npm - @j3r3mcdev/oast-server - Versions diffs - 1.0.0 - Mend

@j3r3mcdev/oast-server 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (199) hide show

package/.env.example +0 -0
package/.github/workflows/ci.yml +29 -0
package/.github/workflows/publish.yml +31 -0
package/README.md +192 -0
package/dist/api/controllers/__tests__/tasks.controller.test.js +61 -0
package/dist/api/controllers/events.controller.js +13 -0
package/dist/api/controllers/health.controller.js +11 -0
package/dist/api/controllers/index.js +1 -0
package/dist/api/controllers/tasks.controller.js +35 -0
package/dist/api/dto/__tests__/create-task.dto.test.js +33 -0
package/dist/api/dto/__tests__/filter-tasks.dto.test.js +28 -0
package/dist/api/dto/create-task.dto.js +26 -0
package/dist/api/dto/filter-tasks.dto.js +27 -0
package/dist/api/services/__tests__/events.service.test.js +25 -0
package/dist/api/services/__tests__/tasks.service.test.js +25 -0
package/dist/api/services/events.service.js +18 -0
package/dist/api/services/tasks.service.js +52 -0
package/dist/api/sse/events.stream.js +63 -0
package/dist/config/constants.js +1 -0
package/dist/config/env.js +1 -0
package/dist/core/__tests__/core-router.test.js +26 -0
package/dist/core/__tests__/core-server.test.js +39 -0
package/dist/core/__tests__/event.normalizer.test.js +50 -0
package/dist/core/__tests__/event.router.test.js +66 -0
package/dist/core/__tests__/logger.test.js +26 -0
package/dist/core/__tests__/storage-manager.test.js +57 -0
package/dist/core/event.normalizer.js +126 -0
package/dist/core/event.router.js +15 -0
package/dist/core/http/__tests__/adapter-node.test.js +74 -0
package/dist/core/http/__tests__/body-parser-multipart.test.js +35 -0
package/dist/core/http/__tests__/body-parser-raw.test.js +25 -0
package/dist/core/http/__tests__/body-parser-text.test.js +25 -0
package/dist/core/http/__tests__/compile-path.test.js +33 -0
package/dist/core/http/__tests__/middleware-pipeline.test.js +39 -0
package/dist/core/http/__tests__/request.test.js +32 -0
package/dist/core/http/__tests__/response.test.js +26 -0
package/dist/core/http/__tests__/router-match.test.js +117 -0
package/dist/core/http/adapter-node.js +44 -0
package/dist/core/http/buildRequest.js +16 -0
package/dist/core/http/compile-path.js +30 -0
package/dist/core/http/errors.js +35 -0
package/dist/core/http/http-server.js +48 -0
package/dist/core/http/index.js +1 -0
package/dist/core/http/main.js +1 -0
package/dist/core/http/middleware.js +133 -0
package/dist/core/http/request.js +22 -0
package/dist/core/http/response.js +74 -0
package/dist/core/http/router.js +111 -0
package/dist/core/http/utils.js +1 -0
package/dist/core/id-generator.js +14 -0
package/dist/core/logger.js +81 -0
package/dist/core/router.js +30 -0
package/dist/core/server.js +70 -0
package/dist/core/storage.js +46 -0
package/dist/index.js +76 -0
package/dist/listeners/api/__tests__/api.controller.test.js +88 -0
package/dist/listeners/api/__tests__/api.extractor.test.js +39 -0
package/dist/listeners/api/__tests__/api.listener.test.js +66 -0
package/dist/listeners/api/__tests__/api.routes.test.js +105 -0
package/dist/listeners/api/__tests__/api.sse.test.js +78 -0
package/dist/listeners/api/api.controllers.js +39 -0
package/dist/listeners/api/api.extractor.js +41 -0
package/dist/listeners/api/api.listener.js +37 -0
package/dist/listeners/api/api.routes.js +59 -0
package/dist/listeners/api/api.sse.js +35 -0
package/dist/listeners/dns/__tests__/dns.test.js +89 -0
package/dist/listeners/dns/dns.extractor.js +17 -0
package/dist/listeners/dns/dns.listener.js +48 -0
package/dist/listeners/http/__tests__/http.extractor.test.js +52 -0
package/dist/listeners/http/__tests__/http.listener.test.js +106 -0
package/dist/listeners/http/http.extractor.js +18 -0
package/dist/listeners/http/http.listener.js +91 -0
package/dist/listeners/listener.interface.js +2 -0
package/dist/listeners/smtp/__tests__/smtp.extractor.test.js +62 -0
package/dist/listeners/smtp/__tests__/smtp.listener.test.js +129 -0
package/dist/listeners/smtp/smtp.extractor.js +21 -0
package/dist/listeners/smtp/smtp.listener.js +53 -0
package/dist/listeners/ssrf/__tests__/ssrf.extractor.test.js +37 -0
package/dist/listeners/ssrf/__tests__/ssrf.listener.test.js +79 -0
package/dist/listeners/ssrf/ssrf.extractor.js +17 -0
package/dist/listeners/ssrf/ssrf.listener.js +35 -0
package/dist/listeners/tcp/tcp.extractor.js +18 -0
package/dist/listeners/tcp/tcp.listener.js +47 -0
package/dist/listeners/webhook/__tests__/webhook.extractor.test.js +30 -0
package/dist/listeners/webhook/__tests__/webhook.listener.test.js +96 -0
package/dist/listeners/webhook/webhook.extractor.js +15 -0
package/dist/listeners/webhook/webhook.listener.js +51 -0
package/dist/listeners/websocket/__tests__/websocket.extractor.test.js +29 -0
package/dist/listeners/websocket/__tests__/websocket.listener.test.js +73 -0
package/dist/listeners/websocket/websocket.extractor.js +14 -0
package/dist/listeners/websocket/websocket.listener.js +33 -0
package/dist/storage-adapters/adapters/__tests__/memory.storage.test.js +64 -0
package/dist/storage-adapters/adapters/memory.storage.js +48 -0
package/dist/storage-adapters/adapters/redis.storage.js +1 -0
package/dist/storage-adapters/adapters/sqlite.storage.js +1 -0
package/dist/storage-adapters/storage.interface.js +2 -0
package/dist/types/event.types.js +2 -0
package/dist/utils/token.js +1 -0
package/image.png +0 -0
package/jest.config.js +11 -0
package/package.json +45 -0
package/sadmin list shadows +9 -0
package/src/api/controllers/__tests__/tasks.controller.test.ts +74 -0
package/src/api/controllers/events.controller.ts +10 -0
package/src/api/controllers/health.controller.ts +7 -0
package/src/api/controllers/index.ts +0 -0
package/src/api/controllers/tasks.controller.ts +41 -0
package/src/api/dto/__tests__/create-task.dto.test.ts +41 -0
package/src/api/dto/__tests__/filter-tasks.dto.test.ts +35 -0
package/src/api/dto/create-task.dto.ts +33 -0
package/src/api/dto/filter-tasks.dto.ts +33 -0
package/src/api/services/__tests__/events.service.test.ts +41 -0
package/src/api/services/__tests__/tasks.service.test.ts +41 -0
package/src/api/services/events.service.ts +17 -0
package/src/api/services/tasks.service.ts +79 -0
package/src/api/sse/events.stream.ts +90 -0
package/src/config/constants.ts +0 -0
package/src/config/env.ts +0 -0
package/src/core/__tests__/core-router.test.ts +30 -0
package/src/core/__tests__/core-server.test.ts +44 -0
package/src/core/__tests__/event.normalizer.test.ts +56 -0
package/src/core/__tests__/event.router.test.ts +89 -0
package/src/core/__tests__/logger.test.ts +32 -0
package/src/core/__tests__/storage-manager.test.ts +74 -0
package/src/core/event.normalizer.ts +147 -0
package/src/core/event.router.ts +13 -0
package/src/core/http/__tests__/adapter-node.test.ts +52 -0
package/src/core/http/__tests__/body-parser-multipart.test.ts +41 -0
package/src/core/http/__tests__/body-parser-raw.test.ts +28 -0
package/src/core/http/__tests__/body-parser-text.test.ts +28 -0
package/src/core/http/__tests__/compile-path.test.ts +39 -0
package/src/core/http/__tests__/middleware-pipeline.test.ts +51 -0
package/src/core/http/__tests__/request.test.ts +34 -0
package/src/core/http/__tests__/response.test.ts +35 -0
package/src/core/http/__tests__/router-match.test.ts +171 -0
package/src/core/http/adapter-node.ts +51 -0
package/src/core/http/buildRequest.ts +18 -0
package/src/core/http/compile-path.ts +32 -0
package/src/core/http/errors.ts +37 -0
package/src/core/http/http-server.ts +52 -0
package/src/core/http/index.ts +0 -0
package/src/core/http/main.ts +0 -0
package/src/core/http/middleware.ts +160 -0
package/src/core/http/request.ts +55 -0
package/src/core/http/response.ts +93 -0
package/src/core/http/router.ts +138 -0
package/src/core/http/utils.ts +0 -0
package/src/core/id-generator.ts +8 -0
package/src/core/logger.ts +113 -0
package/src/core/router.ts +44 -0
package/src/core/server.ts +85 -0
package/src/core/storage.ts +64 -0
package/src/index.ts +89 -0
package/src/listeners/api/__tests__/api.controller.test.ts +116 -0
package/src/listeners/api/__tests__/api.extractor.test.ts +46 -0
package/src/listeners/api/__tests__/api.listener.test.ts +82 -0
package/src/listeners/api/__tests__/api.routes.test.ts +155 -0
package/src/listeners/api/__tests__/api.sse.test.ts +105 -0
package/src/listeners/api/api.controllers.ts +67 -0
package/src/listeners/api/api.extractor.ts +43 -0
package/src/listeners/api/api.listener.ts +50 -0
package/src/listeners/api/api.routes.ts +76 -0
package/src/listeners/api/api.sse.ts +38 -0
package/src/listeners/dns/__tests__/dns.test.ts +118 -0
package/src/listeners/dns/dns.extractor.ts +14 -0
package/src/listeners/dns/dns.listener.ts +61 -0
package/src/listeners/http/__tests__/http.extractor.test.ts +59 -0
package/src/listeners/http/__tests__/http.listener.test.ts +133 -0
package/src/listeners/http/http.extractor.ts +15 -0
package/src/listeners/http/http.listener.ts +110 -0
package/src/listeners/listener.interface.ts +4 -0
package/src/listeners/smtp/__tests__/smtp.extractor.test.ts +69 -0
package/src/listeners/smtp/__tests__/smtp.listener.test.ts +150 -0
package/src/listeners/smtp/smtp.extractor.ts +18 -0
package/src/listeners/smtp/smtp.listener.ts +60 -0
package/src/listeners/ssrf/__tests__/ssrf.extractor.test.ts +41 -0
package/src/listeners/ssrf/__tests__/ssrf.listener.test.ts +98 -0
package/src/listeners/ssrf/ssrf.extractor.ts +14 -0
package/src/listeners/ssrf/ssrf.listener.ts +37 -0
package/src/listeners/tcp/tcp.extractor.ts +16 -0
package/src/listeners/tcp/tcp.listener.ts +61 -0
package/src/listeners/webhook/__tests__/webhook.extractor.test.ts +35 -0
package/src/listeners/webhook/__tests__/webhook.listener.test.ts +122 -0
package/src/listeners/webhook/webhook.extractor.ts +12 -0
package/src/listeners/webhook/webhook.listener.ts +58 -0
package/src/listeners/websocket/__tests__/websocket.extractor.test.ts +33 -0
package/src/listeners/websocket/__tests__/websocket.listener.test.ts +90 -0
package/src/listeners/websocket/websocket.extractor.ts +11 -0
package/src/listeners/websocket/websocket.listener.ts +40 -0
package/src/storage-adapters/adapters/__tests__/memory.storage.test.ts +75 -0
package/src/storage-adapters/adapters/memory.storage.ts +64 -0
package/src/storage-adapters/adapters/redis.storage.ts +0 -0
package/src/storage-adapters/adapters/sqlite.storage.ts +0 -0
package/src/storage-adapters/storage.interface.ts +26 -0
package/src/types/event.types.ts +147 -0
package/src/utils/token.ts +0 -0
package/src-api.txt +0 -0
package/src-architecture.txt +0 -0
package/tsconfig.json +15 -0

package/src/core/__tests__/event.router.test.ts ADDED Viewed

@@ -0,0 +1,89 @@
+import {
+  AnyNormalizedEvent,
+  NormalizedHttpEvent,
+} from "../../types/event.types";
+import {
+  StorageListParams,
+  Storage,
+} from "../../storage-adapters/storage.interface";
+import { EventRouter } from "../event.router";
+import { EventNormalizer } from "../event.normalizer";
+import { describe, it, expect, jest } from "@jest/globals";
+class MockStorage implements Storage {
+  save = jest.fn<(event: AnyNormalizedEvent) => Promise<void>>();
+  getEvent = jest.fn<(id: string) => Promise<AnyNormalizedEvent | null>>();
+  listEvents =
+    jest.fn<(params: StorageListParams) => Promise<AnyNormalizedEvent[]>>();
+  deleteEvent = jest.fn<(id: string) => Promise<boolean>>();
+  clearEvents = jest.fn<() => Promise<void>>();
+  getStats =
+    jest.fn<() => Promise<{ total: number; byType: Record<string, number> }>>();
+  getAll = jest.fn<() => Promise<AnyNormalizedEvent[]>>();
+}
+describe("EventRouter", () => {
+  it("enregistre un événement HTTP normalisé", async () => {
+    const mockStorage = new MockStorage();
+    const fakeEvent: NormalizedHttpEvent = {
+      id: "123",
+      type: "http",
+      timestamp: 111,
+      sourceIp: "1.1.1.1",
+      request: {
+        method: "GET",
+        path: "/",
+        headers: {},
+        query: {},
+        body: {},
+      },
+    };
+    jest.spyOn(EventNormalizer, "normalizeHttp").mockReturnValue(fakeEvent);
+    const router = new EventRouter(mockStorage);
+    const req = {
+      ip: "1.1.1.1",
+      method: "GET",
+      path: "/",
+      headers: {},
+      query: {},
+      body: {},
+      raw: {},
+    };
+    const result = await router.handleHttp(req);
+    expect(EventNormalizer.normalizeHttp).toHaveBeenCalledWith(req);
+    expect(mockStorage.save).toHaveBeenCalledWith(fakeEvent);
+    expect(result).toEqual(fakeEvent);
+  });
+  it("propagate une erreur si normalizeHttp throw", async () => {
+    const mockStorage = new MockStorage();
+    jest.spyOn(EventNormalizer, "normalizeHttp").mockImplementation(() => {
+      throw new Error("Boom");
+    });
+    const router = new EventRouter(mockStorage);
+    await expect(router.handleHttp({} as any)).rejects.toThrow("Boom");
+    expect(mockStorage.save).not.toHaveBeenCalled();
+  });
+  it("propagate une erreur si storage.save throw", async () => {
+    const mockStorage = new MockStorage();
+    const fakeEvent = { id: "x", type: "http" } as any;
+    jest.spyOn(EventNormalizer, "normalizeHttp").mockReturnValue(fakeEvent);
+    mockStorage.save.mockRejectedValue(new Error("DB error"));
+    const router = new EventRouter(mockStorage);
+    await expect(router.handleHttp({} as any)).rejects.toThrow("DB error");
+  });
+});

package/src/core/__tests__/logger.test.ts ADDED Viewed

@@ -0,0 +1,32 @@
+import { Logger, LogEntry } from "../../core/logger";
+import { describe, it, expect, jest } from "@jest/globals";
+describe("Logger", () => {
+  it("appelle les hooks", () => {
+    const hook = jest.fn<(entry: LogEntry) => void>();
+    const logger = new Logger({ hooks: [hook], enabled: true });
+    logger.info("hello");
+    expect(hook).toHaveBeenCalled();
+    expect(hook.mock.calls[0][0].message).toBe("hello");
+  });
+  it("respecte le niveau de logs", () => {
+    const hook = jest.fn<(entry: LogEntry) => void>();
+    const logger = new Logger({ level: "warn", hooks: [hook] });
+    logger.info("should not log");
+    logger.error("should log");
+    expect(hook).toHaveBeenCalledTimes(1);
+    expect(hook.mock.calls[0][0].level).toBe("error");
+  });
+  it("crée un logger enfant avec contexte", () => {
+    const logger = new Logger({ context: "root" });
+    const child = logger.withContext("child");
+    expect(child).not.toBe(logger);
+  });
+});

package/src/core/__tests__/storage-manager.test.ts ADDED Viewed

@@ -0,0 +1,74 @@
+import { describe, test, expect } from "@jest/globals";
+import { StorageManager } from "../storage"; // si ton fichier s'appelle storage-manager.ts
+import { NormalizedHttpEvent } from "../../types/event.types";
+function makeHttpEvent(id: string): NormalizedHttpEvent {
+  return {
+    id,
+    type: "http",
+    timestamp: Date.now(),
+    sourceIp: "127.0.0.1",
+    request: {
+      method: "GET",
+      path: "/",
+      headers: {},
+      query: {},
+      body: "",
+    },
+  };
+}
+describe("StorageManager", () => {
+  test("save + getEvent", async () => {
+    const storage = new StorageManager();
+    const event = makeHttpEvent("1");
+    await storage.save(event);
+    const found = await storage.getEvent("1");
+    expect(found).not.toBeNull();
+    expect(found?.id).toBe("1");
+  });
+  test("listEvents returns events", async () => {
+    const storage = new StorageManager();
+    await storage.save(makeHttpEvent("1"));
+    const list = await storage.listEvents({});
+    expect(list.length).toBe(1);
+  });
+  test("deleteEvent removes event", async () => {
+    const storage = new StorageManager();
+    await storage.save(makeHttpEvent("1"));
+    let list = await storage.listEvents({});
+    expect(list.length).toBe(1);
+    await storage.deleteEvent("1");
+    list = await storage.listEvents({});
+    expect(list.length).toBe(0);
+  });
+  test("clearEvents empties storage", async () => {
+    const storage = new StorageManager();
+    await storage.save(makeHttpEvent("1"));
+    await storage.clearEvents();
+    const list = await storage.listEvents({});
+    expect(list.length).toBe(0);
+  });
+  test("getStats returns correct structure", async () => {
+    const storage = new StorageManager();
+    const stats = await storage.getStats();
+    expect(stats.total).toBe(0);
+    expect(stats.byType).toEqual({});
+  });
+});

package/src/core/event.normalizer.ts ADDED Viewed

@@ -0,0 +1,147 @@
+import {
+  RawEvent,
+  RawDnsEvent,
+  RawSmtpEvent,
+  RawTcpEvent,
+  RawSsrfEvent,
+  NormalizedHttpEvent,
+  NormalizedDnsEvent,
+  NormalizedSmtpEvent,
+  NormalizedTcpEvent,
+  NormalizedSsrfEvent,
+  NormalizedWebhookEvent,
+  RawWebhookEvent,
+  NormalizedWebSocketEvent,
+  RawWebSocketEvent,
+} from "../types/event.types";
+import { IdGenerator } from "./id-generator";
+export class EventNormalizer {
+  //
+  // -------------------------
+  // DNS
+  // -------------------------
+  //
+  static normalizeDns(event: RawDnsEvent): NormalizedDnsEvent {
+    return {
+      id: IdGenerator.generate(),
+      type: "dns",
+      timestamp: Date.now(),
+      ip: event.ip ?? "",
+      query: event.query ?? "",
+      recordType: event.recordType ?? "",
+      raw: event.raw,
+    };
+  }
+  //
+  // -------------------------
+  // HTTP
+  // -------------------------
+  //
+  static normalizeHttp(event: RawEvent): NormalizedHttpEvent {
+    const sourceIp = event.ip && event.ip.trim() !== "" ? event.ip : "unknown";
+    return {
+      id: IdGenerator.generate(),
+      type: "http",
+      timestamp: Date.now(),
+      sourceIp,
+      request: {
+        method: event.method,
+        path: event.path,
+        headers: event.headers,
+        query: event.query,
+        body: event.body,
+      },
+    };
+  }
+  //
+  // -------------------------
+  // SMTP
+  // -------------------------
+  //
+  static normalizeSmtp(event: RawSmtpEvent): NormalizedSmtpEvent {
+    return {
+      id: IdGenerator.generate(),
+      type: "smtp",
+      timestamp: Date.now(),
+      ip: event.ip ?? "",
+      from: event.from ?? "",
+      to: event.to ?? [],
+      subject: event.subject ?? "",
+      body: event.body ?? "",
+      raw: event.raw,
+    };
+  }
+  //
+  // -------------------------
+  // TCP
+  // -------------------------
+  //
+  static normalizeTcp(event: RawTcpEvent): NormalizedTcpEvent {
+    return {
+      id: IdGenerator.generate(),
+      type: "tcp",
+      timestamp: Date.now(),
+      ip: event.ip ?? "",
+      port: event.port ?? 0,
+      data: event.data ?? "",
+      raw: event.raw,
+    };
+  }
+  //
+  // -------------------------
+  // SSRF
+  // -------------------------
+  //
+  static normalizeSsrf(raw: RawSsrfEvent): NormalizedSsrfEvent {
+    return {
+      id: IdGenerator.generate(),
+      type: "ssrf",
+      timestamp: Date.now(),
+      sourceIp: raw.ip,
+      request: {
+        method: raw.method,
+        path: raw.path,
+        headers: raw.headers,
+        query: raw.query,
+      },
+    };
+  }
+  //
+  // -------------------------
+  // webhook
+  // -------------------------
+  //
+  static normalizeWebhook(raw: RawWebhookEvent): NormalizedWebhookEvent {
+    return {
+      id: IdGenerator.generate(),
+      type: "webhook",
+      timestamp: Date.now(),
+      sourceIp: raw.ip,
+      headers: raw.headers,
+      body: raw.body,
+    };
+  }
+  //
+  // -------------------------
+  // websocket
+  // -------------------------
+  //
+  static normalizeWebSocket(raw: RawWebSocketEvent): NormalizedWebSocketEvent {
+    return {
+      id: IdGenerator.generate(),
+      type: "websocket",
+      timestamp: Date.now(),
+      sourceIp: raw.ip,
+      message: raw.message,
+    };
+  }
+}

package/src/core/event.router.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { EventNormalizer } from "./event.normalizer";
+import { Storage } from "../storage-adapters/storage.interface";
+import { RawEvent, NormalizedHttpEvent } from "../types/event.types";
+export class EventRouter {
+  constructor(private storage: Storage) {}
+  async handleHttp(event: RawEvent): Promise<NormalizedHttpEvent> {
+    const normalized = EventNormalizer.normalizeHttp(event);
+    await this.storage.save(normalized);
+    return normalized;
+  }
+}

package/src/core/http/__tests__/adapter-node.test.ts ADDED Viewed

@@ -0,0 +1,52 @@
+import { NodeAdapter } from "../adapter-node";
+import { MiddlewarePipeline } from "../middleware";
+import { Router } from "../router";
+import { Request } from "../request";
+import { Response } from "../response";
+import { describe, it, expect, jest } from "@jest/globals";
+import * as Build from "../buildRequest";
+describe("NodeAdapter.handle", () => {
+  it("appelle le handler quand la route match", async () => {
+    const router = new Router();
+    const pipeline = new MiddlewarePipeline();
+    // mock buildRequest
+    const buildRequestMock = jest
+      .spyOn(Build, "buildRequest")
+      .mockImplementation(
+        (raw: any, params?: Record<string, string>) =>
+          new Request({
+            method: "GET",
+            path: "/test",
+            headers: {},
+            params: params ?? {},
+          }),
+      );
+    const handler = jest.fn();
+    router.match = jest.fn(() => ({
+      handler,
+      params: { id: "42" },
+      middlewares: [],
+    })) as any;
+    pipeline.run = jest.fn(async () => {}) as any;
+    const res = {
+      writableEnded: false,
+      setHeader: jest.fn(),
+      end: jest.fn(),
+      statusCode: 200,
+    };
+    const adapter = new NodeAdapter(router, pipeline);
+    await adapter.handle({ url: "/test", method: "GET", headers: {} }, res);
+    expect(handler).toHaveBeenCalled();
+    expect(pipeline.run).toHaveBeenCalled();
+    expect(buildRequestMock).toHaveBeenCalledTimes(2);
+  });
+});

package/src/core/http/__tests__/body-parser-multipart.test.ts ADDED Viewed

@@ -0,0 +1,41 @@
+import { bodyParserMultipart } from "../middleware";
+import { Request } from "../request";
+import { Response } from "../response";
+import { describe, it, expect } from "@jest/globals";
+describe("bodyParserMultipart", () => {
+  it("parse un champ texte et un fichier", async () => {
+    const boundary = "----1234";
+    const raw = {
+      headers: { "content-type": `multipart/form-data; boundary=${boundary}` },
+      [Symbol.asyncIterator]: async function* () {
+        yield Buffer.from(
+          `--${boundary}\r\n` +
+            `Content-Disposition: form-data; name="username"\r\n\r\n` +
+            `jeremy\r\n` +
+            `--${boundary}\r\n` +
+            `Content-Disposition: form-data; name="file"; filename="test.txt"\r\n` +
+            `Content-Type: text/plain\r\n\r\n` +
+            `Hello world\r\n` +
+            `--${boundary}--`,
+        );
+      },
+    };
+    const req = new Request({
+      method: "POST",
+      path: "/upload",
+      headers: raw.headers,
+      raw,
+    });
+    const res = new Response({});
+    await bodyParserMultipart(req, res);
+    expect(req.form?.username).toBe("jeremy");
+    expect(req.files?.[0].filename).toBe("test.txt");
+    expect(req.files?.[0].data.toString()).toBe("Hello world");
+  });
+});

package/src/core/http/__tests__/body-parser-raw.test.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import { bodyParserRaw } from "../middleware";
+import { Request } from "../request";
+import { Response } from "../response";
+import { describe, it, expect } from "@jest/globals";
+describe("bodyParserRaw", () => {
+  it("lit le body brut", async () => {
+    const raw = {
+      headers: { "content-type": "application/octet-stream" },
+      [Symbol.asyncIterator]: async function* () {
+        yield Buffer.from([1, 2, 3, 4]);
+      },
+    };
+    const req = new Request({
+      method: "POST",
+      path: "/",
+      headers: raw.headers,
+      raw,
+    });
+    const res = new Response({});
+    await bodyParserRaw(req, res);
+    expect(req.bodyRaw).toEqual(Buffer.from([1, 2, 3, 4]));
+  });
+});

package/src/core/http/__tests__/body-parser-text.test.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import { bodyParserText } from "../middleware";
+import { Request } from "../request";
+import { Response } from "../response";
+import { describe, it, expect } from "@jest/globals";
+describe("bodyParserText", () => {
+  it("lit le body text", async () => {
+    const raw = {
+      headers: { "content-type": "text/plain" },
+      [Symbol.asyncIterator]: async function* () {
+        yield Buffer.from("Hello world");
+      },
+    };
+    const req = new Request({
+      method: "POST",
+      path: "/",
+      headers: raw.headers,
+      raw,
+    });
+    const res = new Response({});
+    await bodyParserText(req, res);
+    expect(req.bodyText).toBe("Hello world");
+  });
+});

package/src/core/http/__tests__/compile-path.test.ts ADDED Viewed

@@ -0,0 +1,39 @@
+import { compilePath } from "../compile-path";
+import { describe, it, expect } from "@jest/globals";
+describe("compilePath", () => {
+  it("compile un chemin simple avec segment statique", () => {
+    const result = compilePath("/tasks");
+    expect(result).toEqual([{ type: "static", value: "tasks" }]);
+  });
+  it("compile un chemin avec paramètre", () => {
+    const result = compilePath("/tasks/:id");
+    expect(result).toEqual([
+      { type: "static", value: "tasks" },
+      { type: "param", name: "id" },
+    ]);
+  });
+  it("compile un chemin avec paramètre", () => {
+    const result = compilePath("/tasks/:id");
+    expect(result).toEqual([
+      { type: "static", value: "tasks" },
+      { type: "param", name: "id" },
+    ]);
+  });
+  it("compile un chemin complexe avec static, param et wildcard", () => {
+    const result = compilePath("/a/:b/*/c");
+    expect(result).toEqual([
+      { type: "static", value: "a" },
+      { type: "param", name: "b" },
+      { type: "wildcard" },
+      { type: "static", value: "c" },
+    ]);
+  });
+});

package/src/core/http/__tests__/middleware-pipeline.test.ts ADDED Viewed

@@ -0,0 +1,51 @@
+import { MiddlewarePipeline } from "../../http/middleware";
+import { Request } from "../../http/request";
+import { Response } from "../../http/response";
+import { describe, it, expect, jest } from "@jest/globals";
+describe("MiddlewarePipeline", () => {
+  it("exécute les middlewares dans l'ordre", async () => {
+    const pipeline = new MiddlewarePipeline();
+    const calls: string[] = [];
+    pipeline.use(async (req, res, next) => {
+      calls.push("mw1");
+      await next();
+    });
+    pipeline.use(async (req, res, next) => {
+      calls.push("mw2");
+      await next();
+    });
+    const req = new Request({ method: "GET", path: "/", headers: {} });
+    const res = new Response({ setHeader: jest.fn(), end: jest.fn() });
+    await pipeline.run(req, res);
+    expect(calls).toEqual(["mw1", "mw2"]);
+  });
+  it("arrête la chaîne si next() n'est pas appelé", async () => {
+    const pipeline = new MiddlewarePipeline();
+    const calls: string[] = [];
+    pipeline.use(async () => {
+      calls.push("mw1");
+      // pas de next()
+    });
+    pipeline.use(async () => {
+      calls.push("mw2");
+    });
+    const req = new Request({ method: "GET", path: "/", headers: {} });
+    const res = new Response({ setHeader: jest.fn(), end: jest.fn() });
+    await pipeline.run(req, res);
+    expect(calls).toEqual(["mw1"]);
+  });
+});

package/src/core/http/__tests__/request.test.ts ADDED Viewed

@@ -0,0 +1,34 @@
+import { Request } from "../request";
+import { describe, it, expect } from "@jest/globals";
+describe("Request", () => {
+  it("crée une requête immuable avec les bonnes propriétés", () => {
+    const req = new Request({
+      method: "GET",
+      path: "/test",
+      headers: { "content-type": "application/json" },
+      query: { a: "1" },
+      params: { id: "123" },
+      body: { x: 1 },
+      ip: "127.0.0.1",
+    });
+    expect(req.method).toBe("GET");
+    expect(req.path).toBe("/test");
+    expect(req.headers["content-type"]).toBe("application/json");
+    expect(req.query.a).toBe("1");
+    expect(req.params.id).toBe("123");
+    expect(req.body.x).toBe(1);
+    expect(req.ip).toBe("127.0.0.1");
+  });
+  it("retourne un header via header()", () => {
+    const req = new Request({
+      method: "GET",
+      path: "/",
+      headers: { "x-test": "ok" },
+    });
+    expect(req.header("x-test")).toBe("ok");
+  });
+});

package/src/core/http/__tests__/response.test.ts ADDED Viewed

@@ -0,0 +1,35 @@
+import { Response } from "../../http/response";
+import { describe, it, expect, jest } from "@jest/globals";
+describe("Response", () => {
+  it("enregistre le status et les headers", () => {
+    const raw = {
+      setHeader: jest.fn(),
+      end: jest.fn(),
+    };
+    const res = new Response(raw);
+    res.status(201).header("x-test", "ok").send("hello");
+    expect(raw.setHeader).toHaveBeenCalledWith("x-test", "ok");
+    expect(raw.end).toHaveBeenCalledWith("hello");
+  });
+  it("envoie du JSON", () => {
+    const raw = {
+      setHeader: jest.fn(),
+      end: jest.fn(),
+    };
+    const res = new Response(raw);
+    res.json({ a: 1 });
+    expect(raw.setHeader).toHaveBeenCalledWith(
+      "content-type",
+      "application/json",
+    );
+    expect(raw.end).toHaveBeenCalledWith(JSON.stringify({ a: 1 }));
+  });
+});