParseEndpoint("https://foo:bar@api.rivet.dev?region=us-east"),
-			).toThrow("endpoint cannot contain a query string");
+import type { z } from "zod";
+import { tryParseEndpoint } from "./endpoint-parser";
+
+// Helper to create a mock Zod refinement context for testing
+function createMockCtx(): { ctx: z.RefinementCtx; issues: z.ZodIssue[] } {
+	const issues: z.ZodIssue[] = [];
+	const ctx = {
+		addIssue: (issue: z.IssueData) => {
+			issues.push(issue as z.ZodIssue);
+		},
+		path: [],
+		value: undefined,
+		issues: [],
+	} as unknown as z.RefinementCtx;
+	return { ctx, issues };
+}
+
+describe("tryParseEndpoint", () => {
+	describe("basic parsing", () => {
+		test("parses endpoint with full auth", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://foo:bar@api.rivet.dev",
+			});
+			expect(issues).toHaveLength(0);
+			expect(result).toEqual({
+				endpoint: "https://api.rivet.dev/",
+				namespace: "foo",
+				token: "bar",
+			});
+		});
+
+		test("parses endpoint with namespace only", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://foo@api.rivet.dev",
+			});
+			expect(issues).toHaveLength(0);
+			expect(result).toEqual({
+				endpoint: "https://api.rivet.dev/",
+				namespace: "foo",
+				token: undefined,
+			});
 		});
 
-		test("throws on fragment", () => {
-			expect(() =>
-				zodParseEndpoint("https://foo:bar@api.rivet.dev#section"),
-			).toThrow("endpoint cannot contain a fragment");
-		});
-
-		test("handles percent-encoded characters in namespace", () => {
-			const result = zodParseEndpoint("https://foo%40bar:token@api.rivet.dev");
-			expect(result.endpoint).toBe("https://api.rivet.dev/");
-			expect(result.namespace).toBe("foo@bar");
-			expect(result.token).toBe("token");
-		});
-
-		test("handles percent-encoded characters in token", () => {
-			const result = zodParseEndpoint("https://foo:bar%3Abaz@api.rivet.dev");
-			expect(result.endpoint).toBe("https://api.rivet.dev/");
-			expect(result.namespace).toBe("foo");
-			expect(result.token).toBe("bar:baz");
-		});
-	});
-
-	describe("namespace only (no token)", () => {
-		test("parses namespace without token", () => {
-			const result = zodParseEndpoint("https://foo@api.rivet.dev");
-			expect(result.endpoint).toBe("https://api.rivet.dev/");
-			expect(result.namespace).toBe("foo");
-			expect(result.token).toBeUndefined();
-		});
-
-		test("parses namespace without token with path", () => {
-			const result = zodParseEndpoint("https://foo@api.rivet.dev/v1/actors");
-			expect(result.endpoint).toBe("https://api.rivet.dev/v1/actors");
-			expect(result.namespace).toBe("foo");
-			expect(result.token).toBeUndefined();
-		});
-	});
-
-	describe("no auth", () => {
 		test("parses endpoint without auth", () => {
-			const result = zodParseEndpoint("https://api.rivet.dev");
-			expect(result.endpoint).toBe("https://api.rivet.dev/");
-			expect(result.namespace).toBeUndefined();
-			expect(result.token).toBeUndefined();
-		});
-
-		test("parses endpoint without auth with path", () => {
-			const result = zodParseEndpoint("https://api.rivet.dev/v1/actors");
-			expect(result.endpoint).toBe("https://api.rivet.dev/v1/actors");
-			expect(result.namespace).toBeUndefined();
-			expect(result.token).toBeUndefined();
-		});
-
-		test("throws on query string without auth", () => {
-			expect(() =>
-				zodParseEndpoint("https://api.rivet.dev?region=us-east"),
-			).toThrow("endpoint cannot contain a query string");
-		});
-	});
-
-	describe("http protocol", () => {
-		test("parses http endpoint with auth", () => {
-			const result = zodParseEndpoint("http://foo:bar@localhost:6420");
-			expect(result.endpoint).toBe("http://localhost:6420/");
-			expect(result.namespace).toBe("foo");
-			expect(result.token).toBe("bar");
-		});
-
-		test("parses http endpoint without auth", () => {
-			const result = zodParseEndpoint("http://localhost:6420");
-			expect(result.endpoint).toBe("http://localhost:6420/");
-			expect(result.namespace).toBeUndefined();
-			expect(result.token).toBeUndefined();
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://api.rivet.dev",
+			});
+			expect(issues).toHaveLength(0);
+			expect(result).toEqual({
+				endpoint: "https://api.rivet.dev/",
+				namespace: undefined,
+				token: undefined,
+			});
+		});
+
+		test("preserves path", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://foo:bar@api.rivet.dev/v1/actors",
+			});
+			expect(issues).toHaveLength(0);
+			expect(result).toEqual({
+				endpoint: "https://api.rivet.dev/v1/actors",
+				namespace: "foo",
+				token: "bar",
+			});
 		});
 	});
 
-	describe("error handling", () => {
-		test("throws on invalid URL", () => {
-			expect(() => zodParseEndpoint("not-a-url")).toThrow();
-		});
-
-		test("throws on empty string", () => {
-			expect(() => zodParseEndpoint("")).toThrow();
-		});
-
-		test("throws on token without namespace", () => {
-			expect(() => zodParseEndpoint("https://:token@api.rivet.dev")).toThrow(
+	describe("validation errors", () => {
+		test("adds issue for invalid URL", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, { endpoint: "not-a-url" });
+			expect(result).toBeUndefined();
+			expect(issues).toHaveLength(1);
+			expect(issues[0]?.message).toContain("invalid URL");
+		});
+
+		test("adds issue for query string", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://foo:bar@api.rivet.dev?region=us",
+			});
+			expect(result).toBeUndefined();
+			expect(issues).toHaveLength(1);
+			expect(issues[0]?.message).toBe("endpoint cannot contain a query string");
+		});
+
+		test("adds issue for fragment", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://foo:bar@api.rivet.dev#section",
+			});
+			expect(result).toBeUndefined();
+			expect(issues).toHaveLength(1);
+			expect(issues[0]?.message).toBe("endpoint cannot contain a fragment");
+		});
+
+		test("adds issue for token without namespace", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://:token@api.rivet.dev",
+			});
+			expect(result).toBeUndefined();
+			expect(issues).toHaveLength(1);
+			expect(issues[0]?.message).toBe(
 				"endpoint cannot have a token without a namespace",
 			);
 		});
 	});
-});
-
-describe("EndpointSchema", () => {
-	test("parses endpoint with full auth", () => {
-		const result = EndpointSchema.parse("https://foo:bar@api.rivet.dev");
-		expect(result).toEqual({
-			endpoint: "https://api.rivet.dev/",
-			namespace: "foo",
-			token: "bar",
-		});
-	});
 
-	test("parses endpoint with namespace only", () => {
-		const result = EndpointSchema.parse("https://foo@api.rivet.dev");
-		expect(result).toEqual({
-			endpoint: "https://api.rivet.dev/",
-			namespace: "foo",
-			token: undefined,
-		});
-	});
-
-	test("parses endpoint without auth", () => {
-		const result = EndpointSchema.parse("https://api.rivet.dev");
-		expect(result).toEqual({
-			endpoint: "https://api.rivet.dev/",
-			namespace: undefined,
-			token: undefined,
-		});
-	});
-
-	test("preserves path", () => {
-		const result = EndpointSchema.parse(
-			"https://foo:bar@api.rivet.dev/v1/actors",
-		);
-		expect(result).toEqual({
-			endpoint: "https://api.rivet.dev/v1/actors",
-			namespace: "foo",
-			token: "bar",
+	describe("duplicate credential checking", () => {
+		test("adds issue when namespace in URL and config", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://url-ns@api.rivet.dev",
+				path: ["endpoint"],
+				namespace: "config-ns",
+			});
+			// Still returns result, but adds issue
+			expect(result).toEqual({
+				endpoint: "https://api.rivet.dev/",
+				namespace: "url-ns",
+				token: undefined,
+			});
+			expect(issues).toHaveLength(1);
+			expect(issues[0]?.message).toContain(
+				"cannot specify namespace both in endpoint URL and as a separate config option",
+			);
+			expect(issues[0]?.path).toEqual(["namespace"]);
+		});
+
+		test("adds issue when token in URL and config", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://ns:url-token@api.rivet.dev",
+				path: ["endpoint"],
+				token: "config-token",
+			});
+			// Still returns result, but adds issue
+			expect(result).toEqual({
+				endpoint: "https://api.rivet.dev/",
+				namespace: "ns",
+				token: "url-token",
+			});
+			expect(issues).toHaveLength(1);
+			expect(issues[0]?.message).toContain(
+				"cannot specify token both in endpoint URL and as a separate config option",
+			);
+			expect(issues[0]?.path).toEqual(["token"]);
+		});
+
+		test("adds issues for both namespace and token duplicates", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://url-ns:url-token@api.rivet.dev",
+				path: ["endpoint"],
+				namespace: "config-ns",
+				token: "config-token",
+			});
+			expect(result).toBeDefined();
+			expect(issues).toHaveLength(2);
+		});
+
+		test("no issue when namespace only in URL", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://url-ns@api.rivet.dev",
+				path: ["endpoint"],
+				token: "config-token",
+			});
+			expect(result).toBeDefined();
+			expect(issues).toHaveLength(0);
+		});
+
+		test("no issue when namespace only in config", () => {
+			const { ctx, issues } = createMockCtx();
+			const result = tryParseEndpoint(ctx, {
+				endpoint: "https://api.rivet.dev",
+				path: ["endpoint"],
+				namespace: "config-ns",
+			});
+			expect(result).toBeDefined();
+			expect(issues).toHaveLength(0);
 		});
 	});
 
-	test("throws on query string", () => {
-		expect(() =>
-			EndpointSchema.parse("https://foo:bar@api.rivet.dev?region=us"),
-		).toThrow();
-	});
-
-	test("throws on fragment", () => {
-		expect(() =>
-			EndpointSchema.parse("https://foo:bar@api.rivet.dev#section"),
-		).toThrow();
-	});
-
-	test("throws on invalid URL", () => {
-		expect(() => EndpointSchema.parse("not-a-url")).toThrow();
-	});
-
-	test("works with optional()", () => {
-		const schema = EndpointSchema.optional();
-		expect(schema.parse(undefined)).toBeUndefined();
-		expect(schema.parse("https://foo:bar@api.rivet.dev")).toEqual({
-			endpoint: "https://api.rivet.dev/",
-			namespace: "foo",
-			token: "bar",
+	describe("custom path", () => {
+		test("uses custom path in error issues", () => {
+			const { ctx, issues } = createMockCtx();
+			tryParseEndpoint(ctx, {
+				endpoint: "not-a-url",
+				path: ["serverless", "publicEndpoint"],
+			});
+			expect(issues[0]?.path).toEqual(["serverless", "publicEndpoint"]);
 		});
 	});
 });

package/src/utils/endpoint-parser.ts

@@ -6,9 +6,22 @@ export interface ParsedEndpoint {
 	token: string | undefined;
 }
 
+export interface TryParseEndpointOptions {
+	/** The endpoint URL string to parse */
+	endpoint: string;
+	/** Path prefix for error messages (default: ["endpoint"]) */
+	path?: (string | number)[];
+	/** Namespace from config, to check for duplicate specification */
+	namespace?: string;
+	/** Token from config, to check for duplicate specification */
+	token?: string;
+}
+
 /**
  * Parses an endpoint URL that may contain auth syntax for namespace and token.
  *
+ * Uses ctx.addIssue for clean error reporting in Zod transforms.
+ *
  * Supports formats like:
  * - `https://namespace:token@api.rivet.dev`
  * - `https://namespace@api.rivet.dev` (namespace only, no token)
@@ -17,87 +30,68 @@ export interface ParsedEndpoint {
  *
  * Query strings and fragments are not allowed as they may conflict with
  * runtime parameters.
+ *
+ * @param ctx - Zod refinement context for error reporting
+ * @param options - Parsing options including endpoint, path, and config values
+ * @returns ParsedEndpoint on success, undefined on error (after adding issues to ctx)
  */
-export function zodParseEndpoint(endpoint: string): ParsedEndpoint {
+export function tryParseEndpoint(
+	ctx: z.RefinementCtx,
+	options: TryParseEndpointOptions,
+): ParsedEndpoint | undefined {
+	const { endpoint, path = ["endpoint"], namespace: configNamespace, token: configToken } = options;
 	// Parse the URL
-	const url = new URL(endpoint);
+	let url: URL;
+	try {
+		url = new URL(endpoint);
+	} catch {
+		ctx.addIssue({
+			code: "custom",
+			message: `invalid URL: ${endpoint}`,
+			path,
+		});
+		return undefined;
+	}
 
 	// Reject query strings
 	if (url.search) {
-		throw new z.ZodError([
-			{
-				code: "custom",
-				message: "endpoint cannot contain a query string",
-				path: ["endpoint"],
-			},
-		]);
+		ctx.addIssue({
+			code: "custom",
+			message: "endpoint cannot contain a query string",
+			path,
+		});
+		return undefined;
 	}
 
 	// Reject fragments
 	if (url.hash) {
-		throw new z.ZodError([
-			{
-				code: "custom",
-				message: "endpoint cannot contain a fragment",
-				path: ["endpoint"],
-			},
-		]);
+		ctx.addIssue({
+			code: "custom",
+			message: "endpoint cannot contain a fragment",
+			path,
+		});
+		return undefined;
 	}
 
 	// Extract namespace and token from username and password
 	// URL stores these as percent-encoded, so we need to decode them
-	const namespace = url.username ? decodeURIComponent(url.username) : undefined;
+	const namespace = url.username
+		? decodeURIComponent(url.username)
+		: undefined;
 	const token = url.password ? decodeURIComponent(url.password) : undefined;
 
 	// Reject token without namespace (e.g., https://:token@api.rivet.dev)
 	if (token && !namespace) {
-		throw new z.ZodError([
-			{
-				code: "custom",
-				message: "endpoint cannot have a token without a namespace",
-				path: ["endpoint"],
-			},
-		]);
+		ctx.addIssue({
+			code: "custom",
+			message: "endpoint cannot have a token without a namespace",
+			path,
+		});
+		return undefined;
 	}
 
-	// Strip auth from the URL by clearing username and password
-	url.username = "";
-	url.password = "";
-
-	// Get the cleaned endpoint without auth
-	const cleanedEndpoint = url.toString();
-
-	return {
-		endpoint: cleanedEndpoint,
-		namespace,
-		token,
-	};
-}
-
-/**
- * Zod schema that parses an endpoint URL string and extracts namespace/token from HTTP auth syntax.
- *
- * Input: `"https://namespace:token@api.rivet.dev/path"`
- * Output: `{ endpoint: "https://api.rivet.dev/path", namespace: "namespace", token: "token" }`
- */
-export const EndpointSchema = z.string().transform((endpoint): ParsedEndpoint => {
-	return zodParseEndpoint(endpoint);
-});
-
-export type EndpointSchemaInput = z.input<typeof EndpointSchema>;
-export type EndpointSchemaOutput = z.output<typeof EndpointSchema>;
-
-/**
- * Zod refinement that validates namespace/token aren't specified both in the endpoint URL
- * and as separate config options.
- */
-export function zodCheckDuplicateCredentials(
-	resolvedEndpoint: ParsedEndpoint,
-	config: { namespace?: string; token?: string },
-	ctx: z.RefinementCtx,
-): void {
-	// Check if endpoint contains namespace but namespace is also specified in config
-	if (resolvedEndpoint.namespace && config.namespace) {
+	// Check for duplicate credentials (specified both in URL and config)
+	if (namespace && configNamespace) {
 		ctx.addIssue({
 			code: "custom",
 			message:
@@ -105,9 +99,7 @@ export function zodCheckDuplicateCredentials(
 			path: ["namespace"],
 		});
 	}
-
-	// Check if endpoint contains token but token is also specified in config
-	if (resolvedEndpoint.token && config.token) {
+	if (token && configToken) {
 		ctx.addIssue({
 			code: "custom",
 			message:
@@ -115,5 +107,18 @@ export function zodCheckDuplicateCredentials(
 			path: ["token"],
 		});
 	}
+
+	// Strip auth from the URL by clearing username and password
+	url.username = "";
+	url.password = "";
+
+	// Get the cleaned endpoint without auth
+	const cleanedEndpoint = url.toString();
+
+	return {
+		endpoint: cleanedEndpoint,
+		namespace,
+		token,
+	};
 }
 

package/src/utils/env-vars.ts

@@ -29,6 +29,12 @@ export const getRivetRunnerVersion = (): number | undefined => {
 	const value = getEnvUniversal("RIVET_RUNNER_VERSION");
 	return value !== undefined ? parseInt(value, 10) : undefined;
 };
+export const getRivetPublicEndpoint = (): string | undefined =>
+	getEnvUniversal("RIVET_PUBLIC_ENDPOINT");
+export const getRivetPublicToken = (): string | undefined =>
+	getEnvUniversal("RIVET_PUBLIC_TOKEN");
+// There is no RIVET_PUBLIC_NAMESPACE because the frontend and backend cannot
+// use different namespaces
 
 // RivetKit configuration
 export const getRivetkitInspectorToken = (): string | undefined =>