sockress 0.1.0

package/src/index.ts

@@ -0,0 +1,725 @@
+import http, { IncomingMessage, ServerResponse } from 'http';
+import { AddressInfo } from 'net';
+import type { Socket } from 'net';
+import { TLSSocket } from 'tls';
+import { WebSocketServer, WebSocket } from 'ws';
+import { parse as parseCookie, serialize as serializeCookie } from 'cookie';
+import type { CookieSerializeOptions } from 'cookie';
+import { nanoid } from 'nanoid';
+
+type HTTPMethod = 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' | 'HEAD' | 'OPTIONS';
+
+export type NextFunction = (err?: unknown) => void;
+export type SockressHandler = (req: SockressRequest, res: SockressResponse, next: NextFunction) => unknown;
+export type SockressErrorHandler = (err: unknown, req: SockressRequest, res: SockressResponse, next: NextFunction) => unknown;
+
+export interface SockressOptions {
+  cors?: Partial<CorsOptions>;
+  socket?: Partial<SocketOptions>;
+  bodyLimit?: number;
+}
+
+interface SocketOptions {
+  path: string;
+  heartbeatInterval: number;
+  idleTimeout: number;
+}
+
+interface CorsOptions {
+  origin: string | string[];
+  credentials: boolean;
+  methods: HTTPMethod[];
+  allowedHeaders: string[];
+  exposedHeaders: string[];
+  maxAge: number;
+}
+
+interface NormalizedOptions {
+  cors: CorsOptions;
+  socket: SocketOptions;
+  bodyLimit: number;
+}
+
+interface MiddlewareLayer {
+  path: string;
+  handler: SockressHandler | SockressErrorHandler;
+  isErrorHandler: boolean;
+}
+
+interface RouteLayer {
+  method: HTTPMethod | 'ALL';
+  matcher: PathMatcher;
+  handlers: Array<SockressHandler | SockressErrorHandler>;
+}
+
+interface PipelineLayer {
+  handler: SockressHandler | SockressErrorHandler;
+  isErrorHandler: boolean;
+}
+
+interface PathMatcher {
+  raw: string;
+  match: (path: string) => PathMatchResult | null;
+}
+
+interface PathMatchResult {
+  params: Record<string, string>;
+}
+
+type RequestMode =
+  | { kind: 'http'; req: IncomingMessage; res: ServerResponse }
+  | { kind: 'socket'; socket: WebSocket; requestId: string };
+
+interface IncomingSocketMessage {
+  type: 'request';
+  id?: string;
+  method?: string;
+  path?: string;
+  headers?: Record<string, string>;
+  query?: Record<string, string | string[]>;
+  body?: unknown;
+}
+
+interface OutgoingSocketMessage {
+  type: 'response' | 'error';
+  id?: string;
+  status?: number;
+  headers?: Record<string, string>;
+  body?: unknown;
+  message?: string;
+  code?: string;
+  cookies?: string[];
+}
+
+export interface SockressRequest {
+  readonly id: string;
+  readonly method: HTTPMethod;
+  path: string;
+  query: Record<string, string | string[]>;
+  params: Record<string, string>;
+  headers: Record<string, string | string[] | undefined>;
+  body: unknown;
+  cookies: Record<string, string>;
+  readonly type: 'http' | 'socket';
+  readonly ip: string | undefined;
+  readonly protocol: 'http' | 'https' | 'ws' | 'wss';
+  readonly secure: boolean;
+  context: Record<string, unknown>;
+  raw?: IncomingMessage;
+  get(field: string): string | undefined;
+}
+
+export class SockressRequestImpl implements SockressRequest {
+  public params: Record<string, string> = {};
+  public context: Record<string, unknown> = {};
+
+  constructor(
+    public readonly id: string,
+    public readonly method: HTTPMethod,
+    public path: string,
+    public query: Record<string, string | string[]>,
+    public headers: Record<string, string | string[] | undefined>,
+    public body: unknown,
+    public cookies: Record<string, string>,
+    public readonly type: 'http' | 'socket',
+    public readonly ip: string | undefined,
+    public readonly protocol: 'http' | 'https' | 'ws' | 'wss',
+    public readonly secure: boolean,
+    public raw?: IncomingMessage
+  ) {}
+
+  get(field: string): string | undefined {
+    const key = field.toLowerCase();
+    const value = this.headers[key];
+    if (Array.isArray(value)) {
+      return value[0];
+    }
+    if (typeof value === 'number') {
+      return String(value);
+    }
+    return value as string | undefined;
+  }
+}
+
+export class SockressResponse {
+  private statusCode = 200;
+  private sent = false;
+  private headers: Record<string, string> = {};
+  private cookies: string[] = [];
+
+  constructor(
+    private readonly mode: RequestMode,
+    private readonly cors: CorsOptions,
+    private readonly allowedOrigin: string
+  ) {}
+
+  status(code: number): this {
+    this.statusCode = code;
+    return this;
+  }
+
+  set(field: string, value: string): this {
+    this.headers[field.toLowerCase()] = value;
+    return this;
+  }
+
+  append(field: string, value: string): this {
+    const current = this.headers[field.toLowerCase()];
+    if (current) {
+      this.headers[field.toLowerCase()] = `${current}, ${value}`;
+    } else {
+      this.headers[field.toLowerCase()] = value;
+    }
+    return this;
+  }
+
+  cookie(name: string, value: string, options: CookieSerializeOptions = {}): this {
+    this.cookies.push(serializeCookie(name, value, options));
+    return this;
+  }
+
+  clearCookie(name: string, options: CookieSerializeOptions = {}): this {
+    return this.cookie(name, '', { ...options, maxAge: 0 });
+  }
+
+  json(payload: unknown): this {
+    this.set('content-type', 'application/json; charset=utf-8');
+    return this.send(JSON.stringify(payload));
+  }
+
+  send(payload?: unknown): this {
+    if (this.sent) {
+      return this;
+    }
+    this.sent = true;
+    if (!this.headers['content-type'] && typeof payload === 'string') {
+      this.set('content-type', 'text/plain; charset=utf-8');
+    }
+    const headersWithCors = this.buildHeaders();
+    if (this.mode.kind === 'http') {
+      const res = this.mode.res;
+      res.statusCode = this.statusCode;
+      Object.entries(headersWithCors).forEach(([key, value]) => {
+        res.setHeader(key, value);
+      });
+      if (this.cookies.length) {
+        res.setHeader('Set-Cookie', this.cookies);
+      }
+      if (Buffer.isBuffer(payload)) {
+        res.end(payload);
+      } else if (typeof payload === 'string') {
+        res.end(payload);
+      } else if (payload === undefined || payload === null) {
+        res.end();
+      } else {
+        const buffer = Buffer.from(JSON.stringify(payload));
+        if (!this.headers['content-type']) {
+          res.setHeader('content-type', 'application/json; charset=utf-8');
+        }
+        res.end(buffer);
+      }
+      return this;
+    }
+
+    const message: OutgoingSocketMessage = {
+      type: 'response',
+      id: this.mode.requestId,
+      status: this.statusCode,
+      headers: headersWithCors,
+      body: payload,
+      cookies: this.cookies.length ? [...this.cookies] : undefined
+    };
+    this.mode.socket.send(JSON.stringify(message));
+    return this;
+  }
+
+  end(): this {
+    return this.send();
+  }
+
+  isSent(): boolean {
+    return this.sent;
+  }
+
+  private buildHeaders(): Record<string, string> {
+    const headers = { ...this.headers };
+    headers['access-control-allow-origin'] = this.allowedOrigin;
+    headers['access-control-allow-credentials'] = String(this.cors.credentials);
+    headers['access-control-allow-methods'] = this.cors.methods.join(', ');
+    headers['access-control-allow-headers'] = this.cors.allowedHeaders.join(', ');
+    headers['access-control-expose-headers'] = this.cors.exposedHeaders.join(', ');
+    headers['access-control-max-age'] = String(this.cors.maxAge);
+    return headers;
+  }
+}
+
+export class SockressApp {
+  private middlewares: MiddlewareLayer[] = [];
+  private routes: RouteLayer[] = [];
+  private server?: http.Server;
+  private wss?: WebSocketServer;
+  private heartbeatInterval?: NodeJS.Timeout;
+
+  constructor(private readonly config: NormalizedOptions) {}
+
+  static create(options?: SockressOptions): SockressApp {
+    return new SockressApp(normalizeOptions(options));
+  }
+
+  use(path: string, ...handlers: Array<SockressHandler | SockressErrorHandler>): this;
+  use(...handlers: Array<SockressHandler | SockressErrorHandler>): this;
+  use(
+    pathOrHandler: string | SockressHandler | SockressErrorHandler,
+    ...rest: Array<SockressHandler | SockressErrorHandler>
+  ): this {
+    let path = '/';
+    let stack: Array<SockressHandler | SockressErrorHandler> = [];
+    if (typeof pathOrHandler === 'string') {
+      path = pathOrHandler;
+      stack = rest;
+    } else {
+      stack = [pathOrHandler, ...rest];
+    }
+    if (!stack.length) {
+      throw new Error('use() requires at least one handler');
+    }
+    for (const handler of stack) {
+      if (!handler) continue;
+      this.middlewares.push({
+        path,
+        handler,
+        isErrorHandler: handler.length === 4
+      });
+    }
+    return this;
+  }
+
+  private register(method: HTTPMethod | 'ALL', path: string, handlers: Array<SockressHandler | SockressErrorHandler>): this {
+    if (!handlers.length) {
+      throw new Error(`Route ${method} ${path} requires at least one handler`);
+    }
+    this.routes.push({
+      method,
+      matcher: buildMatcher(path),
+      handlers
+    });
+    return this;
+  }
+
+  get(path: string, ...handlers: Array<SockressHandler | SockressErrorHandler>): this {
+    return this.register('GET', path, handlers);
+  }
+
+  post(path: string, ...handlers: Array<SockressHandler | SockressErrorHandler>): this {
+    return this.register('POST', path, handlers);
+  }
+
+  put(path: string, ...handlers: Array<SockressHandler | SockressErrorHandler>): this {
+    return this.register('PUT', path, handlers);
+  }
+
+  patch(path: string, ...handlers: Array<SockressHandler | SockressErrorHandler>): this {
+    return this.register('PATCH', path, handlers);
+  }
+
+  delete(path: string, ...handlers: Array<SockressHandler | SockressErrorHandler>): this {
+    return this.register('DELETE', path, handlers);
+  }
+
+  head(path: string, ...handlers: Array<SockressHandler | SockressErrorHandler>): this {
+    return this.register('HEAD', path, handlers);
+  }
+
+  options(path: string, ...handlers: Array<SockressHandler | SockressErrorHandler>): this {
+    return this.register('OPTIONS', path, handlers);
+  }
+
+  all(path: string, ...handlers: Array<SockressHandler | SockressErrorHandler>): this {
+    return this.register('ALL', path, handlers);
+  }
+
+  listen(port: number, host?: string, callback?: (address: AddressInfo) => void): http.Server {
+    if (this.server) {
+      throw new Error('Sockress server is already running');
+    }
+    const httpServer = http.createServer((req, res) => this.handleHttp(req, res));
+    const wss = new WebSocketServer({ noServer: true });
+    httpServer.on('upgrade', (req, socket, head) => {
+      const { pathname } = new URL(req.url ?? '/', `http://${req.headers.host || 'localhost'}`);
+      if (pathname !== this.config.socket.path) {
+        socket.destroy();
+        return;
+      }
+      if (!isOriginAllowed(req.headers.origin, this.config.cors.origin)) {
+        socket.destroy();
+        return;
+      }
+      wss.handleUpgrade(req, socket, head, (ws) => {
+        wss.emit('connection', ws, req);
+      });
+    });
+    wss.on('connection', (socket, req) => this.handleSocket(socket, req));
+    this.server = httpServer;
+    this.wss = wss;
+    const listener = httpServer.listen(port, host, () => {
+      const address = httpServer.address() as AddressInfo;
+      if (callback) callback(address);
+    });
+    this.startHeartbeat();
+    return listener;
+  }
+
+  async close(): Promise<void> {
+    await Promise.all([
+      this.server
+        ? new Promise<void>((resolve, reject) => this.server!.close((err) => (err ? reject(err) : resolve())))
+        : Promise.resolve(),
+      this.wss
+        ? new Promise<void>((resolve, reject) => this.wss!.close((err) => (err ? reject(err) : resolve())))
+        : Promise.resolve()
+    ]);
+    if (this.heartbeatInterval) {
+      clearInterval(this.heartbeatInterval);
+    }
+  }
+
+  private startHeartbeat(): void {
+    if (!this.wss) return;
+    this.heartbeatInterval = setInterval(() => {
+      this.wss?.clients.forEach((socket: WebSocket & { isAlive?: boolean }) => {
+        if (socket.isAlive === false) {
+          return socket.terminate();
+        }
+        socket.isAlive = false;
+        socket.ping();
+      });
+    }, this.config.socket.heartbeatInterval);
+  }
+
+  private async handleHttp(req: IncomingMessage, res: ServerResponse): Promise<void> {
+    try {
+      const { method = 'GET' } = req;
+      const url = new URL(req.url ?? '/', `http://${req.headers.host || 'localhost'}`);
+      const path = url.pathname || '/';
+      const query = parseQuery(url.searchParams);
+      const cookies = req.headers.cookie ? parseCookie(req.headers.cookie) : {};
+      const body = await readBody(req, this.config.bodyLimit);
+      const parsedBody = parseBody(body, req.headers['content-type']);
+      const secure = isSocketEncrypted(req.socket as Socket);
+      const sockressReq = new SockressRequestImpl(
+        nanoid(),
+        method.toUpperCase() as HTTPMethod,
+        path,
+        query,
+        req.headers,
+        parsedBody,
+        cookies,
+        'http',
+        getIp(req),
+        secure ? 'https' : 'http',
+        secure,
+        req
+      );
+      const origin = pickOrigin(req.headers.origin as string | undefined, this.config.cors.origin);
+      const sockressRes = new SockressResponse({ kind: 'http', req, res }, this.config.cors, origin);
+      if (sockressReq.method === 'OPTIONS') {
+        sockressRes.status(204).end();
+        return;
+      }
+      await this.runPipeline(sockressReq, sockressRes);
+    } catch (error) {
+      res.statusCode = 500;
+      res.setHeader('content-type', 'application/json; charset=utf-8');
+      res.end(JSON.stringify({ error: 'Internal Server Error', details: error instanceof Error ? error.message : error }));
+    }
+  }
+
+  private handleSocket(socket: WebSocket & { isAlive?: boolean }, req: IncomingMessage): void {
+    socket.isAlive = true;
+    socket.on('pong', () => {
+      socket.isAlive = true;
+    });
+    socket.on('message', async (raw) => {
+      try {
+        const payload = JSON.parse(raw.toString()) as IncomingSocketMessage;
+        if (payload.type !== 'request') {
+          return socket.send(JSON.stringify({ type: 'error', message: 'Unsupported message type' }));
+        }
+        const path = payload.path || '/';
+        const method = (payload.method || 'GET').toUpperCase() as HTTPMethod;
+        const query = payload.query ?? {};
+        const headers = payload.headers ?? {};
+        const cookies = headers.cookie ? parseCookie(headers.cookie) : {};
+        const secure = isSocketEncrypted(req.socket as Socket);
+        const sockressReq = new SockressRequestImpl(
+          payload.id ?? nanoid(),
+          method,
+          path,
+          query,
+          headers,
+          payload.body,
+          cookies,
+          'socket',
+          getIp(req),
+          secure ? 'wss' : 'ws',
+          secure
+        );
+        const origin = pickOrigin(req.headers.origin as string | undefined, this.config.cors.origin);
+        const sockressRes = new SockressResponse({ kind: 'socket', socket, requestId: sockressReq.id }, this.config.cors, origin);
+        await this.runPipeline(sockressReq, sockressRes);
+      } catch (error) {
+        const outgoing: OutgoingSocketMessage = {
+          type: 'error',
+          message: error instanceof Error ? error.message : 'Unexpected socket payload'
+        };
+        socket.send(JSON.stringify(outgoing));
+      }
+    });
+  }
+
+  private async runPipeline(req: SockressRequest, res: SockressResponse): Promise<void> {
+    const stack = this.composeStack(req, req.method);
+    let idx = 0;
+    const next: NextFunction = async (err?: unknown) => {
+      const layer = stack[idx++];
+      if (!layer) {
+        if (err) {
+          this.renderError(err, req, res);
+        } else if (!res.isSent()) {
+          res.status(404).json({ error: 'Not Found' });
+        }
+        return;
+      }
+      const handler = layer.handler;
+      const isErrorHandler = layer.isErrorHandler;
+      try {
+        if (err) {
+          if (isErrorHandler) {
+            await (handler as SockressErrorHandler)(err, req, res, next);
+          } else {
+            await next(err);
+          }
+          return;
+        }
+        if (isErrorHandler) {
+          await next();
+          return;
+        }
+        await (handler as SockressHandler)(req, res, next);
+      } catch (error) {
+        await next(error);
+      }
+    };
+    await next();
+  }
+
+  private composeStack(req: SockressRequest, method: HTTPMethod): PipelineLayer[] {
+    const { path } = req;
+    const stack: PipelineLayer[] = [];
+    for (const layer of this.middlewares) {
+      if (matchesPrefix(layer.path, path)) {
+        stack.push({
+          handler: layer.handler,
+          isErrorHandler: layer.isErrorHandler
+        });
+      }
+    }
+    for (const route of this.routes) {
+      if (route.method !== method && route.method !== 'ALL') {
+        continue;
+      }
+      const match = route.matcher.match(path);
+      if (!match) continue;
+      for (const handler of route.handlers) {
+        const isErrorHandler = handler.length === 4;
+        if (isErrorHandler) {
+          const wrapped: SockressErrorHandler = (err, request, res, next) => {
+            request.params = { ...match.params };
+            return (handler as SockressErrorHandler)(err, request, res, next);
+          };
+          stack.push({ handler: wrapped, isErrorHandler: true });
+        } else {
+          const wrapped: SockressHandler = (request, res, next) => {
+            request.params = { ...match.params };
+            return (handler as SockressHandler)(request, res, next);
+          };
+          stack.push({ handler: wrapped, isErrorHandler: false });
+        }
+      }
+    }
+    return stack;
+  }
+
+  private renderError(err: unknown, req: SockressRequest, res: SockressResponse): void {
+    if (res.isSent()) {
+      return;
+    }
+    res.status(500).json({
+      error: 'Internal Server Error',
+      details: err instanceof Error ? err.message : err
+    });
+  }
+}
+
+export function createSockress(options?: SockressOptions): SockressApp {
+  return SockressApp.create(options);
+}
+
+function normalizeOptions(options?: SockressOptions): NormalizedOptions {
+  const cors: CorsOptions = {
+    origin: options?.cors?.origin ?? '*',
+    credentials: options?.cors?.credentials ?? true,
+    methods: options?.cors?.methods ?? ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
+    allowedHeaders: options?.cors?.allowedHeaders ?? ['Content-Type', 'Authorization', 'X-Requested-With'],
+    exposedHeaders: options?.cors?.exposedHeaders ?? [],
+    maxAge: options?.cors?.maxAge ?? 600
+  };
+  const socket: SocketOptions = {
+    path: options?.socket?.path ?? '/sockress',
+    heartbeatInterval: options?.socket?.heartbeatInterval ?? 30_000,
+    idleTimeout: options?.socket?.idleTimeout ?? 120_000
+  };
+  const bodyLimit = options?.bodyLimit ?? 1_000_000;
+  return { cors, socket, bodyLimit };
+}
+
+function buildMatcher(path: string): PathMatcher {
+  if (path === '*' || path === '/*') {
+    return {
+      raw: path,
+      match: (incoming: string) => ({ params: { wild: incoming.replace(/^\//, '') } })
+    };
+  }
+  const keys: string[] = [];
+  const pattern = path
+    .split('/')
+    .map((segment) => {
+      if (!segment) return '';
+      if (segment.startsWith(':')) {
+        const key = segment.replace(/^:/, '').replace(/\?$/, '');
+        keys.push(key);
+        return segment.endsWith('?') ? '(?:\\/([^/]+))?' : '\\/([^/]+)';
+      }
+      if (segment === '*') {
+        keys.push('wild');
+        return '\\/(.*)';
+      }
+      return `\\/${segment.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}`;
+    })
+    .join('');
+  const regex = new RegExp(`^${pattern || '\\/'}\\/?$`);
+  return {
+    raw: path,
+    match: (incoming: string) => {
+      const exec = regex.exec(incoming === '' ? '/' : incoming);
+      if (!exec) {
+        return null;
+      }
+      const params: Record<string, string> = {};
+      keys.forEach((key, index) => {
+        const value = exec[index + 1];
+        if (value !== undefined) {
+          params[key] = decodeURIComponent(value);
+        }
+      });
+      return { params };
+    }
+  };
+}
+
+async function readBody(req: IncomingMessage, limit: number): Promise<Buffer> {
+  return new Promise<Buffer>((resolve, reject) => {
+    const chunks: Buffer[] = [];
+    let total = 0;
+    req.on('data', (chunk: Buffer) => {
+      total += chunk.length;
+      if (total > limit) {
+        reject(new Error('Payload too large'));
+        req.destroy();
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on('end', () => resolve(Buffer.concat(chunks)));
+    req.on('error', (err) => reject(err));
+  });
+}
+
+function parseBody(buffer: Buffer, contentType?: string): unknown {
+  if (!buffer.length) return undefined;
+  const type = contentType?.split(';')[0].trim().toLowerCase();
+  if (type === 'application/json') {
+    const text = buffer.toString('utf8');
+    return text ? JSON.parse(text) : undefined;
+  }
+  if (type === 'application/x-www-form-urlencoded') {
+    const params = new URLSearchParams(buffer.toString('utf8'));
+    const result: Record<string, string | string[]> = {};
+    for (const [key, value] of params.entries()) {
+      if (result[key]) {
+        const existing = result[key];
+        result[key] = Array.isArray(existing) ? [...existing, value] : [existing as string, value];
+      } else {
+        result[key] = value;
+      }
+    }
+    return result;
+  }
+  return buffer;
+}
+
+function parseQuery(searchParams: URLSearchParams): Record<string, string | string[]> {
+  const result: Record<string, string | string[]> = {};
+  for (const [key, value] of searchParams.entries()) {
+    if (result[key]) {
+      const existing = result[key];
+      result[key] = Array.isArray(existing) ? [...existing, value] : [existing as string, value];
+    } else {
+      result[key] = value;
+    }
+  }
+  return result;
+}
+
+function matchesPrefix(base: string, path: string): boolean {
+  if (base === '/' || base === '') return true;
+  if (!base.startsWith('/')) {
+    base = `/${base}`;
+  }
+  return path === base || path.startsWith(`${base}/`);
+}
+
+function getIp(req: IncomingMessage): string | undefined {
+  const forwarded = req.headers['x-forwarded-for'];
+  if (Array.isArray(forwarded)) {
+    return forwarded[0];
+  }
+  if (typeof forwarded === 'string') {
+    return forwarded.split(',')[0].trim();
+  }
+  return req.socket.remoteAddress ?? undefined;
+}
+
+function isOriginAllowed(originHeader: string | undefined, allowed: string | string[]): boolean {
+  if (!originHeader || allowed === '*') return true;
+  if (Array.isArray(allowed)) {
+    return allowed.includes(originHeader);
+  }
+  return allowed === originHeader;
+}
+
+function pickOrigin(requestOrigin: string | undefined, allowed: string | string[]): string {
+  if (allowed === '*') return '*';
+  if (Array.isArray(allowed)) {
+    if (requestOrigin && allowed.includes(requestOrigin)) {
+      return requestOrigin;
+    }
+    return allowed[0] ?? '*';
+  }
+  return allowed;
+}
+
+function isSocketEncrypted(socket: Socket): boolean {
+  return socket instanceof TLSSocket && Boolean(socket.encrypted);
+}
+