UNPKG

226 kBTypeScriptView Raw
1/* + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
2 + +
3 + +
4 + +
5 + WARNING: BACKWARDS INCOMPATIBLE +
6 + +
7 + +
8 + +
9 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + */
10
11/// <reference types='node' />
12
13import * as Boom from "boom";
14import * as http from "http";
15import * as https from "https";
16import * as Shot from "shot";
17import * as stream from "stream";
18import * as url from "url";
19import * as zlib from "zlib";
20
21import { SealOptions, SealOptionsSub } from "iron";
22import { Schema, SchemaMap, ValidationOptions } from "joi";
23import { MimosOptions } from "mimos";
24import Podium = require("podium");
25import {
26 ClientApi,
27 ClientOptions,
28 EnginePrototype,
29 EnginePrototypeOrObject,
30 Policy,
31 PolicyOptions,
32 PolicyOptionVariants,
33} from "catbox";
34
35/* + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
36 + +
37 + +
38 + +
39 + Plugin +
40 + +
41 + +
42 + +
43 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + */
44
45/**
46 * one of
47 * a single plugin name string.
48 * an array of plugin name strings.
49 * an object where each key is a plugin name and each matching value is a
50 * {@link https://www.npmjs.com/package/semver version range string} which must match the registered
51 * plugin version.
52 */
53export type Dependencies = string | string[] | {
54 [key: string]: string;
55};
56
57/**
58 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-serverregistrations)
59 */
60
61/* eslint-disable-next-line @typescript-eslint/no-empty-interface */
62export interface PluginsListRegistered {
63}
64
65/**
66 * An object of the currently registered plugins where each key is a registered plugin name and the value is an
67 * object containing:
68 * * version - the plugin version.
69 * * name - the plugin name.
70 * * options - (optional) options passed to the plugin during registration.
71 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-serverregistrations)
72 */
73export interface PluginRegistered {
74 /**
75 * the plugin version.
76 */
77 version: string;
78
79 /**
80 * the plugin name.
81 */
82 name: string;
83
84 /**
85 * options used to register the plugin.
86 */
87 options: object;
88}
89
90/* eslint-disable-next-line @typescript-eslint/no-empty-interface */
91export interface PluginsStates {
92}
93
94/* eslint-disable-next-line @typescript-eslint/no-empty-interface */
95export interface PluginSpecificConfiguration {
96}
97
98export interface PluginNameVersion {
99 /**
100 * (required) the plugin name string. The name is used as a unique key. Published plugins (e.g. published in the npm
101 * registry) should use the same name as the name field in their 'package.json' file. Names must be
102 * unique within each application.
103 */
104 name: string;
105
106 /**
107 * optional plugin version. The version is only used informatively to enable other plugins to find out the versions loaded. The version should be the same as the one specified in the plugin's
108 * 'package.json' file.
109 */
110 version?: string | undefined;
111}
112
113export interface PluginPackage {
114 /**
115 * Alternatively, the name and version can be included via the pkg property containing the 'package.json' file for the module which already has the name and version included
116 */
117 pkg: any;
118}
119
120/**
121 * Plugins provide a way to organize application code by splitting the server logic into smaller components. Each
122 * plugin can manipulate the server through the standard server interface, but with the added ability to sandbox
123 * certain properties. For example, setting a file path in one plugin doesn't affect the file path set
124 * in another plugin.
125 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#plugins)
126 *
127 * The type T is the type of the plugin options.
128 */
129export interface PluginBase<T> {
130 /**
131 * (required) the registration function with the signature async function(server, options) where:
132 * * server - the server object with a plugin-specific server.realm.
133 * * options - any options passed to the plugin during registration via server.register().
134 */
135 register: (server: Server, options: T) => void | Promise<void>;
136
137 /** (optional) if true, allows the plugin to be registered multiple times with the same server. Defaults to false. */
138 multiple?: boolean | undefined;
139
140 /** (optional) a string or an array of strings indicating a plugin dependency. Same as setting dependencies via server.dependency(). */
141 dependencies?: Dependencies | undefined;
142
143 /**
144 * Allows defining semver requirements for node and hapi.
145 * @default Allows all.
146 */
147 requirements?: {
148 node?: string | undefined;
149 hapi?: string | undefined;
150 } | undefined;
151
152 /** once - (optional) if true, will only register the plugin once per server. If set, overrides the once option passed to server.register(). Defaults to no override. */
153 once?: boolean | undefined;
154}
155
156export type Plugin<T> = PluginBase<T> & (PluginNameVersion | PluginPackage);
157
158/* + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
159 + +
160 + +
161 + +
162 + Request +
163 + +
164 + +
165 + +
166 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + */
167
168/**
169 * User extensible types user credentials.
170 */
171// eslint-disable-next-line @typescript-eslint/no-empty-interface
172export interface UserCredentials {
173}
174
175/**
176 * User extensible types app credentials.
177 */
178// eslint-disable-next-line @typescript-eslint/no-empty-interface
179export interface AppCredentials {
180}
181
182/**
183 * User-extensible type for request.auth credentials.
184 */
185export interface AuthCredentials {
186 /**
187 * The application scopes to be granted.
188 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsauthaccessscope)
189 */
190 scope?: string[] | undefined;
191 /**
192 * If set, will only work with routes that set `access.entity` to `user`.
193 */
194 user?: UserCredentials | undefined;
195
196 /**
197 * If set, will only work with routes that set `access.entity` to `app`.
198 */
199 app?: AppCredentials | undefined;
200}
201
202/**
203 * Authentication information:
204 * * artifacts - an artifact object received from the authentication strategy and used in authentication-related actions.
205 * * credentials - the credential object received during the authentication process. The presence of an object does not mean successful authentication.
206 * * error - the authentication error is failed and mode set to 'try'.
207 * * isAuthenticated - true if the request has been successfully authenticated, otherwise false.
208 * * isAuthorized - true is the request has been successfully authorized against the route authentication access configuration. If the route has not access rules defined or if the request failed
209 * authorization, set to false.
210 * * mode - the route authentication mode.
211 * * strategy - the name of the strategy used.
212 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestauth)
213 */
214export interface RequestAuth {
215 /** an artifact object received from the authentication strategy and used in authentication-related actions. */
216 artifacts: object;
217 /** the credential object received during the authentication process. The presence of an object does not mean successful authentication. */
218 credentials: AuthCredentials;
219 /** the authentication error is failed and mode set to 'try'. */
220 error: Error;
221 /** true if the request has been successfully authenticated, otherwise false. */
222 isAuthenticated: boolean;
223 /**
224 * true is the request has been successfully authorized against the route authentication access configuration. If the route has not access rules defined or if the request failed authorization,
225 * set to false.
226 */
227 isAuthorized: boolean;
228 /** the route authentication mode. */
229 mode: string;
230 /** the name of the strategy used. */
231 strategy: string;
232}
233
234/**
235 * 'peek' - emitted for each chunk of payload data read from the client connection. The event method signature is function(chunk, encoding).
236 * 'finish' - emitted when the request payload finished reading. The event method signature is function ().
237 * 'disconnect' - emitted when a request errors or aborts unexpectedly.
238 * For context [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestevents)
239 */
240export type RequestEventType = "peek" | "finish" | "disconnect";
241
242/**
243 * Access: read only and the public podium interface.
244 * The request.events supports the following events:
245 * * 'peek' - emitted for each chunk of payload data read from the client connection. The event method signature is function(chunk, encoding).
246 * * 'finish' - emitted when the request payload finished reading. The event method signature is function ().
247 * * 'disconnect' - emitted when a request errors or aborts unexpectedly.
248 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestevents)
249 */
250export interface RequestEvents extends Podium {
251 /**
252 * Access: read only and the public podium interface.
253 * The request.events supports the following events:
254 * * 'peek' - emitted for each chunk of payload data read from the client connection. The event method signature is function(chunk, encoding).
255 * * 'finish' - emitted when the request payload finished reading. The event method signature is function ().
256 * * 'disconnect' - emitted when a request errors or aborts unexpectedly.
257 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestevents)
258 */
259 on(criteria: "peek", listener: PeekListener): void;
260
261 on(criteria: "finish" | "disconnect", listener: (data: undefined) => void): void;
262
263 /**
264 * Access: read only and the public podium interface.
265 * The request.events supports the following events:
266 * * 'peek' - emitted for each chunk of payload data read from the client connection. The event method signature is function(chunk, encoding).
267 * * 'finish' - emitted when the request payload finished reading. The event method signature is function ().
268 * * 'disconnect' - emitted when a request errors or aborts unexpectedly.
269 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestevents)
270 */
271 once(criteria: "peek", listener: PeekListener): void;
272
273 once(criteria: "finish" | "disconnect", listener: (data: undefined) => void): void;
274}
275
276/**
277 * Request information:
278 * * acceptEncoding - the request preferred encoding.
279 * * cors - if CORS is enabled for the route, contains the following:
280 * * isOriginMatch - true if the request 'Origin' header matches the configured CORS restrictions. Set to false if no 'Origin' header is found or if it does not match. Note that this is only
281 * available after the 'onRequest' extension point as CORS is configured per-route and no routing decisions are made at that point in the request lifecycle.
282 * * host - content of the HTTP 'Host' header (e.g. 'example.com:8080').
283 * * hostname - the hostname part of the 'Host' header (e.g. 'example.com').
284 * * id - a unique request identifier (using the format '{now}:{connection.info.id}:{5 digits counter}').
285 * * received - request reception timestamp.
286 * * referrer - content of the HTTP 'Referrer' (or 'Referer') header.
287 * * remoteAddress - remote client IP address.
288 * * remotePort - remote client port.
289 * * responded - request response timestamp (0 is not responded yet).
290 * Note that the request.info object is not meant to be modified.
291 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestinfo)
292 */
293export interface RequestInfo {
294 /** the request preferred encoding. */
295 acceptEncoding: string;
296 /** if CORS is enabled for the route, contains the following: */
297 cors: {
298 /**
299 * true if the request 'Origin' header matches the configured CORS restrictions. Set to false if no 'Origin' header is found or if it does not match. Note that this is only available after
300 * the 'onRequest' extension point as CORS is configured per-route and no routing decisions are made at that point in the request lifecycle.
301 */
302 isOriginMatch?: boolean | undefined;
303 };
304 /** content of the HTTP 'Host' header (e.g. 'example.com:8080'). */
305 host: string;
306 /** the hostname part of the 'Host' header (e.g. 'example.com'). */
307 hostname: string;
308 /** a unique request identifier (using the format '{now}:{connection.info.id}:{5 digits counter}') */
309 id: string;
310 /** request reception timestamp. */
311 received: number;
312 /** content of the HTTP 'Referrer' (or 'Referer') header. */
313 referrer: string;
314 /** remote client IP address. */
315 remoteAddress: string;
316 /** remote client port. */
317 remotePort: string;
318 /** request response timestamp (0 is not responded yet). */
319 responded: number;
320 /** request processing completion timestamp (0 is still processing). */
321 completed: number;
322}
323
324/**
325 * The request route information object, where:
326 * * method - the route HTTP method.
327 * * path - the route path.
328 * * vhost - the route vhost option if configured.
329 * * realm - the active realm associated with the route.
330 * * settings - the route options object with all defaults applied.
331 * * fingerprint - the route internal normalized string representing the normalized path.
332 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestroute)
333 */
334export interface RequestRoute {
335 /** the route HTTP method. */
336 method: Util.HTTP_METHODS_PARTIAL;
337
338 /** the route path. */
339 path: string;
340
341 /** the route vhost option if configured. */
342 vhost?: string | string[] | undefined;
343
344 /** the active realm associated with the route. */
345 realm: ServerRealm;
346
347 /** the route options object with all defaults applied. */
348 settings: RouteOptions;
349
350 /** the route internal normalized string representing the normalized path. */
351 fingerprint: string;
352
353 auth: {
354 /**
355 * Validates a request against the route's authentication access configuration, where:
356 * @param request - the request object.
357 * @return Return value: true if the request would have passed the route's access requirements.
358 * Note that the route's authentication mode and strategies are ignored. The only match is made between the request.auth.credentials scope and entity information and the route access
359 * configuration. If the route uses dynamic scopes, the scopes are constructed against the request.query, request.params, request.payload, and request.auth.credentials which may or may
360 * not match between the route and the request's route. If this method is called using a request that has not been authenticated (yet or not at all), it will return false if the route
361 * requires any authentication.
362 * [See docs](https://hapijs.com/api/17.0.1#-requestrouteauthaccessrequest)
363 */
364 access(request: Request): boolean;
365 };
366}
367
368/**
369 * An object containing the values of params, query, and payload before any validation modifications made. Only set when input validation is performed.
370 * For context [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestorig)
371 */
372export interface RequestOrig {
373 params: object;
374 query: object;
375 payload: object;
376}
377
378export interface RequestLog {
379 request: string;
380 timestamp: number;
381 tags: string[];
382 data: string | object;
383 channel: string;
384}
385
386export interface RequestQuery {
387 [key: string]: string | string[];
388}
389
390/**
391 * The request object is created internally for each incoming request. It is not the same object received from the node
392 * HTTP server callback (which is available via [request.raw.req](https://github.com/hapijs/hapi/blob/master/API.md#request.raw)). The request properties change throughout
393 * the request [lifecycle](https://github.com/hapijs/hapi/blob/master/API.md#request-lifecycle).
394 */
395export interface Request extends Podium {
396 /**
397 * Application-specific state. Provides a safe place to store application data without potential conflicts with the framework. Should not be used by plugins which should use plugins[name].
398 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestapp)
399 */
400 app: ApplicationState;
401
402 /**
403 * Authentication information:
404 * * artifacts - an artifact object received from the authentication strategy and used in authentication-related actions.
405 * * credentials - the credential object received during the authentication process. The presence of an object does not mean successful authentication.
406 * * error - the authentication error is failed and mode set to 'try'.
407 * * isAuthenticated - true if the request has been successfully authenticated, otherwise false.
408 * * isAuthorized - true is the request has been successfully authorized against the route authentication access configuration. If the route has not access rules defined or if the request failed
409 * authorization, set to false.
410 * * mode - the route authentication mode.
411 * * strategy - the name of the strategy used.
412 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestauth)
413 */
414 readonly auth: RequestAuth;
415
416 /**
417 * Access: read only and the public podium interface.
418 * The request.events supports the following events:
419 * * 'peek' - emitted for each chunk of payload data read from the client connection. The event method signature is function(chunk, encoding).
420 * * 'finish' - emitted when the request payload finished reading. The event method signature is function ().
421 * * 'disconnect' - emitted when a request errors or aborts unexpectedly.
422 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestevents)
423 */
424 events: RequestEvents;
425
426 /**
427 * The raw request headers (references request.raw.req.headers).
428 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestheaders)
429 */
430 readonly headers: Util.Dictionary<string>;
431
432 /**
433 * Request information:
434 * * acceptEncoding - the request preferred encoding.
435 * * cors - if CORS is enabled for the route, contains the following:
436 * * isOriginMatch - true if the request 'Origin' header matches the configured CORS restrictions. Set to false if no 'Origin' header is found or if it does not match. Note that this is only
437 * available after the 'onRequest' extension point as CORS is configured per-route and no routing decisions are made at that point in the request lifecycle.
438 * * host - content of the HTTP 'Host' header (e.g. 'example.com:8080').
439 * * hostname - the hostname part of the 'Host' header (e.g. 'example.com').
440 * * id - a unique request identifier (using the format '{now}:{connection.info.id}:{5 digits counter}').
441 * * received - request reception timestamp.
442 * * referrer - content of the HTTP 'Referrer' (or 'Referer') header.
443 * * remoteAddress - remote client IP address.
444 * * remotePort - remote client port.
445 * * responded - request response timestamp (0 is not responded yet).
446 * Note that the request.info object is not meant to be modified.
447 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestinfo)
448 */
449 readonly info: RequestInfo;
450
451 /**
452 * An array containing the logged request events.
453 * Note that this array will be empty if route log.collect is set to false.
454 */
455 readonly logs: RequestLog[];
456
457 /**
458 * The request method in lower case (e.g. 'get', 'post').
459 */
460 readonly method: Util.HTTP_METHODS_PARTIAL_LOWERCASE;
461
462 /**
463 * The parsed content-type header. Only available when payload parsing enabled and no payload error occurred.
464 */
465 readonly mime: string;
466
467 /**
468 * An object containing the values of params, query, and payload before any validation modifications made. Only set when input validation is performed.
469 */
470 readonly orig: RequestOrig;
471
472 /**
473 * An object where each key is a path parameter name with matching value as described in [Path parameters](https://github.com/hapijs/hapi/blob/master/API.md#path-parameters).
474 */
475 readonly params: Util.Dictionary<string>;
476
477 /**
478 * An array containing all the path params values in the order they appeared in the path.
479 */
480 readonly paramsArray: string[];
481
482 /**
483 * The request URI's pathname component.
484 */
485 readonly path: string;
486
487 /**
488 * The request payload based on the route payload.output and payload.parse settings.
489 * TODO check this typing and add references / links.
490 */
491 readonly payload: stream.Readable | Buffer | string | object;
492
493 /**
494 * Plugin-specific state. Provides a place to store and pass request-level plugin data. The plugins is an object where each key is a plugin name and the value is the state.
495 */
496 plugins: PluginsStates;
497
498 /**
499 * An object where each key is the name assigned by a route pre-handler methods function. The values are the raw values provided to the continuation function as argument. For the wrapped response
500 * object, use responses.
501 */
502 readonly pre: Util.Dictionary<any>;
503
504 /**
505 * Access: read / write (see limitations below).
506 * The response object when set. The object can be modified but must not be assigned another object. To replace the response with another from within an extension point, use reply(response) to
507 * override with a different response.
508 * In case of an aborted request the status code will be set to `disconnectStatusCode`.
509 */
510 response: ResponseObject | Boom;
511
512 /**
513 * Same as pre but represented as the response object created by the pre method.
514 */
515 readonly preResponses: Util.Dictionary<any>;
516
517 /**
518 * By default the object outputted from node's URL parse() method.
519 */
520 readonly query: RequestQuery;
521
522 /**
523 * An object containing the Node HTTP server objects. Direct interaction with these raw objects is not recommended.
524 * * req - the node request object.
525 * * res - the node response object.
526 */
527 readonly raw: {
528 req: http.IncomingMessage;
529 res: http.ServerResponse;
530 };
531
532 /**
533 * The request route information object and method
534 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestroute)
535 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestrouteauthaccessrequest)
536 */
537 readonly route: RequestRoute;
538
539 /**
540 * Access: read only and the public server interface.
541 * The server object.
542 */
543 server: Server;
544
545 /**
546 * An object containing parsed HTTP state information (cookies) where each key is the cookie name and value is the matching cookie content after processing using any registered cookie definition.
547 */
548 readonly state: Util.Dictionary<any>;
549
550 /**
551 * The parsed request URI.
552 */
553 readonly url: url.URL;
554
555 /**
556 * Returns `true` when the request is active and processing should continue and `false` when the
557 * request terminated early or completed its lifecycle. Useful when request processing is a
558 * resource-intensive operation and should be terminated early if the request is no longer active
559 * (e.g. client disconnected or aborted early).
560 */
561 active(): boolean;
562
563 /**
564 * Returns a response which you can pass into the reply interface where:
565 * @param source - the value to set as the source of the reply interface, optional.
566 * @param options - options for the method, optional.
567 * @return ResponseObject
568 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestgenerateresponsesource-options)
569 */
570 generateResponse(
571 source: string | object | null,
572 options?: {
573 variety?: string | undefined;
574 prepare?: ((response: ResponseObject) => Promise<ResponseObject>) | undefined;
575 marshal?: ((response: ResponseObject) => Promise<ResponseValue>) | undefined;
576 close?: ((response: ResponseObject) => void) | undefined;
577 },
578 ): ResponseObject;
579
580 /**
581 * Logs request-specific events. When called, the server emits a 'request' event which can be used by other listeners or plugins. The arguments are:
582 * @param tags - a string or an array of strings (e.g. ['error', 'database', 'read']) used to identify the event. Tags are used instead of log levels and provide a much more expressive mechanism
583 * for describing and filtering events.
584 * @param data - (optional) an message string or object with the application data being logged. If data is a function, the function signature is function() and it called once to generate (return
585 * value) the actual data emitted to the listeners. Any logs generated by the server internally will be emitted only on the 'request-internal' channel and will include the event.internal flag
586 * set to true.
587 * @return void
588 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-requestlogtags-data)
589 */
590 log(tags: string | string[], data?: string | object | (() => string | object)): void;
591
592 /**
593 * Changes the request method before the router begins processing the request where:
594 * @param method - is the request HTTP method (e.g. 'GET').
595 * @return void
596 * Can only be called from an 'onRequest' extension method.
597 * [See docs](https://hapijs.com/api/17.0.1#-requestsetmethodmethod)
598 */
599 setMethod(method: Util.HTTP_METHODS_PARTIAL): void;
600
601 /**
602 * Changes the request URI before the router begins processing the request where:
603 * Can only be called from an 'onRequest' extension method.
604 * @param url - the new request URI. If url is a string, it is parsed with node's URL parse() method with parseQueryString set to true. url can also be set to an object compatible with node's URL
605 * parse() method output.
606 * @param stripTrailingSlash - if true, strip the trailing slash from the path. Defaults to false.
607 * @return void
608 * [See docs](https://hapijs.com/api/17.0.1#-requestseturlurl-striptrailingslash)
609 */
610 setUrl(url: string | url.URL, stripTrailingSlash?: boolean): void;
611}
612
613/* + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
614 + +
615 + +
616 + +
617 + Response +
618 + +
619 + +
620 + +
621 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + */
622
623/**
624 * Access: read only and the public podium interface.
625 * The response.events object supports the following events:
626 * * 'peek' - emitted for each chunk of data written back to the client connection. The event method signature is function(chunk, encoding).
627 * * 'finish' - emitted when the response finished writing but before the client response connection is ended. The event method signature is function ().
628 * [See docs](https://hapijs.com/api/17.0.1#-responseevents)
629 */
630export interface ResponseEvents extends Podium {
631 /**
632 * 'peek' - emitted for each chunk of data written back to the client connection. The event method signature is function(chunk, encoding).
633 * 'finish' - emitted when the response finished writing but before the client response connection is ended. The event method signature is function ().
634 */
635 on(criteria: "peek", listener: PeekListener): void;
636
637 on(criteria: "finish", listener: (data: undefined) => void): void;
638
639 /**
640 * 'peek' - emitted for each chunk of data written back to the client connection. The event method signature is function(chunk, encoding).
641 * 'finish' - emitted when the response finished writing but before the client response connection is ended. The event method signature is function ().
642 */
643 once(criteria: "peek", listener: PeekListener): void;
644
645 once(criteria: "finish", listener: (data: undefined) => void): void;
646}
647
648/**
649 * Object where:
650 * * append - if true, the value is appended to any existing header value using separator. Defaults to false.
651 * * separator - string used as separator when appending to an existing value. Defaults to ','.
652 * * override - if false, the header value is not set if an existing value present. Defaults to true.
653 * * duplicate - if false, the header value is not modified if the provided value is already included. Does not apply when append is false or if the name is 'set-cookie'. Defaults to true.
654 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responseheadername-value-options)
655 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#response-object)
656 */
657export interface ResponseObjectHeaderOptions {
658 append?: boolean | undefined;
659 separator?: string | undefined;
660 override?: boolean | undefined;
661 duplicate?: boolean | undefined;
662}
663
664/**
665 * The response object contains the request response value along with various HTTP headers and flags. When a lifecycle
666 * method returns a value, the value is wrapped in a response object along with some default flags (e.g. 200 status
667 * code). In order to customize a response before it is returned, the h.response() method is provided.
668 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#response-object)
669 * TODO, check extending from Podium is correct. Extending because of "The response object supports the following events" [See docs](https://hapijs.com/api/17.0.1#-responseevents)
670 */
671export interface ResponseObject extends Podium {
672 /**
673 * Default value: {}.
674 * Application-specific state. Provides a safe place to store application data without potential conflicts with the framework. Should not be used by plugins which should use plugins[name].
675 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responseapp)
676 */
677 app: ApplicationState;
678
679 /**
680 * Access: read only and the public podium interface.
681 * The response.events object supports the following events:
682 * * 'peek' - emitted for each chunk of data written back to the client connection. The event method signature is function(chunk, encoding).
683 * * 'finish' - emitted when the response finished writing but before the client response connection is ended. The event method signature is function ().
684 * [See docs](https://hapijs.com/api/17.0.1#-responseevents)
685 */
686 readonly events: ResponseEvents;
687
688 /**
689 * Default value: {}.
690 * An object containing the response headers where each key is a header field name and the value is the string header value or array of string.
691 * Note that this is an incomplete list of headers to be included with the response. Additional headers will be added once the response is prepared for transmission.
692 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responseheaders)
693 */
694 readonly headers: Util.Dictionary<string | string[]>;
695
696 /**
697 * Default value: {}.
698 * Plugin-specific state. Provides a place to store and pass request-level plugin data. plugins is an object where each key is a plugin name and the value is the state.
699 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responseplugins)
700 */
701 plugins: PluginsStates;
702
703 /**
704 * Object containing the response handling flags.
705 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsesettings)
706 */
707 readonly settings: ResponseSettings;
708
709 /**
710 * The raw value returned by the lifecycle method.
711 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsesource)
712 */
713 readonly source: Lifecycle.ReturnValue;
714
715 /**
716 * Default value: 200.
717 * The HTTP response status code.
718 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsestatuscode)
719 */
720 readonly statusCode: number;
721
722 /**
723 * A string indicating the type of source with available values:
724 * * 'plain' - a plain response such as string, number, null, or simple object.
725 * * 'buffer' - a Buffer.
726 * * 'stream' - a Stream.
727 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsevariety)
728 */
729 readonly variety: "plain" | "buffer" | "stream";
730
731 /**
732 * Sets the HTTP 'Content-Length' header (to avoid chunked transfer encoding) where:
733 * @param length - the header value. Must match the actual payload size.
734 * @return Return value: the current response object.
735 * [See docs](https://hapijs.com/api/17.0.1#-responsebyteslength)
736 */
737 bytes(length: number): ResponseObject;
738
739 /**
740 * Sets the 'Content-Type' HTTP header 'charset' property where:
741 * @param charset - the charset property value.
742 * @return Return value: the current response object.
743 * [See docs](https://hapijs.com/api/17.0.1#-responsecharsetcharset)
744 */
745 charset(charset: string): ResponseObject;
746
747 /**
748 * Sets the HTTP status code where:
749 * @param statusCode - the HTTP status code (e.g. 200).
750 * @return Return value: the current response object.
751 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsecodestatuscode)
752 */
753 code(statusCode: number): ResponseObject;
754
755 /**
756 * Sets the HTTP status message where:
757 * @param httpMessage - the HTTP status message (e.g. 'Ok' for status code 200).
758 * @return Return value: the current response object.
759 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsemessagehttpmessage)
760 */
761 message(httpMessage: string): ResponseObject;
762
763 /**
764 * Sets the HTTP status code to Created (201) and the HTTP 'Location' header where:
765 * @param uri - an absolute or relative URI used as the 'Location' header value.
766 * @return Return value: the current response object.
767 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsecreateduri)
768 */
769 created(uri: string): ResponseObject;
770
771 /**
772 * Sets the string encoding scheme used to serial data into the HTTP payload where:
773 * @param encoding the encoding property value (see node Buffer encoding [See docs](https://nodejs.org/api/buffer.html#buffer_buffers_and_character_encodings)).
774 * * 'ascii' - for 7-bit ASCII data only. This encoding is fast and will strip the high bit if set.
775 * * 'utf8' - Multibyte encoded Unicode characters. Many web pages and other document formats use UTF-8.
776 * * 'utf16le' - 2 or 4 bytes, little-endian encoded Unicode characters. Surrogate pairs (U+10000 to U+10FFFF) are supported.
777 * * 'ucs2' - Alias of 'utf16le'.
778 * * 'base64' - Base64 encoding. When creating a Buffer from a string, this encoding will also correctly accept "URL and Filename Safe Alphabet" as specified in RFC4648, Section 5.
779 * * 'latin1' - A way of encoding the Buffer into a one-byte encoded string (as defined by the IANA in RFC1345, page 63, to be the Latin-1 supplement block and C0/C1 control codes).
780 * * 'binary' - Alias for 'latin1'.
781 * * 'hex' - Encode each byte as two hexadecimal characters.
782 * @return Return value: the current response object.
783 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responseencodingencoding)
784 */
785 encoding(encoding: "ascii" | "utf8" | "utf16le" | "ucs2" | "base64" | "latin1" | "binary" | "hex"): ResponseObject;
786
787 /**
788 * Sets the representation entity tag where:
789 * @param tag - the entity tag string without the double-quote.
790 * @param options - (optional) settings where:
791 * * weak - if true, the tag will be prefixed with the 'W/' weak signifier. Weak tags will fail to match identical tags for the purpose of determining 304 response status. Defaults to false.
792 * * vary - if true and content encoding is set or applied to the response (e.g 'gzip' or 'deflate'), the encoding name will be automatically added to the tag at transmission time (separated by
793 * a '-' character). Ignored when weak is true. Defaults to true.
794 * @return Return value: the current response object.
795 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responseetagtag-options)
796 */
797 etag(tag: string, options?: { weak: boolean; vary: boolean }): ResponseObject;
798
799 /**
800 * Sets an HTTP header where:
801 * @param name - the header name.
802 * @param value - the header value.
803 * @param options - (optional) object where:
804 * * append - if true, the value is appended to any existing header value using separator. Defaults to false.
805 * * separator - string used as separator when appending to an existing value. Defaults to ','.
806 * * override - if false, the header value is not set if an existing value present. Defaults to true.
807 * * duplicate - if false, the header value is not modified if the provided value is already included. Does not apply when append is false or if the name is 'set-cookie'. Defaults to true.
808 * @return Return value: the current response object.
809 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responseheadername-value-options)
810 */
811 header(name: string, value: string, options?: ResponseObjectHeaderOptions): ResponseObject;
812
813 /**
814 * Sets the HTTP 'Location' header where:
815 * @param uri - an absolute or relative URI used as the 'Location' header value.
816 * @return Return value: the current response object.
817 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responselocationuri)
818 */
819 location(uri: string): ResponseObject;
820
821 /**
822 * Sets an HTTP redirection response (302) and decorates the response with additional methods, where:
823 * @param uri - an absolute or relative URI used to redirect the client to another resource.
824 * @return Return value: the current response object.
825 * Decorates the response object with the response.temporary(), response.permanent(), and response.rewritable() methods to easily change the default redirection code (302).
826 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responseredirecturi)
827 */
828 redirect(uri: string): ResponseObject;
829
830 /**
831 * Sets the JSON.stringify() replacer argument where:
832 * @param method - the replacer function or array. Defaults to none.
833 * @return Return value: the current response object.
834 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsereplacermethod)
835 */
836 replacer(method: Json.StringifyReplacer): ResponseObject;
837
838 /**
839 * Sets the JSON.stringify() space argument where:
840 * @param count - the number of spaces to indent nested object keys. Defaults to no indentation.
841 * @return Return value: the current response object.
842 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsespacescount)
843 */
844 spaces(count: number): ResponseObject;
845
846 /**
847 * Sets an HTTP cookie where:
848 * @param name - the cookie name.
849 * @param value - the cookie value. If no options.encoding is defined, must be a string. See server.state() for supported encoding values.
850 * @param options - (optional) configuration. If the state was previously registered with the server using server.state(), the specified keys in options are merged with the default server
851 * definition.
852 * @return Return value: the current response object.
853 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsestatename-value-options)
854 */
855 state(name: string, value: object | string, options?: ServerStateCookieOptions): ResponseObject;
856
857 /**
858 * Sets a string suffix when the response is process via JSON.stringify() where:
859 * @param suffix - the string suffix.
860 * @return Return value: the current response object.
861 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsesuffixsuffix)
862 */
863 suffix(suffix: string): ResponseObject;
864
865 /**
866 * Overrides the default route cache expiration rule for this response instance where:
867 * @param msec - the time-to-live value in milliseconds.
868 * @return Return value: the current response object.
869 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsettlmsec)
870 */
871 ttl(msec: number): ResponseObject;
872
873 /**
874 * Sets the HTTP 'Content-Type' header where:
875 * @param mimeType - is the mime type.
876 * @return Return value: the current response object.
877 * Should only be used to override the built-in default for each response type.
878 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsetypemimetype)
879 */
880 type(mimeType: string): ResponseObject;
881
882 /**
883 * Clears the HTTP cookie by setting an expired value where:
884 * @param name - the cookie name.
885 * @param options - (optional) configuration for expiring cookie. If the state was previously registered with the server using server.state(), the specified options are merged with the server
886 * definition.
887 * @return Return value: the current response object.
888 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responseunstatename-options)
889 */
890 unstate(name: string, options?: ServerStateCookieOptions): ResponseObject;
891
892 /**
893 * Adds the provided header to the list of inputs affected the response generation via the HTTP 'Vary' header where:
894 * @param header - the HTTP request header name.
895 * @return Return value: the current response object.
896 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsevaryheader)
897 */
898 vary(header: string): ResponseObject;
899
900 /**
901 * Marks the response object as a takeover response.
902 * @return Return value: the current response object.
903 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsetakeover)
904 */
905 takeover(): ResponseObject;
906
907 /**
908 * Sets the status code to 302 or 307 (based on the response.rewritable() setting) where:
909 * @param isTemporary - if false, sets status to permanent. Defaults to true.
910 * @return Return value: the current response object.
911 * Only available after calling the response.redirect() method.
912 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsetemporaryistemporary)
913 */
914 temporary(isTemporary: boolean): ResponseObject;
915
916 /**
917 * Sets the status code to 301 or 308 (based on the response.rewritable() setting) where:
918 * @param isPermanent - if false, sets status to temporary. Defaults to true.
919 * @return Return value: the current response object.
920 * Only available after calling the response.redirect() method.
921 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsepermanentispermanent)
922 */
923 permanent(isPermanent: boolean): ResponseObject;
924
925 /**
926 * Sets the status code to 301/302 for rewritable (allows changing the request method from 'POST' to 'GET') or 307/308 for non-rewritable (does not allow changing the request method from 'POST'
927 * to 'GET'). Exact code based on the response.temporary() or response.permanent() setting. Arguments:
928 * @param isRewritable - if false, sets to non-rewritable. Defaults to true.
929 * @return Return value: the current response object.
930 * Only available after calling the response.redirect() method.
931 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responserewritableisrewritable)
932 */
933 rewritable(isRewritable: boolean): ResponseObject;
934}
935
936/**
937 * Object containing the response handling flags.
938 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-responsesettings)
939 */
940export interface ResponseSettings {
941 /**
942 * Defaults value: true.
943 * If true and source is a Stream, copies the statusCode and headers properties of the stream object to the outbound response.
944 */
945 readonly passThrough: boolean;
946
947 /**
948 * Default value: null (use route defaults).
949 * Override the route json options used when source value requires stringification.
950 */
951 readonly stringify: Json.StringifyArguments;
952
953 /**
954 * Default value: null (use route defaults).
955 * If set, overrides the route cache with an expiration value in milliseconds.
956 */
957 readonly ttl: number;
958
959 /**
960 * Default value: false.
961 * If true, a suffix will be automatically added to the 'ETag' header at transmission time (separated by a '-' character) when the HTTP 'Vary' header is present.
962 */
963 varyEtag: boolean;
964}
965
966/**
967 * See more about Lifecycle
968 * https://github.com/hapijs/hapi/blob/master/API.md#request-lifecycle
969 */
970
971export type ResponseValue = string | object;
972
973export interface AuthenticationData {
974 credentials: AuthCredentials;
975 artifacts?: object | undefined;
976}
977
978export interface Auth {
979 readonly isAuth: true;
980 readonly error?: Error | null | undefined;
981 readonly data?: AuthenticationData | undefined;
982}
983
984/**
985 * The response toolkit is a collection of properties and utilities passed to every [lifecycle method](https://github.com/hapijs/hapi/blob/master/API.md#lifecycle-methods)
986 * It is somewhat hard to define as it provides both utilities for manipulating responses as well as other information. Since the
987 * toolkit is passed as a function argument, developers can name it whatever they want. For the purpose of this
988 * document the h notation is used. It is named in the spirit of the RethinkDB r method, with h for hapi.
989 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#response-toolkit)
990 */
991export interface ResponseToolkit {
992 /**
993 * A response symbol. When returned by a lifecycle method, the request lifecycle skips to the finalizing step
994 * without further interaction with the node response stream. It is the developer's responsibility to write
995 * and end the response directly via [request.raw.res](https://github.com/hapijs/hapi/blob/master/API.md#request.raw).
996 */
997 readonly abandon: symbol;
998
999 /**
1000 * A response symbol. When returned by a lifecycle method, the request lifecycle skips to the finalizing step after
1001 * calling request.raw.res.end()) to close the the node response stream.
1002 */
1003 readonly close: symbol;
1004
1005 /**
1006 * A response symbol. Provides access to the route or server context set via the route [bind](https://github.com/hapijs/hapi/blob/master/API.md#route.options.bind)
1007 * option or [server.bind()](https://github.com/hapijs/hapi/blob/master/API.md#server.bind()).
1008 */
1009 readonly context: any;
1010
1011 /**
1012 * A response symbol. When returned by a lifecycle method, the request lifecycle continues without changing the response.
1013 */
1014 readonly continue: symbol;
1015
1016 /**
1017 * The [server realm](https://github.com/hapijs/hapi/blob/master/API.md#server.realm) associated with the matching
1018 * route. Defaults to the root server realm in the onRequest step.
1019 */
1020 readonly realm: ServerRealm;
1021
1022 /**
1023 * Access: read only and public request interface.
1024 * The [request] object. This is a duplication of the request lifecycle method argument used by
1025 * [toolkit decorations](https://github.com/hapijs/hapi/blob/master/API.md#server.decorate()) to access the current request.
1026 */
1027 readonly request: Readonly<Request>;
1028
1029 /**
1030 * Used by the [authentication] method to pass back valid credentials where:
1031 * @param data - an object with:
1032 * * credentials - (required) object representing the authenticated entity.
1033 * * artifacts - (optional) authentication artifacts object specific to the authentication scheme.
1034 * @return Return value: an internal authentication object.
1035 */
1036 authenticated(data: AuthenticationData): Auth;
1037
1038 /**
1039 * Sets the response 'ETag' and 'Last-Modified' headers and checks for any conditional request headers to decide if
1040 * the response is going to qualify for an HTTP 304 (Not Modified). If the entity values match the request
1041 * conditions, h.entity() returns a response object for the lifecycle method to return as its value which will
1042 * set a 304 response. Otherwise, it sets the provided entity headers and returns undefined.
1043 * The method argumetns are:
1044 * @param options - a required configuration object with:
1045 * * etag - the ETag string. Required if modified is not present. Defaults to no header.
1046 * * modified - the Last-Modified header value. Required if etag is not present. Defaults to no header.
1047 * * vary - same as the response.etag() option. Defaults to true.
1048 * @return Return value: - a response object if the response is unmodified. - undefined if the response has changed.
1049 * If undefined is returned, the developer must return a valid lifecycle method value. If a response is returned,
1050 * it should be used as the return value (but may be customize using the response methods).
1051 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-hentityoptions)
1052 */
1053 entity(
1054 options?: { etag?: string | undefined; modified?: string | undefined; vary?: boolean | undefined },
1055 ): ResponseObject | undefined;
1056
1057 /**
1058 * Redirects the client to the specified uri. Same as calling h.response().redirect(uri).
1059 * @param url
1060 * @return Returns a response object.
1061 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-hredirecturi)
1062 */
1063 redirect(uri?: string): ResponseObject;
1064
1065 /**
1066 * Wraps the provided value and returns a response object which allows customizing the response
1067 * (e.g. setting the HTTP status code, custom headers, etc.), where:
1068 * @param value - (optional) return value. Defaults to null.
1069 * @return Returns a response object.
1070 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-hresponsevalue)
1071 */
1072 response(value?: ResponseValue): ResponseObject;
1073
1074 /**
1075 * Sets a response cookie using the same arguments as response.state().
1076 * @param name of the cookie
1077 * @param value of the cookie
1078 * @param (optional) ServerStateCookieOptions object.
1079 * @return Return value: none.
1080 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-hstatename-value-options)
1081 */
1082 state(name: string, value: string | object, options?: ServerStateCookieOptions): void;
1083
1084 /**
1085 * Used by the [authentication] method to indicate authentication failed and pass back the credentials received where:
1086 * @param error - (required) the authentication error.
1087 * @param data - (optional) an object with:
1088 * * credentials - (required) object representing the authenticated entity.
1089 * * artifacts - (optional) authentication artifacts object specific to the authentication scheme.
1090 * @return void.
1091 * The method is used to pass both the authentication error and the credentials. For example, if a request included
1092 * expired credentials, it allows the method to pass back the user information (combined with a 'try'
1093 * authentication mode) for error customization.
1094 * There is no difference between throwing the error or passing it with the h.unauthenticated() method is no credentials are passed, but it might still be helpful for code clarity.
1095 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-hunauthenticatederror-data)
1096 */
1097 unauthenticated(error: Error, data?: AuthenticationData): void;
1098
1099 /**
1100 * Clears a response cookie using the same arguments as
1101 * @param name of the cookie
1102 * @param options (optional) ServerStateCookieOptions object.
1103 * @return void.
1104 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-hunstatename-options)
1105 */
1106 unstate(name: string, options?: ServerStateCookieOptions): void;
1107}
1108
1109/* + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
1110 + +
1111 + +
1112 + +
1113 + Route +
1114 + +
1115 + +
1116 + +
1117 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + */
1118
1119export type RouteOptionsAccessScope = false | string | string[];
1120
1121export type RouteOptionsAccessEntity = "any" | "user" | "app";
1122
1123export interface RouteOptionsAccessScopeObject {
1124 scope: RouteOptionsAccessScope;
1125}
1126
1127export interface RouteOptionsAccessEntityObject {
1128 entity: RouteOptionsAccessEntity;
1129}
1130
1131export type RouteOptionsAccessObject =
1132 | RouteOptionsAccessScopeObject
1133 | RouteOptionsAccessEntityObject
1134 | (RouteOptionsAccessScopeObject & RouteOptionsAccessEntityObject);
1135
1136/**
1137 * Route Authentication Options
1138 */
1139export interface RouteOptionsAccess {
1140 /**
1141 * Default value: none.
1142 * An object or array of objects specifying the route access rules. Each rule is evaluated against an incoming request and access is granted if at least one of the rules matches. Each rule object
1143 * must include at least one of scope or entity.
1144 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsauthaccess)
1145 */
1146 access?: RouteOptionsAccessObject | RouteOptionsAccessObject[] | undefined;
1147
1148 /**
1149 * Default value: false (no scope requirements).
1150 * The application scope required to access the route. Value can be a scope string or an array of scope strings. When authenticated, the credentials object scope property must contain at least
1151 * one of the scopes defined to access the route. If a scope string begins with a + character, that scope is required. If a scope string begins with a ! character, that scope is forbidden. For
1152 * example, the scope ['!a', '+b', 'c', 'd'] means the incoming request credentials' scope must not include 'a', must include 'b', and must include one of 'c' or 'd'. You may also access
1153 * properties on the request object (query, params, payload, and credentials) to populate a dynamic scope by using the '{' and '}' characters around the property name, such as 'user-{params.id}'.
1154 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsauthaccessscope)
1155 */
1156 scope?: RouteOptionsAccessScope | undefined;
1157
1158 /**
1159 * Default value: 'any'.
1160 * The required authenticated entity type. If set, must match the entity value of the request authenticated credentials. Available values:
1161 * * 'any' - the authentication can be on behalf of a user or application.
1162 * * 'user' - the authentication must be on behalf of a user which is identified by the presence of a 'user' attribute in the credentials object returned by the authentication strategy.
1163 * * 'app' - the authentication must be on behalf of an application which is identified by the lack of presence of a user attribute in the credentials object returned by the authentication
1164 * strategy.
1165 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsauthaccessentity)
1166 */
1167 entity?: RouteOptionsAccessEntity | undefined;
1168
1169 /**
1170 * Default value: 'required'.
1171 * The authentication mode. Available values:
1172 * * 'required' - authentication is required.
1173 * * 'optional' - authentication is optional - the request must include valid credentials or no credentials at all.
1174 * * 'try' - similar to 'optional', any request credentials are attempted authentication, but if the credentials are invalid, the request proceeds regardless of the authentication error.
1175 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsauthmode)
1176 */
1177 mode?: "required" | "optional" | "try" | undefined;
1178
1179 /**
1180 * Default value: false, unless the scheme requires payload authentication.
1181 * If set, the incoming request payload is authenticated after it is processed. Requires a strategy with payload authentication support (e.g. Hawk). Cannot be set to a value other than 'required'
1182 * when the scheme sets the authentication options.payload to true. Available values:
1183 * * false - no payload authentication.
1184 * * 'required' - payload authentication required.
1185 * * 'optional' - payload authentication performed only when the client includes payload authentication information (e.g. hash attribute in Hawk).
1186 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsauthpayload)
1187 */
1188 payload?: false | "required" | "optional" | undefined;
1189
1190 /**
1191 * Default value: the default strategy set via server.auth.default().
1192 * An array of string strategy names in the order they should be attempted. Cannot be used together with strategy.
1193 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsauthstrategies)
1194 */
1195 strategies?: string[] | undefined;
1196
1197 /**
1198 * Default value: the default strategy set via server.auth.default().
1199 * A string strategy names. Cannot be used together with strategies.
1200 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsauthstrategy)
1201 */
1202 strategy?: string | undefined;
1203}
1204
1205/**
1206 * Values are:
1207 * * * 'default' - no privacy flag.
1208 * * * 'public' - mark the response as suitable for public caching.
1209 * * * 'private' - mark the response as suitable only for private caching.
1210 * * expiresIn - relative expiration expressed in the number of milliseconds since the item was saved in the cache. Cannot be used together with expiresAt.
1211 * * expiresAt - time of day expressed in 24h notation using the 'HH:MM' format, at which point all cache records for the route expire. Cannot be used together with expiresIn.
1212 * * statuses - an array of HTTP response status code numbers (e.g. 200) which are allowed to include a valid caching directive.
1213 * * otherwise - a string with the value of the 'Cache-Control' header when caching is disabled.
1214 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionscache)
1215 */
1216export type RouteOptionsCache =
1217 & {
1218 privacy?: "default" | "public" | "private" | undefined;
1219 statuses?: number[] | undefined;
1220 otherwise?: string | undefined;
1221 }
1222 & (
1223 {
1224 expiresIn?: number | undefined;
1225 expiresAt?: undefined;
1226 } | {
1227 expiresIn?: undefined;
1228 expiresAt?: string | undefined;
1229 } | {
1230 expiresIn?: undefined;
1231 expiresAt?: undefined;
1232 }
1233 );
1234
1235/**
1236 * Default value: false (no CORS headers).
1237 * The Cross-Origin Resource Sharing protocol allows browsers to make cross-origin API calls. CORS is required by web applications running inside a browser which are loaded from a different domain
1238 * than the API server. To enable, set cors to true, or to an object with the following options:
1239 * * origin - an array of allowed origin servers strings ('Access-Control-Allow-Origin'). The array can contain any combination of fully qualified origins along with origin strings containing a
1240 * wildcard '*' character, or a single '*' origin string. If set to 'ignore', any incoming Origin header is ignored (present or not) and the 'Access-Control-Allow-Origin' header is set to '*'.
1241 * Defaults to any origin ['*'].
1242 * * maxAge - number of seconds the browser should cache the CORS response ('Access-Control-Max-Age'). The greater the value, the longer it will take before the browser checks for changes in policy.
1243 * Defaults to 86400 (one day).
1244 * * headers - a strings array of allowed headers ('Access-Control-Allow-Headers'). Defaults to ['Accept', 'Authorization', 'Content-Type', 'If-None-Match'].
1245 * * additionalHeaders - a strings array of additional headers to headers. Use this to keep the default headers in place.
1246 * * exposedHeaders - a strings array of exposed headers ('Access-Control-Expose-Headers'). Defaults to ['WWW-Authenticate', 'Server-Authorization'].
1247 * * additionalExposedHeaders - a strings array of additional headers to exposedHeaders. Use this to keep the default headers in place.
1248 * * credentials - if true, allows user credentials to be sent ('Access-Control-Allow-Credentials'). Defaults to false.
1249 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionscors)
1250 */
1251export interface RouteOptionsCors {
1252 /**
1253 * an array of allowed origin servers strings ('Access-Control-Allow-Origin'). The array can contain any combination of fully qualified origins along with origin strings containing a wildcard '*'
1254 * character, or a single '*' origin string. If set to 'ignore', any incoming Origin header is ignored (present or not) and the 'Access-Control-Allow-Origin' header is set to '*'. Defaults to any
1255 * origin ['*'].
1256 */
1257 origin?: string[] | "*" | "ignore" | undefined;
1258 /**
1259 * number of seconds the browser should cache the CORS response ('Access-Control-Max-Age'). The greater the value, the longer it will take before the browser checks for changes in policy.
1260 * Defaults to 86400 (one day).
1261 */
1262 maxAge?: number | undefined;
1263 /**
1264 * a strings array of allowed headers ('Access-Control-Allow-Headers'). Defaults to ['Accept', 'Authorization', 'Content-Type', 'If-None-Match'].
1265 */
1266 headers?: string[] | undefined;
1267 /**
1268 * a strings array of additional headers to headers. Use this to keep the default headers in place.
1269 */
1270 additionalHeaders?: string[] | undefined;
1271 /**
1272 * a strings array of exposed headers ('Access-Control-Expose-Headers'). Defaults to ['WWW-Authenticate', 'Server-Authorization'].
1273 */
1274 exposedHeaders?: string[] | undefined;
1275 /**
1276 * a strings array of additional headers to exposedHeaders. Use this to keep the default headers in place.
1277 */
1278 additionalExposedHeaders?: string[] | undefined;
1279 /**
1280 * if true, allows user credentials to be sent ('Access-Control-Allow-Credentials'). Defaults to false.
1281 */
1282 credentials?: boolean | undefined;
1283}
1284
1285/**
1286 * The value must be one of:
1287 * * 'data' - the incoming payload is read fully into memory. If parse is true, the payload is parsed (JSON, form-decoded, multipart) based on the 'Content-Type' header. If parse is false, a raw
1288 * Buffer is returned.
1289 * * 'stream' - the incoming payload is made available via a Stream.Readable interface. If the payload is 'multipart/form-data' and parse is true, field values are presented as text while files are
1290 * provided as streams. File streams from a 'multipart/form-data' upload will also have a hapi property containing the filename and headers properties. Note that payload streams for multipart
1291 * payloads are a synthetic interface created on top of the entire mutlipart content loaded into memory. To avoid loading large multipart payloads into memory, set parse to false and handle the
1292 * multipart payload in the handler using a streaming parser (e.g. pez).
1293 * * 'file' - the incoming payload is written to temporary file in the directory specified by the uploads settings. If the payload is 'multipart/form-data' and parse is true, field values are
1294 * presented as text while files are saved to disk. Note that it is the sole responsibility of the application to clean up the files generated by the framework. This can be done by keeping track of
1295 * which files are used (e.g. using the request.app object), and listening to the server 'response' event to perform cleanup. For context [See
1296 * docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadoutput)
1297 */
1298export type PayloadOutput = "data" | "stream" | "file";
1299
1300/**
1301 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadcompression)
1302 */
1303export type PayloadCompressionDecoderSettings = object;
1304
1305/**
1306 * Determines how the request payload is processed.
1307 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayload)
1308 */
1309export interface RouteOptionsPayload {
1310 /**
1311 * Default value: allows parsing of the following mime types:
1312 * * application/json
1313 * * application/*+json
1314 * * application/octet-stream
1315 * * application/x-www-form-urlencoded
1316 * * multipart/form-data
1317 * * text/*
1318 * A string or an array of strings with the allowed mime types for the endpoint. Use this settings to limit the set of allowed mime types. Note that allowing additional mime types not listed
1319 * above will not enable them to be parsed, and if parse is true, the request will result in an error response.
1320 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadallow)
1321 */
1322 allow?: string | string[] | undefined;
1323
1324 /**
1325 * Default value: none.
1326 * An object where each key is a content-encoding name and each value is an object with the desired decoder settings. Note that encoder settings are set in compression.
1327 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadcompression)
1328 */
1329 compression?: Util.Dictionary<PayloadCompressionDecoderSettings> | undefined;
1330
1331 /**
1332 * Default value: 'application/json'.
1333 * The default content type if the 'Content-Type' request header is missing.
1334 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloaddefaultcontenttype)
1335 */
1336 defaultContentType?: string | undefined;
1337
1338 /**
1339 * Default value: 'error' (return a Bad Request (400) error response).
1340 * A failAction value which determines how to handle payload parsing errors.
1341 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadfailaction)
1342 */
1343 failAction?: Lifecycle.FailAction | undefined;
1344
1345 /**
1346 * Default value: 1048576 (1MB).
1347 * Limits the size of incoming payloads to the specified byte count. Allowing very large payloads may cause the server to run out of memory.
1348 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadmaxbytes)
1349 */
1350 maxBytes?: number | undefined;
1351
1352 /**
1353 * Default value: none.
1354 * Overrides payload processing for multipart requests. Value can be one of:
1355 * * false - disable multipart processing.
1356 * an object with the following required options:
1357 * * output - same as the output option with an additional value option:
1358 * * * annotated - wraps each multipart part in an object with the following keys: // TODO type this?
1359 * * * * headers - the part headers.
1360 * * * * filename - the part file name.
1361 * * * * payload - the processed part payload.
1362 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadmultipart)
1363 */
1364 multipart?: false | {
1365 output: PayloadOutput | "annotated";
1366 } | undefined;
1367
1368 /**
1369 * Default value: 'data'.
1370 * The processed payload format. The value must be one of:
1371 * * 'data' - the incoming payload is read fully into memory. If parse is true, the payload is parsed (JSON, form-decoded, multipart) based on the 'Content-Type' header. If parse is false, a raw
1372 * Buffer is returned.
1373 * * 'stream' - the incoming payload is made available via a Stream.Readable interface. If the payload is 'multipart/form-data' and parse is true, field values are presented as text while files
1374 * are provided as streams. File streams from a 'multipart/form-data' upload will also have a hapi property containing the filename and headers properties. Note that payload streams for multipart
1375 * payloads are a synthetic interface created on top of the entire mutlipart content loaded into memory. To avoid loading large multipart payloads into memory, set parse to false and handle the
1376 * multipart payload in the handler using a streaming parser (e.g. pez).
1377 * * 'file' - the incoming payload is written to temporary file in the directory specified by the uploads settings. If the payload is 'multipart/form-data' and parse is true, field values are
1378 * presented as text while files are saved to disk. Note that it is the sole responsibility of the application to clean up the files generated by the framework. This can be done by keeping track
1379 * of which files are used (e.g. using the request.app object), and listening to the server 'response' event to perform cleanup.
1380 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadoutput)
1381 */
1382 output?: PayloadOutput | undefined;
1383
1384 /**
1385 * Default value: none.
1386 * A mime type string overriding the 'Content-Type' header value received.
1387 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadoverride)
1388 */
1389 override?: string | undefined;
1390
1391 /**
1392 * Default value: true.
1393 * Determines if the incoming payload is processed or presented raw. Available values:
1394 * * true - if the request 'Content-Type' matches the allowed mime types set by allow (for the whole payload as well as parts), the payload is converted into an object when possible. If the
1395 * format is unknown, a Bad Request (400) error response is sent. Any known content encoding is decoded.
1396 * * false - the raw payload is returned unmodified.
1397 * * 'gunzip' - the raw payload is returned unmodified after any known content encoding is decoded.
1398 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadparse)
1399 */
1400 parse?: boolean | "gunzip" | undefined;
1401
1402 /**
1403 * Default value: to 10000 (10 seconds).
1404 * Payload reception timeout in milliseconds. Sets the maximum time allowed for the client to transmit the request payload (body) before giving up and responding with a Request Timeout (408)
1405 * error response. Set to false to disable.
1406 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloadtimeout)
1407 */
1408 timeout?: false | number | undefined;
1409
1410 /**
1411 * Default value: os.tmpdir().
1412 * The directory used for writing file uploads.
1413 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspayloaduploads)
1414 */
1415 uploads?: string | undefined;
1416}
1417
1418/**
1419 * For context [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspre)
1420 */
1421export type RouteOptionsPreArray = RouteOptionsPreAllOptions[];
1422
1423/**
1424 * For context [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspre)
1425 */
1426export type RouteOptionsPreAllOptions = RouteOptionsPreObject | RouteOptionsPreObject[] | Lifecycle.Method;
1427
1428/**
1429 * An object with:
1430 * * method - a lifecycle method.
1431 * * assign - key name used to assign the response of the method to in request.pre and request.preResponses.
1432 * * failAction - A failAction value which determine what to do when a pre-handler method throws an error. If assign is specified and the failAction setting is not 'error', the error will be assigned.
1433 * For context [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionspre)
1434 */
1435export interface RouteOptionsPreObject {
1436 /**
1437 * a lifecycle method.
1438 */
1439 method: Lifecycle.Method;
1440 /**
1441 * key name used to assign the response of the method to in request.pre and request.preResponses.
1442 */
1443 assign?: string | undefined;
1444 /**
1445 * A failAction value which determine what to do when a pre-handler method throws an error. If assign is specified and the failAction setting is not 'error', the error will be assigned.
1446 */
1447 failAction?: Lifecycle.FailAction | undefined;
1448}
1449
1450export type ValidationObject = SchemaMap;
1451
1452/**
1453 * * true - any query parameter value allowed (no validation performed). false - no parameter value allowed.
1454 * * a joi validation object.
1455 * * a validation function using the signature async function(value, options) where:
1456 * * * value - the request.* object containing the request parameters.
1457 * * * options - options.
1458 */
1459export type RouteOptionsResponseSchema =
1460 | boolean
1461 | ValidationObject
1462 | Schema
1463 | ((value: object | Buffer | string, options: ValidationOptions) => Promise<any>);
1464
1465/**
1466 * Processing rules for the outgoing response.
1467 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsresponse)
1468 */
1469export interface RouteOptionsResponse {
1470 /**
1471 * Default value: 200.
1472 * The default HTTP status code when the payload is considered empty. Value can be 200 or 204. Note that a 200 status code is converted to a 204 only at the time of response transmission (the
1473 * response status code will remain 200 throughout the request lifecycle unless manually set).
1474 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsresponseemptystatuscode)
1475 */
1476 emptyStatusCode?: 200 | 204 | undefined;
1477
1478 /**
1479 * Default value: 'error' (return an Internal Server Error (500) error response).
1480 * A failAction value which defines what to do when a response fails payload validation.
1481 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsresponsefailaction)
1482 */
1483 failAction?: Lifecycle.FailAction | undefined;
1484
1485 /**
1486 * Default value: false.
1487 * If true, applies the validation rule changes to the response payload.
1488 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsresponsemodify)
1489 */
1490 modify?: boolean | undefined;
1491
1492 /**
1493 * Default value: none.
1494 * [joi](https://github.com/hapijs/joi) options object pass to the validation function. Useful to set global options such as stripUnknown or abortEarly (the complete list is available here). If a
1495 * custom validation function is defined via schema or status then options can an arbitrary object that will be passed to this function as the second argument.
1496 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsresponseoptions)
1497 */
1498 options?: ValidationOptions | undefined; // TODO needs validation
1499
1500 /**
1501 * Default value: true.
1502 * If false, payload range support is disabled.
1503 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsresponseranges)
1504 */
1505 ranges?: boolean | undefined;
1506
1507 /**
1508 * Default value: 100 (all responses).
1509 * The percent of response payloads validated (0 - 100). Set to 0 to disable all validation.
1510 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsresponsesample)
1511 */
1512 sample?: number | undefined;
1513
1514 /**
1515 * Default value: true (no validation).
1516 * The default response payload validation rules (for all non-error responses) expressed as one of:
1517 * * true - any payload allowed (no validation).
1518 * * false - no payload allowed.
1519 * * a joi validation object. The options along with the request context ({ headers, params, query, payload, app, auth }) are passed to the validation function.
1520 * * a validation function using the signature async function(value, options) where:
1521 * * * value - the pending response payload.
1522 * * * options - The options along with the request context ({ headers, params, query, payload, app, auth }).
1523 * * * if the function returns a value and modify is true, the value is used as the new response. If the original response is an error, the return value is used to override the original error
1524 * output.payload. If an error is thrown, the error is processed according to failAction.
1525 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsresponseschema)
1526 */
1527 schema?: RouteOptionsResponseSchema | undefined;
1528
1529 /**
1530 * Default value: none.
1531 * Validation schemas for specific HTTP status codes. Responses (excluding errors) not matching the listed status codes are validated using the default schema.
1532 * status is set to an object where each key is a 3 digit HTTP status code and the value has the same definition as schema.
1533 * [See docs](https://github.com/hapijs/hapi/blob/master/API.md#-routeoptionsresponsestatus)
1534 */
1535 status?: Util.Dictionary<RouteOptionsResponseSchema> | undefined;
1536
1537 /**
1538 * The default HTTP status code used to set a response error when the request is closed or aborted before the
1539 * response is fully transmitted.
1540 * Value can be any integer greater or equal to 400.
1541 * The default value 499 is based on the non-standard nginx "CLIENT CLOSED REQUEST" error.
1542 * The value is only used for logging as the request has already ended.
1543 * @default 499
1544 */
1545 disconnectStatusCode?: number | undefined;
1546}
1547
1548/**
1549 * @see https://www.w3.org/TR/referrer-policy/
1550 */
1551export type Referrer