sst 3.0.0 → 3.0.1-1

package/node/future/auth/handler.js

@@ -1,280 +0,0 @@
-import { createSigner, createVerifier } from "fast-jwt";
-import { ApiHandler, useCookie, useCookies, useFormValue, usePathParam, useQueryParam, useQueryParams, useResponse, } from "../../api/index.js";
-import { Config } from "../../config/index.js";
-export class UnknownProviderError {
-    provider;
-    constructor(provider) {
-        this.provider = provider;
-    }
-}
-export function AuthHandler(input) {
-    return ApiHandler(async (evt) => {
-        const step = usePathParam("step");
-        if (!step) {
-            if (input.onIndex) {
-                return input.onIndex(evt);
-            }
-            const clients = (await input.clients?.()) || {};
-            return {
-                statusCode: 200,
-                headers: {
-                    "Content-Type": "text/html",
-                },
-                body: `
-          <html>
-          <head>
-            <link rel="icon" href="data:,">
-          </head>
-            <body>
-            <table>
-              <tr>${Object.keys(clients).map((client) => `<td>${client}</td>`)}</tr>
-            ${Object.keys(input.providers).map((name) => {
-                    return `<tr>
-                ${Object.keys(clients).map((client_id) => {
-                        const redirect_uri = clients[client_id];
-                        return `<td><a href="/authorize?provider=${name}&response_type=token&client_id=${client_id}&redirect_uri=${redirect_uri}">${name} - ${client_id}</a></td>`;
-                    })}
-              </tr>`;
-                })}
-            </table>
-            </body>
-          </html>
-        `,
-            };
-        }
-        if (step === "favicon.ico") {
-            return {
-                statusCode: 404,
-            };
-        }
-        if (step === "token") {
-            if (useFormValue("grant_type") !== "authorization_code") {
-                return {
-                    statusCode: 400,
-                    body: "Invalid grant_type",
-                };
-            }
-            const code = useFormValue("code");
-            if (!code) {
-                return {
-                    statusCode: 400,
-                    body: "Missing code",
-                };
-            }
-            // @ts-expect-error
-            const pub = Config[process.env.AUTH_ID + "PublicKey"];
-            const verified = createVerifier({
-                algorithms: ["RS512"],
-                key: pub,
-            })(code);
-            if (verified.redirect_uri !== useFormValue("redirect_uri")) {
-                return {
-                    statusCode: 400,
-                    body: "redirect_uri mismatch",
-                };
-            }
-            if (verified.client_id !== useFormValue("client_id")) {
-                return {
-                    statusCode: 400,
-                    body: "client_id mismatch",
-                };
-            }
-            return {
-                statusCode: 200,
-                headers: {
-                    "content-type": "application/json",
-                },
-                body: JSON.stringify({
-                    access_token: verified.token,
-                }),
-            };
-        }
-        let provider = useCookie("provider");
-        if (step === "authorize") {
-            provider = useQueryParam("provider");
-            if (input.onAuthorize) {
-                const result = await input.onAuthorize(evt);
-                if (result)
-                    provider = result;
-            }
-            if (!provider) {
-                return {
-                    statusCode: 400,
-                    body: "Missing provider",
-                };
-            }
-            const { response_type, client_id, redirect_uri, state } = {
-                ...useCookies(),
-                ...useQueryParams(),
-            };
-            if (!redirect_uri) {
-                return {
-                    statusCode: 400,
-                    body: "Missing redirect_uri",
-                };
-            }
-            if (!provider) {
-                return {
-                    statusCode: 400,
-                    body: "Missing provider",
-                };
-            }
-            if (!response_type) {
-                return {
-                    statusCode: 400,
-                    body: "Missing response_type",
-                };
-            }
-            if (!client_id) {
-                return {
-                    statusCode: 400,
-                    body: "Missing client_id",
-                };
-            }
-            if (input.clients) {
-                const clients = await input.clients();
-                if (clients[client_id] !== redirect_uri) {
-                    return {
-                        statusCode: 400,
-                        body: "Invalid redirect_uri",
-                    };
-                }
-            }
-            if (input.allowClient &&
-                !(await input.allowClient(client_id, redirect_uri))) {
-                return {
-                    statusCode: 400,
-                    body: "Invalid redirect_uri",
-                };
-            }
-            useResponse().cookies({
-                provider: provider,
-                response_type: response_type,
-                client_id: client_id,
-                redirect_uri: redirect_uri,
-                state: state || "",
-            }, {
-                maxAge: 60 * 15,
-                secure: true,
-                sameSite: "None",
-                httpOnly: true,
-            });
-        }
-        if (!provider || !input.providers[provider]) {
-            const response = input.onError?.(new UnknownProviderError(provider));
-            if (response)
-                return response;
-            return {
-                statusCode: 400,
-                body: `Was not able to find provider "${String(provider)}"`,
-                headers: {
-                    "Content-Type": "text/html",
-                },
-            };
-        }
-        const adapter = input.providers[provider];
-        const result = await adapter(evt);
-        if (result.type === "step") {
-            return result.properties;
-        }
-        if (result.type === "success") {
-            const onSuccess = await input.onSuccess({
-                provider,
-                ...result.properties,
-            }, {
-                http(input) {
-                    return {
-                        type: "http",
-                        properties: input,
-                    };
-                },
-                session(input) {
-                    return {
-                        type: "session",
-                        properties: input,
-                    };
-                },
-            });
-            console.log("onSuccess", onSuccess);
-            if (onSuccess.type === "session") {
-                const { type, properties, ...rest } = onSuccess.properties;
-                // @ts-expect-error
-                const priv = Config[process.env.AUTH_ID + "PrivateKey"];
-                const signer = createSigner({
-                    ...rest,
-                    key: priv,
-                    algorithm: "RS512",
-                });
-                const token = signer({
-                    type,
-                    properties,
-                });
-                useResponse()
-                    .cookie({
-                    key: "sst_auth_token",
-                    value: token,
-                    maxAge: 10 * 365 * 24 * 60 * 60,
-                })
-                    .cookies({
-                    provider: "",
-                    response_type: "",
-                    client_id: "",
-                    redirect_uri: "",
-                    state: "",
-                }, {
-                    expires: new Date(1),
-                });
-                const { client_id, response_type, redirect_uri, state } = {
-                    ...useCookies(),
-                    ...useQueryParams(),
-                };
-                if (response_type === "token") {
-                    const location = new URL(redirect_uri);
-                    location.hash = `access_token=${token}&state=${state || ""}`;
-                    return {
-                        statusCode: 302,
-                        headers: {
-                            Location: location.href,
-                        },
-                    };
-                }
-                if (response_type === "code") {
-                    // This allows the code to be reused within a 30 second window
-                    // The code should be single use but we're making this tradeoff to remain stateless
-                    // In the future can store this in a dynamo table to ensure single use
-                    const code = createSigner({
-                        expiresIn: 1000 * 60 * 5,
-                        key: priv,
-                        algorithm: "RS512",
-                    })({
-                        client_id,
-                        redirect_uri,
-                        token: token,
-                    });
-                    const location = new URL(redirect_uri);
-                    location.searchParams.set("code", code);
-                    location.searchParams.set("state", state || "");
-                    return {
-                        statusCode: 302,
-                        headers: {
-                            Location: location.href,
-                        },
-                    };
-                }
-                return {
-                    statusCode: 400,
-                    body: `Unsupported response_type: ${response_type}`,
-                };
-            }
-            if (onSuccess.type === "http") {
-                return onSuccess.properties;
-            }
-        }
-        if (result.type === "error") {
-            return {
-                statusCode: 400,
-                body: "an error has occured",
-            };
-        }
-    });
-}

package/node/future/auth/index.d.ts

@@ -1,17 +0,0 @@
-export interface AuthResources {
-}
-export declare const Auth: AuthResources;
-export * from "./adapter/oidc.js";
-export * from "./adapter/google.js";
-export * from "./adapter/link.js";
-export * from "./adapter/github.js";
-export * from "./adapter/facebook.js";
-export * from "./adapter/microsoft.js";
-export * from "./adapter/oauth.js";
-export * from "./adapter/spotify.js";
-export * from "./adapter/code.js";
-export type { Adapter } from "./adapter/adapter.js";
-export * from "./session.js";
-export * from "./handler.js";
-export * from "./encryption.js";
-export { Issuer } from "openid-client";

package/node/future/auth/index.js

@@ -1,15 +0,0 @@
-import { createProxy } from "../../util/index.js";
-export const Auth = /* @__PURE__ */ createProxy("Auth");
-export * from "./adapter/oidc.js";
-export * from "./adapter/google.js";
-export * from "./adapter/link.js";
-export * from "./adapter/github.js";
-export * from "./adapter/facebook.js";
-export * from "./adapter/microsoft.js";
-export * from "./adapter/oauth.js";
-export * from "./adapter/spotify.js";
-export * from "./adapter/code.js";
-export * from "./session.js";
-export * from "./handler.js";
-export * from "./encryption.js";
-export { Issuer } from "openid-client";

package/node/future/auth/session.d.ts

@@ -1,71 +0,0 @@
-import { SignerOptions } from "fast-jwt";
-export interface SessionTypes {
-    public: {};
-}
-export type SessionValue = {
-    [type in keyof SessionTypes]: {
-        type: type;
-        properties: SessionTypes[type];
-    };
-}[keyof SessionTypes];
-export declare function useSession<T = SessionValue>(): T;
-/**
- * Creates a new session token with provided information
- *
- * @example
- * ```js
- * Session.create({
- *   type: "user",
- *   properties: {
- *     userID: "123"
- *   }
- * })
- * ```
- */
-declare function create<T extends keyof SessionTypes>(input: {
-    type: T;
-    properties: SessionTypes[T];
-    options?: Partial<SignerOptions>;
-}): string;
-/**
- * Verifies a session token and returns the session data
- *
- * @example
- * ```js
- * Session.verify()
- * ```
- */
-declare function verify<T = SessionValue>(token: string): T | {
-    type: string;
-    properties: {};
-};
-export declare const Session: {
-    create: typeof create;
-    verify: typeof verify;
-};
-export type SessionBuilder = ReturnType<typeof createSessionBuilder>;
-export declare function createSessionBuilder<SessionTypes extends Record<string, any> = {}>(): {
-    create<T extends ({ [type in keyof SessionTypes]: {
-        type: type;
-        properties: SessionTypes[type];
-    }; }[keyof SessionTypes] | {
-        type: "public";
-        properties: {};
-    })["type"]>(type: T, properties: SessionTypes[T], options?: Partial<SignerOptions>): string;
-    verify(token: string): { [type in keyof SessionTypes]: {
-        type: type;
-        properties: SessionTypes[type];
-    }; }[keyof SessionTypes] | {
-        type: "public";
-        properties: {};
-    };
-    use(): { [type in keyof SessionTypes]: {
-        type: type;
-        properties: SessionTypes[type];
-    }; }[keyof SessionTypes] | {
-        type: "public";
-        properties: {};
-    };
-    $type: SessionTypes;
-};
-export {};

package/node/future/auth/session.js

@@ -1,146 +0,0 @@
-import { createSigner, createVerifier } from "fast-jwt";
-import { Context } from "../../../context/context2.js";
-import { useCookie, useHeader } from "../../api/index.js";
-import { Auth } from "../../auth/index.js";
-import { Config } from "../../config/index.js";
-import { useContextType } from "../../../context/handler.js";
-const SessionMemo = /* @__PURE__ */ Context.memo(() => {
-    // Get the context type and hooks that match that type
-    let token = "";
-    // Websockets don't lowercase headers
-    const header = useHeader("authorization") || useHeader("Authorization");
-    if (header)
-        token = header.substring(7);
-    const ctxType = useContextType();
-    const cookie = ctxType === "api" ? useCookie("sst_auth_token") : undefined;
-    if (cookie)
-        token = cookie;
-    // WebSocket may also set the token in the protocol header
-    // TODO: Once https://github.com/sst/sst/pull/2838 is merged,
-    // then we should no longer need to check both casing for the header.
-    const wsProtocol = ctxType === "ws"
-        ? useHeader("sec-websocket-protocol") ||
-            useHeader("Sec-WebSocket-Protocol")
-        : undefined;
-    if (wsProtocol)
-        token = wsProtocol.split(",")[0].trim();
-    if (token) {
-        return Session.verify(token);
-    }
-    return {
-        type: "public",
-        properties: {},
-    };
-});
-// This is a crazy TS hack to prevent the types from being evaluated too soon
-export function useSession() {
-    const ctx = SessionMemo();
-    return ctx;
-}
-function getPublicKey() {
-    // This is the auth function accessing the public key
-    if (process.env.AUTH_ID) {
-        // @ts-expect-error
-        const key = Config[process.env.AUTH_ID + "PublicKey"];
-        if (key)
-            return key;
-    }
-    const [first] = Object.values(Auth);
-    if (!first)
-        throw new Error("No auth provider found. Did you forget to add one?");
-    return first.publicKey;
-}
-/**
- * Creates a new session token with provided information
- *
- * @example
- * ```js
- * Session.create({
- *   type: "user",
- *   properties: {
- *     userID: "123"
- *   }
- * })
- * ```
- */
-function create(input) {
-    // @ts-expect-error
-    const key = Config[process.env.AUTH_ID + "PrivateKey"];
-    const signer = createSigner({
-        ...input.options,
-        key,
-        algorithm: "RS512",
-    });
-    const token = signer({
-        type: input.type,
-        properties: input.properties,
-    });
-    return token;
-}
-/**
- * Verifies a session token and returns the session data
- *
- * @example
- * ```js
- * Session.verify()
- * ```
- */
-function verify(token) {
-    if (token) {
-        try {
-            const jwt = createVerifier({
-                algorithms: ["RS512"],
-                key: getPublicKey(),
-            })(token);
-            return jwt;
-        }
-        catch (e) { }
-    }
-    return {
-        type: "public",
-        properties: {},
-    };
-}
-export const Session = {
-    create,
-    verify,
-};
-export function createSessionBuilder() {
-    return {
-        create(type, properties, options) {
-            // @ts-expect-error
-            const key = Config[process.env.AUTH_ID + "PrivateKey"];
-            const signer = createSigner({
-                ...options,
-                key,
-                algorithm: "RS512",
-            });
-            const token = signer({
-                type: type,
-                properties: properties,
-            });
-            return token;
-        },
-        verify(token) {
-            if (token) {
-                try {
-                    const jwt = createVerifier({
-                        algorithms: ["RS512"],
-                        key: getPublicKey(),
-                    })(token);
-                    return jwt;
-                }
-                catch (e) { }
-            }
-            return {
-                type: "public",
-                properties: {},
-            };
-        },
-        use() {
-            const ctx = SessionMemo();
-            return ctx;
-        },
-        $type: {},
-    };
-}

package/node/graphql/index.d.ts

@@ -1,15 +0,0 @@
-import { APIGatewayProxyEventV2, Context } from "aws-lambda";
-import { YogaServerOptions } from "graphql-yoga";
-type ServerContext = {
-    event: APIGatewayProxyEventV2;
-    context: Context;
-};
-export declare function GraphQLHandler<UserContext extends {}>(options: YogaServerOptions<ServerContext, UserContext>): (event: APIGatewayProxyEventV2, context: Context) => Promise<{
-    statusCode: number;
-    headers: {
-        [k: string]: string;
-    };
-    body: string;
-    isBase64Encoded: boolean;
-}>;
-export {};

package/node/graphql/index.js

@@ -1,32 +0,0 @@
-import { createYoga } from "graphql-yoga";
-import { Handler, useEvent, useLambdaContext } from "../../context/handler.js";
-export function GraphQLHandler(options) {
-    const yoga = createYoga({
-        graphqlEndpoint: process.env.GRAPHQL_ENDPOINT,
-        ...options,
-    });
-    return Handler("api", async () => {
-        const event = useEvent("api");
-        const parameters = new URLSearchParams(event.queryStringParameters || {}).toString();
-        const url = `${event.rawPath}?${parameters}`;
-        const request = {
-            method: event.requestContext.http.method,
-            headers: event.headers,
-            body: event.body
-                ? Buffer.from(event.body, event.isBase64Encoded ? "base64" : "utf8")
-                : undefined,
-        };
-        const serverContext = {
-            event,
-            context: useLambdaContext(),
-        };
-        const response = await yoga.fetch(url, request, serverContext);
-        const responseHeaders = Object.fromEntries(response.headers.entries());
-        return {
-            statusCode: response.status,
-            headers: responseHeaders,
-            body: await response.text(),
-            isBase64Encoded: false,
-        };
-    });
-}

package/node/job/index.d.ts

@@ -1,37 +0,0 @@
-export interface JobResources {
-}
-export interface JobTypes {
-}
-export type JobRunProps<T extends keyof JobResources> = {
-    payload?: JobTypes[T];
-};
-export type JobType = {
-    [T in keyof JobResources]: ReturnType<typeof JobControl<T>>;
-};
-export declare const Job: JobType;
-declare function JobControl<Name extends keyof JobResources>(name: Name, vars: Record<string, string>): {
-    run(props: JobRunProps<Name>): Promise<{
-        jobId: string;
-    }>;
-    cancel(jobId: string): Promise<void>;
-};
-/**
- * Create a new job handler.
- *
- * @example
- * ```ts
- * declare module "sst/node/job" {
- *   export interface JobTypes {
- *     MyJob: {
- *       title: string;
- *     };
- *   }
- * }
- *
- * export const handler = JobHandler("MyJob", async (payload) => {
- *   console.log(payload.title);
- * })
- * ```
- */
-export declare function JobHandler<C extends keyof JobResources>(name: C, cb: (payload: JobTypes[C]) => void): (event: any) => void;
-export {};

package/node/job/index.js

@@ -1,64 +0,0 @@
-import { createProxy, getVariables2 } from "../util/index.js";
-import { InvokeCommand, LambdaClient } from "@aws-sdk/client-lambda";
-const lambda = new LambdaClient({});
-export const Job = /* @__PURE__ */ (() => {
-    const result = createProxy("Job");
-    const vars = getVariables2("Job");
-    Object.keys(vars).forEach((name) => {
-        // @ts-expect-error
-        result[name] = JobControl(name, vars[name]);
-    });
-    return result;
-})();
-function JobControl(name, vars) {
-    const functionName = vars.functionName;
-    return {
-        async run(props) {
-            // Invoke the Lambda function
-            const ret = await lambda.send(new InvokeCommand({
-                FunctionName: functionName,
-                Payload: Buffer.from(JSON.stringify({ action: "run", payload: props?.payload })),
-            }));
-            if (ret.FunctionError) {
-                throw new Error(`Failed to invoke the "${name}" job. Error: ${ret.FunctionError}`);
-            }
-            const resp = JSON.parse(Buffer.from(ret.Payload).toString());
-            return {
-                jobId: resp.jobId,
-            };
-        },
-        async cancel(jobId) {
-            // Invoke the Lambda function
-            const ret = await lambda.send(new InvokeCommand({
-                FunctionName: functionName,
-                Payload: Buffer.from(JSON.stringify({ action: "cancel", jobId })),
-            }));
-            if (ret.FunctionError) {
-                throw new Error(`Failed to cancel the "${name}" job id ${jobId}. Error: ${ret.FunctionError}`);
-            }
-        },
-    };
-}
-/**
- * Create a new job handler.
- *
- * @example
- * ```ts
- * declare module "sst/node/job" {
- *   export interface JobTypes {
- *     MyJob: {
- *       title: string;
- *     };
- *   }
- * }
- *
- * export const handler = JobHandler("MyJob", async (payload) => {
- *   console.log(payload.title);
- * })
- * ```
- */
-export function JobHandler(name, cb) {
-    return function handler(event) {
-        return cb(event);
-    };
-}

package/node/kinesis-stream/index.d.ts

@@ -1,3 +0,0 @@
-export interface KinesisStreamResources {
-}
-export declare const KinesisStream: KinesisStreamResources;

package/node/kinesis-stream/index.js

@@ -1,3 +0,0 @@
-import { createProxy } from "../util/index.js";
-export const KinesisStream = 
-/* @__PURE__ */ createProxy("KinesisStream");