Initial boiler plate project

node_modules/next/dist/esm/server/app-render/encryption.js

@@ -0,0 +1,72 @@
+/* eslint-disable import/no-extraneous-dependencies */ import "server-only";
+/* eslint-disable import/no-extraneous-dependencies */ import { renderToReadableStream, decodeReply } from "react-server-dom-webpack/server.edge";
+/* eslint-disable import/no-extraneous-dependencies */ import { createFromReadableStream, encodeReply } from "react-server-dom-webpack/client.edge";
+import { streamToString } from "../stream-utils/node-web-streams-helper";
+import { arrayBufferToString, decrypt, encrypt, getActionEncryptionKey, getClientReferenceManifestSingleton, getServerModuleMap, stringToUint8Array } from "./encryption-utils";
+const textEncoder = new TextEncoder();
+const textDecoder = new TextDecoder();
+async function decodeActionBoundArg(actionId, arg) {
+    const key = await getActionEncryptionKey();
+    if (typeof key === "undefined") {
+        throw new Error(`Missing encryption key for Server Action. This is a bug in Next.js`);
+    }
+    // Get the iv (16 bytes) and the payload from the arg.
+    const originalPayload = atob(arg);
+    const ivValue = originalPayload.slice(0, 16);
+    const payload = originalPayload.slice(16);
+    const decrypted = textDecoder.decode(await decrypt(key, stringToUint8Array(ivValue), stringToUint8Array(payload)));
+    if (!decrypted.startsWith(actionId)) {
+        throw new Error("Invalid Server Action payload: failed to decrypt.");
+    }
+    return decrypted.slice(actionId.length);
+}
+async function encodeActionBoundArg(actionId, arg) {
+    const key = await getActionEncryptionKey();
+    if (key === undefined) {
+        throw new Error(`Missing encryption key for Server Action. This is a bug in Next.js`);
+    }
+    // Get 16 random bytes as iv.
+    const randomBytes = new Uint8Array(16);
+    crypto.getRandomValues(randomBytes);
+    const ivValue = arrayBufferToString(randomBytes.buffer);
+    const encrypted = await encrypt(key, randomBytes, textEncoder.encode(actionId + arg));
+    return btoa(ivValue + arrayBufferToString(encrypted));
+}
+// Encrypts the action's bound args into a string.
+export async function encryptActionBoundArgs(actionId, args) {
+    const clientReferenceManifestSingleton = getClientReferenceManifestSingleton();
+    // Using Flight to serialize the args into a string.
+    const serialized = await streamToString(renderToReadableStream(args, clientReferenceManifestSingleton.clientModules));
+    // Encrypt the serialized string with the action id as the salt.
+    // Add a prefix to later ensure that the payload is correctly decrypted, similar
+    // to a checksum.
+    const encrypted = await encodeActionBoundArg(actionId, serialized);
+    return encrypted;
+}
+// Decrypts the action's bound args from the encrypted string.
+export async function decryptActionBoundArgs(actionId, encrypted) {
+    // Decrypt the serialized string with the action id as the salt.
+    const decryped = await decodeActionBoundArg(actionId, await encrypted);
+    // Using Flight to deserialize the args from the string.
+    const deserialized = await createFromReadableStream(new ReadableStream({
+        start (controller) {
+            controller.enqueue(textEncoder.encode(decryped));
+            controller.close();
+        }
+    }), {
+        ssrManifest: {
+            // TODO: We can't use the client reference manifest to resolve the modules
+            // on the server side - instead they need to be recovered as the module
+            // references (proxies) again.
+            // For now, we'll just use an empty module map.
+            moduleLoading: {},
+            moduleMap: {}
+        }
+    });
+    // This extra step ensures that the server references are recovered.
+    const serverModuleMap = getServerModuleMap();
+    const transformed = await decodeReply(await encodeReply(deserialized), serverModuleMap);
+    return transformed;
+}
+
+//# sourceMappingURL=encryption.js.map