sst 2.36.7 → 2.37.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/constructs/AstroSite.js +25 -23
- package/constructs/RDS.js +1 -0
- package/constructs/future/Auth.js +4 -0
- package/constructs/util/functionBinding.d.ts +3 -0
- package/constructs/util/functionBinding.js +3 -0
- package/context/index.d.ts +1 -1
- package/context/index.js +1 -1
- package/node/future/auth/adapter/apple.d.ts +16 -0
- package/node/future/auth/adapter/apple.js +80 -0
- package/package.json +2 -2
- package/support/custom-resources/index.mjs +2 -1
- package/context/context.d.ts +0 -13
- package/context/context.js +0 -69
package/constructs/AstroSite.js
CHANGED
|
@@ -28,38 +28,40 @@ export class AstroSite extends SsrSite {
|
|
|
28
28
|
return JSON.parse(readFileSync(filePath, "utf-8"));
|
|
29
29
|
}
|
|
30
30
|
static getCFRoutingFunction({ routes, pageResolution, }) {
|
|
31
|
-
const serializedRoutes =
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
31
|
+
const serializedRoutes = routes.map((route) => ({
|
|
32
|
+
rt: route.route,
|
|
33
|
+
pt: new RegExp(route.pattern),
|
|
34
|
+
t: route.type[1],
|
|
35
|
+
pr: route.prerender === true ? true : undefined,
|
|
36
|
+
rp: route.redirectPath,
|
|
37
|
+
rs: route.redirectStatus,
|
|
38
|
+
}));
|
|
39
|
+
function objectToString(obj) {
|
|
40
|
+
return `{ ${Object.entries(obj)
|
|
41
|
+
.filter(([_, value]) => value !== undefined)
|
|
42
|
+
.map(([key, value]) => `${key}: ${typeof value === "string" ? `'${value}'` : value}`)
|
|
43
|
+
.join(", ")} }`;
|
|
44
|
+
}
|
|
45
|
+
return `
|
|
46
|
+
var routes = [${serializedRoutes.map(objectToString).join(", ")}]
|
|
47
|
+
var match = routes.find((route) => route.pt.test(request.uri));
|
|
48
|
+
if (match) {
|
|
49
|
+
if (match.t === "r") {
|
|
50
|
+
var redirectPath = match.rp;
|
|
51
|
+
(match.pt.exec(request.uri) || []).forEach((match, index) => {
|
|
52
|
+
redirectPath = redirectPath.replace(\`\\\${\${index}}\`, match)
|
|
50
53
|
});
|
|
51
|
-
var statusCode = matchedRoute.redirectStatus || 308;
|
|
52
54
|
return {
|
|
53
|
-
statusCode,
|
|
55
|
+
statusCode: match.rs || 308,
|
|
54
56
|
headers: { location: { value: redirectPath } },
|
|
55
57
|
};
|
|
56
|
-
} else if (
|
|
58
|
+
} else if (match.t === "p" && match.pr) {
|
|
57
59
|
${pageResolution === "file"
|
|
58
60
|
? `request.uri = request.uri === "/" ? "/index.html" : request.uri.replace(/\\/?$/, ".html");`
|
|
59
61
|
: `request.uri = request.uri.replace(/\\/?$/, "/index.html");`}
|
|
60
62
|
}
|
|
61
63
|
}
|
|
62
|
-
|
|
64
|
+
`;
|
|
63
65
|
}
|
|
64
66
|
plan() {
|
|
65
67
|
const { path: sitePath } = this.props;
|
package/constructs/RDS.js
CHANGED
|
@@ -15,6 +15,9 @@ export function bindEnvironment(c) {
|
|
|
15
15
|
else if (variable.type === "secret_reference") {
|
|
16
16
|
environment[envName] = placeholderSecretReferenceValue(variable.secret);
|
|
17
17
|
}
|
|
18
|
+
else if (variable.type === "auth_id") {
|
|
19
|
+
environment["AUTH_ID"] = variable.value;
|
|
20
|
+
}
|
|
18
21
|
});
|
|
19
22
|
}
|
|
20
23
|
return environment;
|
package/context/index.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export
|
|
1
|
+
export { Context } from "./context2.js";
|
|
2
2
|
export * from "./handler.js";
|
package/context/index.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export
|
|
1
|
+
export { Context } from "./context2.js";
|
|
2
2
|
export * from "./handler.js";
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { OauthConfig } from "./oauth.js";
|
|
2
|
+
export declare const AppleAdapter: (config: OauthConfig) => () => Promise<{
|
|
3
|
+
type: "success";
|
|
4
|
+
properties: {
|
|
5
|
+
tokenset: import("openid-client").TokenSet;
|
|
6
|
+
client: import("openid-client").BaseClient;
|
|
7
|
+
};
|
|
8
|
+
} | {
|
|
9
|
+
type: "step";
|
|
10
|
+
properties: {
|
|
11
|
+
statusCode: number;
|
|
12
|
+
headers: {
|
|
13
|
+
location: string;
|
|
14
|
+
};
|
|
15
|
+
};
|
|
16
|
+
} | undefined>;
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
import { generators, Issuer } from "openid-client";
|
|
2
|
+
import { useBody, useCookie, useDomainName, usePathParam, useResponse, } from "../../../api/index.js";
|
|
3
|
+
const querystring = require("querystring");
|
|
4
|
+
// This adapter support the OAuth flow with the response_mode "form_post" for now.
|
|
5
|
+
// More details about the flow:
|
|
6
|
+
// https://developer.apple.com/documentation/devicemanagement/user_enrollment/onboarding_users_with_account_sign-in/implementing_the_oauth2_authentication_user-enrollment_flow
|
|
7
|
+
//
|
|
8
|
+
// Also note that Apple's discover uri does not work for the OAuth flow, as the
|
|
9
|
+
// userinfo_endpoint are not included in the response.
|
|
10
|
+
// await Issuer.discover("https://appleid.apple.com/.well-known/openid-configuration/");
|
|
11
|
+
const issuer = await Issuer.discover("https://appleid.apple.com/.well-known/openid-configuration");
|
|
12
|
+
export const AppleAdapter =
|
|
13
|
+
/* @__PURE__ */
|
|
14
|
+
(config) => {
|
|
15
|
+
return async function () {
|
|
16
|
+
const step = usePathParam("step");
|
|
17
|
+
const callback = "https://" + useDomainName() + "/callback";
|
|
18
|
+
console.log("callback", callback);
|
|
19
|
+
const client = new issuer.Client({
|
|
20
|
+
client_id: config.clientID,
|
|
21
|
+
client_secret: config.clientSecret,
|
|
22
|
+
redirect_uris: [callback],
|
|
23
|
+
response_types: ["code"],
|
|
24
|
+
});
|
|
25
|
+
if (step === "authorize" || step === "connect") {
|
|
26
|
+
const code_verifier = generators.codeVerifier();
|
|
27
|
+
const state = generators.state();
|
|
28
|
+
const code_challenge = generators.codeChallenge(code_verifier);
|
|
29
|
+
const url = client.authorizationUrl({
|
|
30
|
+
scope: config.scope,
|
|
31
|
+
code_challenge: code_challenge,
|
|
32
|
+
code_challenge_method: "S256",
|
|
33
|
+
state,
|
|
34
|
+
prompt: config.prompt,
|
|
35
|
+
...config.params,
|
|
36
|
+
});
|
|
37
|
+
useResponse().cookies({
|
|
38
|
+
auth_code_verifier: code_verifier,
|
|
39
|
+
auth_state: state,
|
|
40
|
+
}, {
|
|
41
|
+
httpOnly: true,
|
|
42
|
+
secure: true,
|
|
43
|
+
maxAge: 60 * 10,
|
|
44
|
+
sameSite: "None",
|
|
45
|
+
});
|
|
46
|
+
return {
|
|
47
|
+
type: "step",
|
|
48
|
+
properties: {
|
|
49
|
+
statusCode: 302,
|
|
50
|
+
headers: {
|
|
51
|
+
location: url,
|
|
52
|
+
},
|
|
53
|
+
},
|
|
54
|
+
};
|
|
55
|
+
}
|
|
56
|
+
if (step === "callback") {
|
|
57
|
+
let params;
|
|
58
|
+
if (config &&
|
|
59
|
+
config.params &&
|
|
60
|
+
config.params.response_mode === "form_post") {
|
|
61
|
+
const body = useBody();
|
|
62
|
+
params = querystring.parse(body);
|
|
63
|
+
}
|
|
64
|
+
const code_verifier = useCookie("auth_code_verifier");
|
|
65
|
+
const state = useCookie("auth_state");
|
|
66
|
+
const tokenset = await client["callback"](callback, params, {
|
|
67
|
+
code_verifier,
|
|
68
|
+
state,
|
|
69
|
+
});
|
|
70
|
+
const x = {
|
|
71
|
+
type: "success",
|
|
72
|
+
properties: {
|
|
73
|
+
tokenset,
|
|
74
|
+
client,
|
|
75
|
+
},
|
|
76
|
+
};
|
|
77
|
+
return x;
|
|
78
|
+
}
|
|
79
|
+
};
|
|
80
|
+
};
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"sideEffects": false,
|
|
3
3
|
"name": "sst",
|
|
4
|
-
"version": "2.
|
|
4
|
+
"version": "2.37.0",
|
|
5
5
|
"bin": {
|
|
6
6
|
"sst": "cli/sst.js"
|
|
7
7
|
},
|
|
@@ -120,7 +120,7 @@
|
|
|
120
120
|
"@types/ws": "^8.5.3",
|
|
121
121
|
"@types/yargs": "^17.0.13",
|
|
122
122
|
"archiver": "^5.3.1",
|
|
123
|
-
"astro-sst": "2.
|
|
123
|
+
"astro-sst": "2.37.0",
|
|
124
124
|
"async": "^3.2.4",
|
|
125
125
|
"tsx": "^3.12.1",
|
|
126
126
|
"typescript": "^5.2.2",
|
|
@@ -154593,7 +154593,8 @@ var handler = (event) => {
|
|
|
154593
154593
|
return event.RequestType ? customResourceEventHandler(event) : lambdaEventHandler(event);
|
|
154594
154594
|
};
|
|
154595
154595
|
var customResourceEventHandler = wrapper(async (cfnRequest) => {
|
|
154596
|
-
|
|
154596
|
+
const { ResponseURL, ...other } = cfnRequest;
|
|
154597
|
+
log("Handling custom resource event", other);
|
|
154597
154598
|
switch (cfnRequest.ResourceType) {
|
|
154598
154599
|
case "Custom::AuthKeys":
|
|
154599
154600
|
await AuthKeys(cfnRequest);
|
package/context/context.d.ts
DELETED
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
export declare const Context: {
|
|
2
|
-
create: typeof create;
|
|
3
|
-
reset: typeof reset;
|
|
4
|
-
memo: typeof memo;
|
|
5
|
-
};
|
|
6
|
-
declare function create<C>(cb?: (() => C) | string, name?: string): {
|
|
7
|
-
use(): C;
|
|
8
|
-
reset(): void;
|
|
9
|
-
provide(value: C): void;
|
|
10
|
-
};
|
|
11
|
-
declare function reset(): void;
|
|
12
|
-
export declare function memo<C>(cb: () => C, name?: string): () => C;
|
|
13
|
-
export {};
|
package/context/context.js
DELETED
|
@@ -1,69 +0,0 @@
|
|
|
1
|
-
export const Context = {
|
|
2
|
-
create,
|
|
3
|
-
reset,
|
|
4
|
-
memo,
|
|
5
|
-
};
|
|
6
|
-
const state = {
|
|
7
|
-
requestID: "",
|
|
8
|
-
contexts: new Map(),
|
|
9
|
-
tracking: [],
|
|
10
|
-
};
|
|
11
|
-
function create(cb, name) {
|
|
12
|
-
const id = typeof cb === "string" ? cb : name || Symbol(cb?.toString());
|
|
13
|
-
return {
|
|
14
|
-
use() {
|
|
15
|
-
let result = state.contexts.get(id);
|
|
16
|
-
if (!result) {
|
|
17
|
-
if (!cb || typeof cb === "string")
|
|
18
|
-
throw new Error(`"${String(id)}" context was not provided.`);
|
|
19
|
-
state.tracking.push(id);
|
|
20
|
-
const value = cb();
|
|
21
|
-
state.tracking.pop();
|
|
22
|
-
result = {
|
|
23
|
-
value,
|
|
24
|
-
dependants: new Set(),
|
|
25
|
-
};
|
|
26
|
-
state.contexts.set(id, result);
|
|
27
|
-
}
|
|
28
|
-
const last = state.tracking[state.tracking.length - 1];
|
|
29
|
-
// Use is being called within another context booting up so mark it as a dependent
|
|
30
|
-
if (last)
|
|
31
|
-
result.dependants.add(last);
|
|
32
|
-
return result.value;
|
|
33
|
-
},
|
|
34
|
-
reset() {
|
|
35
|
-
resetDependencies(id);
|
|
36
|
-
state.contexts.delete(id);
|
|
37
|
-
},
|
|
38
|
-
provide(value) {
|
|
39
|
-
// If a new request has started, automatically clear all contexts
|
|
40
|
-
const requestID = global[Symbol.for("aws.lambda.runtime.requestId")];
|
|
41
|
-
if (state.requestID !== requestID) {
|
|
42
|
-
state.requestID = requestID;
|
|
43
|
-
reset();
|
|
44
|
-
}
|
|
45
|
-
// If the context is already set, we need to reset its dependants
|
|
46
|
-
resetDependencies(id);
|
|
47
|
-
state.contexts.set(id, {
|
|
48
|
-
value,
|
|
49
|
-
dependants: new Set(),
|
|
50
|
-
});
|
|
51
|
-
},
|
|
52
|
-
};
|
|
53
|
-
}
|
|
54
|
-
function reset() {
|
|
55
|
-
state.contexts.clear();
|
|
56
|
-
}
|
|
57
|
-
function resetDependencies(id) {
|
|
58
|
-
const info = state.contexts.get(id);
|
|
59
|
-
if (!info)
|
|
60
|
-
return;
|
|
61
|
-
for (const dependantID of info.dependants) {
|
|
62
|
-
state.contexts.delete(dependantID);
|
|
63
|
-
resetDependencies(dependantID);
|
|
64
|
-
}
|
|
65
|
-
}
|
|
66
|
-
export function memo(cb, name) {
|
|
67
|
-
const ctx = create(cb, name);
|
|
68
|
-
return ctx.use;
|
|
69
|
-
}
|