wrangler 2.0.22 → 2.0.25

package/src/user/user.tsx

@@ -262,6 +262,7 @@ interface State extends AuthTokens {
 interface AuthTokens {
 	accessToken?: AccessToken;
 	refreshToken?: RefreshToken;
+	scopes?: Scope[];
 	/** @deprecated - this field was only provided by the deprecated `wrangler1 config` command. */
 	apiToken?: string;
 }
@@ -279,6 +280,7 @@ export interface UserAuthConfig {
 	oauth_token?: string;
 	refresh_token?: string;
 	expiration_time?: string;
+	scopes?: string[];
 	/** @deprecated - this field was only provided by the deprecated `wrangler1 config` command. */
 	api_token?: string;
 }
@@ -355,7 +357,7 @@ function getAuthTokens(config?: UserAuthConfig): AuthTokens | undefined {
 		if (getAuthFromEnv()) return;
 
 		// otherwise try loading from the user auth config file.
-		const { oauth_token, refresh_token, expiration_time, api_token } =
+		const { oauth_token, refresh_token, expiration_time, scopes, api_token } =
 			config || readAuthConfigFile();
 
 		if (oauth_token) {
@@ -366,6 +368,7 @@ function getAuthTokens(config?: UserAuthConfig): AuthTokens | undefined {
 					expiry: expiration_time ?? "2000-01-01:00:00:00+00:00",
 				},
 				refreshToken: { value: refresh_token ?? "" },
+				scopes: scopes as Scope[],
 			};
 		} else if (api_token) {
 			logger.warn(
@@ -959,6 +962,7 @@ export async function login(props?: LoginProps): Promise<boolean> {
 							oauth_token: exchange.token?.value ?? "",
 							expiration_time: exchange.token?.expiry,
 							refresh_token: exchange.refreshToken?.value,
+							scopes: exchange.scopes,
 						});
 						res.writeHead(307, {
 							Location:
@@ -1003,8 +1007,14 @@ async function refreshToken(): Promise<boolean> {
 				expiry: "",
 			},
 			refreshToken: { value: refresh_token } = {},
+			scopes,
 		} = await exchangeRefreshTokenForAccessToken();
-		writeAuthConfigFile({ oauth_token, expiration_time, refresh_token });
+		writeAuthConfigFile({
+			oauth_token,
+			expiration_time,
+			refresh_token,
+			scopes,
+		});
 		return true;
 	} catch (err) {
 		return false;
@@ -1169,3 +1179,11 @@ export function getAccountFromCache():
 		"wrangler-account.json"
 	).account;
 }
+
+/**
+ * Get the scopes of the following token, will only return scopes
+ * if the token is an OAuth token.
+ */
+export function getScopes(): Scope[] | undefined {
+	return LocalState.scopes;
+}

package/src/whoami.tsx

@@ -3,7 +3,7 @@ import Table from "ink-table";
 import React from "react";
 import { fetchListResult, fetchResult } from "./cfetch";
 import { logger } from "./logger";
-import { getAPIToken, getAuthFromEnv } from "./user";
+import { getAPIToken, getAuthFromEnv, getScopes } from "./user";
 
 export async function whoami() {
 	logger.log("Getting User settings...");
@@ -17,6 +17,10 @@ export function WhoAmI({ user }: { user: UserInfo | undefined }) {
 		<>
 			<Email tokenType={user.authType} email={user.email}></Email>
 			<Accounts accounts={user.accounts}></Accounts>
+			<Permissions
+				tokenType={user.authType}
+				tokenPermissions={user.tokenPermissions}
+			/>
 		</>
 	) : (
 		<Text>You are not authenticated. Please run `wrangler login`.</Text>
@@ -46,17 +50,51 @@ function Accounts(props: { accounts: AccountInfo[] }) {
 	return <Table data={accounts}></Table>;
 }
 
+function Permissions(props: {
+	tokenPermissions: string[] | undefined;
+	tokenType: string;
+}) {
+	const permissions =
+		props.tokenPermissions?.map((scope) => scope.split(":")) || [];
+	return props.tokenType === "OAuth Token" ? (
+		props.tokenPermissions ? (
+			<>
+				<Text>
+					🔓 Token Permissions: If scopes are missing, you may need to logout
+					and re-login.
+				</Text>
+				<Text>Scope (Access)</Text>
+				{permissions.map(([type, name]) => (
+					<>
+						<Text>
+							- {type} {name && `(${name})`}
+						</Text>
+					</>
+				))}
+			</>
+		) : null
+	) : (
+		<Text>
+			🔓 To see token permissions visit
+			https://dash.cloudflare.com/profile/api-tokens
+		</Text>
+	);
+}
+
 export interface UserInfo {
 	apiToken: string;
 	authType: string;
 	email: string | undefined;
 	accounts: AccountInfo[];
+	tokenPermissions: string[] | undefined;
 }
 
 export async function getUserInfo(): Promise<UserInfo | undefined> {
 	const apiToken = getAPIToken();
 	if (!apiToken) return;
 
+	const tokenPermissions = await getTokenPermissions();
+
 	const usingEnvAuth = !!getAuthFromEnv();
 	const usingGlobalAuthKey = "authKey" in apiToken;
 	return {
@@ -68,6 +106,7 @@ export async function getUserInfo(): Promise<UserInfo | undefined> {
 			: "OAuth Token",
 		email: "authEmail" in apiToken ? apiToken.authEmail : await getEmail(),
 		accounts: await getAccounts(),
+		tokenPermissions,
 	};
 }
 
@@ -89,3 +128,42 @@ type AccountInfo = { name: string; id: string };
 async function getAccounts(): Promise<AccountInfo[]> {
 	return await fetchListResult<AccountInfo>("/accounts");
 }
+
+async function getTokenPermissions(): Promise<string[] | undefined> {
+	// Tokens can either be API tokens or Oauth tokens.
+	// Here we only extract permissions from OAuth tokens.
+
+	return getScopes() as string[];
+
+	// In future we may be able to get the token permissions on an API token,
+	// but currently we cannot as that permission is not able to be added to
+	// an API token.
+
+	// try {
+	// 	// First we get the token identifier (only returned on API tokens)
+	// 	const { id } = await fetchResult<{ id: string }>("/user/tokens/verify");
+
+	// 	// Get the token permissions for the current token
+	// 	const { policies } = await fetchResult<{
+	// 		policies: { id: string; name: string }[];
+	// 	}>(`/user/tokens/${id}`);
+
+	// 	return policies.map((p) => p.name);
+	// } catch (e) {
+	// 	if ((e as { code?: number }).code === 1000) {
+	// 		// Invalid token - Oauth token
+
+	// 		// Get scopes
+	// 		const scopes = getScopes() as string[];
+	// 		// We may not get scopes back if they are not currently cached,
+	// 		// however next time an access token is requested,
+	// 		// the scopes will be added to the cache.
+	// 		return scopes;
+	// 	} else if ((e as { code?: number }).code === 9109) {
+	// 		// Token cannot view its permissions
+	// 		return undefined;
+	// 	} else {
+	// 		throw e;
+	// 	}
+	// }
+}

package/src/worker.ts

@@ -127,6 +127,16 @@ interface CfWorkerNamespace {
 	namespace: string;
 }
 
+interface CfLogfwdr {
+	schema: string | undefined;
+	bindings: CfLogfwdrBinding[];
+}
+
+interface CfLogfwdrBinding {
+	name: string;
+	destination: string;
+}
+
 interface CfUnsafeBinding {
 	name: string;
 	type: string;
@@ -174,6 +184,7 @@ export interface CfWorkerInit {
 		r2_buckets: CfR2Bucket[] | undefined;
 		services: CfService[] | undefined;
 		worker_namespaces: CfWorkerNamespace[] | undefined;
+		logfwdr: CfLogfwdr | undefined;
 		unsafe: CfUnsafeBinding[] | undefined;
 	};
 	migrations: CfDurableObjectMigrations | undefined;
@@ -188,4 +199,5 @@ export interface CfWorkerContext {
 	zone: string | undefined;
 	host: string | undefined;
 	routes: Route[] | undefined;
+	sendMetrics: boolean | undefined;
 }

package/templates/first-party-worker-module-facade.ts

@@ -0,0 +1,18 @@
+// @ts-ignore entry point will get replaced
+import worker from "__ENTRY_POINT__";
+// @ts-ignore entry point will get replaced
+export * from "__ENTRY_POINT__";
+
+type Env = {
+	// TODO: type this
+};
+
+/**
+ * Setup globals/vars as required
+ */
+
+export default {
+	async fetch(request: Request, env: Env, ctx: ExecutionContext) {
+		return worker.fetch(request, env, ctx);
+	},
+};

package/templates/format-dev-errors.ts

@@ -0,0 +1,32 @@
+// @ts-expect-error We'll swap in the entry point during build
+import Worker from "__ENTRY_POINT__";
+
+// @ts-expect-error
+export * from "__ENTRY_POINT__";
+
+export default {
+	async fetch(req: Request, env: unknown, ctx: ExecutionContext) {
+		try {
+			return await Worker.fetch(req, env, ctx);
+		} catch (err) {
+			return new Response(
+				`<!DOCTYPE html>
+<html>
+	<head>
+		<meta charset="utf-8" />
+		<title>Error</title>
+	</head>
+	<body>
+		<pre>${(err as Error).stack}</pre>
+	</body>
+</html>`,
+				{
+					status: 500,
+					headers: {
+						"Content-Type": "text/html",
+					},
+				}
+			);
+		}
+	},
+};

package/templates/pages-shim.ts

@@ -0,0 +1,9 @@
+// This Worker is used as a default when no Pages Functions are present.
+// It proxies the request directly on to the asset server binding.
+
+export default {
+	async fetch(request, env, context) {
+		const response = await env.ASSETS.fetch(request.url, request);
+		return new Response(response.body, response);
+	},
+};

package/templates/{static-asset-facade.js → serve-static-assets.ts}

@@ -1,25 +1,40 @@
-// DO NOT IMPORT THIS DIRECTLY
+// @ts-expect-error
 import worker from "__ENTRY_POINT__";
 import {
 	getAssetFromKV,
 	NotFoundError,
 	MethodNotAllowedError,
+	// @ts-expect-error
 } from "__KV_ASSET_HANDLER__";
+// @ts-expect-error
 import manifest from "__STATIC_CONTENT_MANIFEST";
+import type * as kvAssetHandler from "@cloudflare/kv-asset-handler";
+
 const ASSET_MANIFEST = JSON.parse(manifest);
 
+// @ts-expect-error
+export * from "__ENTRY_POINT__";
+
 export default {
-	async fetch(request, env, ctx) {
+	async fetch(
+		request: Request,
+		env: { __STATIC_CONTENT: string },
+		ctx: ExecutionContext
+	) {
 		let options = {
 			ASSET_MANIFEST,
 			ASSET_NAMESPACE: env.__STATIC_CONTENT,
+			cacheControl: __CACHE_CONTROL_OPTIONS__,
+			serveSinglePageApp: __SERVE_SINGLE_PAGE_APP__,
 		};
 
 		try {
-			const page = await getAssetFromKV(
+			const page = await (
+				getAssetFromKV as typeof kvAssetHandler.getAssetFromKV
+			)(
 				{
 					request,
-					waitUntil(promise) {
+					waitUntil(promise: Promise<unknown>) {
 						return ctx.waitUntil(promise);
 					},
 				},
@@ -39,11 +54,10 @@ export default {
 		} catch (e) {
 			if (e instanceof NotFoundError || e instanceof MethodNotAllowedError) {
 				// if a known error is thrown then serve from actual worker
-				return worker.fetch(request, env, ctx);
+				return await worker.fetch(request, env, ctx);
 			}
 			// otherwise it's a real error, so throw it
-			console.error(e);
-			return new Response(e.message, { status: 500 });
+			throw e;
 		}
 	},
 };

package/templates/service-bindings-module-facade.js

@@ -0,0 +1,51 @@
+import worker from "__ENTRY_POINT__";
+const Workers = __WORKERS__;
+
+export * from "__ENTRY_POINT__";
+
+export default {
+	async fetch(req, env, ctx) {
+		const facadeEnv = { ...env };
+		// For every Worker definition that's available,
+		// create a fetcher for it on the facade env.
+		// for const [name,  binding] of env
+		// if Workers[name]
+		// const details = Workers[name];
+
+		for (const [name, details] of Object.entries(Workers)) {
+			if (details) {
+				facadeEnv[name] = {
+					async fetch(...reqArgs) {
+						if (details.headers) {
+							const req = new Request(...reqArgs);
+							for (const [key, value] of Object.entries(details.headers)) {
+								// In remote mode, you need to add a couple of headers
+								// to make sure it's talking to the 'dev' preview session
+								// (much like wrangler dev already does via proxy.ts)
+								req.headers.set(key, value);
+							}
+							return env[name].fetch(req);
+						}
+						const url = `${details.protocol}://${details.host}${
+							details.port ? `:${details.port}` : ""
+						}`;
+						const request = new Request(url, ...reqArgs);
+						return fetch(request);
+					},
+				};
+			} else {
+				// This means there's no dev binding available.
+				// Let's use whatever's available, or put a shim with a message.
+				facadeEnv[name] = facadeEnv[name] || {
+					async fetch() {
+						return new Response(
+							`You should start up wrangler dev --local on the ${name} worker`,
+							{ status: 404 }
+						);
+					},
+				};
+			}
+		}
+		return worker.fetch(req, facadeEnv, ctx);
+	},
+};

package/templates/service-bindings-sw-facade.js

@@ -0,0 +1,39 @@
+import "__ENTRY_POINT__";
+const Workers = __WORKERS__;
+
+// For every Worker definition that's available,
+// create a fetcher for it on the facade env.
+for (const [name, details] of Object.entries(Workers)) {
+	if (details) {
+		globalThis[name] = {
+			async fetch(...reqArgs) {
+				if (details.headers) {
+					const req = new Request(...reqArgs);
+					for (const [key, value] of Object.entries(details.headers)) {
+						// In remote mode, you need to add a couple of headers
+						// to make sure it's talking to the 'dev' preview session
+						// (much like wrangler dev already does via proxy.ts)
+						req.headers.set(key, value);
+					}
+					return env[name].fetch(req);
+				}
+				const url = `${details.protocol}://${details.host}${
+					details.port ? `:${details.port}` : ""
+				}`;
+				const request = new Request(url, ...reqArgs);
+				return fetch(request);
+			},
+		};
+	} else {
+		// This means it's a local mode binding
+		// but hasn't started up locally yet.
+		globalThis[name] = {
+			async fetch() {
+				return new Response(
+					`You should start up wrangler dev --local on the ${name} worker`,
+					{ status: 404 }
+				);
+			},
+		};
+	}
+}

package/wrangler-dist/cli.d.ts

@@ -33,15 +33,49 @@ declare interface DevOptions {
     env?: string;
     ip?: string;
     port?: number;
+    inspectorPort?: number;
     localProtocol?: "http" | "https";
     assets?: string;
     site?: string;
     siteInclude?: string[];
     siteExclude?: string[];
     nodeCompat?: boolean;
+    compatibilityDate?: string;
     experimentalEnableLocalPersistence?: boolean;
-    _: (string | number)[];
-    $0: string;
+    liveReload?: boolean;
+    watch?: boolean;
+    vars: {
+        [key: string]: unknown;
+    };
+    kv?: {
+        binding: string;
+        id: string;
+        preview_id?: string;
+    }[];
+    durableObjects?: {
+        name: string;
+        class_name: string;
+        script_name?: string | undefined;
+        environment?: string | undefined;
+    }[];
+    r2?: {
+        binding: string;
+        bucket_name: string;
+        preview_bucket_name?: string;
+    }[];
+    showInteractiveDevSession?: boolean;
+    logLevel?: "none" | "error" | "log" | "warn" | "debug";
+    logPrefix?: string;
+    inspect?: boolean;
+    forceLocal?: boolean;
+    enablePagesAssetsServiceBinding?: EnablePagesAssetsServiceBindingOptions;
+    _?: (string | number)[];
+    $0?: string;
+}
+
+declare interface EnablePagesAssetsServiceBindingOptions {
+    proxyPort?: number;
+    directory?: string;
 }
 
 declare class File extends Blob_2 {
@@ -290,9 +324,10 @@ declare interface SpecIterator<T, TReturn = any, TNext = undefined> {
  *  @param {string} script
  *  @param {DevOptions} options
  */
-export declare function unstable_dev(script: string, options: DevOptions): Promise<{
+export declare function unstable_dev(script: string, options: DevOptions, disableExperimentalWarning?: boolean): Promise<{
     stop: () => void;
     fetch: (init?: RequestInit | undefined) => Promise<Response | undefined>;
+    waitUntilExit: () => Promise<void>;
 }>;
 
 export { }