@j3r3mcdev/oast-server 1.1.12 → 1.1.14

package/src/listeners/webhook/__tests__/webhook.listener.test.ts

@@ -1,122 +0,0 @@
-import {
-  describe,
-  it,
-  expect,
-  jest,
-  beforeEach,
-  afterEach,
-} from "@jest/globals";
-
-import http from "http";
-import { WebhookListener } from "../webhook.listener";
-import { WebhookExtractor } from "../webhook.extractor";
-import { EventNormalizer } from "../../../core/event.normalizer";
-
-jest.mock("../webhook.extractor");
-jest.mock("../../../core/event.normalizer");
-
-describe("WebhookListener", () => {
-  let router: any;
-  let port: number;
-  let listener: WebhookListener;
-
-  beforeEach(() => {
-    router = {
-      dispatch: jest.fn(),
-    };
-
-    port = 13000 + Math.floor(Math.random() * 2000);
-
-    (WebhookExtractor.extract as jest.Mock).mockReturnValue({
-      ip: "1.2.3.4",
-      headers: { "x-test": "ok" },
-      body: { hello: "world" },
-      raw: {},
-    });
-
-    (EventNormalizer.normalizeWebhook as jest.Mock).mockReturnValue({
-      id: "abc",
-      type: "webhook",
-      timestamp: 111,
-      sourceIp: "1.2.3.4",
-      headers: { "x-test": "ok" },
-      body: { hello: "world" },
-    });
-
-    listener = new WebhookListener(router, port);
-  });
-
-  afterEach(() => {
-    listener.stop();
-  });
-
-  it("appelle router.dispatch avec l'événement normalisé", async () => {
-    await new Promise<void>((resolve) => {
-      const req = http.request(
-        {
-          hostname: "localhost",
-          port,
-          path: "/",
-          method: "POST",
-          headers: { "content-type": "application/json" },
-        },
-        (res) => {
-          expect(res.statusCode).toBe(200);
-          expect(router.dispatch).toHaveBeenCalledTimes(1);
-          expect(router.dispatch).toHaveBeenCalledWith({
-            id: "abc",
-            type: "webhook",
-            timestamp: 111,
-            sourceIp: "1.2.3.4",
-            headers: { "x-test": "ok" },
-            body: { hello: "world" },
-          });
-          resolve();
-        },
-      );
-
-      req.write(JSON.stringify({ hello: "world" }));
-      req.end();
-    });
-  });
-
-  it("retourne 500 si router.dispatch échoue", async () => {
-    router.dispatch.mockRejectedValue(new Error("fail"));
-
-    await new Promise<void>((resolve) => {
-      const req = http.request(
-        {
-          hostname: "localhost",
-          port,
-          path: "/",
-          method: "POST",
-        },
-        (res) => {
-          expect(res.statusCode).toBe(500);
-          resolve();
-        },
-      );
-
-      req.write("{}");
-      req.end();
-    });
-  });
-
-  it("retourne 405 si la méthode n'est pas POST", async () => {
-    await new Promise<void>((resolve) => {
-      const req = http.request(
-        {
-          hostname: "localhost",
-          port,
-          path: "/",
-          method: "GET",
-        },
-        (res) => {
-          expect(res.statusCode).toBe(405);
-          resolve();
-        },
-      );
-      req.end();
-    });
-  });
-});

package/src/listeners/webhook/webhook.extractor.ts

@@ -1,12 +0,0 @@
-export class WebhookExtractor {
-  static extract(req: any, body: any) {
-    const headers = req.headers ?? {};
-
-    return {
-      ip: req.ip ?? headers["x-forwarded-for"] ?? "",
-      headers,
-      body,
-      raw: req,
-    };
-  }
-}

package/src/listeners/webhook/webhook.listener.ts

@@ -1,58 +0,0 @@
-import http from "http";
-import { CoreRouter } from "../../core/router";
-import { WebhookExtractor } from "./webhook.extractor";
-import { EventNormalizer } from "../../core/event.normalizer";
-import { Logger } from "../../core/logger";
-
-export class WebhookListener {
-  private router: CoreRouter;
-  private server: http.Server;
-  private logger: Logger;
-
-  constructor(router: CoreRouter, port: number) {
-    this.router = router;
-    this.logger = new Logger({ context: "WebhookListener" });
-
-    this.server = http.createServer(async (req, res) => {
-      if (req.method !== "POST") {
-        res.writeHead(405);
-        return res.end("Method Not Allowed");
-      }
-
-      let chunks: Buffer[] = [];
-
-      req.on("data", (chunk) => chunks.push(chunk));
-
-      req.on("end", async () => {
-        try {
-          const bodyRaw = Buffer.concat(chunks).toString();
-          let body: any = null;
-
-          try {
-            body = JSON.parse(bodyRaw);
-          } catch {
-            body = bodyRaw;
-          }
-
-          const extracted = WebhookExtractor.extract(req, body);
-          const event = EventNormalizer.normalizeWebhook(extracted);
-
-          await this.router.dispatch(event);
-
-          res.writeHead(200);
-          res.end("OK");
-        } catch (err) {
-          res.writeHead(500);
-          res.end("ERROR");
-        }
-      });
-    });
-
-    this.server.listen(port);
-  }
-
-  stop() {
-    this.server.close();
-    this.logger.info("Webhook Listener stopped");
-  }
-}

package/src/listeners/websocket/__tests__/websocket.extractor.test.ts

@@ -1,33 +0,0 @@
-import { describe, it, expect } from "@jest/globals";
-import { WebSocketExtractor } from "../websocket.extractor";
-
-describe("WebSocketExtractor", () => {
-  it("extrait correctement les données", () => {
-    const ws: any = {};
-    const req: any = {
-      socket: { remoteAddress: "1.2.3.4" },
-      headers: { host: "example.com" },
-    };
-
-    const extracted = WebSocketExtractor.extract(ws, req, "hello");
-
-    expect(extracted).toEqual({
-      ip: "1.2.3.4",
-      message: "hello",
-      raw: { ws, req },
-    });
-  });
-
-  it("retourne une structure complète même si des champs manquent", () => {
-    const ws: any = {};
-    const req: any = {};
-
-    const extracted = WebSocketExtractor.extract(ws, req, "test");
-
-    expect(extracted).toEqual({
-      ip: "",
-      message: "test",
-      raw: { ws, req },
-    });
-  });
-});

package/src/listeners/websocket/__tests__/websocket.listener.test.ts

@@ -1,90 +0,0 @@
-import {
-  describe,
-  it,
-  expect,
-  jest,
-  beforeEach,
-  afterEach,
-} from "@jest/globals";
-
-import { WebSocketServer } from "ws";
-import WebSocket from "ws";
-import { WebSocketListener } from "../websocket.listener";
-import { WebSocketExtractor } from "../websocket.extractor";
-import { EventNormalizer } from "../../../core/event.normalizer";
-
-jest.mock("../websocket.extractor");
-jest.mock("../../../core/event.normalizer");
-
-describe("WebSocketListener", () => {
-  let router: any;
-  let port: number;
-  let listener: WebSocketListener;
-
-  beforeEach(() => {
-    router = {
-      dispatch: jest.fn(),
-    };
-
-    port = 14000 + Math.floor(Math.random() * 2000);
-
-    (WebSocketExtractor.extract as jest.Mock).mockReturnValue({
-      ip: "1.2.3.4",
-      message: "hello",
-      raw: {},
-    });
-
-    (EventNormalizer.normalizeWebSocket as jest.Mock).mockReturnValue({
-      id: "ws123",
-      type: "websocket",
-      timestamp: 111,
-      sourceIp: "1.2.3.4",
-      message: "hello",
-    });
-
-    listener = new WebSocketListener(router, port);
-  });
-
-  afterEach(() => {
-    listener.stop();
-  });
-
-  it("appelle router.dispatch quand un message est reçu", async () => {
-    const client = new WebSocket(`ws://localhost:${port}`);
-
-    await new Promise<void>((resolve) => {
-      client.on("open", () => {
-        client.send("hello");
-        setTimeout(() => {
-          expect(router.dispatch).toHaveBeenCalledTimes(1);
-          expect(router.dispatch).toHaveBeenCalledWith({
-            id: "ws123",
-            type: "websocket",
-            timestamp: 111,
-            sourceIp: "1.2.3.4",
-            message: "hello",
-          });
-          client.close();
-          resolve();
-        }, 50);
-      });
-    });
-  });
-
-  it("ne plante pas si dispatch échoue", async () => {
-    router.dispatch.mockRejectedValue(new Error("fail"));
-
-    const client = new WebSocket(`ws://localhost:${port}`);
-
-    await new Promise<void>((resolve) => {
-      client.on("open", () => {
-        client.send("hello");
-        setTimeout(() => {
-          expect(router.dispatch).toHaveBeenCalledTimes(1);
-          client.close();
-          resolve();
-        }, 50);
-      });
-    });
-  });
-});

package/src/listeners/websocket/websocket.extractor.ts

@@ -1,11 +0,0 @@
-export class WebSocketExtractor {
-  static extract(ws: any, req: any, message: string) {
-    const headers = req.headers ?? {};
-
-    return {
-      ip: req.socket?.remoteAddress ?? headers["x-forwarded-for"] ?? "",
-      message,
-      raw: { ws, req },
-    };
-  }
-}

package/src/listeners/websocket/websocket.listener.ts

@@ -1,40 +0,0 @@
-import { WebSocketServer, WebSocket, RawData } from "ws";
-import type { IncomingMessage } from "http";
-import { CoreRouter } from "../../core/router";
-import { WebSocketExtractor } from "./websocket.extractor";
-import { EventNormalizer } from "../../core/event.normalizer";
-import { Logger } from "../../core/logger";
-
-export class WebSocketListener {
-  private router: CoreRouter;
-  private server: WebSocketServer;
-  private logger: Logger;
-
-  constructor(router: CoreRouter, port: number) {
-    this.router = router;
-    this.logger = new Logger({ context: "WebSocketListener" });
-
-    this.server = new WebSocketServer({ port });
-
-    this.server.on("connection", (ws: WebSocket, req: IncomingMessage) => {
-      ws.on("message", async (data: RawData) => {
-        try {
-          const message = data.toString();
-          const extracted = WebSocketExtractor.extract(ws, req, message);
-          const event = EventNormalizer.normalizeWebSocket(extracted);
-
-          await this.router.dispatch(event);
-        } catch (err) {
-          this.logger.error("WebSocket error", err);
-        }
-      });
-    });
-
-    this.logger.info(`WebSocket Listener listening on port ${port}`);
-  }
-
-  stop() {
-    this.server.close();
-    this.logger.info("WebSocket Listener stopped");
-  }
-}

package/src/storage-adapters/adapters/__tests__/memory.storage.test.ts

@@ -1,75 +0,0 @@
-import { MemoryStorage } from "../memory.storage";
-import { describe, it, expect } from "@jest/globals";
-import { NormalizedHttpEvent } from "../../../types/event.types";
-
-describe("MemoryStorage", () => {
-  it("sauvegarde un événement", async () => {
-    const storage = new MemoryStorage();
-
-    const event: NormalizedHttpEvent = {
-      id: "1",
-      type: "http",
-      timestamp: 123,
-      sourceIp: "1.1.1.1",
-      request: {
-        method: "GET",
-        path: "/",
-        headers: {},
-        query: {},
-        body: {},
-      },
-    };
-
-    await storage.save(event);
-
-    const all = await storage.getAll();
-    expect(all).toEqual([event]);
-  });
-
-  it("retourne un événement par ID", async () => {
-    const storage = new MemoryStorage();
-
-    const event: NormalizedHttpEvent = {
-      id: "1",
-      type: "http",
-      timestamp: Date.now(),
-      sourceIp: "1.1.1.1",
-      request: {
-        method: "GET",
-        path: "/test",
-        headers: {},
-        query: {},
-        body: "",
-      },
-    };
-
-    await storage.save(event);
-
-    const found = await storage.getById("1");
-    expect(found).toEqual(event);
-  });
-
-  it("supprime un événement", async () => {
-    const storage = new MemoryStorage();
-
-    const event: NormalizedHttpEvent = {
-      id: "1",
-      type: "http",
-      timestamp: Date.now(),
-      sourceIp: "1.1.1.1",
-      request: {
-        method: "GET",
-        path: "/test",
-        headers: {},
-        query: {},
-        body: "",
-      },
-    };
-
-    await storage.save(event);
-    await storage.delete("1");
-
-    const all = await storage.getAll();
-    expect(all).toEqual([]);
-  });
-});

package/src/storage-adapters/adapters/memory.storage.ts

@@ -1,64 +0,0 @@
-import { Storage } from "../storage.interface";
-import { AnyNormalizedEvent } from "../../types/event.types";
-
-export class MemoryStorage implements Storage {
-  private events = new Map<string, AnyNormalizedEvent>();
-
-  async save(event: AnyNormalizedEvent): Promise<void> {
-    this.events.set(event.id, event);
-  }
-
-  async getEvent(id: string): Promise<AnyNormalizedEvent | null> {
-    return this.events.get(id) ?? null;
-  }
-
-  async listEvents(params: {
-    type?: string;
-    page?: number;
-    limit?: number;
-  }): Promise<AnyNormalizedEvent[]> {
-    const { type, page = 1, limit = 50 } = params;
-
-    const all = Array.from(this.events.values());
-    const filtered = type ? all.filter((e) => e.type === type) : all;
-
-    const start = (page - 1) * limit;
-    return filtered.slice(start, start + limit);
-  }
-
-  async getAll(): Promise<AnyNormalizedEvent[]> {
-    return Array.from(this.events.values());
-  }
-
-  async deleteEvent(id: string): Promise<boolean> {
-    return this.events.delete(id);
-  }
-
-  async clearEvents(): Promise<void> {
-    this.events.clear();
-  }
-
-  async getStats(): Promise<{
-    total: number;
-    byType: Record<string, number>;
-  }> {
-    const all = Array.from(this.events.values());
-    const byType: Record<string, number> = {};
-
-    for (const e of all) {
-      byType[e.type] = (byType[e.type] ?? 0) + 1;
-    }
-
-    return {
-      total: all.length,
-      byType,
-    };
-  }
-  async getById(id: string) {
-    return this.getEvent(id);
-  }
-
-  async delete(id: string) {
-    return this.deleteEvent(id);
-  }
-}

package/src/storage-adapters/storage.interface.ts

@@ -1,26 +0,0 @@
-import { AnyNormalizedEvent } from "../types/event.types";
-
-export interface StorageListParams {
-  type?: string;
-  page?: number;
-  limit?: number;
-}
-
-export interface Storage {
-  save(event: AnyNormalizedEvent): Promise<void>;
-
-  getEvent(id: string): Promise<AnyNormalizedEvent | null>;
-
-  listEvents(params: StorageListParams): Promise<AnyNormalizedEvent[]>;
-
-  deleteEvent(id: string): Promise<boolean>;
-
-  clearEvents(): Promise<void>;
-
-  getAll(): Promise<AnyNormalizedEvent[]>;
-
-  getStats(): Promise<{
-    total: number;
-    byType: Record<string, number>;
-  }>;
-}

package/src/types/event.types.ts

@@ -1,166 +0,0 @@
-//
-// RAW EVENTS
-//
-export interface RawEvent {
-  ip: string;
-  method: string;
-  path: string;
-  headers: Record<string, string | string[] | undefined>;
-  query: Record<string, any>;
-  body: any;
-  raw: any;
-}
-
-export interface RawDnsEvent {
-  ip: string;
-  query: string;
-  recordType: string;
-  raw: any;
-}
-
-export interface RawSmtpEvent {
-  ip: string;
-  from: string;
-  to: string[];
-  subject: string;
-  body: string;
-  raw: any;
-}
-
-export interface RawTcpEvent {
-  ip: string;
-  port: number;
-  data: string;
-  raw: any;
-}
-
-export interface RawSsrfEvent {
-  ip: string;
-  method: string | undefined;
-  path: string | undefined;
-  headers: Record<string, string | string[] | undefined>;
-  query: Record<string, any>;
-  raw: any;
-}
-
-export interface RawWebhookEvent {
-  ip: string;
-  headers: Record<string, string | string[] | undefined>;
-  body: any;
-  raw: any;
-}
-
-export interface RawWebSocketEvent {
-  ip: string;
-  message: string;
-  raw: any;
-}
-
-export interface RawApiEvent {
-  ip: string;
-  body: any;
-  raw: any;
-}
-
-//
-// NORMALIZED EVENTS
-//
-export interface NormalizedHttpEvent {
-  id: string;
-  type: "http";
-  timestamp: number;
-  sourceIp: string;
-  request: {
-    method: string;
-    path: string;
-    headers: Record<string, string | string[] | undefined>;
-    query: Record<string, any>;
-    body: any;
-  };
-}
-
-export interface NormalizedDnsEvent {
-  id: string;
-  type: "dns";
-  timestamp: number;
-  ip: string;
-  query: string;
-  recordType: string;
-  raw: any;
-}
-
-export interface NormalizedSmtpEvent {
-  id: string;
-  type: "smtp";
-  timestamp: number;
-  ip: string;
-  from: string;
-  to: string[];
-  subject: string;
-  body: string;
-  raw: any;
-}
-
-export interface NormalizedTcpEvent {
-  id: string;
-  type: "tcp";
-  timestamp: number;
-  ip: string;
-  port: number;
-  data: string;
-  raw: any;
-}
-
-export interface NormalizedSsrfEvent {
-  id: string;
-  type: "ssrf";
-  timestamp: number;
-  sourceIp: string;
-  request: {
-    method: string | undefined;
-    path: string | undefined;
-    headers: Record<string, string | string[] | undefined>;
-    query: Record<string, any>;
-  };
-}
-
-export interface NormalizedWebhookEvent {
-  id: string;
-  type: "webhook";
-  timestamp: number;
-  sourceIp: string;
-  headers: Record<string, string | string[] | undefined>;
-  body: any;
-}
-
-export interface NormalizedWebSocketEvent {
-  id: string;
-  type: "websocket";
-  timestamp: number;
-  sourceIp: string;
-  message: string;
-}
-
-export interface NormalizedApiEvent {
-  id: string;
-  type: "api";
-  timestamp: number;
-  sourceIp: string;
-  request: {
-    body: any;
-  };
-  raw: any;
-}
-
-//
-// UNION
-//
-export type AnyNormalizedEvent =
-  | NormalizedHttpEvent
-  | NormalizedDnsEvent
-  | NormalizedSmtpEvent
-  | NormalizedTcpEvent
-  | NormalizedSsrfEvent
-  | NormalizedWebhookEvent
-  | NormalizedWebSocketEvent
-  | NormalizedApiEvent;