npm - @etcsec-com/etc-collector - Versions diffs - 1.4.0 - Mend

@etcsec-com/etc-collector 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (617) hide show

package/.env.example +60 -0
package/.env.test.example +33 -0
package/.github/workflows/ci.yml +83 -0
package/.github/workflows/release.yml +246 -0
package/.prettierrc.json +10 -0
package/CHANGELOG.md +15 -0
package/Dockerfile +57 -0
package/LICENSE +190 -0
package/README.md +194 -0
package/dist/api/controllers/audit.controller.d.ts +21 -0
package/dist/api/controllers/audit.controller.d.ts.map +1 -0
package/dist/api/controllers/audit.controller.js +179 -0
package/dist/api/controllers/audit.controller.js.map +1 -0
package/dist/api/controllers/auth.controller.d.ts +16 -0
package/dist/api/controllers/auth.controller.d.ts.map +1 -0
package/dist/api/controllers/auth.controller.js +146 -0
package/dist/api/controllers/auth.controller.js.map +1 -0
package/dist/api/controllers/export.controller.d.ts +27 -0
package/dist/api/controllers/export.controller.d.ts.map +1 -0
package/dist/api/controllers/export.controller.js +80 -0
package/dist/api/controllers/export.controller.js.map +1 -0
package/dist/api/controllers/health.controller.d.ts +5 -0
package/dist/api/controllers/health.controller.d.ts.map +1 -0
package/dist/api/controllers/health.controller.js +16 -0
package/dist/api/controllers/health.controller.js.map +1 -0
package/dist/api/controllers/jobs.controller.d.ts +13 -0
package/dist/api/controllers/jobs.controller.d.ts.map +1 -0
package/dist/api/controllers/jobs.controller.js +125 -0
package/dist/api/controllers/jobs.controller.js.map +1 -0
package/dist/api/controllers/providers.controller.d.ts +15 -0
package/dist/api/controllers/providers.controller.d.ts.map +1 -0
package/dist/api/controllers/providers.controller.js +112 -0
package/dist/api/controllers/providers.controller.js.map +1 -0
package/dist/api/dto/AuditRequest.dto.d.ts +6 -0
package/dist/api/dto/AuditRequest.dto.d.ts.map +1 -0
package/dist/api/dto/AuditRequest.dto.js +3 -0
package/dist/api/dto/AuditRequest.dto.js.map +1 -0
package/dist/api/dto/AuditResponse.dto.d.ts +17 -0
package/dist/api/dto/AuditResponse.dto.d.ts.map +1 -0
package/dist/api/dto/AuditResponse.dto.js +3 -0
package/dist/api/dto/AuditResponse.dto.js.map +1 -0
package/dist/api/dto/TokenRequest.dto.d.ts +6 -0
package/dist/api/dto/TokenRequest.dto.d.ts.map +1 -0
package/dist/api/dto/TokenRequest.dto.js +3 -0
package/dist/api/dto/TokenRequest.dto.js.map +1 -0
package/dist/api/dto/TokenResponse.dto.d.ts +12 -0
package/dist/api/dto/TokenResponse.dto.d.ts.map +1 -0
package/dist/api/dto/TokenResponse.dto.js +3 -0
package/dist/api/dto/TokenResponse.dto.js.map +1 -0
package/dist/api/middlewares/authenticate.d.ts +12 -0
package/dist/api/middlewares/authenticate.d.ts.map +1 -0
package/dist/api/middlewares/authenticate.js +141 -0
package/dist/api/middlewares/authenticate.js.map +1 -0
package/dist/api/middlewares/errorHandler.d.ts +3 -0
package/dist/api/middlewares/errorHandler.d.ts.map +1 -0
package/dist/api/middlewares/errorHandler.js +30 -0
package/dist/api/middlewares/errorHandler.js.map +1 -0
package/dist/api/middlewares/rateLimit.d.ts +3 -0
package/dist/api/middlewares/rateLimit.d.ts.map +1 -0
package/dist/api/middlewares/rateLimit.js +34 -0
package/dist/api/middlewares/rateLimit.js.map +1 -0
package/dist/api/middlewares/validate.d.ts +4 -0
package/dist/api/middlewares/validate.d.ts.map +1 -0
package/dist/api/middlewares/validate.js +31 -0
package/dist/api/middlewares/validate.js.map +1 -0
package/dist/api/routes/audit.routes.d.ts +5 -0
package/dist/api/routes/audit.routes.d.ts.map +1 -0
package/dist/api/routes/audit.routes.js +24 -0
package/dist/api/routes/audit.routes.js.map +1 -0
package/dist/api/routes/auth.routes.d.ts +6 -0
package/dist/api/routes/auth.routes.d.ts.map +1 -0
package/dist/api/routes/auth.routes.js +22 -0
package/dist/api/routes/auth.routes.js.map +1 -0
package/dist/api/routes/export.routes.d.ts +5 -0
package/dist/api/routes/export.routes.d.ts.map +1 -0
package/dist/api/routes/export.routes.js +16 -0
package/dist/api/routes/export.routes.js.map +1 -0
package/dist/api/routes/health.routes.d.ts +4 -0
package/dist/api/routes/health.routes.d.ts.map +1 -0
package/dist/api/routes/health.routes.js +11 -0
package/dist/api/routes/health.routes.js.map +1 -0
package/dist/api/routes/index.d.ts +10 -0
package/dist/api/routes/index.d.ts.map +1 -0
package/dist/api/routes/index.js +20 -0
package/dist/api/routes/index.js.map +1 -0
package/dist/api/routes/providers.routes.d.ts +5 -0
package/dist/api/routes/providers.routes.d.ts.map +1 -0
package/dist/api/routes/providers.routes.js +13 -0
package/dist/api/routes/providers.routes.js.map +1 -0
package/dist/api/validators/audit.schemas.d.ts +60 -0
package/dist/api/validators/audit.schemas.d.ts.map +1 -0
package/dist/api/validators/audit.schemas.js +55 -0
package/dist/api/validators/audit.schemas.js.map +1 -0
package/dist/api/validators/auth.schemas.d.ts +17 -0
package/dist/api/validators/auth.schemas.d.ts.map +1 -0
package/dist/api/validators/auth.schemas.js +21 -0
package/dist/api/validators/auth.schemas.js.map +1 -0
package/dist/app.d.ts +3 -0
package/dist/app.d.ts.map +1 -0
package/dist/app.js +62 -0
package/dist/app.js.map +1 -0
package/dist/config/config.schema.d.ts +65 -0
package/dist/config/config.schema.d.ts.map +1 -0
package/dist/config/config.schema.js +95 -0
package/dist/config/config.schema.js.map +1 -0
package/dist/config/index.d.ts +4 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +75 -0
package/dist/config/index.js.map +1 -0
package/dist/container.d.ts +47 -0
package/dist/container.d.ts.map +1 -0
package/dist/container.js +137 -0
package/dist/container.js.map +1 -0
package/dist/data/database.d.ts +13 -0
package/dist/data/database.d.ts.map +1 -0
package/dist/data/database.js +68 -0
package/dist/data/database.js.map +1 -0
package/dist/data/jobs/token-cleanup.job.d.ts +23 -0
package/dist/data/jobs/token-cleanup.job.d.ts.map +1 -0
package/dist/data/jobs/token-cleanup.job.js +96 -0
package/dist/data/jobs/token-cleanup.job.js.map +1 -0
package/dist/data/migrations/migration.runner.d.ts +13 -0
package/dist/data/migrations/migration.runner.d.ts.map +1 -0
package/dist/data/migrations/migration.runner.js +136 -0
package/dist/data/migrations/migration.runner.js.map +1 -0
package/dist/data/models/Token.model.d.ts +30 -0
package/dist/data/models/Token.model.d.ts.map +1 -0
package/dist/data/models/Token.model.js +3 -0
package/dist/data/models/Token.model.js.map +1 -0
package/dist/data/repositories/token.repository.d.ts +16 -0
package/dist/data/repositories/token.repository.d.ts.map +1 -0
package/dist/data/repositories/token.repository.js +97 -0
package/dist/data/repositories/token.repository.js.map +1 -0
package/dist/providers/azure/auth.provider.d.ts +5 -0
package/dist/providers/azure/auth.provider.d.ts.map +1 -0
package/dist/providers/azure/auth.provider.js +13 -0
package/dist/providers/azure/auth.provider.js.map +1 -0
package/dist/providers/azure/azure-errors.d.ts +40 -0
package/dist/providers/azure/azure-errors.d.ts.map +1 -0
package/dist/providers/azure/azure-errors.js +121 -0
package/dist/providers/azure/azure-errors.js.map +1 -0
package/dist/providers/azure/azure-retry.d.ts +41 -0
package/dist/providers/azure/azure-retry.d.ts.map +1 -0
package/dist/providers/azure/azure-retry.js +85 -0
package/dist/providers/azure/azure-retry.js.map +1 -0
package/dist/providers/azure/graph-client.d.ts +26 -0
package/dist/providers/azure/graph-client.d.ts.map +1 -0
package/dist/providers/azure/graph-client.js +146 -0
package/dist/providers/azure/graph-client.js.map +1 -0
package/dist/providers/azure/graph.provider.d.ts +23 -0
package/dist/providers/azure/graph.provider.d.ts.map +1 -0
package/dist/providers/azure/graph.provider.js +161 -0
package/dist/providers/azure/graph.provider.js.map +1 -0
package/dist/providers/azure/queries/app.queries.d.ts +6 -0
package/dist/providers/azure/queries/app.queries.d.ts.map +1 -0
package/dist/providers/azure/queries/app.queries.js +9 -0
package/dist/providers/azure/queries/app.queries.js.map +1 -0
package/dist/providers/azure/queries/policy.queries.d.ts +6 -0
package/dist/providers/azure/queries/policy.queries.d.ts.map +1 -0
package/dist/providers/azure/queries/policy.queries.js +9 -0
package/dist/providers/azure/queries/policy.queries.js.map +1 -0
package/dist/providers/azure/queries/user.queries.d.ts +7 -0
package/dist/providers/azure/queries/user.queries.d.ts.map +1 -0
package/dist/providers/azure/queries/user.queries.js +10 -0
package/dist/providers/azure/queries/user.queries.js.map +1 -0
package/dist/providers/interfaces/IGraphProvider.d.ts +31 -0
package/dist/providers/interfaces/IGraphProvider.d.ts.map +1 -0
package/dist/providers/interfaces/IGraphProvider.js +3 -0
package/dist/providers/interfaces/IGraphProvider.js.map +1 -0
package/dist/providers/interfaces/ILDAPProvider.d.ts +37 -0
package/dist/providers/interfaces/ILDAPProvider.d.ts.map +1 -0
package/dist/providers/interfaces/ILDAPProvider.js +3 -0
package/dist/providers/interfaces/ILDAPProvider.js.map +1 -0
package/dist/providers/ldap/acl-parser.d.ts +8 -0
package/dist/providers/ldap/acl-parser.d.ts.map +1 -0
package/dist/providers/ldap/acl-parser.js +157 -0
package/dist/providers/ldap/acl-parser.js.map +1 -0
package/dist/providers/ldap/ad-mappers.d.ts +8 -0
package/dist/providers/ldap/ad-mappers.d.ts.map +1 -0
package/dist/providers/ldap/ad-mappers.js +162 -0
package/dist/providers/ldap/ad-mappers.js.map +1 -0
package/dist/providers/ldap/ldap-client.d.ts +33 -0
package/dist/providers/ldap/ldap-client.d.ts.map +1 -0
package/dist/providers/ldap/ldap-client.js +195 -0
package/dist/providers/ldap/ldap-client.js.map +1 -0
package/dist/providers/ldap/ldap-errors.d.ts +48 -0
package/dist/providers/ldap/ldap-errors.d.ts.map +1 -0
package/dist/providers/ldap/ldap-errors.js +120 -0
package/dist/providers/ldap/ldap-errors.js.map +1 -0
package/dist/providers/ldap/ldap-retry.d.ts +14 -0
package/dist/providers/ldap/ldap-retry.d.ts.map +1 -0
package/dist/providers/ldap/ldap-retry.js +102 -0
package/dist/providers/ldap/ldap-retry.js.map +1 -0
package/dist/providers/ldap/ldap-sanitizer.d.ts +12 -0
package/dist/providers/ldap/ldap-sanitizer.d.ts.map +1 -0
package/dist/providers/ldap/ldap-sanitizer.js +104 -0
package/dist/providers/ldap/ldap-sanitizer.js.map +1 -0
package/dist/providers/ldap/ldap.provider.d.ts +21 -0
package/dist/providers/ldap/ldap.provider.d.ts.map +1 -0
package/dist/providers/ldap/ldap.provider.js +165 -0
package/dist/providers/ldap/ldap.provider.js.map +1 -0
package/dist/providers/ldap/queries/computer.queries.d.ts +6 -0
package/dist/providers/ldap/queries/computer.queries.d.ts.map +1 -0
package/dist/providers/ldap/queries/computer.queries.js +9 -0
package/dist/providers/ldap/queries/computer.queries.js.map +1 -0
package/dist/providers/ldap/queries/group.queries.d.ts +6 -0
package/dist/providers/ldap/queries/group.queries.d.ts.map +1 -0
package/dist/providers/ldap/queries/group.queries.js +9 -0
package/dist/providers/ldap/queries/group.queries.js.map +1 -0
package/dist/providers/ldap/queries/user.queries.d.ts +7 -0
package/dist/providers/ldap/queries/user.queries.d.ts.map +1 -0
package/dist/providers/ldap/queries/user.queries.js +10 -0
package/dist/providers/ldap/queries/user.queries.js.map +1 -0
package/dist/providers/smb/smb.provider.d.ts +68 -0
package/dist/providers/smb/smb.provider.d.ts.map +1 -0
package/dist/providers/smb/smb.provider.js +382 -0
package/dist/providers/smb/smb.provider.js.map +1 -0
package/dist/server.d.ts +2 -0
package/dist/server.d.ts.map +1 -0
package/dist/server.js +44 -0
package/dist/server.js.map +1 -0
package/dist/services/audit/ad-audit.service.d.ts +70 -0
package/dist/services/audit/ad-audit.service.d.ts.map +1 -0
package/dist/services/audit/ad-audit.service.js +1019 -0
package/dist/services/audit/ad-audit.service.js.map +1 -0
package/dist/services/audit/attack-graph.service.d.ts +62 -0
package/dist/services/audit/attack-graph.service.d.ts.map +1 -0
package/dist/services/audit/attack-graph.service.js +702 -0
package/dist/services/audit/attack-graph.service.js.map +1 -0
package/dist/services/audit/audit.service.d.ts +4 -0
package/dist/services/audit/audit.service.d.ts.map +1 -0
package/dist/services/audit/audit.service.js +10 -0
package/dist/services/audit/audit.service.js.map +1 -0
package/dist/services/audit/azure-audit.service.d.ts +37 -0
package/dist/services/audit/azure-audit.service.d.ts.map +1 -0
package/dist/services/audit/azure-audit.service.js +153 -0
package/dist/services/audit/azure-audit.service.js.map +1 -0
package/dist/services/audit/detectors/ad/accounts.detector.d.ts +37 -0
package/dist/services/audit/detectors/ad/accounts.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/accounts.detector.js +881 -0
package/dist/services/audit/detectors/ad/accounts.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/adcs.detector.d.ts +21 -0
package/dist/services/audit/detectors/ad/adcs.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/adcs.detector.js +227 -0
package/dist/services/audit/detectors/ad/adcs.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/advanced.detector.d.ts +63 -0
package/dist/services/audit/detectors/ad/advanced.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/advanced.detector.js +867 -0
package/dist/services/audit/detectors/ad/advanced.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/attack-paths.detector.d.ts +16 -0
package/dist/services/audit/detectors/ad/attack-paths.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/attack-paths.detector.js +369 -0
package/dist/services/audit/detectors/ad/attack-paths.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/compliance.detector.d.ts +28 -0
package/dist/services/audit/detectors/ad/compliance.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/compliance.detector.js +896 -0
package/dist/services/audit/detectors/ad/compliance.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/computers.detector.d.ts +30 -0
package/dist/services/audit/detectors/ad/computers.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/computers.detector.js +799 -0
package/dist/services/audit/detectors/ad/computers.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/gpo.detector.d.ts +17 -0
package/dist/services/audit/detectors/ad/gpo.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/gpo.detector.js +257 -0
package/dist/services/audit/detectors/ad/gpo.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/groups.detector.d.ts +19 -0
package/dist/services/audit/detectors/ad/groups.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/groups.detector.js +488 -0
package/dist/services/audit/detectors/ad/groups.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/index.d.ts +15 -0
package/dist/services/audit/detectors/ad/index.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/index.js +51 -0
package/dist/services/audit/detectors/ad/index.js.map +1 -0
package/dist/services/audit/detectors/ad/kerberos.detector.d.ts +17 -0
package/dist/services/audit/detectors/ad/kerberos.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/kerberos.detector.js +293 -0
package/dist/services/audit/detectors/ad/kerberos.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/monitoring.detector.d.ts +23 -0
package/dist/services/audit/detectors/ad/monitoring.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/monitoring.detector.js +328 -0
package/dist/services/audit/detectors/ad/monitoring.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/network.detector.d.ts +39 -0
package/dist/services/audit/detectors/ad/network.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/network.detector.js +257 -0
package/dist/services/audit/detectors/ad/network.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/password.detector.d.ts +14 -0
package/dist/services/audit/detectors/ad/password.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/password.detector.js +235 -0
package/dist/services/audit/detectors/ad/password.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/permissions.detector.d.ts +20 -0
package/dist/services/audit/detectors/ad/permissions.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/permissions.detector.js +392 -0
package/dist/services/audit/detectors/ad/permissions.detector.js.map +1 -0
package/dist/services/audit/detectors/ad/trusts.detector.d.ts +11 -0
package/dist/services/audit/detectors/ad/trusts.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/ad/trusts.detector.js +186 -0
package/dist/services/audit/detectors/ad/trusts.detector.js.map +1 -0
package/dist/services/audit/detectors/azure/app-security.detector.d.ts +11 -0
package/dist/services/audit/detectors/azure/app-security.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/azure/app-security.detector.js +184 -0
package/dist/services/audit/detectors/azure/app-security.detector.js.map +1 -0
package/dist/services/audit/detectors/azure/conditional-access.detector.d.ts +10 -0
package/dist/services/audit/detectors/azure/conditional-access.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/azure/conditional-access.detector.js +130 -0
package/dist/services/audit/detectors/azure/conditional-access.detector.js.map +1 -0
package/dist/services/audit/detectors/azure/privilege-security.detector.d.ts +8 -0
package/dist/services/audit/detectors/azure/privilege-security.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/azure/privilege-security.detector.js +113 -0
package/dist/services/audit/detectors/azure/privilege-security.detector.js.map +1 -0
package/dist/services/audit/detectors/azure/user-security.detector.d.ts +14 -0
package/dist/services/audit/detectors/azure/user-security.detector.d.ts.map +1 -0
package/dist/services/audit/detectors/azure/user-security.detector.js +198 -0
package/dist/services/audit/detectors/azure/user-security.detector.js.map +1 -0
package/dist/services/audit/detectors/index.d.ts +2 -0
package/dist/services/audit/detectors/index.d.ts.map +1 -0
package/dist/services/audit/detectors/index.js +38 -0
package/dist/services/audit/detectors/index.js.map +1 -0
package/dist/services/audit/response-formatter.d.ts +176 -0
package/dist/services/audit/response-formatter.d.ts.map +1 -0
package/dist/services/audit/response-formatter.js +240 -0
package/dist/services/audit/response-formatter.js.map +1 -0
package/dist/services/audit/scoring.service.d.ts +15 -0
package/dist/services/audit/scoring.service.d.ts.map +1 -0
package/dist/services/audit/scoring.service.js +139 -0
package/dist/services/audit/scoring.service.js.map +1 -0
package/dist/services/auth/crypto.service.d.ts +19 -0
package/dist/services/auth/crypto.service.d.ts.map +1 -0
package/dist/services/auth/crypto.service.js +135 -0
package/dist/services/auth/crypto.service.js.map +1 -0
package/dist/services/auth/errors.d.ts +19 -0
package/dist/services/auth/errors.d.ts.map +1 -0
package/dist/services/auth/errors.js +46 -0
package/dist/services/auth/errors.js.map +1 -0
package/dist/services/auth/token.service.d.ts +41 -0
package/dist/services/auth/token.service.d.ts.map +1 -0
package/dist/services/auth/token.service.js +208 -0
package/dist/services/auth/token.service.js.map +1 -0
package/dist/services/config/config.service.d.ts +6 -0
package/dist/services/config/config.service.d.ts.map +1 -0
package/dist/services/config/config.service.js +64 -0
package/dist/services/config/config.service.js.map +1 -0
package/dist/services/export/export.service.d.ts +28 -0
package/dist/services/export/export.service.d.ts.map +1 -0
package/dist/services/export/export.service.js +28 -0
package/dist/services/export/export.service.js.map +1 -0
package/dist/services/export/formatters/csv.formatter.d.ts +8 -0
package/dist/services/export/formatters/csv.formatter.d.ts.map +1 -0
package/dist/services/export/formatters/csv.formatter.js +46 -0
package/dist/services/export/formatters/csv.formatter.js.map +1 -0
package/dist/services/export/formatters/json.formatter.d.ts +40 -0
package/dist/services/export/formatters/json.formatter.d.ts.map +1 -0
package/dist/services/export/formatters/json.formatter.js +58 -0
package/dist/services/export/formatters/json.formatter.js.map +1 -0
package/dist/services/jobs/azure-job-runner.d.ts +38 -0
package/dist/services/jobs/azure-job-runner.d.ts.map +1 -0
package/dist/services/jobs/azure-job-runner.js +199 -0
package/dist/services/jobs/azure-job-runner.js.map +1 -0
package/dist/services/jobs/index.d.ts +4 -0
package/dist/services/jobs/index.d.ts.map +1 -0
package/dist/services/jobs/index.js +20 -0
package/dist/services/jobs/index.js.map +1 -0
package/dist/services/jobs/job-runner.d.ts +64 -0
package/dist/services/jobs/job-runner.d.ts.map +1 -0
package/dist/services/jobs/job-runner.js +952 -0
package/dist/services/jobs/job-runner.js.map +1 -0
package/dist/services/jobs/job-store.d.ts +27 -0
package/dist/services/jobs/job-store.d.ts.map +1 -0
package/dist/services/jobs/job-store.js +261 -0
package/dist/services/jobs/job-store.js.map +1 -0
package/dist/services/jobs/job.types.d.ts +67 -0
package/dist/services/jobs/job.types.d.ts.map +1 -0
package/dist/services/jobs/job.types.js +36 -0
package/dist/services/jobs/job.types.js.map +1 -0
package/dist/types/ad.types.d.ts +74 -0
package/dist/types/ad.types.d.ts.map +1 -0
package/dist/types/ad.types.js +3 -0
package/dist/types/ad.types.js.map +1 -0
package/dist/types/adcs.types.d.ts +58 -0
package/dist/types/adcs.types.d.ts.map +1 -0
package/dist/types/adcs.types.js +38 -0
package/dist/types/adcs.types.js.map +1 -0
package/dist/types/attack-graph.types.d.ts +135 -0
package/dist/types/attack-graph.types.d.ts.map +1 -0
package/dist/types/attack-graph.types.js +58 -0
package/dist/types/attack-graph.types.js.map +1 -0
package/dist/types/audit.types.d.ts +34 -0
package/dist/types/audit.types.d.ts.map +1 -0
package/dist/types/audit.types.js +3 -0
package/dist/types/audit.types.js.map +1 -0
package/dist/types/azure.types.d.ts +61 -0
package/dist/types/azure.types.d.ts.map +1 -0
package/dist/types/azure.types.js +3 -0
package/dist/types/azure.types.js.map +1 -0
package/dist/types/config.types.d.ts +63 -0
package/dist/types/config.types.d.ts.map +1 -0
package/dist/types/config.types.js +3 -0
package/dist/types/config.types.js.map +1 -0
package/dist/types/error.types.d.ts +33 -0
package/dist/types/error.types.d.ts.map +1 -0
package/dist/types/error.types.js +70 -0
package/dist/types/error.types.js.map +1 -0
package/dist/types/finding.types.d.ts +133 -0
package/dist/types/finding.types.d.ts.map +1 -0
package/dist/types/finding.types.js +3 -0
package/dist/types/finding.types.js.map +1 -0
package/dist/types/gpo.types.d.ts +39 -0
package/dist/types/gpo.types.d.ts.map +1 -0
package/dist/types/gpo.types.js +15 -0
package/dist/types/gpo.types.js.map +1 -0
package/dist/types/token.types.d.ts +26 -0
package/dist/types/token.types.d.ts.map +1 -0
package/dist/types/token.types.js +3 -0
package/dist/types/token.types.js.map +1 -0
package/dist/types/trust.types.d.ts +45 -0
package/dist/types/trust.types.d.ts.map +1 -0
package/dist/types/trust.types.js +71 -0
package/dist/types/trust.types.js.map +1 -0
package/dist/utils/entity-converter.d.ts +17 -0
package/dist/utils/entity-converter.d.ts.map +1 -0
package/dist/utils/entity-converter.js +285 -0
package/dist/utils/entity-converter.js.map +1 -0
package/dist/utils/graph.util.d.ts +66 -0
package/dist/utils/graph.util.d.ts.map +1 -0
package/dist/utils/graph.util.js +382 -0
package/dist/utils/graph.util.js.map +1 -0
package/dist/utils/logger.d.ts +7 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +86 -0
package/dist/utils/logger.js.map +1 -0
package/dist/utils/type-name-normalizer.d.ts +5 -0
package/dist/utils/type-name-normalizer.d.ts.map +1 -0
package/dist/utils/type-name-normalizer.js +218 -0
package/dist/utils/type-name-normalizer.js.map +1 -0
package/docker-compose.yml +26 -0
package/docs/api/README.md +178 -0
package/docs/api/openapi.yaml +1524 -0
package/eslint.config.js +54 -0
package/jest.config.js +38 -0
package/package.json +97 -0
package/scripts/fetch-ad-cert.sh +142 -0
package/src/.gitkeep +0 -0
package/src/api/.gitkeep +0 -0
package/src/api/controllers/.gitkeep +0 -0
package/src/api/controllers/audit.controller.ts +313 -0
package/src/api/controllers/auth.controller.ts +258 -0
package/src/api/controllers/export.controller.ts +153 -0
package/src/api/controllers/health.controller.ts +16 -0
package/src/api/controllers/jobs.controller.ts +187 -0
package/src/api/controllers/providers.controller.ts +165 -0
package/src/api/dto/.gitkeep +0 -0
package/src/api/dto/AuditRequest.dto.ts +8 -0
package/src/api/dto/AuditResponse.dto.ts +19 -0
package/src/api/dto/TokenRequest.dto.ts +8 -0
package/src/api/dto/TokenResponse.dto.ts +14 -0
package/src/api/middlewares/.gitkeep +0 -0
package/src/api/middlewares/authenticate.ts +203 -0
package/src/api/middlewares/errorHandler.ts +54 -0
package/src/api/middlewares/rateLimit.ts +35 -0
package/src/api/middlewares/validate.ts +32 -0
package/src/api/routes/.gitkeep +0 -0
package/src/api/routes/audit.routes.ts +77 -0
package/src/api/routes/auth.routes.ts +71 -0
package/src/api/routes/export.routes.ts +34 -0
package/src/api/routes/health.routes.ts +14 -0
package/src/api/routes/index.ts +40 -0
package/src/api/routes/providers.routes.ts +24 -0
package/src/api/validators/.gitkeep +0 -0
package/src/api/validators/audit.schemas.ts +59 -0
package/src/api/validators/auth.schemas.ts +59 -0
package/src/app.ts +87 -0
package/src/config/.gitkeep +0 -0
package/src/config/config.schema.ts +108 -0
package/src/config/index.ts +82 -0
package/src/container.ts +221 -0
package/src/data/.gitkeep +0 -0
package/src/data/database.ts +78 -0
package/src/data/jobs/token-cleanup.job.ts +166 -0
package/src/data/migrations/.gitkeep +0 -0
package/src/data/migrations/001_initial_schema.sql +47 -0
package/src/data/migrations/migration.runner.ts +125 -0
package/src/data/models/.gitkeep +0 -0
package/src/data/models/Token.model.ts +35 -0
package/src/data/repositories/.gitkeep +0 -0
package/src/data/repositories/token.repository.ts +160 -0
package/src/providers/.gitkeep +0 -0
package/src/providers/azure/.gitkeep +0 -0
package/src/providers/azure/auth.provider.ts +14 -0
package/src/providers/azure/azure-errors.ts +189 -0
package/src/providers/azure/azure-retry.ts +168 -0
package/src/providers/azure/graph-client.ts +315 -0
package/src/providers/azure/graph.provider.ts +294 -0
package/src/providers/azure/queries/app.queries.ts +9 -0
package/src/providers/azure/queries/policy.queries.ts +9 -0
package/src/providers/azure/queries/user.queries.ts +10 -0
package/src/providers/interfaces/.gitkeep +0 -0
package/src/providers/interfaces/IGraphProvider.ts +117 -0
package/src/providers/interfaces/ILDAPProvider.ts +142 -0
package/src/providers/ldap/.gitkeep +0 -0
package/src/providers/ldap/acl-parser.ts +231 -0
package/src/providers/ldap/ad-mappers.ts +280 -0
package/src/providers/ldap/ldap-client.ts +259 -0
package/src/providers/ldap/ldap-errors.ts +188 -0
package/src/providers/ldap/ldap-retry.ts +267 -0
package/src/providers/ldap/ldap-sanitizer.ts +273 -0
package/src/providers/ldap/ldap.provider.ts +293 -0
package/src/providers/ldap/queries/computer.queries.ts +9 -0
package/src/providers/ldap/queries/group.queries.ts +9 -0
package/src/providers/ldap/queries/user.queries.ts +10 -0
package/src/providers/smb/smb.provider.ts +653 -0
package/src/server.ts +60 -0
package/src/services/.gitkeep +0 -0
package/src/services/audit/.gitkeep +0 -0
package/src/services/audit/ad-audit.service.ts +1481 -0
package/src/services/audit/attack-graph.service.ts +1104 -0
package/src/services/audit/audit.service.ts +12 -0
package/src/services/audit/azure-audit.service.ts +286 -0
package/src/services/audit/detectors/ad/accounts.detector.ts +1232 -0
package/src/services/audit/detectors/ad/adcs.detector.ts +449 -0
package/src/services/audit/detectors/ad/advanced.detector.ts +1270 -0
package/src/services/audit/detectors/ad/attack-paths.detector.ts +600 -0
package/src/services/audit/detectors/ad/compliance.detector.ts +1421 -0
package/src/services/audit/detectors/ad/computers.detector.ts +1188 -0
package/src/services/audit/detectors/ad/gpo.detector.ts +485 -0
package/src/services/audit/detectors/ad/groups.detector.ts +685 -0
package/src/services/audit/detectors/ad/index.ts +84 -0
package/src/services/audit/detectors/ad/kerberos.detector.ts +424 -0
package/src/services/audit/detectors/ad/monitoring.detector.ts +501 -0
package/src/services/audit/detectors/ad/network.detector.ts +538 -0
package/src/services/audit/detectors/ad/password.detector.ts +324 -0
package/src/services/audit/detectors/ad/permissions.detector.ts +637 -0
package/src/services/audit/detectors/ad/trusts.detector.ts +315 -0
package/src/services/audit/detectors/azure/app-security.detector.ts +246 -0
package/src/services/audit/detectors/azure/conditional-access.detector.ts +186 -0
package/src/services/audit/detectors/azure/privilege-security.detector.ts +176 -0
package/src/services/audit/detectors/azure/user-security.detector.ts +280 -0
package/src/services/audit/detectors/index.ts +18 -0
package/src/services/audit/response-formatter.ts +604 -0
package/src/services/audit/scoring.service.ts +234 -0
package/src/services/auth/.gitkeep +0 -0
package/src/services/auth/crypto.service.ts +230 -0
package/src/services/auth/errors.ts +47 -0
package/src/services/auth/token.service.ts +420 -0
package/src/services/config/.gitkeep +0 -0
package/src/services/config/config.service.ts +75 -0
package/src/services/export/.gitkeep +0 -0
package/src/services/export/export.service.ts +99 -0
package/src/services/export/formatters/csv.formatter.ts +124 -0
package/src/services/export/formatters/json.formatter.ts +160 -0
package/src/services/jobs/azure-job-runner.ts +312 -0
package/src/services/jobs/index.ts +9 -0
package/src/services/jobs/job-runner.ts +1280 -0
package/src/services/jobs/job-store.ts +384 -0
package/src/services/jobs/job.types.ts +182 -0
package/src/types/.gitkeep +0 -0
package/src/types/ad.types.ts +91 -0
package/src/types/adcs.types.ts +107 -0
package/src/types/attack-graph.types.ts +260 -0
package/src/types/audit.types.ts +42 -0
package/src/types/azure.types.ts +68 -0
package/src/types/config.types.ts +79 -0
package/src/types/error.types.ts +69 -0
package/src/types/finding.types.ts +284 -0
package/src/types/gpo.types.ts +72 -0
package/src/types/smb2.d.ts +73 -0
package/src/types/token.types.ts +32 -0
package/src/types/trust.types.ts +140 -0
package/src/utils/.gitkeep +0 -0
package/src/utils/entity-converter.ts +453 -0
package/src/utils/graph.util.ts +609 -0
package/src/utils/logger.ts +111 -0
package/src/utils/type-name-normalizer.ts +302 -0
package/tests/.gitkeep +0 -0
package/tests/e2e/.gitkeep +0 -0
package/tests/fixtures/.gitkeep +0 -0
package/tests/integration/.gitkeep +0 -0
package/tests/integration/README.md +156 -0
package/tests/integration/ad-audit.integration.test.ts +216 -0
package/tests/integration/api/.gitkeep +0 -0
package/tests/integration/api/endpoints.integration.test.ts +431 -0
package/tests/integration/auth/jwt-authentication.integration.test.ts +358 -0
package/tests/integration/providers/.gitkeep +0 -0
package/tests/integration/providers/azure-basic.integration.test.ts +167 -0
package/tests/integration/providers/ldap-basic.integration.test.ts +152 -0
package/tests/integration/providers/ldap-connectivity.test.ts +44 -0
package/tests/integration/providers/ldap-provider.integration.test.ts +347 -0
package/tests/mocks/.gitkeep +0 -0
package/tests/setup.ts +16 -0
package/tests/unit/.gitkeep +0 -0
package/tests/unit/api/middlewares/authenticate.test.ts +446 -0
package/tests/unit/providers/.gitkeep +0 -0
package/tests/unit/providers/azure/azure-errors.test.ts +193 -0
package/tests/unit/providers/azure/azure-retry.test.ts +254 -0
package/tests/unit/providers/azure/graph-provider.test.ts +313 -0
package/tests/unit/providers/ldap/ad-mappers.test.ts +392 -0
package/tests/unit/providers/ldap/ldap-provider.test.ts +376 -0
package/tests/unit/providers/ldap/ldap-retry.test.ts +377 -0
package/tests/unit/providers/ldap/ldap-sanitizer.test.ts +301 -0
package/tests/unit/sample.test.ts +19 -0
package/tests/unit/services/.gitkeep +0 -0
package/tests/unit/services/audit/detectors/ad/accounts.detector.test.ts +393 -0
package/tests/unit/services/audit/detectors/ad/advanced.detector.test.ts +380 -0
package/tests/unit/services/audit/detectors/ad/computers.detector.test.ts +440 -0
package/tests/unit/services/audit/detectors/ad/groups.detector.test.ts +276 -0
package/tests/unit/services/audit/detectors/ad/kerberos.detector.test.ts +215 -0
package/tests/unit/services/audit/detectors/ad/password.detector.test.ts +226 -0
package/tests/unit/services/audit/detectors/ad/permissions.detector.test.ts +244 -0
package/tests/unit/services/audit/detectors/azure/app-security.detector.test.ts +349 -0
package/tests/unit/services/audit/detectors/azure/conditional-access.detector.test.ts +374 -0
package/tests/unit/services/audit/detectors/azure/privilege-security.detector.test.ts +374 -0
package/tests/unit/services/audit/detectors/azure/user-security.detector.test.ts +297 -0
package/tests/unit/services/auth/crypto.service.test.ts +296 -0
package/tests/unit/services/auth/token.service.test.ts +579 -0
package/tests/unit/services/export/export.service.test.ts +241 -0
package/tests/unit/services/export/formatters/csv.formatter.test.ts +270 -0
package/tests/unit/services/export/formatters/json.formatter.test.ts +258 -0
package/tests/unit/utils/.gitkeep +0 -0
package/tsconfig.json +50 -0

package/src/api/routes/auth.routes.ts ADDED Viewed

@@ -0,0 +1,71 @@
+import { Router, Request, Response, NextFunction } from 'express';
+import { AuthController } from '../controllers/auth.controller';
+import { validate } from '../middlewares/validate';
+import { authenticate } from '../middlewares/authenticate';
+import {
+  GenerateTokenSchema,
+  ValidateTokenSchema,
+  RevokeTokenSchema,
+} from '../validators/auth.schemas';
+import { TokenService } from '../../services/auth/token.service';
+import { InfoEndpointsConfig } from '../../types/config.types';
+/**
+ * Authentication routes
+ * POST /api/v1/auth/token - Generate JWT token
+ * POST /api/v1/auth/validate - Validate token
+ * POST /api/v1/auth/revoke - Revoke token
+ * GET /api/v1/auth/tokens - List all tokens
+ * GET /api/v1/auth/tokens/:jti - Get token info by jti
+ * GET /api/v1/auth/token/info - Get current token info (if TOKEN_INFO_ENABLED)
+ */
+export const createAuthRoutes = (
+  controller: AuthController,
+  tokenService: TokenService,
+  infoEndpointsConfig: InfoEndpointsConfig
+): Router => {
+  const router = Router();
+  const authMiddleware = authenticate(tokenService);
+  router.post(
+    '/token',
+    validate(GenerateTokenSchema),
+    (req, res, next) => controller.generateToken(req, res, next)
+  );
+  router.post(
+    '/validate',
+    validate(ValidateTokenSchema),
+    (req, res, next) => controller.validateToken(req, res, next)
+  );
+  router.post(
+    '/revoke',
+    authMiddleware,
+    validate(RevokeTokenSchema),
+    (req: Request, res: Response, next: NextFunction) => controller.revokeToken(req, res, next)
+  );
+  router.get(
+    '/tokens',
+    authMiddleware,
+    (req: Request, res: Response, next: NextFunction) => controller.listTokens(req, res, next)
+  );
+  // Get token info by jti (always available)
+  router.get(
+    '/tokens/:jti',
+    authMiddleware,
+    (req: Request, res: Response, next: NextFunction) => controller.getTokenInfo(req, res, next)
+  );
+  // Current token info endpoint (conditional - only if TOKEN_INFO_ENABLED)
+  if (infoEndpointsConfig.tokenInfoEnabled) {
+    router.get(
+      '/token/info',
+      (req: Request, res: Response, next: NextFunction) => controller.getCurrentTokenInfo(req, res, next)
+    );
+  }
+  return router;
+};

package/src/api/routes/export.routes.ts ADDED Viewed

@@ -0,0 +1,34 @@
+import { Router, Request, Response, NextFunction } from 'express';
+import { ExportController } from '../controllers/export.controller';
+import { validate } from '../middlewares/validate';
+import { authenticate } from '../middlewares/authenticate';
+import { exportRequestSchema } from '../validators/audit.schemas';
+import { TokenService } from '../../services/auth/token.service';
+/**
+ * Export routes
+ * POST /api/v1/export/ad - Export AD audit results
+ * POST /api/v1/export/azure - Export Azure audit results
+ */
+export const createExportRoutes = (controller: ExportController, tokenService: TokenService): Router => {
+  const router = Router();
+  const authMiddleware = authenticate(tokenService);
+  // AD export
+  router.post(
+    '/ad',
+    authMiddleware,
+    validate(exportRequestSchema),
+    (req: Request, res: Response, next: NextFunction) => controller.exportADAudit(req, res, next)
+  );
+  // Azure export
+  router.post(
+    '/azure',
+    authMiddleware,
+    validate(exportRequestSchema),
+    (req: Request, res: Response, next: NextFunction) => controller.exportAzureAudit(req, res, next)
+  );
+  return router;
+};

package/src/api/routes/health.routes.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import { Router } from 'express';
+import { HealthController } from '../controllers/health.controller';
+/**
+ * Health check routes
+ * GET /health - Health check endpoint
+ */
+export const createHealthRoutes = (controller: HealthController): Router => {
+  const router = Router();
+  router.get('/health', (req, res) => controller.checkHealth(req, res));
+  return router;
+};

package/src/api/routes/index.ts ADDED Viewed

@@ -0,0 +1,40 @@
+import { Router } from 'express';
+import { createHealthRoutes } from './health.routes';
+import { createAuthRoutes } from './auth.routes';
+import { createAuditRoutes } from './audit.routes';
+import { createExportRoutes } from './export.routes';
+import { createProvidersRoutes } from './providers.routes';
+import { HealthController } from '../controllers/health.controller';
+import { AuthController } from '../controllers/auth.controller';
+import { AuditController } from '../controllers/audit.controller';
+import { ExportController } from '../controllers/export.controller';
+import { ProvidersController } from '../controllers/providers.controller';
+import { TokenService } from '../../services/auth/token.service';
+import { InfoEndpointsConfig } from '../../types/config.types';
+/**
+ * Main route aggregator
+ * Mounts all API routes
+ */
+export const createRoutes = (
+  healthController: HealthController,
+  authController: AuthController,
+  auditController: AuditController,
+  exportController: ExportController,
+  providersController: ProvidersController,
+  tokenService: TokenService,
+  infoEndpointsConfig: InfoEndpointsConfig
+): Router => {
+  const router = Router();
+  // Mount health check at root
+  router.use('/', createHealthRoutes(healthController));
+  // Mount API v1 routes
+  router.use('/api/v1/auth', createAuthRoutes(authController, tokenService, infoEndpointsConfig));
+  router.use('/api/v1/audit', createAuditRoutes(auditController, tokenService));
+  router.use('/api/v1/export', createExportRoutes(exportController, tokenService));
+  router.use('/api/v1/providers', createProvidersRoutes(providersController, infoEndpointsConfig));
+  return router;
+};

package/src/api/routes/providers.routes.ts ADDED Viewed

@@ -0,0 +1,24 @@
+import { Router, Request, Response, NextFunction } from 'express';
+import { ProvidersController } from '../controllers/providers.controller';
+import { InfoEndpointsConfig } from '../../types/config.types';
+/**
+ * Providers routes
+ * GET /api/v1/providers/info - Get all providers info (if PROVIDERS_INFO_ENABLED)
+ */
+export const createProvidersRoutes = (
+  controller: ProvidersController,
+  infoEndpointsConfig: InfoEndpointsConfig
+): Router => {
+  const router = Router();
+  // Providers info endpoint (conditional - only if PROVIDERS_INFO_ENABLED)
+  if (infoEndpointsConfig.providersInfoEnabled) {
+    router.get(
+      '/info',
+      (req: Request, res: Response, next: NextFunction) => controller.getProvidersInfo(req, res, next)
+    );
+  }
+  return router;
+};

package/src/api/validators/.gitkeep ADDED Viewed

File without changes

package/src/api/validators/audit.schemas.ts ADDED Viewed

@@ -0,0 +1,59 @@
+import { z } from 'zod';
+/**
+ * Zod schemas for audit endpoints
+ */
+export const auditRequestSchema = z.object({
+  includeDetails: z.boolean().optional().default(false),
+  maxUsers: z.number().int().positive().optional(),
+  maxGroups: z.number().int().positive().optional(),
+  maxComputers: z.number().int().positive().optional(),
+  maxApps: z.number().int().positive().optional(),
+});
+export const exportRequestSchema = z.object({
+  auditResult: z.object({
+    score: z.object({
+      score: z.number(),
+      rating: z.string(),
+      weightedPoints: z.number(),
+      totalUsers: z.number(),
+      findings: z.object({
+        critical: z.number(),
+        high: z.number(),
+        medium: z.number(),
+        low: z.number(),
+        total: z.number(),
+      }),
+      categories: z.record(z.string(), z.number()),
+    }),
+    findings: z.array(
+      z.object({
+        type: z.string(),
+        severity: z.enum(['critical', 'high', 'medium', 'low']),
+        category: z.string(),
+        title: z.string(),
+        description: z.string(),
+        count: z.number(),
+        affectedEntities: z.array(z.string()).optional(),
+      })
+    ),
+    stats: z.object({
+      totalUsers: z.number().optional(),
+      totalGroups: z.number().optional(),
+      totalComputers: z.number().optional(),
+      totalApps: z.number().optional(),
+      totalPolicies: z.number().optional(),
+      totalFindings: z.number(),
+      executionTimeMs: z.number(),
+    }),
+    timestamp: z.coerce.date(),
+  }),
+  format: z.enum(['json', 'csv']),
+  domain: z.string().optional(),
+  tenantId: z.string().optional(),
+  includeDetails: z.boolean().optional(),
+  includeAffectedEntities: z.boolean().optional(),
+  delimiter: z.string().length(1).optional(),
+});

package/src/api/validators/auth.schemas.ts ADDED Viewed

@@ -0,0 +1,59 @@
+import { z } from 'zod';
+/**
+ * Zod Validation Schemas for Authentication Endpoints
+ *
+ * Provides type-safe request validation for JWT token management.
+ *
+ * Task 5: Create Zod Validation Schemas (Story 1.4)
+ */
+/**
+ * Generate Token Request Schema
+ *
+ * Validates token generation requests:
+ * - expiresIn: Duration string (e.g., '1h', '7d', '30d')
+ * - maxUses: Usage quota (0 = unlimited, >0 = limited uses)
+ * - metadata: Optional arbitrary metadata
+ */
+export const GenerateTokenSchema = z.object({
+  expiresIn: z
+    .string()
+    .regex(/^\d+[smhd]$/, 'Invalid duration format. Expected: <number><unit> (e.g., 1h, 7d)')
+    .optional()
+    .default('1h'),
+  maxUses: z.number().int().min(0, 'maxUses must be >= 0').optional().default(0),
+  metadata: z.record(z.string(), z.any()).optional(),
+});
+/**
+ * Validate Token Request Schema
+ *
+ * Validates token validation requests:
+ * - token: JWT token string (non-empty)
+ */
+export const ValidateTokenSchema = z.object({
+  token: z.string().min(1, 'Token is required'),
+});
+/**
+ * Revoke Token Request Schema
+ *
+ * Validates token revocation requests:
+ * - jti: JWT ID (UUID v4 format)
+ * - reason: Optional revocation reason
+ */
+export const RevokeTokenSchema = z.object({
+  jti: z.string().uuid('Invalid JWT ID format'),
+  reason: z.string().optional(),
+});
+/**
+ * Type Inference from Zod Schemas
+ *
+ * These types are automatically inferred from the schemas above,
+ * ensuring type safety across the application.
+ */
+export type GenerateTokenRequest = z.infer<typeof GenerateTokenSchema>;
+export type ValidateTokenRequest = z.infer<typeof ValidateTokenSchema>;
+export type RevokeTokenRequest = z.infer<typeof RevokeTokenSchema>;

package/src/app.ts ADDED Viewed

@@ -0,0 +1,87 @@
+import express, { Express } from 'express';
+import helmet from 'helmet';
+import cors from 'cors';
+import swaggerUi from 'swagger-ui-express';
+import yaml from 'js-yaml';
+import fs from 'fs';
+import path from 'path';
+import { DIContainer } from './container';
+import { createRoutes } from './api/routes';
+import { apiLimiter } from './api/middlewares/rateLimit';
+import { errorHandler } from './api/middlewares/errorHandler';
+/**
+ * Express Application Setup
+ * Configures middleware and mounts routes
+ */
+export function createApp(): Express {
+  const app = express();
+  // Security middleware (skip helmet for swagger)
+  app.use((req, res, next) => {
+    if (req.path.startsWith('/swagger')) {
+      return next();
+    }
+    helmet()(req, res, next);
+  });
+  app.use(cors());
+  // Body parsing
+  app.use(express.json());
+  app.use(express.urlencoded({ extended: true }));
+  // Rate limiting
+  app.use('/api/', apiLimiter);
+  // Swagger UI - load OpenAPI spec (MUST be before other routes)
+  try {
+    const openapiPath = path.join(__dirname, '../docs/api/openapi.yaml');
+    const openapiSpec = yaml.load(fs.readFileSync(openapiPath, 'utf8')) as object;
+    app.use('/swagger', swaggerUi.serve, swaggerUi.setup(openapiSpec, {
+      customCss: '.swagger-ui .topbar { display: none }',
+      customSiteTitle: 'ETC Collector API',
+    }));
+  } catch (err) {
+    console.error('Failed to load Swagger:', err);
+  }
+  // Get controllers and services from DI container
+  const container = DIContainer.getInstance();
+  const healthController = container.getHealthController();
+  const authController = container.getAuthController();
+  const auditController = container.getAuditController();
+  const exportController = container.getExportController();
+  const providersController = container.getProvidersController();
+  const tokenService = container.getTokenService();
+  const infoEndpointsConfig = container.getInfoEndpointsConfig();
+  // Mount routes
+  app.use(
+    '/',
+    createRoutes(
+      healthController,
+      authController,
+      auditController,
+      exportController,
+      providersController,
+      tokenService,
+      infoEndpointsConfig
+    )
+  );
+  // 404 handler
+  app.use((_req, res) => {
+    res.status(404).json({
+      success: false,
+      error: {
+        code: 'NOT_FOUND',
+        message: 'The requested resource was not found',
+      },
+    });
+  });
+  // Error handler (must be last)
+  app.use(errorHandler);
+  return app;
+}

package/src/config/.gitkeep ADDED Viewed

File without changes

package/src/config/config.schema.ts ADDED Viewed

@@ -0,0 +1,108 @@
+import { z } from 'zod';
+/**
+ * Configuration Schema (Zod validation)
+ * Validates all environment variables at startup
+ */
+const ConfigSchema = z.object({
+  server: z.object({
+    port: z.coerce.number().int().positive().default(8443),
+    nodeEnv: z.enum(['development', 'production', 'test']).default('production'),
+  }),
+  // Info endpoints configuration (disabled by default for security)
+  infoEndpoints: z.object({
+    tokenInfoEnabled: z
+      .union([z.boolean(), z.string()])
+      .transform((val) => {
+        if (typeof val === 'boolean') return val;
+        return val === 'true' || val === '1';
+      })
+      .default(false),
+    providersInfoEnabled: z
+      .union([z.boolean(), z.string()])
+      .transform((val) => {
+        if (typeof val === 'boolean') return val;
+        return val === 'true' || val === '1';
+      })
+      .default(false),
+  }),
+  jwt: z.object({
+    privateKeyPath: z.string().default('./keys/private.pem'),
+    publicKeyPath: z.string().default('./keys/public.pem'),
+    tokenExpiry: z.string().default('1h'),
+    tokenMaxUses: z.coerce.number().int().min(0).default(10),
+  }),
+  ldap: z.object({
+    url: z.string().url('LDAP_URL must be a valid URL'),
+    bindDN: z.string().min(1, 'LDAP_BIND_DN is required'),
+    bindPassword: z.string().min(1, 'LDAP_BIND_PASSWORD is required'),
+    baseDN: z.string().min(1, 'LDAP_BASE_DN is required'),
+    tlsVerify: z.coerce.boolean().default(true),
+    caCertPath: z.string().optional(),
+    timeout: z.coerce.number().int().positive().default(30000),
+    skipHostnameVerification: z.coerce.boolean().default(false),
+    tlsServername: z.string().optional(),
+  }),
+  azure: z
+    .object({
+      enabled: z
+        .union([z.boolean(), z.string()])
+        .transform((val) => {
+          if (typeof val === 'boolean') return val;
+          return val === 'true' || val === '1';
+        })
+        .default(false),
+      tenantId: z.string().optional(),
+      tenantName: z.string().optional(),
+      clientId: z.string().optional(),
+      clientSecret: z.string().optional(),
+    })
+    .refine(
+      (data) => {
+        // If enabled, all fields are required
+        if (data.enabled) {
+          return data.tenantId && data.clientId && data.clientSecret;
+        }
+        return true;
+      },
+      {
+        message: 'AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET are required when AZURE_ENABLED=true',
+      }
+    ),
+  smb: z.object({
+    enabled: z
+      .union([z.boolean(), z.string()])
+      .transform((val) => {
+        if (typeof val === 'boolean') return val;
+        return val === 'true' || val === '1';
+      })
+      .default(false),
+    username: z.string().optional(),
+    password: z.string().optional(),
+    timeout: z.coerce.number().int().positive().default(10000),
+  }).default({
+    enabled: false,
+    timeout: 10000,
+  }),
+  logging: z.object({
+    level: z.enum(['error', 'warn', 'info', 'debug']).default('info'),
+    format: z.enum(['json', 'simple']).default('json'),
+  }),
+  database: z.object({
+    path: z.string().default('./data/etc-collector.db'),
+    enableWAL: z.coerce.boolean().default(true),
+    busyTimeout: z.coerce.number().int().positive().default(5000),
+  }),
+});
+export type Config = z.infer<typeof ConfigSchema>;
+export { ConfigSchema };

package/src/config/index.ts ADDED Viewed

@@ -0,0 +1,82 @@
+import dotenv from 'dotenv';
+import { ConfigSchema, Config } from './config.schema';
+/**
+ * Configuration Loader
+ * Loads and validates environment variables with Zod
+ */
+// Load .env file in development
+if (process.env['NODE_ENV'] === 'development') {
+  dotenv.config();
+}
+/**
+ * Load and validate configuration
+ * Throws error if validation fails
+ */
+export function loadConfig(): Config {
+  const rawConfig = {
+    server: {
+      port: process.env['PORT'],
+      nodeEnv: process.env['NODE_ENV'],
+    },
+    infoEndpoints: {
+      tokenInfoEnabled: process.env['TOKEN_INFO_ENABLED'],
+      providersInfoEnabled: process.env['PROVIDERS_INFO_ENABLED'],
+    },
+    jwt: {
+      privateKeyPath: process.env['JWT_PRIVATE_KEY_PATH'],
+      publicKeyPath: process.env['JWT_PUBLIC_KEY_PATH'],
+      tokenExpiry: process.env['TOKEN_EXPIRY'],
+      tokenMaxUses: process.env['TOKEN_MAX_USES'],
+    },
+    ldap: {
+      url: process.env['LDAP_URL'],
+      bindDN: process.env['LDAP_BIND_DN'],
+      bindPassword: process.env['LDAP_BIND_PASSWORD'],
+      baseDN: process.env['LDAP_BASE_DN'],
+      tlsVerify: process.env['LDAP_TLS_VERIFY'],
+      caCertPath: process.env['LDAP_CA_CERT_PATH'],
+      timeout: process.env['LDAP_TIMEOUT'],
+      skipHostnameVerification: process.env['LDAP_SKIP_HOSTNAME_VERIFICATION'],
+      tlsServername: process.env['LDAP_TLS_SERVERNAME'],
+    },
+    azure: {
+      enabled: process.env['AZURE_ENABLED'],
+      tenantId: process.env['AZURE_TENANT_ID'],
+      tenantName: process.env['AZURE_TENANT_NAME'],
+      clientId: process.env['AZURE_CLIENT_ID'],
+      clientSecret: process.env['AZURE_CLIENT_SECRET'],
+    },
+    logging: {
+      level: process.env['LOG_LEVEL'],
+      format: process.env['LOG_FORMAT'],
+    },
+    database: {
+      path: process.env['DB_PATH'] || process.env['DATABASE_PATH'],
+      enableWAL: process.env['DB_ENABLE_WAL'],
+      busyTimeout: process.env['DB_BUSY_TIMEOUT'],
+    },
+  };
+  try {
+    const config = ConfigSchema.parse(rawConfig);
+    return config;
+  } catch (error) {
+    if (error instanceof Error) {
+      throw new Error(`Configuration validation failed: ${error.message}`);
+    }
+    throw error;
+  }
+}
+// Export singleton config instance
+let configInstance: Config | null = null;
+export function getConfig(): Config {
+  if (!configInstance) {
+    configInstance = loadConfig();
+  }
+  return configInstance;
+}