wrangler 2.0.23 → 2.0.26

package/src/whoami.tsx

@@ -3,7 +3,7 @@ import Table from "ink-table";
 import React from "react";
 import { fetchListResult, fetchResult } from "./cfetch";
 import { logger } from "./logger";
-import { getAPIToken, getAuthFromEnv } from "./user";
+import { getAPIToken, getAuthFromEnv, getScopes } from "./user";
 
 export async function whoami() {
 	logger.log("Getting User settings...");
@@ -17,6 +17,10 @@ export function WhoAmI({ user }: { user: UserInfo | undefined }) {
 		<>
 			<Email tokenType={user.authType} email={user.email}></Email>
 			<Accounts accounts={user.accounts}></Accounts>
+			<Permissions
+				tokenType={user.authType}
+				tokenPermissions={user.tokenPermissions}
+			/>
 		</>
 	) : (
 		<Text>You are not authenticated. Please run `wrangler login`.</Text>
@@ -46,17 +50,51 @@ function Accounts(props: { accounts: AccountInfo[] }) {
 	return <Table data={accounts}></Table>;
 }
 
+function Permissions(props: {
+	tokenPermissions: string[] | undefined;
+	tokenType: string;
+}) {
+	const permissions =
+		props.tokenPermissions?.map((scope) => scope.split(":")) || [];
+	return props.tokenType === "OAuth Token" ? (
+		props.tokenPermissions ? (
+			<>
+				<Text>
+					🔓 Token Permissions: If scopes are missing, you may need to logout
+					and re-login.
+				</Text>
+				<Text>Scope (Access)</Text>
+				{permissions.map(([type, name]) => (
+					<>
+						<Text>
+							- {type} {name && `(${name})`}
+						</Text>
+					</>
+				))}
+			</>
+		) : null
+	) : (
+		<Text>
+			🔓 To see token permissions visit
+			https://dash.cloudflare.com/profile/api-tokens
+		</Text>
+	);
+}
+
 export interface UserInfo {
 	apiToken: string;
 	authType: string;
 	email: string | undefined;
 	accounts: AccountInfo[];
+	tokenPermissions: string[] | undefined;
 }
 
 export async function getUserInfo(): Promise<UserInfo | undefined> {
 	const apiToken = getAPIToken();
 	if (!apiToken) return;
 
+	const tokenPermissions = await getTokenPermissions();
+
 	const usingEnvAuth = !!getAuthFromEnv();
 	const usingGlobalAuthKey = "authKey" in apiToken;
 	return {
@@ -68,6 +106,7 @@ export async function getUserInfo(): Promise<UserInfo | undefined> {
 			: "OAuth Token",
 		email: "authEmail" in apiToken ? apiToken.authEmail : await getEmail(),
 		accounts: await getAccounts(),
+		tokenPermissions,
 	};
 }
 
@@ -89,3 +128,42 @@ type AccountInfo = { name: string; id: string };
 async function getAccounts(): Promise<AccountInfo[]> {
 	return await fetchListResult<AccountInfo>("/accounts");
 }
+
+async function getTokenPermissions(): Promise<string[] | undefined> {
+	// Tokens can either be API tokens or Oauth tokens.
+	// Here we only extract permissions from OAuth tokens.
+
+	return getScopes() as string[];
+
+	// In future we may be able to get the token permissions on an API token,
+	// but currently we cannot as that permission is not able to be added to
+	// an API token.
+
+	// try {
+	// 	// First we get the token identifier (only returned on API tokens)
+	// 	const { id } = await fetchResult<{ id: string }>("/user/tokens/verify");
+
+	// 	// Get the token permissions for the current token
+	// 	const { policies } = await fetchResult<{
+	// 		policies: { id: string; name: string }[];
+	// 	}>(`/user/tokens/${id}`);
+
+	// 	return policies.map((p) => p.name);
+	// } catch (e) {
+	// 	if ((e as { code?: number }).code === 1000) {
+	// 		// Invalid token - Oauth token
+
+	// 		// Get scopes
+	// 		const scopes = getScopes() as string[];
+	// 		// We may not get scopes back if they are not currently cached,
+	// 		// however next time an access token is requested,
+	// 		// the scopes will be added to the cache.
+	// 		return scopes;
+	// 	} else if ((e as { code?: number }).code === 9109) {
+	// 		// Token cannot view its permissions
+	// 		return undefined;
+	// 	} else {
+	// 		throw e;
+	// 	}
+	// }
+}

package/src/worker.ts

@@ -127,6 +127,16 @@ interface CfWorkerNamespace {
 	namespace: string;
 }
 
+interface CfLogfwdr {
+	schema: string | undefined;
+	bindings: CfLogfwdrBinding[];
+}
+
+interface CfLogfwdrBinding {
+	name: string;
+	destination: string;
+}
+
 interface CfUnsafeBinding {
 	name: string;
 	type: string;
@@ -174,6 +184,7 @@ export interface CfWorkerInit {
 		r2_buckets: CfR2Bucket[] | undefined;
 		services: CfService[] | undefined;
 		worker_namespaces: CfWorkerNamespace[] | undefined;
+		logfwdr: CfLogfwdr | undefined;
 		unsafe: CfUnsafeBinding[] | undefined;
 	};
 	migrations: CfDurableObjectMigrations | undefined;
@@ -188,4 +199,5 @@ export interface CfWorkerContext {
 	zone: string | undefined;
 	host: string | undefined;
 	routes: Route[] | undefined;
+	sendMetrics: boolean | undefined;
 }

package/templates/first-party-worker-module-facade.ts

@@ -0,0 +1,18 @@
+// @ts-ignore entry point will get replaced
+import worker from "__ENTRY_POINT__";
+// @ts-ignore entry point will get replaced
+export * from "__ENTRY_POINT__";
+
+type Env = {
+	// TODO: type this
+};
+
+/**
+ * Setup globals/vars as required
+ */
+
+export default {
+	async fetch(request: Request, env: Env, ctx: ExecutionContext) {
+		return worker.fetch(request, env, ctx);
+	},
+};

package/templates/format-dev-errors.ts

@@ -0,0 +1,32 @@
+// @ts-expect-error We'll swap in the entry point during build
+import Worker from "__ENTRY_POINT__";
+
+// @ts-expect-error
+export * from "__ENTRY_POINT__";
+
+export default {
+	async fetch(req: Request, env: unknown, ctx: ExecutionContext) {
+		try {
+			return await Worker.fetch(req, env, ctx);
+		} catch (err) {
+			return new Response(
+				`<!DOCTYPE html>
+<html>
+	<head>
+		<meta charset="utf-8" />
+		<title>Error</title>
+	</head>
+	<body>
+		<pre>${(err as Error).stack}</pre>
+	</body>
+</html>`,
+				{
+					status: 500,
+					headers: {
+						"Content-Type": "text/html",
+					},
+				}
+			);
+		}
+	},
+};

package/templates/pages-template-plugin.ts

@@ -1,5 +1,8 @@
 import { match } from "path-to-regexp";
 
+//note: this explicitly does not include the * character, as pages requires this
+const escapeRegex = /[.+?^${}()|[\]\\]/g;
+
 type HTTPMethod =
 	| "HEAD"
 	| "OPTIONS"
@@ -67,8 +70,13 @@ function* executeRequest(request: Request, relativePathname: string) {
 			continue;
 		}
 
-		const routeMatcher = match(route.routePath, { end: false });
-		const mountMatcher = match(route.mountPath, { end: false });
+		// replaces with "\\$&", this prepends a backslash to the matched string, e.g. "[" becomes "\["
+		const routeMatcher = match(route.routePath.replace(escapeRegex, "\\$&"), {
+			end: false,
+		});
+		const mountMatcher = match(route.mountPath.replace(escapeRegex, "\\$&"), {
+			end: false,
+		});
 		const matchResult = routeMatcher(relativePathname);
 		const mountMatchResult = mountMatcher(relativePathname);
 		if (matchResult && mountMatchResult) {
@@ -88,8 +96,12 @@ function* executeRequest(request: Request, relativePathname: string) {
 			continue;
 		}
 
-		const routeMatcher = match(route.routePath, { end: true });
-		const mountMatcher = match(route.mountPath, { end: false });
+		const routeMatcher = match(route.routePath.replace(escapeRegex, "\\$&"), {
+			end: true,
+		});
+		const mountMatcher = match(route.mountPath.replace(escapeRegex, "\\$&"), {
+			end: false,
+		});
 		const matchResult = routeMatcher(relativePathname);
 		const mountMatchResult = mountMatcher(relativePathname);
 		if (matchResult && mountMatchResult && route.modules.length) {

package/templates/pages-template-worker.ts

@@ -1,5 +1,8 @@
 import { match } from "path-to-regexp";
 
+//note: this explicitly does not include the * character, as pages requires this
+const escapeRegex = /[.+?^${}()|[\]\\]/g;
+
 type HTTPMethod =
 	| "HEAD"
 	| "OPTIONS"
@@ -61,8 +64,13 @@ function* executeRequest(request: Request) {
 			continue;
 		}
 
-		const routeMatcher = match(route.routePath, { end: false });
-		const mountMatcher = match(route.mountPath, { end: false });
+		// replaces with "\\$&", this prepends a backslash to the matched string, e.g. "[" becomes "\["
+		const routeMatcher = match(route.routePath.replace(escapeRegex, "\\$&"), {
+			end: false,
+		});
+		const mountMatcher = match(route.mountPath.replace(escapeRegex, "\\$&"), {
+			end: false,
+		});
 		const matchResult = routeMatcher(requestPath);
 		const mountMatchResult = mountMatcher(requestPath);
 		if (matchResult && mountMatchResult) {
@@ -81,9 +89,12 @@ function* executeRequest(request: Request) {
 		if (route.method && route.method !== request.method) {
 			continue;
 		}
-
-		const routeMatcher = match(route.routePath, { end: true });
-		const mountMatcher = match(route.mountPath, { end: false });
+		const routeMatcher = match(route.routePath.replace(escapeRegex, "\\$&"), {
+			end: true,
+		});
+		const mountMatcher = match(route.mountPath.replace(escapeRegex, "\\$&"), {
+			end: false,
+		});
 		const matchResult = routeMatcher(requestPath);
 		const mountMatchResult = mountMatcher(requestPath);
 		if (matchResult && mountMatchResult && route.modules.length) {

package/templates/{static-asset-facade.js → serve-static-assets.ts}

@@ -1,25 +1,40 @@
-// DO NOT IMPORT THIS DIRECTLY
+// @ts-expect-error
 import worker from "__ENTRY_POINT__";
 import {
 	getAssetFromKV,
 	NotFoundError,
 	MethodNotAllowedError,
+	// @ts-expect-error
 } from "__KV_ASSET_HANDLER__";
+// @ts-expect-error
 import manifest from "__STATIC_CONTENT_MANIFEST";
+import type * as kvAssetHandler from "@cloudflare/kv-asset-handler";
+
 const ASSET_MANIFEST = JSON.parse(manifest);
 
+// @ts-expect-error
+export * from "__ENTRY_POINT__";
+
 export default {
-	async fetch(request, env, ctx) {
+	async fetch(
+		request: Request,
+		env: { __STATIC_CONTENT: string },
+		ctx: ExecutionContext
+	) {
 		let options = {
 			ASSET_MANIFEST,
 			ASSET_NAMESPACE: env.__STATIC_CONTENT,
+			cacheControl: __CACHE_CONTROL_OPTIONS__,
+			serveSinglePageApp: __SERVE_SINGLE_PAGE_APP__,
 		};
 
 		try {
-			const page = await getAssetFromKV(
+			const page = await (
+				getAssetFromKV as typeof kvAssetHandler.getAssetFromKV
+			)(
 				{
 					request,
-					waitUntil(promise) {
+					waitUntil(promise: Promise<unknown>) {
 						return ctx.waitUntil(promise);
 					},
 				},
@@ -39,11 +54,10 @@ export default {
 		} catch (e) {
 			if (e instanceof NotFoundError || e instanceof MethodNotAllowedError) {
 				// if a known error is thrown then serve from actual worker
-				return worker.fetch(request, env, ctx);
+				return await worker.fetch(request, env, ctx);
 			}
 			// otherwise it's a real error, so throw it
-			console.error(e);
-			return new Response(e.message, { status: 500 });
+			throw e;
 		}
 	},
 };

package/templates/service-bindings-module-facade.js

@@ -0,0 +1,54 @@
+import worker from "__ENTRY_POINT__";
+const Workers = __WORKERS__;
+
+export * from "__ENTRY_POINT__";
+
+export default {
+	async fetch(req, env, ctx) {
+		const facadeEnv = { ...env };
+		// For every Worker definition that's available,
+		// create a fetcher for it on the facade env.
+		// for const [name,  binding] of env
+		// if Workers[name]
+		// const details = Workers[name];
+
+		for (const [name, details] of Object.entries(Workers)) {
+			if (details) {
+				facadeEnv[name] = {
+					async fetch(...reqArgs) {
+						const reqFromArgs = new Request(...reqArgs);
+						if (details.headers) {
+							for (const [key, value] of Object.entries(details.headers)) {
+								// In remote mode, you need to add a couple of headers
+								// to make sure it's talking to the 'dev' preview session
+								// (much like wrangler dev already does via proxy.ts)
+								reqFromArgs.headers.set(key, value);
+							}
+							return env[name].fetch(reqFromArgs);
+						}
+
+						const url = new URL(reqFromArgs.url);
+						url.protocol = details.protocol;
+						url.host = details.host;
+						if (details.port !== undefined) url.port = details.port;
+
+						const request = new Request(url.toString(), reqFromArgs);
+						return fetch(request);
+					},
+				};
+			} else {
+				// This means there's no dev binding available.
+				// Let's use whatever's available, or put a shim with a message.
+				facadeEnv[name] = facadeEnv[name] || {
+					async fetch() {
+						return new Response(
+							`You should start up wrangler dev --local on the ${name} worker`,
+							{ status: 404 }
+						);
+					},
+				};
+			}
+		}
+		return worker.fetch(req, facadeEnv, ctx);
+	},
+};

package/templates/service-bindings-sw-facade.js

@@ -0,0 +1,42 @@
+import "__ENTRY_POINT__";
+const Workers = __WORKERS__;
+
+// For every Worker definition that's available,
+// create a fetcher for it on the facade env.
+for (const [name, details] of Object.entries(Workers)) {
+	if (details) {
+		globalThis[name] = {
+			async fetch(...reqArgs) {
+				const reqFromArgs = new Request(...reqArgs);
+				if (details.headers) {
+					for (const [key, value] of Object.entries(details.headers)) {
+						// In remote mode, you need to add a couple of headers
+						// to make sure it's talking to the 'dev' preview session
+						// (much like wrangler dev already does via proxy.ts)
+						reqFromArgs.headers.set(key, value);
+					}
+					return env[name].fetch(reqFromArgs);
+				}
+
+				const url = new URL(reqFromArgs.url);
+				url.protocol = details.protocol;
+				url.host = details.host;
+				if (details.port !== undefined) url.port = details.port;
+
+				const request = new Request(url.toString(), reqFromArgs);
+				return fetch(request);
+			},
+		};
+	} else {
+		// This means it's a local mode binding
+		// but hasn't started up locally yet.
+		globalThis[name] = {
+			async fetch() {
+				return new Response(
+					`You should start up wrangler dev --local on the ${name} worker`,
+					{ status: 404 }
+				);
+			},
+		};
+	}
+}

package/wrangler-dist/cli.d.ts

@@ -33,6 +33,7 @@ declare interface DevOptions {
     env?: string;
     ip?: string;
     port?: number;
+    inspectorPort?: number;
     localProtocol?: "http" | "https";
     assets?: string;
     site?: string;
@@ -40,6 +41,7 @@ declare interface DevOptions {
     siteExclude?: string[];
     nodeCompat?: boolean;
     compatibilityDate?: string;
+    compatibilityFlags?: string[];
     experimentalEnableLocalPersistence?: boolean;
     liveReload?: boolean;
     watch?: boolean;
@@ -57,6 +59,11 @@ declare interface DevOptions {
         script_name?: string | undefined;
         environment?: string | undefined;
     }[];
+    r2?: {
+        binding: string;
+        bucket_name: string;
+        preview_bucket_name?: string;
+    }[];
     showInteractiveDevSession?: boolean;
     logLevel?: "none" | "error" | "log" | "warn" | "debug";
     logPrefix?: string;