npm - @j3r3mcdev/oast-server - Versions diffs - 1.1.4 → 1.1.6 - Mend

@j3r3mcdev/oast-server 1.1.4 → 1.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (93) hide show

package/.github/workflows/ci.yml +29 -29
package/.github/workflows/publish.yml +31 -31
package/README.md +192 -192
package/jest.config.js +14 -14
package/package.json +45 -45
package/sadmin list shadows +9 -9
package/src/api/controllers/__tests__/tasks.controller.test.ts +74 -74
package/src/api/controllers/events.controller.ts +10 -10
package/src/api/controllers/health.controller.ts +7 -7
package/src/api/controllers/tasks.controller.ts +41 -41
package/src/api/dto/__tests__/create-task.dto.test.ts +41 -41
package/src/api/dto/__tests__/filter-tasks.dto.test.ts +35 -35
package/src/api/dto/create-task.dto.ts +33 -33
package/src/api/dto/filter-tasks.dto.ts +33 -33
package/src/api/services/__tests__/events.service.test.ts +41 -41
package/src/api/services/__tests__/tasks.service.test.ts +41 -41
package/src/api/services/events.service.ts +17 -17
package/src/api/services/tasks.service.ts +79 -79
package/src/api/sse/events.stream.ts +90 -90
package/src/bootstrap.ts +89 -89
package/src/core/__tests__/core-router.test.ts +30 -30
package/src/core/__tests__/core-server.test.ts +44 -44
package/src/core/__tests__/event.normalizer.test.ts +56 -56
package/src/core/__tests__/event.router.test.ts +89 -89
package/src/core/__tests__/logger.test.ts +32 -32
package/src/core/__tests__/storage-manager.test.ts +74 -74
package/src/core/event.normalizer.ts +147 -147
package/src/core/event.router.ts +13 -13
package/src/core/http/__tests__/adapter-node.test.ts +52 -52
package/src/core/http/__tests__/body-parser-multipart.test.ts +41 -41
package/src/core/http/__tests__/body-parser-raw.test.ts +28 -28
package/src/core/http/__tests__/body-parser-text.test.ts +28 -28
package/src/core/http/__tests__/compile-path.test.ts +39 -39
package/src/core/http/__tests__/middleware-pipeline.test.ts +51 -51
package/src/core/http/__tests__/request.test.ts +34 -34
package/src/core/http/__tests__/response.test.ts +35 -35
package/src/core/http/__tests__/router-match.test.ts +171 -171
package/src/core/http/adapter-node.ts +51 -51
package/src/core/http/buildRequest.ts +18 -18
package/src/core/http/compile-path.ts +32 -32
package/src/core/http/errors.ts +37 -37
package/src/core/http/http-server.ts +52 -52
package/src/core/http/middleware.ts +160 -160
package/src/core/http/request.ts +55 -55
package/src/core/http/response.ts +93 -93
package/src/core/http/router.ts +138 -138
package/src/core/id-generator.ts +8 -8
package/src/core/logger.ts +113 -113
package/src/core/router.ts +44 -44
package/src/core/server.ts +85 -85
package/src/core/storage.ts +64 -64
package/src/index.ts +14 -12
package/src/listeners/api/__tests__/api.controller.test.ts +116 -116
package/src/listeners/api/__tests__/api.extractor.test.ts +46 -46
package/src/listeners/api/__tests__/api.listener.test.ts +82 -82
package/src/listeners/api/__tests__/api.routes.test.ts +155 -155
package/src/listeners/api/__tests__/api.sse.test.ts +105 -105
package/src/listeners/api/api.controllers.ts +67 -67
package/src/listeners/api/api.extractor.ts +43 -43
package/src/listeners/api/api.listener.ts +50 -50
package/src/listeners/api/api.routes.ts +76 -76
package/src/listeners/api/api.sse.ts +38 -38
package/src/listeners/dns/__tests__/dns.test.ts +118 -118
package/src/listeners/dns/dns.extractor.ts +14 -14
package/src/listeners/dns/dns.listener.ts +61 -61
package/src/listeners/http/__tests__/http.extractor.test.ts +59 -59
package/src/listeners/http/__tests__/http.listener.test.ts +133 -133
package/src/listeners/http/http.extractor.ts +15 -15
package/src/listeners/http/http.listener.ts +110 -110
package/src/listeners/listener.interface.ts +4 -4
package/src/listeners/smtp/__tests__/smtp.extractor.test.ts +69 -69
package/src/listeners/smtp/__tests__/smtp.listener.test.ts +150 -150
package/src/listeners/smtp/smtp.extractor.ts +18 -18
package/src/listeners/smtp/smtp.listener.ts +60 -60
package/src/listeners/ssrf/__tests__/ssrf.extractor.test.ts +41 -41
package/src/listeners/ssrf/__tests__/ssrf.listener.test.ts +87 -87
package/src/listeners/ssrf/ssrf.extractor.ts +14 -14
package/src/listeners/ssrf/ssrf.listener.ts +37 -37
package/src/listeners/tcp/tcp.extractor.ts +16 -16
package/src/listeners/tcp/tcp.listener.ts +61 -61
package/src/listeners/webhook/__tests__/webhook.extractor.test.ts +35 -35
package/src/listeners/webhook/__tests__/webhook.listener.test.ts +122 -122
package/src/listeners/webhook/webhook.extractor.ts +12 -12
package/src/listeners/webhook/webhook.listener.ts +58 -58
package/src/listeners/websocket/__tests__/websocket.extractor.test.ts +33 -33
package/src/listeners/websocket/__tests__/websocket.listener.test.ts +90 -90
package/src/listeners/websocket/websocket.extractor.ts +11 -11
package/src/listeners/websocket/websocket.listener.ts +40 -40
package/src/storage-adapters/adapters/__tests__/memory.storage.test.ts +75 -75
package/src/storage-adapters/adapters/memory.storage.ts +64 -64
package/src/storage-adapters/storage.interface.ts +26 -26
package/src/types/event.types.ts +147 -147
package/tsconfig.json +21 -21

package/src/listeners/api/__tests__/api.listener.test.ts CHANGED Viewed

@@ -1,82 +1,82 @@
-import http from "http";
-import { ApiListener } from "../api.listener";
-import { StorageManager } from "../../../core/storage";
-import { Logger } from "../../../core/logger";
-import { describe, test, beforeEach, afterEach, expect } from "@jest/globals";
-import { ApiController } from "../api.controllers";
-describe("ApiListener", () => {
-  let storage: StorageManager;
-  let api: ApiListener;
-  beforeEach(async () => {
-    storage = new StorageManager();
-    api = new ApiListener(storage, {
-      port: 9999,
-      logger: new Logger({ context: "ApiTest" }),
-    });
-    await api.start();
-  });
-  afterEach(async () => {
-    await api.stop();
-  });
-  test("GET /events returns empty list", async () => {
-    const res = await fetch("http://localhost:9999/events");
-    const json = await res.json();
-    expect(json.success).toBe(true);
-    expect(json.events).toEqual([]);
-  });
-  test("GET /stats returns correct structure", async () => {
-    const res = await fetch("http://localhost:9999/stats");
-    const json = await res.json();
-    expect(json.success).toBe(true);
-    expect(json.stats.total).toBe(0);
-    expect(json.stats.byType).toEqual({});
-  });
-  test("GET /events/:id returns 404 when not found", async () => {
-    const res = await fetch("http://localhost:9999/events/unknown");
-    const json = await res.json();
-    expect(res.status).toBe(404);
-    expect(json.success).toBe(false);
-  });
-  test("DELETE /events clears all events", async () => {
-    // On ajoute un event dans le storage
-    await storage.save({
-      id: "1",
-      type: "http",
-      timestamp: Date.now(),
-      sourceIp: "127.0.0.1",
-      request: {
-        method: "GET",
-        path: "/",
-        headers: {},
-        query: {},
-        body: "",
-      },
-    });
-    let events = await storage.listEvents({});
-    expect(events.length).toBe(1);
-    // On appelle l'API réelle
-    const res = await fetch("http://localhost:9999/events", {
-      method: "DELETE",
-    });
-    const json = await res.json();
-    expect(json.success).toBe(true);
-    events = await storage.listEvents({});
-    expect(events.length).toBe(0);
-  });
-});
+import http from "http";
+import { ApiListener } from "../api.listener";
+import { StorageManager } from "../../../core/storage";
+import { Logger } from "../../../core/logger";
+import { describe, test, beforeEach, afterEach, expect } from "@jest/globals";
+import { ApiController } from "../api.controllers";
+describe("ApiListener", () => {
+  let storage: StorageManager;
+  let api: ApiListener;
+  beforeEach(async () => {
+    storage = new StorageManager();
+    api = new ApiListener(storage, {
+      port: 9999,
+      logger: new Logger({ context: "ApiTest" }),
+    });
+    await api.start();
+  });
+  afterEach(async () => {
+    await api.stop();
+  });
+  test("GET /events returns empty list", async () => {
+    const res = await fetch("http://localhost:9999/events");
+    const json = await res.json();
+    expect(json.success).toBe(true);
+    expect(json.events).toEqual([]);
+  });
+  test("GET /stats returns correct structure", async () => {
+    const res = await fetch("http://localhost:9999/stats");
+    const json = await res.json();
+    expect(json.success).toBe(true);
+    expect(json.stats.total).toBe(0);
+    expect(json.stats.byType).toEqual({});
+  });
+  test("GET /events/:id returns 404 when not found", async () => {
+    const res = await fetch("http://localhost:9999/events/unknown");
+    const json = await res.json();
+    expect(res.status).toBe(404);
+    expect(json.success).toBe(false);
+  });
+  test("DELETE /events clears all events", async () => {
+    // On ajoute un event dans le storage
+    await storage.save({
+      id: "1",
+      type: "http",
+      timestamp: Date.now(),
+      sourceIp: "127.0.0.1",
+      request: {
+        method: "GET",
+        path: "/",
+        headers: {},
+        query: {},
+        body: "",
+      },
+    });
+    let events = await storage.listEvents({});
+    expect(events.length).toBe(1);
+    // On appelle l'API réelle
+    const res = await fetch("http://localhost:9999/events", {
+      method: "DELETE",
+    });
+    const json = await res.json();
+    expect(json.success).toBe(true);
+    events = await storage.listEvents({});
+    expect(events.length).toBe(0);
+  });
+});

package/src/listeners/api/__tests__/api.routes.test.ts CHANGED Viewed

@@ -1,155 +1,155 @@
-import { handleApiRequest } from "../api.routes";
-import { StorageManager } from "../../../core/storage";
-import { ApiSse } from "../api.sse";
-import { ApiController } from "../api.controllers";
-import { Logger } from "../../../core/logger";
-import { IncomingMessage, ServerResponse } from "http";
-import { Socket } from "net";
-import { describe, it, expect, beforeEach, jest } from "@jest/globals";
-// Helpers pour mocker req/res
-function mockReq(method: string, url: string): IncomingMessage {
-  const socket = new Socket();
-  const req = new IncomingMessage(socket);
-  req.method = method;
-  req.url = url;
-  req.headers = { host: "localhost" };
-  return req;
-}
-function mockRes(): ServerResponse {
-  const socket = new Socket();
-  const req = new IncomingMessage(socket);
-  const res = new ServerResponse(req);
-  jest.spyOn(res, "writeHead");
-  jest.spyOn(res, "end");
-  return res;
-}
-describe("handleApiRequest", () => {
-  let storage: StorageManager;
-  let sse: ApiSse;
-  let logger: Logger;
-  beforeEach(() => {
-    storage = new StorageManager();
-    sse = new ApiSse(new Logger({ context: "SSETest" }));
-    logger = new Logger({ context: "ApiTest" });
-    jest.spyOn(ApiController, "listEvents").mockResolvedValue(undefined);
-    jest.spyOn(ApiController, "getEvent").mockResolvedValue(undefined);
-    jest.spyOn(ApiController, "deleteAll").mockResolvedValue(undefined);
-    jest.spyOn(ApiController, "deleteOne").mockResolvedValue(undefined);
-    jest.spyOn(ApiController, "stats").mockResolvedValue(undefined);
-    jest.spyOn(sse, "handle").mockReturnValue(undefined as any);
-  });
-  it("route GET /events → ApiController.listEvents", async () => {
-    const req = mockReq("GET", "/events");
-    const res = mockRes();
-    await expect(
-      handleApiRequest(req, res, storage, sse, logger),
-    ).resolves.toBeUndefined();
-    expect(ApiController.listEvents).toHaveBeenCalled();
-  });
-  it("route GET /events/:id → ApiController.getEvent", async () => {
-    const req = mockReq("GET", "/events/123");
-    const res = mockRes();
-    await expect(
-      handleApiRequest(req, res, storage, sse, logger),
-    ).resolves.toBeUndefined();
-    expect(ApiController.getEvent).toHaveBeenCalledWith("123", res, storage);
-  });
-  it("route DELETE /events → ApiController.deleteAll", async () => {
-    const req = mockReq("DELETE", "/events");
-    const res = mockRes();
-    await expect(
-      handleApiRequest(req, res, storage, sse, logger),
-    ).resolves.toBeUndefined();
-    expect(ApiController.deleteAll).toHaveBeenCalled();
-  });
-  it("route DELETE /events/:id → ApiController.deleteOne", async () => {
-    const req = mockReq("DELETE", "/events/abc");
-    const res = mockRes();
-    await expect(
-      handleApiRequest(req, res, storage, sse, logger),
-    ).resolves.toBeUndefined();
-    expect(ApiController.deleteOne).toHaveBeenCalledWith("abc", res, storage);
-  });
-  it("route GET /stats → ApiController.stats", async () => {
-    const req = mockReq("GET", "/stats");
-    const res = mockRes();
-    await expect(
-      handleApiRequest(req, res, storage, sse, logger),
-    ).resolves.toBeUndefined();
-    expect(ApiController.stats).toHaveBeenCalled();
-  });
-  it("route GET /events/stream → SSE", async () => {
-    const req = mockReq("GET", "/events/stream");
-    const res = mockRes();
-    await expect(
-      handleApiRequest(req, res, storage, sse, logger),
-    ).resolves.toBeUndefined();
-    expect(sse.handle).toHaveBeenCalledWith(res);
-  });
-  it("404 → renvoie Not found", async () => {
-    const req = mockReq("GET", "/unknown");
-    const res = mockRes();
-    await expect(
-      handleApiRequest(req, res, storage, sse, logger),
-    ).resolves.toBeUndefined();
-    expect(res.writeHead).toHaveBeenCalledWith(404, {
-      "Content-Type": "application/json",
-    });
-    const raw = String((res.end as jest.Mock).mock.calls[0][0]);
-    const body = JSON.parse(raw);
-    expect(body.success).toBe(false);
-  });
-  it("500 → renvoie Internal Server Error", async () => {
-    const req = mockReq("GET", "/events");
-    jest
-      .spyOn(ApiController, "listEvents")
-      .mockRejectedValue(new Error("Boom"));
-    const res = mockRes();
-    await expect(
-      handleApiRequest(req, res, storage, sse, logger),
-    ).resolves.toBeUndefined();
-    expect(res.writeHead).toHaveBeenCalledWith(500, {
-      "Content-Type": "application/json",
-    });
-    const raw = String((res.end as jest.Mock).mock.calls[0][0]);
-    const body = JSON.parse(raw);
-    expect(body.success).toBe(false);
-    expect(body.error).toBe("Boom");
-  });
-});
+import { handleApiRequest } from "../api.routes";
+import { StorageManager } from "../../../core/storage";
+import { ApiSse } from "../api.sse";
+import { ApiController } from "../api.controllers";
+import { Logger } from "../../../core/logger";
+import { IncomingMessage, ServerResponse } from "http";
+import { Socket } from "net";
+import { describe, it, expect, beforeEach, jest } from "@jest/globals";
+// Helpers pour mocker req/res
+function mockReq(method: string, url: string): IncomingMessage {
+  const socket = new Socket();
+  const req = new IncomingMessage(socket);
+  req.method = method;
+  req.url = url;
+  req.headers = { host: "localhost" };
+  return req;
+}
+function mockRes(): ServerResponse {
+  const socket = new Socket();
+  const req = new IncomingMessage(socket);
+  const res = new ServerResponse(req);
+  jest.spyOn(res, "writeHead");
+  jest.spyOn(res, "end");
+  return res;
+}
+describe("handleApiRequest", () => {
+  let storage: StorageManager;
+  let sse: ApiSse;
+  let logger: Logger;
+  beforeEach(() => {
+    storage = new StorageManager();
+    sse = new ApiSse(new Logger({ context: "SSETest" }));
+    logger = new Logger({ context: "ApiTest" });
+    jest.spyOn(ApiController, "listEvents").mockResolvedValue(undefined);
+    jest.spyOn(ApiController, "getEvent").mockResolvedValue(undefined);
+    jest.spyOn(ApiController, "deleteAll").mockResolvedValue(undefined);
+    jest.spyOn(ApiController, "deleteOne").mockResolvedValue(undefined);
+    jest.spyOn(ApiController, "stats").mockResolvedValue(undefined);
+    jest.spyOn(sse, "handle").mockReturnValue(undefined as any);
+  });
+  it("route GET /events → ApiController.listEvents", async () => {
+    const req = mockReq("GET", "/events");
+    const res = mockRes();
+    await expect(
+      handleApiRequest(req, res, storage, sse, logger),
+    ).resolves.toBeUndefined();
+    expect(ApiController.listEvents).toHaveBeenCalled();
+  });
+  it("route GET /events/:id → ApiController.getEvent", async () => {
+    const req = mockReq("GET", "/events/123");
+    const res = mockRes();
+    await expect(
+      handleApiRequest(req, res, storage, sse, logger),
+    ).resolves.toBeUndefined();
+    expect(ApiController.getEvent).toHaveBeenCalledWith("123", res, storage);
+  });
+  it("route DELETE /events → ApiController.deleteAll", async () => {
+    const req = mockReq("DELETE", "/events");
+    const res = mockRes();
+    await expect(
+      handleApiRequest(req, res, storage, sse, logger),
+    ).resolves.toBeUndefined();
+    expect(ApiController.deleteAll).toHaveBeenCalled();
+  });
+  it("route DELETE /events/:id → ApiController.deleteOne", async () => {
+    const req = mockReq("DELETE", "/events/abc");
+    const res = mockRes();
+    await expect(
+      handleApiRequest(req, res, storage, sse, logger),
+    ).resolves.toBeUndefined();
+    expect(ApiController.deleteOne).toHaveBeenCalledWith("abc", res, storage);
+  });
+  it("route GET /stats → ApiController.stats", async () => {
+    const req = mockReq("GET", "/stats");
+    const res = mockRes();
+    await expect(
+      handleApiRequest(req, res, storage, sse, logger),
+    ).resolves.toBeUndefined();
+    expect(ApiController.stats).toHaveBeenCalled();
+  });
+  it("route GET /events/stream → SSE", async () => {
+    const req = mockReq("GET", "/events/stream");
+    const res = mockRes();
+    await expect(
+      handleApiRequest(req, res, storage, sse, logger),
+    ).resolves.toBeUndefined();
+    expect(sse.handle).toHaveBeenCalledWith(res);
+  });
+  it("404 → renvoie Not found", async () => {
+    const req = mockReq("GET", "/unknown");
+    const res = mockRes();
+    await expect(
+      handleApiRequest(req, res, storage, sse, logger),
+    ).resolves.toBeUndefined();
+    expect(res.writeHead).toHaveBeenCalledWith(404, {
+      "Content-Type": "application/json",
+    });
+    const raw = String((res.end as jest.Mock).mock.calls[0][0]);
+    const body = JSON.parse(raw);
+    expect(body.success).toBe(false);
+  });
+  it("500 → renvoie Internal Server Error", async () => {
+    const req = mockReq("GET", "/events");
+    jest
+      .spyOn(ApiController, "listEvents")
+      .mockRejectedValue(new Error("Boom"));
+    const res = mockRes();
+    await expect(
+      handleApiRequest(req, res, storage, sse, logger),
+    ).resolves.toBeUndefined();
+    expect(res.writeHead).toHaveBeenCalledWith(500, {
+      "Content-Type": "application/json",
+    });
+    const raw = String((res.end as jest.Mock).mock.calls[0][0]);
+    const body = JSON.parse(raw);
+    expect(body.success).toBe(false);
+    expect(body.error).toBe("Boom");
+  });
+});