shogun-core 3.3.7 → 4.0.0

package/dist/plugins/oauth/oauthPlugin.js

@@ -1,400 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.OAuthPlugin = void 0;
-const base_1 = require("../base");
-const oauthConnector_1 = require("./oauthConnector");
-const errorHandler_1 = require("../../utils/errorHandler");
-const storage_1 = require("../../storage/storage");
-/**
- * OAuth Plugin for ShogunCore
- * Provides authentication with external OAuth providers
- */
-class OAuthPlugin extends base_1.BasePlugin {
-    /**
-     * Constructor for OAuthPlugin
-     * @param config - Initial configuration for OAuth
-     */
-    constructor(config) {
-        super();
-        this.name = "oauth";
-        this.version = "1.0.0";
-        this.description = "Provides OAuth authentication with external providers for ShogunCore";
-        this.oauthConnector = null;
-        this.config = {};
-        this.storage = null;
-        if (config) {
-            this.config = config;
-        }
-    }
-    /**
-     * @inheritdoc
-     */
-    initialize(core) {
-        this.core = core;
-        this.storage = new storage_1.ShogunStorage();
-        // Inizializziamo il connector OAuth con la configurazione già presente
-        this.oauthConnector = new oauthConnector_1.OAuthConnector(this.config);
-        // Valida la configurazione di sicurezza dopo l'inizializzazione
-        this.validateOAuthSecurity();
-    }
-    /**
-     * Valida la configurazione di sicurezza OAuth
-     */
-    validateOAuthSecurity() {
-        if (!this.oauthConnector)
-            return;
-        const providers = this.oauthConnector.getAvailableProviders();
-        for (const provider of providers) {
-            const providerConfig = this.config.providers?.[provider];
-            if (!providerConfig)
-                continue;
-            // Verifica che PKCE sia abilitato per tutti i provider
-            if (!providerConfig.usePKCE && typeof window !== "undefined") {
-                console.warn(`[oauthPlugin] Provider ${provider} non ha PKCE abilitato - non sicuro per browser`);
-            }
-            // Verifica che non ci sia client_secret nel browser (eccetto Google con PKCE)
-            if (providerConfig.clientSecret && typeof window !== "undefined") {
-                if (provider === "google" && providerConfig.usePKCE) {
-                    // Non lanciare errore per Google con PKCE
-                    continue;
-                }
-                else {
-                    console.error(`[oauthPlugin] Provider ${provider} ha client_secret configurato nel browser - RIMUOVERE`);
-                    throw new Error(`Client secret non può essere usato nel browser per ${provider}`);
-                }
-            }
-        }
-    }
-    /**
-     * Configure the OAuth plugin with provider settings
-     * @param config - Configuration options for OAuth
-     */
-    configure(config) {
-        // Deep merge provider maps to preserve both existing and new providers
-        const mergedProviders = {
-            ...(this.config.providers || {}),
-            ...(config?.providers || {}),
-        };
-        this.config = { ...this.config, ...config, providers: mergedProviders };
-        // Inizializza il connector se non è già stato fatto
-        if (!this.oauthConnector) {
-            this.oauthConnector = new oauthConnector_1.OAuthConnector(this.config);
-        }
-        else {
-            // Update connector configuration se già inizializzato
-            const conn = this.oauthConnector;
-            if (typeof conn.updateConfig === "function") {
-                conn.updateConfig(this.config);
-            }
-            else {
-                // Fallback: recreate connector
-                this.oauthConnector = new oauthConnector_1.OAuthConnector(this.config);
-            }
-        }
-        // Validate security settings
-        this.validateOAuthSecurity();
-    }
-    /**
-     * @inheritdoc
-     */
-    destroy() {
-        if (this.oauthConnector) {
-            const conn = this.oauthConnector;
-            if (typeof conn.cleanup === "function") {
-                conn.cleanup();
-            }
-        }
-        this.oauthConnector = null;
-        this.storage = null;
-        super.destroy();
-    }
-    /**
-     * Ensure that the OAuth connector is initialized
-     * @private
-     */
-    assertOAuthConnector() {
-        this.assertInitialized();
-        if (!this.oauthConnector) {
-            throw new Error("OAuth connector not initialized");
-        }
-        return this.oauthConnector;
-    }
-    /**
-     * @inheritdoc
-     */
-    isSupported() {
-        try {
-            const conn = this.assertOAuthConnector();
-            return typeof conn.isSupported === "function" ? conn.isSupported() : true;
-        }
-        catch {
-            // If connector is not available, return false
-            return false;
-        }
-    }
-    /**
-     * @inheritdoc
-     */
-    getAvailableProviders() {
-        try {
-            const conn = this.assertOAuthConnector();
-            return typeof conn.getAvailableProviders === "function"
-                ? conn.getAvailableProviders()
-                : [];
-        }
-        catch {
-            // If connector is not available, return empty array
-            return [];
-        }
-    }
-    /**
-     * @inheritdoc
-     */
-    async initiateOAuth(provider) {
-        const conn = this.assertOAuthConnector();
-        return conn.initiateOAuth(provider);
-    }
-    /**
-     * @inheritdoc
-     */
-    async completeOAuth(provider, authCode, state) {
-        const conn = this.assertOAuthConnector();
-        return conn.completeOAuth(provider, authCode, state);
-    }
-    /**
-     * @inheritdoc
-     */
-    async generateCredentials(userInfo, provider) {
-        const conn = this.assertOAuthConnector();
-        return conn.generateCredentials(userInfo, provider);
-    }
-    /**
-     * Login with OAuth
-     * @param provider - OAuth provider to use
-     * @returns {Promise<AuthResult>} Authentication result
-     * @description Authenticates user using OAuth with external providers
-     * NOTE: This method only initiates the OAuth flow. The actual authentication
-     * happens in handleOAuthCallback when the provider redirects back.
-     */
-    async login(provider) {
-        try {
-            const core = this.assertInitialized();
-            if (!provider) {
-                throw (0, errorHandler_1.createError)(errorHandler_1.ErrorType.VALIDATION, "PROVIDER_REQUIRED", "OAuth provider required for OAuth login");
-            }
-            if (!this.isSupported()) {
-                throw (0, errorHandler_1.createError)(errorHandler_1.ErrorType.ENVIRONMENT, "OAUTH_UNAVAILABLE", "OAuth is not supported in this environment");
-            }
-            // Check if provider is available
-            const availableProviders = this.getAvailableProviders();
-            if (!availableProviders.includes(provider)) {
-                throw (0, errorHandler_1.createError)(errorHandler_1.ErrorType.VALIDATION, "PROVIDER_NOT_CONFIGURED", `Provider ${provider} is not configured or available`);
-            }
-            // Initiate OAuth flow with the provider
-            const oauthResult = await this.initiateOAuth(provider);
-            if (!oauthResult.success) {
-                throw (0, errorHandler_1.createError)(errorHandler_1.ErrorType.AUTHENTICATION, "OAUTH_INITIATION_FAILED", oauthResult.error || "Failed to initiate OAuth flow");
-            }
-            // In a browser environment, this would redirect to the OAuth provider
-            // The frontend should handle the redirect and then call handleOAuthCallback
-            // with the received code and state when the provider redirects back
-            // Return early with the auth URL that the frontend should use for redirection
-            return {
-                success: true,
-                redirectUrl: oauthResult.authUrl,
-                pendingAuth: true,
-                message: "Redirect to OAuth provider required to complete authentication",
-                provider,
-                authMethod: "oauth",
-            };
-        }
-        catch (error) {
-            // Handle both ShogunError and generic errors
-            const errorType = error?.type || errorHandler_1.ErrorType.AUTHENTICATION;
-            const errorCode = error?.code || "OAUTH_LOGIN_ERROR";
-            const errorMessage = error?.message || "Unknown error during OAuth login";
-            errorHandler_1.ErrorHandler.handle(errorType, errorCode, errorMessage, error);
-            return { success: false, error: errorMessage };
-        }
-    }
-    /**
-     * Register new user with OAuth provider
-     * @param provider - OAuth provider
-     * @returns {Promise<SignUpResult>} Registration result
-     */
-    async signUp(provider) {
-        try {
-            const core = this.assertInitialized();
-            if (!provider) {
-                throw (0, errorHandler_1.createError)(errorHandler_1.ErrorType.VALIDATION, "PROVIDER_REQUIRED", "OAuth provider required for OAuth signup");
-            }
-            if (!this.isSupported()) {
-                throw (0, errorHandler_1.createError)(errorHandler_1.ErrorType.ENVIRONMENT, "OAUTH_UNAVAILABLE", "OAuth is not supported in this environment");
-            }
-            // Check if provider is available
-            const availableProviders = this.getAvailableProviders();
-            if (!availableProviders.includes(provider)) {
-                throw (0, errorHandler_1.createError)(errorHandler_1.ErrorType.VALIDATION, "PROVIDER_NOT_CONFIGURED", `Provider ${provider} is not configured or available`);
-            }
-            // Initiate OAuth flow with the provider
-            const oauthResult = await this.initiateOAuth(provider);
-            if (!oauthResult.success) {
-                throw (0, errorHandler_1.createError)(errorHandler_1.ErrorType.AUTHENTICATION, "OAUTH_INITIATION_FAILED", oauthResult.error || "Failed to initiate OAuth flow");
-            }
-            // In a browser environment, this would redirect to the OAuth provider
-            // The frontend should handle the redirect and then call handleOAuthCallback
-            // with the received code and state when the provider redirects back
-            // Return early with the auth URL that the frontend should use for redirection
-            return {
-                success: true,
-                redirectUrl: oauthResult.authUrl,
-                pendingAuth: true,
-                message: "Redirect to OAuth provider required to complete registration",
-                provider,
-                authMethod: "oauth",
-            };
-        }
-        catch (error) {
-            // Handle both ShogunError and generic errors
-            const errorType = error?.type || errorHandler_1.ErrorType.AUTHENTICATION;
-            const errorCode = error?.code || "OAUTH_SIGNUP_ERROR";
-            const errorMessage = error?.message || "Unknown error during OAuth signup";
-            errorHandler_1.ErrorHandler.handle(errorType, errorCode, errorMessage, error);
-            return { success: false, error: errorMessage };
-        }
-    }
-    /**
-     * Handle OAuth callback (for frontend integration)
-     * This method would be called when the OAuth provider redirects back
-     */
-    async handleOAuthCallback(provider, authCode, state) {
-        try {
-            const core = this.assertInitialized();
-            // Validazione di sicurezza pre-callback
-            if (!authCode || !state) {
-                throw new Error("Authorization code and state parameter are required");
-            }
-            // Complete the OAuth flow
-            const result = await this.completeOAuth(provider, authCode, state);
-            if (!result.success || !result.userInfo) {
-                throw new Error(result.error || "Failed to complete OAuth flow");
-            }
-            // Genera credenziali da user info
-            const credentials = await this.generateCredentials(result.userInfo, provider);
-            // Set authentication method
-            core.setAuthMethod("oauth");
-            // Login o signup usando la chiave derivata
-            const authResult = await this._loginOrSignUp(credentials.username, credentials.key);
-            if (authResult.success) {
-                // Store user info in user metadata
-                if (core.user) {
-                    await core.user.put({
-                        oauth: {
-                            provider,
-                            id: result.userInfo.id,
-                            email: result.userInfo.email,
-                            name: result.userInfo.name,
-                            picture: result.userInfo.picture,
-                            lastLogin: Date.now(),
-                        },
-                    });
-                }
-                // Emit appropriate event
-                const eventType = authResult.isNewUser ? "auth:signup" : "auth:login";
-                core.emit(eventType, {
-                    userPub: authResult.userPub || "",
-                    username: credentials.username,
-                    method: "oauth",
-                    provider,
-                });
-                // Pulisci i dati OAuth scaduti dopo un login riuscito
-                this.cleanupExpiredOAuthData();
-                // Return auth result with OAuth user data included
-                return {
-                    ...authResult,
-                    sea: authResult.sea, // Include SEA pair from core
-                    user: {
-                        userPub: authResult.userPub,
-                        username: credentials.username,
-                        email: result.userInfo.email,
-                        name: result.userInfo.name ||
-                            result.userInfo.email ||
-                            `OAuth User (${provider})`,
-                        picture: result.userInfo.picture,
-                        oauth: {
-                            provider,
-                            id: result.userInfo.id,
-                            email: result.userInfo.email,
-                            name: result.userInfo.name,
-                            picture: result.userInfo.picture,
-                            lastLogin: Date.now(),
-                        },
-                    },
-                };
-            }
-            return authResult;
-        }
-        catch (error) {
-            // Pulisci i dati OAuth anche in caso di errore
-            this.cleanupExpiredOAuthData();
-            return {
-                success: false,
-                error: error.message || "Failed to handle OAuth callback",
-            };
-        }
-    }
-    /**
-     * Pulisce i dati OAuth scaduti
-     */
-    cleanupExpiredOAuthData() {
-        if (this.oauthConnector) {
-            // Il metodo cleanupExpiredOAuthData è privato nel connector
-            // quindi usiamo il metodo pubblico clearUserCache
-            const conn = this.oauthConnector;
-            if (typeof conn.clearUserCache === "function") {
-                conn.clearUserCache();
-            }
-        }
-    }
-    /**
-     * Private helper to login or sign up a user
-     */
-    async _loginOrSignUp(username, k) {
-        if (!this.core) {
-            return { success: false, error: "Shogun core not available" };
-        }
-        // Try login first
-        const loginResult = await this.core.login(username, "", k);
-        if (loginResult.success) {
-            // Session is automatically saved by the login method
-            loginResult.isNewUser = false;
-            // Include SEA pair from core
-            if (this.core.user && this.core.user._?.sea) {
-                loginResult.sea = this.core.user._.sea;
-            }
-            return loginResult;
-        }
-        // If login fails, try signup
-        const signupResult = await this.core.signUp(username, undefined, k);
-        if (signupResult.success) {
-            // Immediately login after signup
-            const postSignupLogin = await this.core.login(username, "", k);
-            if (postSignupLogin.success) {
-                // Session is automatically saved by the login method
-                postSignupLogin.isNewUser = true;
-                // Include SEA pair from core
-                if (this.core.user && this.core.user._?.sea) {
-                    postSignupLogin.sea = this.core.user._.sea;
-                }
-                return postSignupLogin;
-            }
-            return {
-                success: false,
-                error: postSignupLogin.error || "Login failed after successful signup.",
-            };
-        }
-        // Return the original signup error for other failures
-        return signupResult;
-    }
-}
-exports.OAuthPlugin = OAuthPlugin;

package/dist/types/examples/api-test.d.ts

@@ -1,12 +0,0 @@
-/**
- * Esempio completo che mostra le differenze tra i vari metodi dell'API ShogunCore
- *
- * Questo esempio dimostra:
- * - get() vs getData() vs getNode() vs node() vs chain()
- * - put() vs set() vs putUserData() vs setUserData()
- * - remove() vs removeUserData()
- * - Operazioni globali vs operazioni utente
- */
-declare function demonstrateAPIDifferences(): Promise<void>;
-declare function showAPIDifferences(): void;
-export { demonstrateAPIDifferences, showAPIDifferences };

package/dist/types/migration-test.d.ts

@@ -1,16 +0,0 @@
-/**
- * Migration test file to verify that the refactored ShogunCore
- * maintains the same public API as the original implementation
- */
-/**
- * Test function to verify API compatibility
- */
-export declare function testApiCompatibility(): void;
-/**
- * Test that the refactored implementation maintains the same static properties
- */
-export declare function testStaticProperties(): void;
-/**
- * Run all compatibility tests
- */
-export declare function runCompatibilityTests(): void;

package/dist/types/plugins/oauth/index.d.ts

@@ -1,3 +0,0 @@
-export { OAuthConnector } from "./oauthConnector";
-export { OAuthPlugin } from "./oauthPlugin";
-export type { OAuthPluginInterface, OAuthConfig, OAuthProvider, OAuthCredentials, OAuthConnectionResult, OAuthUserInfo, } from "./types";

package/dist/types/plugins/oauth/oauthConnector.d.ts

@@ -1,110 +0,0 @@
-/**
- * OAuth Connector - Secure version for GunDB user creation
- */
-import { EventEmitter } from "../../utils/eventEmitter";
-import { OAuthConfig, OAuthProvider, OAuthUserInfo, OAuthCredentials, OAuthConnectionResult } from "./types";
-/**
- * OAuth Connector
- */
-export declare class OAuthConnector extends EventEmitter {
-    private readonly DEFAULT_CONFIG;
-    private config;
-    private readonly userCache;
-    private readonly memoryStorage;
-    constructor(config?: Partial<OAuthConfig>);
-    /**
-     * Validates security configuration
-     */
-    private validateSecurityConfig;
-    /**
-     * Update the connector configuration
-     * @param config - New configuration options
-     */
-    updateConfig(config: Partial<OAuthConfig>): void;
-    /**
-     * Get origin URL (browser or Node.js compatible)
-     */
-    private getOrigin;
-    /**
-     * Storage abstraction (browser sessionStorage or Node.js Map)
-     */
-    private setItem;
-    private getItem;
-    private removeItem;
-    /**
-     * Check if OAuth is supported
-     */
-    isSupported(): boolean;
-    /**
-     * Get available OAuth providers
-     */
-    getAvailableProviders(): OAuthProvider[];
-    /**
-     * Generate PKCE challenge for secure OAuth flow
-     */
-    private generatePKCEChallenge;
-    /**
-     * Calculate the PKCE code challenge from a code verifier.
-     * Hashes the verifier using SHA-256 and then base64url encodes it.
-     * @param verifier The code verifier string.
-     * @returns The base64url-encoded SHA-256 hash of the verifier.
-     */
-    private calculatePKCECodeChallenge;
-    /**
-     * Encodes a buffer into a Base64URL-encoded string.
-     * @param buffer The buffer to encode.
-     * @returns The Base64URL-encoded string.
-     */
-    private base64urlEncode;
-    /**
-     * Generate cryptographically secure random string
-     */
-    private generateRandomString;
-    /**
-     * Initiate OAuth flow
-     */
-    initiateOAuth(provider: OAuthProvider): Promise<OAuthConnectionResult>;
-    /**
-     * Complete OAuth flow
-     */
-    completeOAuth(provider: OAuthProvider, authCode: string, state?: string): Promise<OAuthConnectionResult>;
-    /**
-     * Generate credentials from OAuth user info
-     * Ora restituisce anche la chiave GunDB derivata (key)
-     */
-    generateCredentials(userInfo: OAuthUserInfo, provider: OAuthProvider): Promise<OAuthCredentials & {
-        key: any;
-    }>;
-    /**
-     * Exchange authorization code for access token
-     */
-    private exchangeCodeForToken;
-    /**
-     * Fetch user info from provider
-     */
-    private fetchUserInfo;
-    /**
-     * Normalize user info from different providers
-     */
-    private normalizeUserInfo;
-    /**
-     * Cache user info
-     */
-    private cacheUserInfo;
-    /**
-     * Get cached user info
-     */
-    getCachedUserInfo(userId: string, provider: OAuthProvider): OAuthUserInfo | null;
-    /**
-     * Clear user cache
-     */
-    clearUserCache(userId?: string, provider?: OAuthProvider): void;
-    /**
-     * Cleanup
-     */
-    cleanup(): void;
-    /**
-     * Clean up expired OAuth data from storage
-     */
-    private cleanupExpiredOAuthData;
-}

package/dist/types/plugins/oauth/oauthPlugin.d.ts

@@ -1,91 +0,0 @@
-import { BasePlugin } from "../base";
-import { ShogunCore } from "../../core";
-import { OAuthPluginInterface, OAuthConfig, OAuthProvider, OAuthConnectionResult, OAuthCredentials, OAuthUserInfo } from "./types";
-import { AuthResult, SignUpResult } from "../../interfaces/shogun";
-/**
- * OAuth Plugin for ShogunCore
- * Provides authentication with external OAuth providers
- */
-export declare class OAuthPlugin extends BasePlugin implements OAuthPluginInterface {
-    name: string;
-    version: string;
-    description: string;
-    private oauthConnector;
-    private config;
-    private storage;
-    /**
-     * Constructor for OAuthPlugin
-     * @param config - Initial configuration for OAuth
-     */
-    constructor(config?: Partial<OAuthConfig>);
-    /**
-     * @inheritdoc
-     */
-    initialize(core: ShogunCore): void;
-    /**
-     * Valida la configurazione di sicurezza OAuth
-     */
-    private validateOAuthSecurity;
-    /**
-     * Configure the OAuth plugin with provider settings
-     * @param config - Configuration options for OAuth
-     */
-    configure(config: Partial<OAuthConfig>): void;
-    /**
-     * @inheritdoc
-     */
-    destroy(): void;
-    /**
-     * Ensure that the OAuth connector is initialized
-     * @private
-     */
-    private assertOAuthConnector;
-    /**
-     * @inheritdoc
-     */
-    isSupported(): boolean;
-    /**
-     * @inheritdoc
-     */
-    getAvailableProviders(): OAuthProvider[];
-    /**
-     * @inheritdoc
-     */
-    initiateOAuth(provider: OAuthProvider): Promise<OAuthConnectionResult>;
-    /**
-     * @inheritdoc
-     */
-    completeOAuth(provider: OAuthProvider, authCode: string, state?: string): Promise<OAuthConnectionResult>;
-    /**
-     * @inheritdoc
-     */
-    generateCredentials(userInfo: OAuthUserInfo, provider: OAuthProvider): Promise<OAuthCredentials>;
-    /**
-     * Login with OAuth
-     * @param provider - OAuth provider to use
-     * @returns {Promise<AuthResult>} Authentication result
-     * @description Authenticates user using OAuth with external providers
-     * NOTE: This method only initiates the OAuth flow. The actual authentication
-     * happens in handleOAuthCallback when the provider redirects back.
-     */
-    login(provider: OAuthProvider): Promise<AuthResult>;
-    /**
-     * Register new user with OAuth provider
-     * @param provider - OAuth provider
-     * @returns {Promise<SignUpResult>} Registration result
-     */
-    signUp(provider: OAuthProvider): Promise<SignUpResult>;
-    /**
-     * Handle OAuth callback (for frontend integration)
-     * This method would be called when the OAuth provider redirects back
-     */
-    handleOAuthCallback(provider: OAuthProvider, authCode: string, state: string): Promise<AuthResult>;
-    /**
-     * Pulisce i dati OAuth scaduti
-     */
-    private cleanupExpiredOAuthData;
-    /**
-     * Private helper to login or sign up a user
-     */
-    private _loginOrSignUp;
-}