Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →
@prsm/arc-server
Advanced tools
@prsm/arc-server - npm Package Compare versions
+1
-1
@@ -1,1 +0,1 @@ | ||
| var V=Object.create;var f=Object.defineProperty;var j=Object.getOwnPropertyDescriptor;var Q=Object.getOwnPropertyNames;var N=Object.getPrototypeOf,L=Object.prototype.hasOwnProperty;var D=(n,e,t)=>e in n?f(n,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):n[e]=t;var _=(n,e)=>{for(var t in e)f(n,t,{get:e[t],enumerable:!0})},k=(n,e,t,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let r of Q(e))!L.call(n,r)&&r!==t&&f(n,r,{get:()=>e[r],enumerable:!(s=j(e,r))||s.enumerable});return n};var A=(n,e,t)=>(t=n!=null?V(N(n)):{},k(e||!n||!n.__esModule?f(t,"default",{value:n,enumerable:!0}):t,n)),z=n=>k(f({},"__esModule",{value:!0}),n);var h=(n,e,t)=>(D(n,typeof e!="symbol"?e+"":e,t),t);var G={};_(G,{ArcServer:()=>l});module.exports=z(G);var u=require("@prsm/arc"),P=require("@prsm/duplex"),W=require("events");var d=A(require("crypto"),1),m=require("ecdsa-sig-formatter"),B=["HS256","HS384","HS512","RS256","RS384","RS512"];function F(n){return B.includes(n)}var O={HS256:w(256),HS384:w(384),HS512:w(512),RS256:v(256),RS384:v(384),RS512:v(512),ES256:K(256)};function w(n){function e(s,r){return d.default.createHmac(`sha${n}`,r).update(s).digest("base64")}function t(s,r,i){return e(s,i)===r}return{sign:e,verify:t}}function v(n){let e=`RSA-SHA${n}`;function t(r,i){return d.default.createSign(e).update(r).sign(i.toString(),"base64")}function s(r,i,o){let a=d.default.createVerify(e);return a.update(r),a.verify(o,i,"base64")}return{sign:t,verify:s}}function K(n){let e=`RSA-SHA${n}`;function t(r,i){let o=d.default.createSign(e).update(r).sign({key:i.toString()},"base64");return(0,m.derToJose)(o,`ES${n}`)}function s(r,i,o){i=(0,m.joseToDer)(i,`ES${n}`).toString("base64");let a=d.default.createVerify(e);return a.update(r),a.verify(o,i,"base64")}return{sign:t,verify:s}}function $(n){let e=JSON.stringify(n);return H(Buffer.from(e).toString("base64"))}function R(n){let e=Buffer.from(S(n),"base64").toString("utf-8");return JSON.parse(e)}function H(n){return n.replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function S(n){n=n.toString();let e=4-n.length%4;if(e!==4)for(let t=0;t<e;t++)n+="=";return n.replace(/-/g,"+").replace(/_/g,"/")}function q(n,e,t="HS256"){if(!F(t))throw new Error(`${t} is an invalid algorithm type. Must be one of ${B}`);let s=$({alg:t,type:"JWT"}),r=$(n),i=`${s}.${r}`,o=O[t],a=H(o.sign(i,e));return`${i}.${a}`}function M(n){let e=n.split(".");if(e.length!==3)throw new Error(`Decode expected 3 parts to encoded token, got ${e.length}`);let t=R(e[0]),s=R(e[1]),r=Buffer.from(S(e[2]),"base64");return{header:t,payload:s,signature:r}}function J(n,e,t={}){let s=M(n),{payload:r}=s,i=n.split("."),o=t.alg??s.header.alg,a=Date.now(),g=O[o],c={decoded:s};return(t.sig===void 0||t.sig===!0)&&(c.sig=g.verify(`${i[0]}.${i[1]}`,S(i[2]),e)),r.exp!==void 0&&(c.exp=r.exp<a),r.nbf!==void 0&&(c.nbf=a>=r.nbf),t.iat!==void 0&&(c.iat=r.iat===t.iat),t.iss!==void 0&&(c.iss=r.iss===t.iss),t.jti!==void 0&&(c.jti=r.jti!==t.jti),t.sub!==void 0&&(c.sub=r.sub===t.sub),t.aud!==void 0&&(c.aud=r.aud===t.aud),c}var p=n=>{let e;try{e=J(n,process.env.ACCESS_TOKEN_SECRET||"SECRET")}catch(t){return{valid:!1,reason:`Failed to parse token: ${t.message}`}}return e.sig?{valid:!0}:{valid:!1,reason:"Invalid signature"}};var U=n=>{let e={iat:Date.now(),sub:n,permissions:{}};return q(e,process.env.ACCESS_TOKEN_SECRET||"SECRET")};var T=A(require("crypto"),1),C=class{algorithm;saltLength;constructor(e="sha256",t=64){this.algorithm=e,this.saltLength=t}verify(e,t){let{algorithm:s,salt:r}=this.parse(e);return this.hash(t,s,r)===e}encode(e){let t=T.default.randomBytes(this.saltLength).toString("base64");return this.hash(e,this.algorithm,t)}hash(e,t,s){let r=T.default.createHash(t);return r.update(e),r.update(s,"utf8"),`${t}:${s}:${r.digest("base64")}`}parse(e){let t=e.split(":");if(t.length!==3)throw new Error(`Invalid hash string. Expected 3 parts, got ${t.length}`);let s=t[0],r=t[1],i=t[2];return{algorithm:s,salt:r,digest:i}}},y=new C;var b=class{static init({host:e="localhost",port:t=3351,secure:s=!1}){this.emitter=new W.EventEmitter,this.queryHandler=new x,this.initializeCollections(),this.ensureRootUserExists(),this.createServer(e,t,s)}static initializeCollections(){this.auth.users=new u.Collection({autosync:!0,timestamps:!0,adapter:new u.FSAdapter(".internal","users")}),this.auth.accessTokens=new u.Collection({autosync:!0,timestamps:!0,adapter:new u.FSAdapter(".internal","accessTokens")})}static ensureRootUserExists(){this.auth.users.find({username:"root"}).length||this.auth.users.insert({username:"root",password:y.encode("root")})}static query(e){return this.queryHandler.query(e)}static createUser(e,t){if(this.auth.users.find({username:e})[0])throw new Error("User already exists");this.auth.users.insert({username:e,password:y.encode(t)})}static removeUser(e){if(!this.auth.users.find({username:e})[0])throw new Error("User does not exist");this.auth.users.remove({username:e})}static createServer(e,t,s){this.duplex=new P.CommandServer({host:e,port:t,secure:!1}),this.duplex.command(0,async(r,i)=>{if(this.emitter.emit("auth",{payload:r,connection:i}),!r.username||!r.password)return{error:"Invalid username or password"};let o=this.auth.users.find({username:r.username})[0];if(!o)return{error:"Invalid username or password"};if(!y.verify(o.password,r.password))return{error:"Invalid username or password"};let a=U(r.username);return this.auth.accessTokens.remove({username:r.username}),this.auth.accessTokens.insert({username:r.username,accessToken:a}),{accessToken:a}}),this.duplex.command(2,async(r,i)=>{this.emitter.emit("query",{payload:r,connection:i});let{collection:o,operation:a,data:g,accessToken:c}=r;return p(c).valid?this.queryHandler.query(r):{error:"Invalid access token"}}),this.duplex.command(3,async(r,i)=>{this.emitter.emit("createUser",{payload:r,connection:i});let{username:o,password:a,accessToken:g}=r;if(!o||!a)return{error:"Invalid username or password"};if(!p(g).valid)return{error:"Invalid access token"};try{return b.createUser(o,a),{success:!0}}catch(c){return{error:c.message}}}),this.duplex.command(4,async(r,i)=>{this.emitter.emit("removeUser",{payload:r,connection:i});let{username:o,password:a,accessToken:g}=r;if(!o||!a)return{error:"Invalid username or password"};if(!p(g).valid)return{error:"Invalid access token"};try{return b.removeUser(o),{success:!0}}catch(c){return{error:c.message}}})}},l=b;h(l,"queryHandler"),h(l,"duplex"),h(l,"auth",{}),h(l,"emitter");var I={autosync:!0,timestamps:!0},E=class{collections={};getCollection(e){return this.getOrCreateCollection(e)}getOrCreateCollection(e){if(!this.collections[e]){let t={...I,adapter:new u.FSAdapter(".data",e)};this.collections[e]={collection:new u.Collection(t),options:t}}return this.collections[e].collection}createCollectionWithOptions(e,t={}){if(this.collections[e])throw new Error(`Collection ${e} already exists`);let s={...I,...t,adapter:new u.FSAdapter(".data",e)};return this.collections[e]={collection:new u.Collection(s),options:s},this.collections[e].collection}},x=class{cm;constructor(){this.cm=new E}query(e){if(!e)throw new Error("A payload is required.");if(!e.collection)throw new Error("A query should include a collection property.");if(!e.operation)throw new Error("A query should include an operation property (find, insert, update, remove).");let t=this.cm.getOrCreateCollection(e.collection);if(!t)throw new Error(`The collection ${e.collection} does not exist.`);if(e.operation!=="drop"&&!e?.data?.query)throw new Error("This payload is missing a query.");let s=e?.data?.query||{},r=e?.data?.operations||{},i=e?.data?.options||{};switch(e.operation){case"drop":return t.drop();case"find":return t.find(s,i);case"insert":return t.insert(s);case"update":return t.update(s,r,i);case"remove":return t.remove(s,i);default:throw new Error(`Unsupported operation: "${e.operation}".`)}}};0&&(module.exports={ArcServer}); | ||
| var V=Object.create;var f=Object.defineProperty;var j=Object.getOwnPropertyDescriptor;var Q=Object.getOwnPropertyNames;var N=Object.getPrototypeOf,L=Object.prototype.hasOwnProperty;var D=(n,e,t)=>e in n?f(n,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):n[e]=t;var _=(n,e)=>{for(var t in e)f(n,t,{get:e[t],enumerable:!0})},k=(n,e,t,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let r of Q(e))!L.call(n,r)&&r!==t&&f(n,r,{get:()=>e[r],enumerable:!(s=j(e,r))||s.enumerable});return n};var A=(n,e,t)=>(t=n!=null?V(N(n)):{},k(e||!n||!n.__esModule?f(t,"default",{value:n,enumerable:!0}):t,n)),z=n=>k(f({},"__esModule",{value:!0}),n);var h=(n,e,t)=>(D(n,typeof e!="symbol"?e+"":e,t),t);var G={};_(G,{ArcServer:()=>l});module.exports=z(G);var u=require("@prsm/arc"),I=require("@prsm/duplex"),W=require("events");var g=A(require("crypto"),1),m=require("ecdsa-sig-formatter"),B=["HS256","HS384","HS512","RS256","RS384","RS512"];function F(n){return B.includes(n)}var O={HS256:w(256),HS384:w(384),HS512:w(512),RS256:v(256),RS384:v(384),RS512:v(512),ES256:K(256)};function w(n){function e(s,r){return g.default.createHmac(`sha${n}`,r).update(s).digest("base64")}function t(s,r,i){return e(s,i)===r}return{sign:e,verify:t}}function v(n){let e=`RSA-SHA${n}`;function t(r,i){return g.default.createSign(e).update(r).sign(i.toString(),"base64")}function s(r,i,o){let a=g.default.createVerify(e);return a.update(r),a.verify(o,i,"base64")}return{sign:t,verify:s}}function K(n){let e=`RSA-SHA${n}`;function t(r,i){let o=g.default.createSign(e).update(r).sign({key:i.toString()},"base64");return(0,m.derToJose)(o,`ES${n}`)}function s(r,i,o){i=(0,m.joseToDer)(i,`ES${n}`).toString("base64");let a=g.default.createVerify(e);return a.update(r),a.verify(o,i,"base64")}return{sign:t,verify:s}}function $(n){let e=JSON.stringify(n);return H(Buffer.from(e).toString("base64"))}function R(n){let e=Buffer.from(S(n),"base64").toString("utf-8");return JSON.parse(e)}function H(n){return n.replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function S(n){n=n.toString();let e=4-n.length%4;if(e!==4)for(let t=0;t<e;t++)n+="=";return n.replace(/-/g,"+").replace(/_/g,"/")}function q(n,e,t="HS256"){if(!F(t))throw new Error(`${t} is an invalid algorithm type. Must be one of ${B}`);let s=$({alg:t,type:"JWT"}),r=$(n),i=`${s}.${r}`,o=O[t],a=H(o.sign(i,e));return`${i}.${a}`}function M(n){let e=n.split(".");if(e.length!==3)throw new Error(`Decode expected 3 parts to encoded token, got ${e.length}`);let t=R(e[0]),s=R(e[1]),r=Buffer.from(S(e[2]),"base64");return{header:t,payload:s,signature:r}}function J(n,e,t={}){let s=M(n),{payload:r}=s,i=n.split("."),o=t.alg??s.header.alg,a=Date.now(),d=O[o],c={decoded:s};return(t.sig===void 0||t.sig===!0)&&(c.sig=d.verify(`${i[0]}.${i[1]}`,S(i[2]),e)),r.exp!==void 0&&(c.exp=r.exp<a),r.nbf!==void 0&&(c.nbf=a>=r.nbf),t.iat!==void 0&&(c.iat=r.iat===t.iat),t.iss!==void 0&&(c.iss=r.iss===t.iss),t.jti!==void 0&&(c.jti=r.jti!==t.jti),t.sub!==void 0&&(c.sub=r.sub===t.sub),t.aud!==void 0&&(c.aud=r.aud===t.aud),c}var p=n=>{let e;try{e=J(n,process.env.ACCESS_TOKEN_SECRET||"SECRET")}catch(t){return{valid:!1,reason:`Failed to parse token: ${t.message}`}}return e.sig?{valid:!0}:{valid:!1,reason:"Invalid signature"}},U=n=>{let e={iat:Date.now(),sub:n,permissions:{}};return q(e,process.env.ACCESS_TOKEN_SECRET||"SECRET")};var T=A(require("crypto"),1),C=class{algorithm;saltLength;constructor(e="sha256",t=64){this.algorithm=e,this.saltLength=t}verify(e,t){let{algorithm:s,salt:r}=this.parse(e);return this.hash(t,s,r)===e}encode(e){let t=T.default.randomBytes(this.saltLength).toString("base64");return this.hash(e,this.algorithm,t)}hash(e,t,s){let r=T.default.createHash(t);return r.update(e),r.update(s,"utf8"),`${t}:${s}:${r.digest("base64")}`}parse(e){let t=e.split(":");if(t.length!==3)throw new Error(`Invalid hash string. Expected 3 parts, got ${t.length}`);let s=t[0],r=t[1],i=t[2];return{algorithm:s,salt:r,digest:i}}},y=new C;var b=class{static init({host:e="localhost",port:t=3351,secure:s=!1}){this.emitter=new W.EventEmitter,this.queryHandler=new x,this.initializeCollections(),this.ensureRootUserExists(),this.createServer(e,t,s)}static initializeCollections(){this.auth.users=new u.Collection({autosync:!0,timestamps:!0,adapter:new u.FSAdapter(".internal","users")}),this.auth.accessTokens=new u.Collection({autosync:!0,timestamps:!0,adapter:new u.FSAdapter(".internal","accessTokens")})}static ensureRootUserExists(){this.auth.users.find({username:"root"}).length||this.auth.users.insert({username:"root",password:y.encode("root")})}static query(e){return this.queryHandler.query(e)}static createUser(e,t){if(this.auth.users.find({username:e})[0])throw new Error("User already exists");this.auth.users.insert({username:e,password:y.encode(t)})}static removeUser(e){if(!this.auth.users.find({username:e})[0])throw new Error("User does not exist");this.auth.users.remove({username:e})}static createServer(e,t,s=!1){this.duplex=new I.CommandServer({host:e,port:t,secure:s}),this.duplex.command(0,async(r,i)=>{if(this.emitter.emit("auth",{payload:r,connection:i}),!r.username||!r.password)return{error:"Invalid username or password"};let o=this.auth.users.find({username:r.username})[0];if(!o)return{error:"Invalid username or password"};if(!y.verify(o.password,r.password))return{error:"Invalid username or password"};let a=U(r.username);return this.auth.accessTokens.remove({username:r.username}),this.auth.accessTokens.insert({username:r.username,accessToken:a}),{accessToken:a}}),this.duplex.command(2,async(r,i)=>{this.emitter.emit("query",{payload:r,connection:i});let{accessToken:o}=r;return p(o).valid?this.queryHandler.query(r):{error:"Invalid access token"}}),this.duplex.command(3,async(r,i)=>{this.emitter.emit("createUser",{payload:r,connection:i});let{username:o,password:a,accessToken:d}=r;if(!o||!a)return{error:"Invalid username or password"};if(!p(d).valid)return{error:"Invalid access token"};try{return b.createUser(o,a),{success:!0}}catch(c){return{error:c.message}}}),this.duplex.command(4,async(r,i)=>{this.emitter.emit("removeUser",{payload:r,connection:i});let{username:o,password:a,accessToken:d}=r;if(!o||!a)return{error:"Invalid username or password"};if(!p(d).valid)return{error:"Invalid access token"};try{return b.removeUser(o),{success:!0}}catch(c){return{error:c.message}}})}},l=b;h(l,"queryHandler"),h(l,"duplex"),h(l,"auth",{}),h(l,"emitter");var P={autosync:!0,timestamps:!0},E=class{collections={};getCollection(e){return this.getOrCreateCollection(e)}getOrCreateCollection(e){if(!this.collections[e]){let t={...P,adapter:new u.FSAdapter(".data",e)};this.collections[e]={collection:new u.Collection(t),options:t}}return this.collections[e].collection}createCollectionWithOptions(e,t={}){if(this.collections[e])throw new Error(`Collection ${e} already exists`);let s={...P,...t,adapter:new u.FSAdapter(".data",e)};return this.collections[e]={collection:new u.Collection(s),options:s},this.collections[e].collection}},x=class{cm;constructor(){this.cm=new E}query(e){if(!e)throw new Error("A payload is required.");if(!e.collection)throw new Error("A query should include a collection property.");if(!e.operation)throw new Error("A query should include an operation property (find, insert, update, remove).");let t=this.cm.getOrCreateCollection(e.collection);if(!t)throw new Error(`The collection ${e.collection} does not exist.`);if(e.operation!=="drop"&&!e?.data?.query)throw new Error("This payload is missing a query.");let s=e?.data?.query||{},r=e?.data?.operations||{},i=e?.data?.options||{};switch(e.operation){case"drop":return t.drop();case"find":return t.find(s,i);case"insert":return t.insert(s);case"update":return t.update(s,r,i);case"remove":return t.remove(s,i);default:throw new Error(`Unsupported operation: "${e.operation}".`)}}};0&&(module.exports={ArcServer}); |
+1
-1
@@ -1,1 +0,1 @@ | ||
| var J=Object.defineProperty;var U=(n,e,t)=>e in n?J(n,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):n[e]=t;var g=(n,e,t)=>(U(n,typeof e!="symbol"?e+"":e,t),t);import{Collection as m,FSAdapter as p}from"@prsm/arc";import{CommandServer as Q}from"@prsm/duplex";import{EventEmitter as N}from"node:events";import d from"node:crypto";import{derToJose as I,joseToDer as P}from"ecdsa-sig-formatter";var k=["HS256","HS384","HS512","RS256","RS384","RS512"];function W(n){return k.includes(n)}var A={HS256:b(256),HS384:b(384),HS512:b(512),RS256:w(256),RS384:w(384),RS512:w(512),ES256:V(256)};function b(n){function e(s,r){return d.createHmac(`sha${n}`,r).update(s).digest("base64")}function t(s,r,i){return e(s,i)===r}return{sign:e,verify:t}}function w(n){let e=`RSA-SHA${n}`;function t(r,i){return d.createSign(e).update(r).sign(i.toString(),"base64")}function s(r,i,o){let a=d.createVerify(e);return a.update(r),a.verify(o,i,"base64")}return{sign:t,verify:s}}function V(n){let e=`RSA-SHA${n}`;function t(r,i){let o=d.createSign(e).update(r).sign({key:i.toString()},"base64");return I(o,`ES${n}`)}function s(r,i,o){i=P(i,`ES${n}`).toString("base64");let a=d.createVerify(e);return a.update(r),a.verify(o,i,"base64")}return{sign:t,verify:s}}function E(n){let e=JSON.stringify(n);return $(Buffer.from(e).toString("base64"))}function x(n){let e=Buffer.from(v(n),"base64").toString("utf-8");return JSON.parse(e)}function $(n){return n.replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function v(n){n=n.toString();let e=4-n.length%4;if(e!==4)for(let t=0;t<e;t++)n+="=";return n.replace(/-/g,"+").replace(/_/g,"/")}function R(n,e,t="HS256"){if(!W(t))throw new Error(`${t} is an invalid algorithm type. Must be one of ${k}`);let s=E({alg:t,type:"JWT"}),r=E(n),i=`${s}.${r}`,o=A[t],a=$(o.sign(i,e));return`${i}.${a}`}function j(n){let e=n.split(".");if(e.length!==3)throw new Error(`Decode expected 3 parts to encoded token, got ${e.length}`);let t=x(e[0]),s=x(e[1]),r=Buffer.from(v(e[2]),"base64");return{header:t,payload:s,signature:r}}function B(n,e,t={}){let s=j(n),{payload:r}=s,i=n.split("."),o=t.alg??s.header.alg,a=Date.now(),l=A[o],c={decoded:s};return(t.sig===void 0||t.sig===!0)&&(c.sig=l.verify(`${i[0]}.${i[1]}`,v(i[2]),e)),r.exp!==void 0&&(c.exp=r.exp<a),r.nbf!==void 0&&(c.nbf=a>=r.nbf),t.iat!==void 0&&(c.iat=r.iat===t.iat),t.iss!==void 0&&(c.iss=r.iss===t.iss),t.jti!==void 0&&(c.jti=r.jti!==t.jti),t.sub!==void 0&&(c.sub=r.sub===t.sub),t.aud!==void 0&&(c.aud=r.aud===t.aud),c}var f=n=>{let e;try{e=B(n,process.env.ACCESS_TOKEN_SECRET||"SECRET")}catch(t){return{valid:!1,reason:`Failed to parse token: ${t.message}`}}return e.sig?{valid:!0}:{valid:!1,reason:"Invalid signature"}};var O=n=>{let e={iat:Date.now(),sub:n,permissions:{}};return R(e,process.env.ACCESS_TOKEN_SECRET||"SECRET")};import H from"crypto";var S=class{algorithm;saltLength;constructor(e="sha256",t=64){this.algorithm=e,this.saltLength=t}verify(e,t){let{algorithm:s,salt:r}=this.parse(e);return this.hash(t,s,r)===e}encode(e){let t=H.randomBytes(this.saltLength).toString("base64");return this.hash(e,this.algorithm,t)}hash(e,t,s){let r=H.createHash(t);return r.update(e),r.update(s,"utf8"),`${t}:${s}:${r.digest("base64")}`}parse(e){let t=e.split(":");if(t.length!==3)throw new Error(`Invalid hash string. Expected 3 parts, got ${t.length}`);let s=t[0],r=t[1],i=t[2];return{algorithm:s,salt:r,digest:i}}},h=new S;var y=class{static init({host:e="localhost",port:t=3351,secure:s=!1}){this.emitter=new N,this.queryHandler=new C,this.initializeCollections(),this.ensureRootUserExists(),this.createServer(e,t,s)}static initializeCollections(){this.auth.users=new m({autosync:!0,timestamps:!0,adapter:new p(".internal","users")}),this.auth.accessTokens=new m({autosync:!0,timestamps:!0,adapter:new p(".internal","accessTokens")})}static ensureRootUserExists(){this.auth.users.find({username:"root"}).length||this.auth.users.insert({username:"root",password:h.encode("root")})}static query(e){return this.queryHandler.query(e)}static createUser(e,t){if(this.auth.users.find({username:e})[0])throw new Error("User already exists");this.auth.users.insert({username:e,password:h.encode(t)})}static removeUser(e){if(!this.auth.users.find({username:e})[0])throw new Error("User does not exist");this.auth.users.remove({username:e})}static createServer(e,t,s){this.duplex=new Q({host:e,port:t,secure:!1}),this.duplex.command(0,async(r,i)=>{if(this.emitter.emit("auth",{payload:r,connection:i}),!r.username||!r.password)return{error:"Invalid username or password"};let o=this.auth.users.find({username:r.username})[0];if(!o)return{error:"Invalid username or password"};if(!h.verify(o.password,r.password))return{error:"Invalid username or password"};let a=O(r.username);return this.auth.accessTokens.remove({username:r.username}),this.auth.accessTokens.insert({username:r.username,accessToken:a}),{accessToken:a}}),this.duplex.command(2,async(r,i)=>{this.emitter.emit("query",{payload:r,connection:i});let{collection:o,operation:a,data:l,accessToken:c}=r;return f(c).valid?this.queryHandler.query(r):{error:"Invalid access token"}}),this.duplex.command(3,async(r,i)=>{this.emitter.emit("createUser",{payload:r,connection:i});let{username:o,password:a,accessToken:l}=r;if(!o||!a)return{error:"Invalid username or password"};if(!f(l).valid)return{error:"Invalid access token"};try{return y.createUser(o,a),{success:!0}}catch(c){return{error:c.message}}}),this.duplex.command(4,async(r,i)=>{this.emitter.emit("removeUser",{payload:r,connection:i});let{username:o,password:a,accessToken:l}=r;if(!o||!a)return{error:"Invalid username or password"};if(!f(l).valid)return{error:"Invalid access token"};try{return y.removeUser(o),{success:!0}}catch(c){return{error:c.message}}})}},u=y;g(u,"queryHandler"),g(u,"duplex"),g(u,"auth",{}),g(u,"emitter");var q={autosync:!0,timestamps:!0},T=class{collections={};getCollection(e){return this.getOrCreateCollection(e)}getOrCreateCollection(e){if(!this.collections[e]){let t={...q,adapter:new p(".data",e)};this.collections[e]={collection:new m(t),options:t}}return this.collections[e].collection}createCollectionWithOptions(e,t={}){if(this.collections[e])throw new Error(`Collection ${e} already exists`);let s={...q,...t,adapter:new p(".data",e)};return this.collections[e]={collection:new m(s),options:s},this.collections[e].collection}},C=class{cm;constructor(){this.cm=new T}query(e){if(!e)throw new Error("A payload is required.");if(!e.collection)throw new Error("A query should include a collection property.");if(!e.operation)throw new Error("A query should include an operation property (find, insert, update, remove).");let t=this.cm.getOrCreateCollection(e.collection);if(!t)throw new Error(`The collection ${e.collection} does not exist.`);if(e.operation!=="drop"&&!e?.data?.query)throw new Error("This payload is missing a query.");let s=e?.data?.query||{},r=e?.data?.operations||{},i=e?.data?.options||{};switch(e.operation){case"drop":return t.drop();case"find":return t.find(s,i);case"insert":return t.insert(s);case"update":return t.update(s,r,i);case"remove":return t.remove(s,i);default:throw new Error(`Unsupported operation: "${e.operation}".`)}}};export{u as ArcServer}; | ||
| var J=Object.defineProperty;var U=(n,e,t)=>e in n?J(n,e,{enumerable:!0,configurable:!0,writable:!0,value:t}):n[e]=t;var g=(n,e,t)=>(U(n,typeof e!="symbol"?e+"":e,t),t);import{Collection as m,FSAdapter as p}from"@prsm/arc";import{CommandServer as Q}from"@prsm/duplex";import{EventEmitter as N}from"node:events";import d from"node:crypto";import{derToJose as P,joseToDer as I}from"ecdsa-sig-formatter";var k=["HS256","HS384","HS512","RS256","RS384","RS512"];function W(n){return k.includes(n)}var A={HS256:b(256),HS384:b(384),HS512:b(512),RS256:w(256),RS384:w(384),RS512:w(512),ES256:V(256)};function b(n){function e(s,r){return d.createHmac(`sha${n}`,r).update(s).digest("base64")}function t(s,r,i){return e(s,i)===r}return{sign:e,verify:t}}function w(n){let e=`RSA-SHA${n}`;function t(r,i){return d.createSign(e).update(r).sign(i.toString(),"base64")}function s(r,i,o){let a=d.createVerify(e);return a.update(r),a.verify(o,i,"base64")}return{sign:t,verify:s}}function V(n){let e=`RSA-SHA${n}`;function t(r,i){let o=d.createSign(e).update(r).sign({key:i.toString()},"base64");return P(o,`ES${n}`)}function s(r,i,o){i=I(i,`ES${n}`).toString("base64");let a=d.createVerify(e);return a.update(r),a.verify(o,i,"base64")}return{sign:t,verify:s}}function E(n){let e=JSON.stringify(n);return $(Buffer.from(e).toString("base64"))}function x(n){let e=Buffer.from(v(n),"base64").toString("utf-8");return JSON.parse(e)}function $(n){return n.replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function v(n){n=n.toString();let e=4-n.length%4;if(e!==4)for(let t=0;t<e;t++)n+="=";return n.replace(/-/g,"+").replace(/_/g,"/")}function R(n,e,t="HS256"){if(!W(t))throw new Error(`${t} is an invalid algorithm type. Must be one of ${k}`);let s=E({alg:t,type:"JWT"}),r=E(n),i=`${s}.${r}`,o=A[t],a=$(o.sign(i,e));return`${i}.${a}`}function j(n){let e=n.split(".");if(e.length!==3)throw new Error(`Decode expected 3 parts to encoded token, got ${e.length}`);let t=x(e[0]),s=x(e[1]),r=Buffer.from(v(e[2]),"base64");return{header:t,payload:s,signature:r}}function B(n,e,t={}){let s=j(n),{payload:r}=s,i=n.split("."),o=t.alg??s.header.alg,a=Date.now(),l=A[o],c={decoded:s};return(t.sig===void 0||t.sig===!0)&&(c.sig=l.verify(`${i[0]}.${i[1]}`,v(i[2]),e)),r.exp!==void 0&&(c.exp=r.exp<a),r.nbf!==void 0&&(c.nbf=a>=r.nbf),t.iat!==void 0&&(c.iat=r.iat===t.iat),t.iss!==void 0&&(c.iss=r.iss===t.iss),t.jti!==void 0&&(c.jti=r.jti!==t.jti),t.sub!==void 0&&(c.sub=r.sub===t.sub),t.aud!==void 0&&(c.aud=r.aud===t.aud),c}var f=n=>{let e;try{e=B(n,process.env.ACCESS_TOKEN_SECRET||"SECRET")}catch(t){return{valid:!1,reason:`Failed to parse token: ${t.message}`}}return e.sig?{valid:!0}:{valid:!1,reason:"Invalid signature"}},O=n=>{let e={iat:Date.now(),sub:n,permissions:{}};return R(e,process.env.ACCESS_TOKEN_SECRET||"SECRET")};import H from"crypto";var S=class{algorithm;saltLength;constructor(e="sha256",t=64){this.algorithm=e,this.saltLength=t}verify(e,t){let{algorithm:s,salt:r}=this.parse(e);return this.hash(t,s,r)===e}encode(e){let t=H.randomBytes(this.saltLength).toString("base64");return this.hash(e,this.algorithm,t)}hash(e,t,s){let r=H.createHash(t);return r.update(e),r.update(s,"utf8"),`${t}:${s}:${r.digest("base64")}`}parse(e){let t=e.split(":");if(t.length!==3)throw new Error(`Invalid hash string. Expected 3 parts, got ${t.length}`);let s=t[0],r=t[1],i=t[2];return{algorithm:s,salt:r,digest:i}}},h=new S;var y=class{static init({host:e="localhost",port:t=3351,secure:s=!1}){this.emitter=new N,this.queryHandler=new C,this.initializeCollections(),this.ensureRootUserExists(),this.createServer(e,t,s)}static initializeCollections(){this.auth.users=new m({autosync:!0,timestamps:!0,adapter:new p(".internal","users")}),this.auth.accessTokens=new m({autosync:!0,timestamps:!0,adapter:new p(".internal","accessTokens")})}static ensureRootUserExists(){this.auth.users.find({username:"root"}).length||this.auth.users.insert({username:"root",password:h.encode("root")})}static query(e){return this.queryHandler.query(e)}static createUser(e,t){if(this.auth.users.find({username:e})[0])throw new Error("User already exists");this.auth.users.insert({username:e,password:h.encode(t)})}static removeUser(e){if(!this.auth.users.find({username:e})[0])throw new Error("User does not exist");this.auth.users.remove({username:e})}static createServer(e,t,s=!1){this.duplex=new Q({host:e,port:t,secure:s}),this.duplex.command(0,async(r,i)=>{if(this.emitter.emit("auth",{payload:r,connection:i}),!r.username||!r.password)return{error:"Invalid username or password"};let o=this.auth.users.find({username:r.username})[0];if(!o)return{error:"Invalid username or password"};if(!h.verify(o.password,r.password))return{error:"Invalid username or password"};let a=O(r.username);return this.auth.accessTokens.remove({username:r.username}),this.auth.accessTokens.insert({username:r.username,accessToken:a}),{accessToken:a}}),this.duplex.command(2,async(r,i)=>{this.emitter.emit("query",{payload:r,connection:i});let{accessToken:o}=r;return f(o).valid?this.queryHandler.query(r):{error:"Invalid access token"}}),this.duplex.command(3,async(r,i)=>{this.emitter.emit("createUser",{payload:r,connection:i});let{username:o,password:a,accessToken:l}=r;if(!o||!a)return{error:"Invalid username or password"};if(!f(l).valid)return{error:"Invalid access token"};try{return y.createUser(o,a),{success:!0}}catch(c){return{error:c.message}}}),this.duplex.command(4,async(r,i)=>{this.emitter.emit("removeUser",{payload:r,connection:i});let{username:o,password:a,accessToken:l}=r;if(!o||!a)return{error:"Invalid username or password"};if(!f(l).valid)return{error:"Invalid access token"};try{return y.removeUser(o),{success:!0}}catch(c){return{error:c.message}}})}},u=y;g(u,"queryHandler"),g(u,"duplex"),g(u,"auth",{}),g(u,"emitter");var q={autosync:!0,timestamps:!0},T=class{collections={};getCollection(e){return this.getOrCreateCollection(e)}getOrCreateCollection(e){if(!this.collections[e]){let t={...q,adapter:new p(".data",e)};this.collections[e]={collection:new m(t),options:t}}return this.collections[e].collection}createCollectionWithOptions(e,t={}){if(this.collections[e])throw new Error(`Collection ${e} already exists`);let s={...q,...t,adapter:new p(".data",e)};return this.collections[e]={collection:new m(s),options:s},this.collections[e].collection}},C=class{cm;constructor(){this.cm=new T}query(e){if(!e)throw new Error("A payload is required.");if(!e.collection)throw new Error("A query should include a collection property.");if(!e.operation)throw new Error("A query should include an operation property (find, insert, update, remove).");let t=this.cm.getOrCreateCollection(e.collection);if(!t)throw new Error(`The collection ${e.collection} does not exist.`);if(e.operation!=="drop"&&!e?.data?.query)throw new Error("This payload is missing a query.");let s=e?.data?.query||{},r=e?.data?.operations||{},i=e?.data?.options||{};switch(e.operation){case"drop":return t.drop();case"find":return t.find(s,i);case"insert":return t.insert(s);case"update":return t.update(s,r,i);case"remove":return t.remove(s,i);default:throw new Error(`Unsupported operation: "${e.operation}".`)}}};export{u as ArcServer}; |
+2
-2
| { | ||
| "name": "@prsm/arc-server", | ||
| "version": "1.2.8", | ||
| "version": "1.3.0", | ||
| "description": "", | ||
@@ -26,3 +26,3 @@ "author": "nvms", | ||
| "@prsm/arc": "^2.2.4", | ||
| "@prsm/duplex": "^1.1.6", | ||
| "@prsm/duplex": "^1.1.8", | ||
| "ecdsa-sig-formatter": "^1.0.11" | ||
@@ -29,0 +29,0 @@ }, |
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
19197
-0.35%Dependency changes
Updated
@prsm/duplex@^1.1.8