feat(storage,sqlite): begin tx with context

Makefile

@@ -55,7 +55,7 @@ pkg/sdk/client/dist/client.js: tools/esbuild/bin/esbuild node_modules
 		--global-name=Edge \
 		--define:global=window \
 		--platform=browser \
-		--footer:js="Edge=Edge.default;" \
+		--footer:js="EdgeFrame=Edge.crossFrameMessenger;Edge=Edge.client" \
 		--outfile=pkg/sdk/client/dist/client.js
 
 node_modules:

cmd/cli/command/app/common.go

@@ -0,0 +1,11 @@
+package app
+
+import (
+	"forge.cadoles.com/arcad/edge/pkg/app"
+	"forge.cadoles.com/arcad/edge/pkg/app/metadata"
+)
+
+var manifestMetadataValidators = []app.MetadataValidator{
+	metadata.WithMinimumRoleValidator("visitor", "user", "superuser", "admin", "superadmin"),
+	metadata.WithNamedPathsValidator(metadata.NamedPathAdmin, metadata.NamedPathIcon),
+}

cmd/cli/command/app/package.go

@@ -52,6 +52,10 @@ func PackageCommand() *cli.Command {
 				return errors.Wrap(err, "could not load app manifest")
 			}
 
+			if valid, err := manifest.Validate(manifestMetadataValidators...); !valid {
+				return errors.Wrap(err, "invalid app manifest")
+			}
+
 			if err := os.MkdirAll(outputDir, 0o755); err != nil {
 				return errors.Wrapf(err, "could not create directory ''%s'", outputDir)
 			}

cmd/cli/command/app/run.go

@@ -110,6 +110,10 @@ func RunCommand() *cli.Command {
 				return errors.Wrap(err, "could not load manifest from app bundle")
 			}
 
+			if valid, err := manifest.Validate(manifestMetadataValidators...); !valid {
+				return errors.Wrap(err, "invalid app manifest")
+			}
+
 			storageFile := injectAppID(ctx.String("storage-file"), manifest.ID)
 
 			if err := ensureDir(storageFile); err != nil {

doc/README.md

@@ -6,6 +6,7 @@ Une **Edge App** est une application capable de s'exécuter dans un environnemen
 
 ### Référence
 
+- [Fichier `manifest.yml`](./apps/manifest.md)
 - [API Client](./apps/client-api/README.md)
 - [API Serveur](./apps/server-api/README.md)
 

doc/apps/client-api/README.md

@@ -1,68 +1,14 @@
 # API Client
 
-## Méthodes
+## Usage
 
-### `Edge.connect(): Promise`
+Afin de pouvoir utiliser le SDK "client", vous devez inclure dans la page HTML de votre application la balise `<script>` suivante:
 
-> `TODO`
-
-### `Edge.disconnect(): void`
-
-> `TODO`
-
-
-### `Edge.send(message: Object): void`
-
-> `TODO`
-
-
-### `Edge.rpc(method: string, params: Object): Promise`
-
-> `TODO`
-#### Exemple
-
-**Côté serveur**
-
-```js
-function onInit() {
-    rpc.register(echo);
-}
-
-function echo(ctx, params) {
-    return params;
-}
+```html
+<script src="/edge/sdk/client.js"></script>
 ```
 
-**Côté client**
+Vous pourrez ensuite accéder aux variables globales suivantes:
 
-```js
-Edge.connect().then(() => {
-    Edge.rpc("echo", { hello: "world!" })
-        .then(result => console.log(result))
-        .catch(err => console.error(err));
-});
-```
-
-### `Edge.upload(blob: Blob, metadata: Object): Promise`
-
-> `TODO`
-
-### `Edge.blobUrl(bucketName: string, blobId: string): string`
-
-> `TODO`
-
-### `Edge.externalUrl(url: string): string`
-
-Retourne une URL "locale" permettant d'accéder à une ressource externe, en fonction de règles propres à l'application. Voir module [`fetch`](../server-api/fetch.md).
-
-## Événements
-
-### `"message"`
-
-> `TODO`
-
-#### Exemple
-
-```js
-Edge.addEventListener("message", evt => console.log(evt.detail));
-```
+- [`Edge`](./edge.md) - Client principal d'échange avec le serveur 
+- [`EdgeFrame`](./edge-frame.md)

doc/apps/client-api/edge-frame.md

@@ -0,0 +1,30 @@
+# `EdgeFrame`
+
+## Méthodes
+
+### `EdgeFrame.addEventListener(name: string, listener: (event) => void)`
+
+> `TODO`
+
+## Événements
+
+### `"title_changed"`
+
+```typescript
+interface TitleChangedEvent {
+    detail: {
+        title: string
+    }
+}
+```
+
+### `"size_changed"`
+
+```typescript
+interface SizeChangedEvent {
+    detail: {
+        width: number
+        height: number
+    }
+}
+```

doc/apps/client-api/edge.md

@@ -0,0 +1,68 @@
+# `Edge`
+
+## Méthodes
+
+### `Edge.connect(): Promise`
+
+> `TODO`
+
+### `Edge.disconnect(): void`
+
+> `TODO`
+
+
+### `Edge.send(message: Object): void`
+
+> `TODO`
+
+
+### `Edge.rpc(method: string, params: Object): Promise`
+
+> `TODO`
+#### Exemple
+
+**Côté serveur**
+
+```js
+function onInit() {
+    rpc.register(echo);
+}
+
+function echo(ctx, params) {
+    return params;
+}
+```
+
+**Côté client**
+
+```js
+Edge.connect().then(() => {
+    Edge.rpc("echo", { hello: "world!" })
+        .then(result => console.log(result))
+        .catch(err => console.error(err));
+});
+```
+
+### `Edge.upload(blob: Blob, metadata: Object): Promise`
+
+> `TODO`
+
+### `Edge.blobUrl(bucketName: string, blobId: string): string`
+
+> `TODO`
+
+### `Edge.externalUrl(url: string): string`
+
+Retourne une URL "locale" permettant d'accéder à une ressource externe, en fonction de règles propres à l'application. Voir module [`fetch`](../server-api/fetch.md).
+
+## Événements
+
+### `"message"`
+
+> `TODO`
+
+#### Exemple
+
+```js
+Edge.addEventListener("message", evt => console.log(evt.detail));
+```

doc/apps/manifest.md

@@ -0,0 +1,36 @@
+# Le fichier `manifest.yml`
+
+Le fichier `manifest.yml` à la racine du bundle de votre application contient des informations décrivant celles ci. Vous trouverez ci dessous un exemple commenté.
+
+```yaml
+# REQUIS - L'identifiant de votre application. Il doit être globalement unique. 
+# Un identifiant du type nom de domaine inversé est en général conseillé (ex: tld.mycompany.myapp)
+id: tld.mycompany.myapp
+
+# REQUIS - Le numéro de version de votre application
+# Celui ci devrait respecter le format "semver 2" (voir https://semver.org/)
+version: 0.0.0
+
+# REQUIS - Le titre de votre application.
+title: My App
+
+# OPTIONNEL - Les mots-clés associés à votre applications.
+tags: ["chat"]
+
+# OPTIONNEL - La description de votre application.
+# Vous pouvez utiliser la syntaxe Markdown pour la mettre en forme.
+description: |>
+    A simple demo application
+
+# OPTIONNEL - Métadonnées associées à l'application
+metadata:
+    # OPTIONNEL - Liste des chemins permettant d'accéder à certains URLs identifiées (page d'administration, icône si existante, etc)
+    paths:
+        # Si défini, chemin vers la page d'administration de l'application
+        admin: /admin
+        # Si défini, chemin vers l'icône associée à l'application
+        icon: /my-app-icon.png
+
+    # OPTIONNEL - Role minimum requis pour pouvoir accéder à l'application 
+    minimumRole: visitor
+```

doc/apps/my-first-app.md

@@ -22,23 +22,7 @@ my-app
 
 Ce fichier est le manifeste de votre application. Il permet au serveur d'identifier celle ci et de récupérer des informations la concernant.
 
-```yaml
----
-# L'identifiant de votre application. Il doit être globalement unique. 
-# Un identifiant du type nom de domaine inversé est en général conseillé (ex: tld.mycompany.myapp)
-id: tld.mycompany.myapp
-
-# Le titre de votre application.
-title: My App
-
-# Les mots-clés associés à votre applications.
-tags: ["chat"]
-
-# La description de votre application.
-# Vous pouvez utiliser la syntaxe Markdown pour la mettre en forme.
-description: |>
-    A simple demo application
-```
+[Voir le fichier `manifest.yml` d'exemple](./manifest.md)
 
 ## 4. Créer la page d'accueil
 

doc/apps/server-api/app.md

@@ -49,10 +49,11 @@ URL associée à l'application, ou `null` si aucune application n'a été trouv
 
 ```typescript
 interface Manifest {
-    id: string              // Identifiant de l'application
-    version: string         // Version de l'application
-    title: string           // Titre associé à l'application
-    description: string     // Description associée à l'application
-    tags: string[]          // Mots clés associés à l'application
+    id: string                          // Identifiant de l'application
+    version: string                     // Version de l'application
+    title: string                       // Titre associé à l'application
+    description: string                 // Description associée à l'application
+    tags: string[]                      // Mots clés associés à l'application
+    metadata: { [key: string]: any }    // Métadonnées associées à l'application. Voir ../manifest.md
 }
 ```

misc/client-sdk-testsuite/src/manifest.yml

@@ -4,4 +4,9 @@ title: SDK Test
 version: 0.0.0
 description: |
   Suite de tests pour le SDK client
-tags: ["test"]
+tags: ["test"]
+
+metadata:
+  paths:
+    icon: /icon.png
+  minimumRole: visitor

misc/client-sdk-testsuite/src/public/index.html

@@ -4,6 +4,7 @@
     <meta charset="utf-8" />
     <title>Client SDK Test suite</title>
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <link rel="icon" type="image/png" href="/icon.png">
     <link rel="stylesheet" href="/vendor/mocha.css" />
     <style>
       body {

misc/client-sdk-testsuite/src/public/test/app-module.js

@@ -39,7 +39,6 @@ describe('App Module', function() {
         .then(url => {
           console.log("getAppUrl result:", url);
           chai.assert.isNotEmpty(url);
-          chai.assert.match(url, /^http:\/\/127\.0\.0\.1/)
         })
     });
   

misc/client-sdk-testsuite/src/public/test/client-sdk.js

@@ -1,4 +1,5 @@
 Edge.debug = true;
+EdgeFrame.debug = true;
 
 describe('Edge', function() {
 

misc/client-sdk-testsuite/src/public/test/rpc-module.js

@@ -38,7 +38,7 @@ describe('Remote Procedure Call', function () {
 
 
     it('should call the add() method repetitively and keep count of the sent values', function () {
-        this.timeout(10000);
+        this.timeout(30000);
 
         const values = [];
         for (let i = 0; i <= 1000; i++) {

pkg/app/app.go

@@ -1,39 +0,0 @@
-package app
-
-import (
-	"forge.cadoles.com/arcad/edge/pkg/bundle"
-	"github.com/pkg/errors"
-	"gopkg.in/yaml.v2"
-)
-
-type ID string
-
-type Manifest struct {
-	ID          ID       `yaml:"id" json:"id"`
-	Version     string   `yaml:"version" json:"version"`
-	Title       string   `yaml:"title" json:"title"`
-	Description string   `yaml:"description" json:"description"`
-	Tags        []string `yaml:"tags" json:"tags"`
-}
-
-func LoadManifest(b bundle.Bundle) (*Manifest, error) {
-	reader, _, err := b.File("manifest.yml")
-	if err != nil {
-		return nil, errors.Wrap(err, "could not read manifest.yml")
-	}
-
-	defer func() {
-		if err := reader.Close(); err != nil {
-			panic(errors.WithStack(err))
-		}
-	}()
-
-	manifest := &Manifest{}
-
-	decoder := yaml.NewDecoder(reader)
-	if err := decoder.Decode(manifest); err != nil {
-		return nil, errors.Wrap(err, "could not decode manifest.yml")
-	}
-
-	return manifest, nil
-}

pkg/app/manifest.go

@@ -0,0 +1,85 @@
+package app
+
+import (
+	"strings"
+
+	"forge.cadoles.com/arcad/edge/pkg/bundle"
+	"github.com/pkg/errors"
+	"golang.org/x/mod/semver"
+	"gopkg.in/yaml.v2"
+)
+
+type ID string
+
+type Manifest struct {
+	ID          ID       `yaml:"id" json:"id"`
+	Version     string   `yaml:"version" json:"version"`
+	Title       string   `yaml:"title" json:"title"`
+	Description string   `yaml:"description" json:"description"`
+	Tags        []string `yaml:"tags" json:"tags"`
+	Metadata    MapStr   `yaml:"metadata" json:"metadata"`
+}
+
+type MetadataValidator func(map[string]any) (bool, error)
+
+func (m *Manifest) Validate(validators ...MetadataValidator) (bool, error) {
+	if m.ID == "" {
+		return false, errors.New("'id' property should not be empty")
+	}
+
+	if m.Version == "" {
+		return false, errors.New("'version' property should not be empty")
+	}
+
+	version := m.Version
+	if !strings.HasPrefix(version, "v") {
+		version = "v" + version
+	}
+
+	if !semver.IsValid(version) {
+		return false, errors.Errorf("version '%s' does not respect semver format", m.Version)
+	}
+
+	if m.Title == "" {
+		return false, errors.New("'title' property should not be empty")
+	}
+
+	if m.Tags != nil {
+		for _, t := range m.Tags {
+			if strings.ContainsAny(t, " \t\n\r") {
+				return false, errors.Errorf("tag '%s' should not contain any space or new line", t)
+			}
+		}
+	}
+
+	for _, v := range validators {
+		valid, err := v(m.Metadata)
+		if !valid || err != nil {
+			return valid, errors.WithStack(err)
+		}
+	}
+
+	return true, nil
+}
+
+func LoadManifest(b bundle.Bundle) (*Manifest, error) {
+	reader, _, err := b.File("manifest.yml")
+	if err != nil {
+		return nil, errors.Wrap(err, "could not read manifest.yml")
+	}
+
+	defer func() {
+		if err := reader.Close(); err != nil {
+			panic(errors.WithStack(err))
+		}
+	}()
+
+	manifest := &Manifest{}
+
+	decoder := yaml.NewDecoder(reader)
+	if err := decoder.Decode(manifest); err != nil {
+		return nil, errors.Wrap(err, "could not decode manifest.yml")
+	}
+
+	return manifest, nil
+}

pkg/app/map_str.go

@@ -0,0 +1,61 @@
+package app
+
+import (
+	"fmt"
+
+	"github.com/pkg/errors"
+)
+
+type MapStr map[string]interface{}
+
+func MapStrUnion(dict1 MapStr, dict2 MapStr) MapStr {
+	dict := MapStr{}
+
+	for k, v := range dict1 {
+		dict[k] = v
+	}
+
+	for k, v := range dict2 {
+		dict[k] = v
+	}
+	return dict
+}
+
+func (ms *MapStr) UnmarshalYAML(unmarshal func(interface{}) error) error {
+	var result map[interface{}]interface{}
+	err := unmarshal(&result)
+	if err != nil {
+		return errors.WithStack(err)
+	}
+	*ms = cleanUpInterfaceMap(result)
+	return nil
+}
+
+func cleanUpInterfaceArray(in []interface{}) []interface{} {
+	result := make([]interface{}, len(in))
+	for i, v := range in {
+		result[i] = cleanUpMapValue(v)
+	}
+	return result
+}
+
+func cleanUpInterfaceMap(in map[interface{}]interface{}) MapStr {
+	result := make(MapStr)
+	for k, v := range in {
+		result[fmt.Sprintf("%v", k)] = cleanUpMapValue(v)
+	}
+	return result
+}
+
+func cleanUpMapValue(v interface{}) interface{} {
+	switch v := v.(type) {
+	case []interface{}:
+		return cleanUpInterfaceArray(v)
+	case map[interface{}]interface{}:
+		return cleanUpInterfaceMap(v)
+	case string:
+		return v
+	default:
+		return fmt.Sprintf("%v", v)
+	}
+}

pkg/app/metadata/minimum_role.go

@@ -0,0 +1,28 @@
+package metadata
+
+import (
+	"forge.cadoles.com/arcad/edge/pkg/app"
+	"github.com/pkg/errors"
+)
+
+func WithMinimumRoleValidator(roles ...string) app.MetadataValidator {
+	return func(metadata map[string]any) (bool, error) {
+		rawMinimumRole, exists := metadata["minimumRole"]
+		if !exists {
+			return true, nil
+		}
+
+		minimumRole, ok := rawMinimumRole.(string)
+		if !ok {
+			return false, errors.Errorf("metadata['minimumRole']: unexpected value type '%T'", rawMinimumRole)
+		}
+
+		for _, r := range roles {
+			if minimumRole == r {
+				return true, nil
+			}
+		}
+
+		return false, errors.Errorf("metadata['minimumRole']: unexpected role '%s'", minimumRole)
+	}
+}

pkg/app/metadata/named_path.go

@@ -0,0 +1,51 @@
+package metadata
+
+import (
+	"strings"
+
+	"forge.cadoles.com/arcad/edge/pkg/app"
+	"github.com/pkg/errors"
+)
+
+type NamedPath string
+
+const (
+	NamedPathAdmin NamedPath = "admin"
+	NamedPathIcon  NamedPath = "icon"
+)
+
+func WithNamedPathsValidator(names ...NamedPath) app.MetadataValidator {
+	set := map[NamedPath]struct{}{}
+	for _, n := range names {
+		set[n] = struct{}{}
+	}
+
+	return func(metadata map[string]any) (bool, error) {
+		rawPaths, exists := metadata["paths"]
+		if !exists {
+			return true, nil
+		}
+
+		paths, ok := rawPaths.(app.MapStr)
+		if !ok {
+			return false, errors.Errorf("metadata['paths']: unexpected named path value type '%T'", rawPaths)
+		}
+
+		for n, p := range paths {
+			if _, exists := set[NamedPath(n)]; !exists {
+				return false, errors.Errorf("metadata['paths']: unexpected named path '%s'", n)
+			}
+
+			path, ok := p.(string)
+			if !ok {
+				return false, errors.Errorf("metadata['paths']['%s']: unexpected named path value type '%T'", n, path)
+			}
+
+			if !strings.HasPrefix(path, "/") {
+				return false, errors.Errorf("metadata['paths']['%s']: named path value should start with a '/'", n)
+			}
+		}
+
+		return true, nil
+	}
+}

pkg/app/metadata/testdata/manifests/invalid-minimum-role.yml

@@ -0,0 +1,7 @@
+id: foo.arcad.app
+version: v0.0.0
+title: Foo
+description: A test app
+tags: ["test"]
+metadata:
+  minimumRole: foo

pkg/app/metadata/testdata/manifests/invalid-paths.yml

@@ -0,0 +1,10 @@
+id: foo.arcad.app
+version: v0.0.0
+title: Foo
+description: A test app
+tags: ["test"]
+metadata:
+  paths:
+    invalid: /admin
+    icon: /my-app-icon.png
+  minimumRole: visitor

pkg/app/metadata/testdata/manifests/valid.yml

@@ -0,0 +1,10 @@
+id: foo.arcad.app
+version: v0.0.0
+title: Foo
+description: A test app
+tags: ["test"]
+metadata:
+  paths:
+    admin: /admin
+    icon: /my-app-icon.png
+  minimumRole: visitor

pkg/app/metadata/validator_test.go

@@ -0,0 +1,74 @@
+package metadata
+
+import (
+	"io/ioutil"
+	"path/filepath"
+	"testing"
+
+	"forge.cadoles.com/arcad/edge/pkg/app"
+	"github.com/pkg/errors"
+	"gopkg.in/yaml.v2"
+)
+
+type validatorTestCase struct {
+	File        string
+	ExpectValid bool
+	ExpectError bool
+}
+
+var validatorTestCases = []validatorTestCase{
+	{
+		File:        "valid.yml",
+		ExpectValid: true,
+	},
+	{
+		File:        "invalid-paths.yml",
+		ExpectValid: false,
+		ExpectError: true,
+	},
+	{
+		File:        "invalid-minimum-role.yml",
+		ExpectValid: false,
+		ExpectError: true,
+	},
+}
+
+var validators = []app.MetadataValidator{
+	WithMinimumRoleValidator("visitor", "user", "superuser", "admin", "superadmin"),
+	WithNamedPathsValidator(NamedPathAdmin, NamedPathIcon),
+}
+
+func TestManifestValidate(t *testing.T) {
+	for _, tc := range validatorTestCases {
+		func(tc *validatorTestCase) {
+			t.Run(tc.File, func(t *testing.T) {
+				data, err := ioutil.ReadFile(filepath.Join("testdata/manifests", tc.File))
+				if err != nil {
+					t.Fatalf("%+v", errors.WithStack(err))
+				}
+
+				var manifest app.Manifest
+
+				if err := yaml.Unmarshal(data, &manifest); err != nil {
+					t.Fatalf("%+v", errors.WithStack(err))
+				}
+
+				valid, err := manifest.Validate(validators...)
+
+				t.Logf("[RESULT] valid:%v, err:%v", valid, err)
+
+				if e, g := tc.ExpectValid, valid; e != g {
+					t.Errorf("valid: expected '%v', got '%v'", e, g)
+				}
+
+				if tc.ExpectError && err == nil {
+					t.Error("err should not be nil")
+				}
+
+				if !tc.ExpectError && err != nil {
+					t.Errorf("err: expected nil, got '%+v'", err)
+				}
+			})
+		}(&tc)
+	}
+}

pkg/module/app/module.go

@@ -14,11 +14,12 @@ type Module struct {
 }
 
 type gojaManifest struct {
-	ID          string   `goja:"id" json:"id"`
-	Version     string   `goja:"version" json:"version"`
-	Title       string   `goja:"title" json:"title"`
-	Description string   `goja:"description" json:"description"`
-	Tags        []string `goja:"tags" json:"tags"`
+	ID          string         `goja:"id" json:"id"`
+	Version     string         `goja:"version" json:"version"`
+	Title       string         `goja:"title" json:"title"`
+	Description string         `goja:"description" json:"description"`
+	Tags        []string       `goja:"tags" json:"tags"`
+	Metadata    map[string]any `goja:"metadata" json:"metadata"`
 }
 
 func toGojaManifest(manifest *app.Manifest) *gojaManifest {
@@ -28,6 +29,7 @@ func toGojaManifest(manifest *app.Manifest) *gojaManifest {
 		Title:       manifest.Title,
 		Description: manifest.Description,
 		Tags:        manifest.Tags,
+		Metadata:    manifest.Metadata,
 	}
 }
 

pkg/sdk/client/dist/client.js

@@ -3785,7 +3785,8 @@ var Edge = (() => {
   // pkg/sdk/client/src/index.ts
   var src_exports = {};
   __export(src_exports, {
-    default: () => src_default
+    client: () => client,
+    crossFrameMessenger: () => crossFrameMessenger
   });
 
   // pkg/sdk/client/src/event-target.ts
@@ -3864,6 +3865,8 @@ var Edge = (() => {
   var import_sockjs_client = __toESM(require_entry());
   var EventTypeMessage = "message";
   var EdgeAuth = "edge-auth";
+  var EdgeAuthTokenRequest = "edge_auth_token_request";
+  var EdgeAuthTokenResponse = "edge_auth_token_reponse";
   var Client = class extends EventTarget {
     constructor(autoReconnect = true) {
       super();
@@ -3871,6 +3874,7 @@ var Edge = (() => {
       this._onConnectionClose = this._onConnectionClose.bind(this);
       this._onConnectionMessage = this._onConnectionMessage.bind(this);
       this._handleRPCResponse = this._handleRPCResponse.bind(this);
+      this._handleEdgeAuthTokenRequest = this._handleEdgeAuthTokenRequest.bind(this);
       this._rpcID = 0;
       this._pendingRPC = {};
       this._queue = [];
@@ -3883,12 +3887,22 @@ var Edge = (() => {
       this.send = this.send.bind(this);
       this.upload = this.upload.bind(this);
       this.addEventListener(EventTypeMessage, this._handleRPCResponse);
+      window.addEventListener("message", this._handleEdgeAuthTokenRequest);
     }
     connect(token = "") {
+      let getToken;
+      if (token) {
+        getToken = Promise.resolve(token);
+      } else {
+        getToken = this._retrieveToken();
+      }
+      return getToken.then((token2) => this._connect(token2));
+    }
+    disconnect() {
+      this._cleanupConnection();
+    }
+    _connect(token) {
       return new Promise((resolve, reject) => {
-        if (token == "") {
-          token = this._getAuthCookieToken();
-        }
         const url = `//${document.location.host}/edge/sock?${EdgeAuth}=${token}`;
         this._log("opening connection to", url);
         const conn = new import_sockjs_client.default(url);
@@ -3919,15 +3933,64 @@ var Edge = (() => {
         conn.addEventListener("close", onError);
       });
     }
-    disconnect() {
-      this._cleanupConnection();
+    _retrieveToken() {
+      let token = this._getAuthCookieToken();
+      if (token) {
+        return Promise.resolve(token);
+      }
+      return this._getParentFrameToken();
+      ;
     }
     _getAuthCookieToken() {
       const cookie = document.cookie.split("; ").find((row) => row.startsWith(EdgeAuth));
+      let token = "";
       if (cookie) {
-        return cookie.split("=")[1];
+        token = cookie.split("=")[1];
       }
-      return "";
+      return token;
+    }
+    _getParentFrameToken(timeout = 5e3) {
+      if (!window.parent || window.parent === window) {
+        return Promise.resolve("");
+      }
+      return new Promise((resolve, reject) => {
+        let timedOut = false;
+        const timeoutId = setTimeout(() => {
+          timedOut = true;
+          reject(new Error("Edge auth token request timed out !"));
+        }, timeout);
+        const listener = (evt) => {
+          const message = evt.data;
+          if (!message || !message.type || !message.data) {
+            return;
+          }
+          if (message.type !== EdgeAuthTokenResponse) {
+            return;
+          }
+          window.parent.removeEventListener("message", listener);
+          clearTimeout(timeoutId);
+          if (timedOut)
+            return;
+          if (!message.data || !message.data.token) {
+            reject("Unexpected auth token request response !");
+            return;
+          }
+          resolve(message.data.token);
+        };
+        window.parent.addEventListener("message", listener);
+        window.parent.postMessage({ type: EdgeAuthTokenRequest }, "*");
+      });
+    }
+    _handleEdgeAuthTokenRequest(evt) {
+      const message = evt.data;
+      if (!message || !message.type || message.type !== EdgeAuthTokenRequest) {
+        return;
+      }
+      if (!evt.source) {
+        return;
+      }
+      const token = this._getAuthCookieToken();
+      evt.source.postMessage({ type: EdgeAuthTokenResponse, data: { token } });
     }
     _onConnectionMessage(evt) {
       const rawMessage = JSON.parse(evt.data);
@@ -4089,9 +4152,71 @@ var Edge = (() => {
     }
   };
 
+  // pkg/sdk/client/src/crossframe-messenger.ts
+  var CrossFrameMessenger = class extends EventTarget {
+    constructor() {
+      super();
+      this.debug = false;
+      this._handleWindowMessage = this._handleWindowMessage.bind(this);
+      this._initObservers = this._initObservers.bind(this);
+      window.addEventListener("load", this._initObservers);
+      window.addEventListener("message", this._handleWindowMessage);
+    }
+    post(message, target = window.parent) {
+      if (!target)
+        return;
+      this._log("sending crossframe message", message);
+      target.postMessage(message, "*");
+    }
+    _log(...args) {
+      if (!this.debug)
+        return;
+      console.log(...args);
+    }
+    _handleWindowMessage(evt) {
+      const message = evt.data;
+      if (!message || !message.type || !message.data) {
+        return;
+      }
+      const event = new CustomEvent(message.type, {
+        cancelable: true,
+        detail: message.data
+      });
+      this.dispatchEvent(event);
+    }
+    _initObservers() {
+      this._initResizeObserver();
+      this._initTitleMutationObserver();
+    }
+    _initTitleMutationObserver() {
+      const titleObserver = new MutationObserver((mutations) => {
+        const title2 = mutations[0].target.textContent;
+        this.post({ type: "title_changed" /* TITLE_CHANGED */, data: { title: title2 } });
+      });
+      const title = document.querySelector("title");
+      if (!title)
+        return;
+      this.post({ type: "title_changed" /* TITLE_CHANGED */, data: { title: title.textContent } });
+      titleObserver.observe(title, { subtree: true, characterData: true, childList: true });
+    }
+    _initResizeObserver() {
+      const resizeObserver = new ResizeObserver(() => {
+        const rect = document.documentElement.getBoundingClientRect();
+        const height = rect.height;
+        const width = rect.width;
+        this.post({ type: "size_changed" /* SIZE_CHANGED */, data: { height, width } });
+      });
+      const body = document.body;
+      if (!body)
+        return;
+      resizeObserver.observe(document.documentElement);
+    }
+  };
+
   // pkg/sdk/client/src/index.ts
-  var src_default = new Client();
+  var client = new Client();
+  var crossFrameMessenger = new CrossFrameMessenger();
   return __toCommonJS(src_exports);
 })();
-Edge=Edge.default;
+EdgeFrame=Edge.crossFrameMessenger;Edge=Edge.client
 //# sourceMappingURL=client.js.map

pkg/sdk/client/src/client.ts

@@ -5,6 +5,8 @@ import SockJS from 'sockjs-client';
 
 const EventTypeMessage = "message";
 const EdgeAuth = "edge-auth"
+const EdgeAuthTokenRequest = "edge_auth_token_request"
+const EdgeAuthTokenResponse = "edge_auth_token_reponse"
 
 export class Client extends EventTarget {
 
@@ -19,80 +21,158 @@ export class Client extends EventTarget {
   constructor(autoReconnect = true) {
     super();
     this._conn = null;
+
     this._onConnectionClose = this._onConnectionClose.bind(this);
     this._onConnectionMessage = this._onConnectionMessage.bind(this);
     this._handleRPCResponse = this._handleRPCResponse.bind(this);
+    this._handleEdgeAuthTokenRequest = this._handleEdgeAuthTokenRequest.bind(this);
+
     this._rpcID = 0;
     this._pendingRPC = {};
     this._queue = [];
     this._reconnectionDelay = 250;
     this._autoReconnect = autoReconnect;
-
     this.debug = false;
-    
+
     this.connect = this.connect.bind(this);
     this.disconnect = this.disconnect.bind(this);
     this.rpc = this.rpc.bind(this);
     this.send = this.send.bind(this);
     this.upload = this.upload.bind(this);
+    
 
     this.addEventListener(EventTypeMessage, this._handleRPCResponse);
+    window.addEventListener('message', this._handleEdgeAuthTokenRequest);
   }
 
-  connect(token = "") {
-    return new Promise((resolve, reject) => {
-      if (token == "") {
-        token = this._getAuthCookieToken()
-      }
+  connect(token = ""): Promise<Client> {
+    let getToken: Promise<string>
 
-      const url = `//${document.location.host}/edge/sock?${EdgeAuth}=${token}`;
-      this._log("opening connection to", url);
-      const conn: any = new SockJS(url);
+    if (token) {
+      getToken = Promise.resolve(token)
+    } else {
+      getToken = this._retrieveToken()
+    }
 
-      const onOpen = () => {
-        this._log('client connected');
-        resetHandlers();
-        conn.onclose = this._onConnectionClose;
-        conn.onmessage = this._onConnectionMessage;
-        this._conn = conn;
-        this._sendQueued();
-        setTimeout(() => {
-          this._dispatchConnect();
-        }, 0);
-        return resolve(this);
-      };
-
-      const onError = (evt) => {
-        resetHandlers();
-        this._scheduleReconnection();
-        return reject(evt);
-      };
-
-      const resetHandlers = () => {
-        conn.removeEventListener('open', onOpen);
-        conn.removeEventListener('close', onError);
-        conn.removeEventListener('error', onError);
-      };
-      
-      conn.addEventListener('open', onOpen);
-      conn.addEventListener('error', onError);
-      conn.addEventListener('close', onError);
-    });
+    return getToken.then(token => this._connect(token))
   }
 
   disconnect() {
     this._cleanupConnection();
   }
 
-  _getAuthCookieToken() {
-    const cookie = document.cookie.split("; ")
-      .find((row) => row.startsWith(EdgeAuth));
-    
-    if (cookie) {
-      return cookie.split("=")[1];
+  _connect(token: string): Promise<Client> {
+    return new Promise((resolve, reject) => {
+      const url = `//${document.location.host}/edge/sock?${EdgeAuth}=${token}`;
+        this._log("opening connection to", url);
+        const conn: any = new SockJS(url);
+
+        const onOpen = () => {
+          this._log('client connected');
+          resetHandlers();
+          conn.onclose = this._onConnectionClose;
+          conn.onmessage = this._onConnectionMessage;
+          this._conn = conn;
+          this._sendQueued();
+          setTimeout(() => {
+            this._dispatchConnect();
+          }, 0);
+          return resolve(this);
+        };
+
+        const onError = (evt) => {
+          resetHandlers();
+          this._scheduleReconnection();
+          return reject(evt);
+        };
+
+        const resetHandlers = () => {
+          conn.removeEventListener('open', onOpen);
+          conn.removeEventListener('close', onError);
+          conn.removeEventListener('error', onError);
+        };
+
+        conn.addEventListener('open', onOpen);
+        conn.addEventListener('error', onError);
+        conn.addEventListener('close', onError);
+    })
+  }
+
+  _retrieveToken(): Promise<string> {
+    let token = this._getAuthCookieToken();
+    if (token) {
+      return Promise.resolve(token);
     }
 
-    return "";
+    return this._getParentFrameToken();;
+  }
+
+  _getAuthCookieToken(): string {
+    const cookie = document.cookie.split("; ")
+      .find((row) => row.startsWith(EdgeAuth));
+
+    let token = "";
+
+    if (cookie) {
+      token = cookie.split("=")[1];
+    }
+
+    return token;
+  }
+
+  _getParentFrameToken(timeout = 5000): Promise<string> {
+    if (!window.parent || window.parent === window) {
+      return Promise.resolve("");
+    }
+
+    return new Promise((resolve, reject) => {
+      let timedOut = false;
+      const timeoutId = setTimeout(() => {
+        timedOut = true;
+        reject(new Error("Edge auth token request timed out !"));
+      }, timeout);
+
+      const listener = (evt) => {
+        const message = evt.data;
+
+        if (!message || !message.type || !message.data) {
+          return
+        }
+
+        if (message.type !== EdgeAuthTokenResponse) {
+          return;
+        }
+
+        window.parent.removeEventListener('message', listener);
+        clearTimeout(timeoutId);
+
+        if (timedOut) return;
+
+        if (!message.data || !message.data.token) {
+          reject("Unexpected auth token request response !");
+          return;
+        }
+
+        resolve(message.data.token);
+      }
+
+      window.parent.addEventListener('message', listener);
+      window.parent.postMessage({ type: EdgeAuthTokenRequest }, '*');
+    })
+  }
+
+  _handleEdgeAuthTokenRequest(evt: MessageEvent) {
+    const message = evt.data;
+    if (!message || !message.type || message.type !== EdgeAuthTokenRequest) {
+      return;
+    }
+
+    if (!evt.source) {
+      return;
+    }
+
+    const token = this._getAuthCookieToken();
+    evt.source.postMessage({ type: EdgeAuthTokenResponse, data: { token }});
   }
 
   _onConnectionMessage(evt) {
@@ -107,7 +187,7 @@ export class Client extends EventTarget {
 
   _handleRPCResponse(evt) {
     const { jsonrpc, id, error, result } = evt.detail;
-    
+
     if (jsonrpc !== '2.0' || id === undefined) return;
     if (!evt.detail.hasOwnProperty("error") && !evt.detail.hasOwnProperty("result")) return;
 
@@ -215,20 +295,20 @@ export class Client extends EventTarget {
     return this._conn !== null;
   }
 
-  upload(blob: string|Blob, metadata: any) {
+  upload(blob: string | Blob, metadata: any) {
     return new Promise((resolve, reject) => {
       const formData = new FormData();
       formData.set("file", blob);
-      
+
       if (metadata) {
         try {
           formData.set("metadata", JSON.stringify(metadata));
-        } catch(err) {
+        } catch (err) {
           return reject(err);
         }
       }
       const xhr = new XMLHttpRequest();
-        
+
       const result = {
         onProgress: null,
         abort: () => xhr.abort(),
@@ -238,7 +318,7 @@ export class Client extends EventTarget {
               let data;
               try {
                 data = JSON.parse(xhr.responseText);
-              } catch(err) {
+              } catch (err) {
                 reject(err);
                 return;
               }

pkg/sdk/client/src/crossframe-messenger.ts

@@ -0,0 +1,87 @@
+import { EventTarget } from "./event-target";
+
+enum CrossFrameMessageType {
+    SIZE_CHANGED = "size_changed",
+    TITLE_CHANGED = "title_changed"
+}
+
+interface CrossFrameMessage {
+    type: CrossFrameMessageType
+    data: { [key: string]: any }
+}
+
+export class CrossFrameMessenger extends EventTarget {
+    debug: boolean;
+
+    constructor() {
+        super()
+        this.debug = false;
+
+        this._handleWindowMessage = this._handleWindowMessage.bind(this);
+        this._initObservers = this._initObservers.bind(this);
+
+        window.addEventListener('load', this._initObservers);
+        window.addEventListener('message', this._handleWindowMessage)
+    }
+
+    post(message: CrossFrameMessage, target: Window = window.parent) {
+        if (!target) return;
+        this._log("sending crossframe message", message);
+        target.postMessage(message, '*');
+    }
+
+    _log(...args) {
+        if (!this.debug) return;
+        console.log(...args);
+    }
+
+    _handleWindowMessage(evt: MessageEvent) {
+        const message = evt.data;
+        if (!message || !message.type || !message.data) {
+            return;
+        }
+        
+        const event = new CustomEvent(message.type, {
+            cancelable: true,
+            detail: message.data
+        });
+        
+        this.dispatchEvent(event);
+    }
+
+    _initObservers() {
+        this._initResizeObserver();
+        this._initTitleMutationObserver();
+    }
+
+    _initTitleMutationObserver() {
+        const titleObserver = new MutationObserver((mutations) => {
+            const title = mutations[0].target.textContent;
+            this.post({ type: CrossFrameMessageType.TITLE_CHANGED, data: { title }});
+        });
+
+        const title = document.querySelector('title');
+
+        if (!title) return;
+
+        this.post({ type: CrossFrameMessageType.TITLE_CHANGED, data: { title: title.textContent }});
+        
+        titleObserver.observe(title, { subtree: true, characterData: true, childList: true });
+    }
+
+    _initResizeObserver() {
+        const resizeObserver = new ResizeObserver(() => {
+            const rect = document.documentElement.getBoundingClientRect();
+            const height = rect.height;
+            const width = rect.width;
+
+            this.post({ type: CrossFrameMessageType.SIZE_CHANGED, data: { height, width }});
+        });
+
+        const body = document.body;
+
+        if (!body) return;
+
+        resizeObserver.observe(document.documentElement);
+    }
+}

pkg/sdk/client/src/index.ts

@@ -1,3 +1,5 @@
 import { Client } from './client.js';
+import { CrossFrameMessenger } from './crossframe-messenger.js';
 
-export default new Client();
+export const client = new Client();
+export const crossFrameMessenger = new CrossFrameMessenger();

pkg/storage/sqlite/sql.go

@@ -25,7 +25,7 @@ func Open(path string) (*sql.DB, error) {
 func withTx(ctx context.Context, db *sql.DB, fn func(tx *sql.Tx) error) error {
 	var tx *sql.Tx
 
-	tx, err := db.Begin()
+	tx, err := db.BeginTx(ctx, nil)
 	if err != nil {
 		return errors.WithStack(err)
 	}