refactor(gateway): dedupe json endpoint prelude

src/gateway/http-endpoint-helpers.ts

@@ -0,0 +1,45 @@
+import type { IncomingMessage, ServerResponse } from "node:http";
+import type { AuthRateLimiter } from "./auth-rate-limit.js";
+import type { ResolvedGatewayAuth } from "./auth.js";
+import { authorizeGatewayBearerRequestOrReply } from "./http-auth-helpers.js";
+import { readJsonBodyOrError, sendMethodNotAllowed } from "./http-common.js";
+
+export async function handleGatewayPostJsonEndpoint(
+  req: IncomingMessage,
+  res: ServerResponse,
+  opts: {
+    pathname: string;
+    auth: ResolvedGatewayAuth;
+    maxBodyBytes: number;
+    trustedProxies?: string[];
+    rateLimiter?: AuthRateLimiter;
+  },
+): Promise<false | { body: unknown } | undefined> {
+  const url = new URL(req.url ?? "/", `http://${req.headers.host || "localhost"}`);
+  if (url.pathname !== opts.pathname) {
+    return false;
+  }
+
+  if (req.method !== "POST") {
+    sendMethodNotAllowed(res);
+    return undefined;
+  }
+
+  const authorized = await authorizeGatewayBearerRequestOrReply({
+    req,
+    res,
+    auth: opts.auth,
+    trustedProxies: opts.trustedProxies,
+    rateLimiter: opts.rateLimiter,
+  });
+  if (!authorized) {
+    return undefined;
+  }
+
+  const body = await readJsonBodyOrError(req, res, opts.maxBodyBytes);
+  if (body === undefined) {
+    return undefined;
+  }
+
+  return { body };
+}