npm - @j3r3mcdev/oast-server - Versions diffs - 1.1.5 → 1.1.7 - Mend

@j3r3mcdev/oast-server 1.1.5 → 1.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (93) hide show

package/.github/workflows/ci.yml +29 -29
package/.github/workflows/publish.yml +31 -31
package/README.md +192 -192
package/jest.config.js +14 -14
package/package.json +45 -45
package/sadmin list shadows +9 -9
package/src/api/controllers/__tests__/tasks.controller.test.ts +74 -74
package/src/api/controllers/events.controller.ts +10 -10
package/src/api/controllers/health.controller.ts +7 -7
package/src/api/controllers/tasks.controller.ts +41 -41
package/src/api/dto/__tests__/create-task.dto.test.ts +41 -41
package/src/api/dto/__tests__/filter-tasks.dto.test.ts +35 -35
package/src/api/dto/create-task.dto.ts +33 -33
package/src/api/dto/filter-tasks.dto.ts +33 -33
package/src/api/services/__tests__/events.service.test.ts +41 -41
package/src/api/services/__tests__/tasks.service.test.ts +41 -41
package/src/api/services/events.service.ts +17 -17
package/src/api/services/tasks.service.ts +79 -79
package/src/api/sse/events.stream.ts +90 -90
package/src/bootstrap.ts +89 -89
package/src/core/__tests__/core-router.test.ts +30 -30
package/src/core/__tests__/core-server.test.ts +44 -44
package/src/core/__tests__/event.normalizer.test.ts +56 -56
package/src/core/__tests__/event.router.test.ts +89 -89
package/src/core/__tests__/logger.test.ts +32 -32
package/src/core/__tests__/storage-manager.test.ts +74 -74
package/src/core/event.normalizer.ts +147 -147
package/src/core/event.router.ts +13 -13
package/src/core/http/__tests__/adapter-node.test.ts +52 -52
package/src/core/http/__tests__/body-parser-multipart.test.ts +41 -41
package/src/core/http/__tests__/body-parser-raw.test.ts +28 -28
package/src/core/http/__tests__/body-parser-text.test.ts +28 -28
package/src/core/http/__tests__/compile-path.test.ts +39 -39
package/src/core/http/__tests__/middleware-pipeline.test.ts +51 -51
package/src/core/http/__tests__/request.test.ts +34 -34
package/src/core/http/__tests__/response.test.ts +35 -35
package/src/core/http/__tests__/router-match.test.ts +171 -171
package/src/core/http/adapter-node.ts +51 -51
package/src/core/http/buildRequest.ts +18 -18
package/src/core/http/compile-path.ts +32 -32
package/src/core/http/errors.ts +37 -37
package/src/core/http/http-server.ts +52 -52
package/src/core/http/middleware.ts +160 -160
package/src/core/http/request.ts +55 -55
package/src/core/http/response.ts +93 -93
package/src/core/http/router.ts +138 -138
package/src/core/id-generator.ts +8 -8
package/src/core/logger.ts +113 -113
package/src/core/router.ts +44 -44
package/src/core/server.ts +85 -85
package/src/core/storage.ts +64 -64
package/src/index.ts +14 -14
package/src/listeners/api/__tests__/api.controller.test.ts +116 -116
package/src/listeners/api/__tests__/api.extractor.test.ts +46 -46
package/src/listeners/api/__tests__/api.listener.test.ts +82 -82
package/src/listeners/api/__tests__/api.routes.test.ts +155 -155
package/src/listeners/api/__tests__/api.sse.test.ts +105 -105
package/src/listeners/api/api.controllers.ts +67 -67
package/src/listeners/api/api.extractor.ts +43 -43
package/src/listeners/api/api.listener.ts +50 -50
package/src/listeners/api/api.routes.ts +76 -76
package/src/listeners/api/api.sse.ts +38 -38
package/src/listeners/dns/__tests__/dns.test.ts +118 -118
package/src/listeners/dns/dns.extractor.ts +14 -14
package/src/listeners/dns/dns.listener.ts +61 -61
package/src/listeners/http/__tests__/http.extractor.test.ts +59 -59
package/src/listeners/http/__tests__/http.listener.test.ts +133 -133
package/src/listeners/http/http.extractor.ts +15 -15
package/src/listeners/http/http.listener.ts +110 -110
package/src/listeners/listener.interface.ts +4 -4
package/src/listeners/smtp/__tests__/smtp.extractor.test.ts +69 -69
package/src/listeners/smtp/__tests__/smtp.listener.test.ts +150 -150
package/src/listeners/smtp/smtp.extractor.ts +18 -18
package/src/listeners/smtp/smtp.listener.ts +60 -60
package/src/listeners/ssrf/__tests__/ssrf.extractor.test.ts +41 -41
package/src/listeners/ssrf/__tests__/ssrf.listener.test.ts +87 -87
package/src/listeners/ssrf/ssrf.extractor.ts +14 -14
package/src/listeners/ssrf/ssrf.listener.ts +37 -37
package/src/listeners/tcp/tcp.extractor.ts +16 -16
package/src/listeners/tcp/tcp.listener.ts +61 -61
package/src/listeners/webhook/__tests__/webhook.extractor.test.ts +35 -35
package/src/listeners/webhook/__tests__/webhook.listener.test.ts +122 -122
package/src/listeners/webhook/webhook.extractor.ts +12 -12
package/src/listeners/webhook/webhook.listener.ts +58 -58
package/src/listeners/websocket/__tests__/websocket.extractor.test.ts +33 -33
package/src/listeners/websocket/__tests__/websocket.listener.test.ts +90 -90
package/src/listeners/websocket/websocket.extractor.ts +11 -11
package/src/listeners/websocket/websocket.listener.ts +40 -40
package/src/storage-adapters/adapters/__tests__/memory.storage.test.ts +75 -75
package/src/storage-adapters/adapters/memory.storage.ts +64 -64
package/src/storage-adapters/storage.interface.ts +26 -26
package/src/types/event.types.ts +147 -147
package/tsconfig.json +20 -21

package/src/listeners/api/__tests__/api.sse.test.ts CHANGED Viewed

@@ -1,105 +1,105 @@
-import { ApiSse } from "../api.sse";
-import { Logger } from "../../../core/logger";
-import { ServerResponse, IncomingMessage } from "http";
-import { Socket } from "net";
-import { describe, it, expect, jest } from "@jest/globals";
-function mockRes(): ServerResponse {
-  const socket = new Socket();
-  const req = new IncomingMessage(socket);
-  const res = new ServerResponse(req);
-  return res;
-}
-describe("ApiSse", () => {
-  it("connecte un client SSE", () => {
-    const sse = new ApiSse(new Logger({ context: "Test" }));
-    const res = mockRes();
-    // On espionne writeHead et write
-    const writeHeadSpy = jest.spyOn(res, "writeHead");
-    const writeSpy = jest.spyOn(res, "write");
-    sse.handle(res);
-    expect(writeHeadSpy).toHaveBeenCalledWith(200, {
-      "Content-Type": "text/event-stream",
-      "Cache-Control": "no-cache",
-      Connection: "keep-alive",
-    });
-    expect(writeSpy).toHaveBeenCalled();
-  });
-  it("broadcast un event à tous les clients", () => {
-    const sse = new ApiSse(new Logger({ context: "Test" }));
-    const res1 = mockRes();
-    const res2 = mockRes();
-    const spy1 = jest.spyOn(res1, "write");
-    const spy2 = jest.spyOn(res2, "write");
-    sse.handle(res1);
-    sse.handle(res2);
-    sse.broadcast({ id: "123", type: "http" });
-    expect(spy1).toHaveBeenCalled();
-    expect(spy2).toHaveBeenCalled();
-    const payload = spy1.mock.calls[spy1.mock.calls.length - 1][0];
-    expect(payload).toContain("event: event");
-    expect(payload).toContain('"id":"123"');
-  });
-  it("supprime un client à la fermeture", () => {
-    const sse = new ApiSse(new Logger({ context: "Test" }));
-    const res = mockRes();
-    sse.handle(res);
-    expect((sse as any).clients.size).toBe(1);
-    res.emit("close");
-    expect((sse as any).clients.size).toBe(0);
-  });
-  it("envoie un event SSE avec le bon format", () => {
-    const sse = new ApiSse(new Logger({ context: "Test" }));
-    const res = mockRes();
-    const spy = jest.spyOn(res, "write");
-    sse.handle(res);
-    sse.broadcast({ id: "abc", type: "dns" });
-    const payload = spy.mock.calls[spy.mock.calls.length - 1][0];
-    expect(payload).toContain("event: event");
-    expect(payload).toContain("data:");
-    expect(payload).toContain('"id":"abc"');
-    expect(payload.endsWith("\n\n")).toBe(true);
-  });
-  it("broadcast ne plante pas s'il n'y a aucun client", () => {
-    const sse = new ApiSse(new Logger({ context: "Test" }));
-    expect(() => {
-      sse.broadcast({ id: "x", type: "http" });
-    }).not.toThrow();
-  });
-  it("ne duplique pas un client déjà enregistré", () => {
-    const sse = new ApiSse(new Logger({ context: "Test" }));
-    const res = mockRes();
-    sse.handle(res);
-    // simulate duplicate registration attempt
-    (sse as any).clients.add(res);
-    expect((sse as any).clients.size).toBe(1);
-  });
-});
+import { ApiSse } from "../api.sse";
+import { Logger } from "../../../core/logger";
+import { ServerResponse, IncomingMessage } from "http";
+import { Socket } from "net";
+import { describe, it, expect, jest } from "@jest/globals";
+function mockRes(): ServerResponse {
+  const socket = new Socket();
+  const req = new IncomingMessage(socket);
+  const res = new ServerResponse(req);
+  return res;
+}
+describe("ApiSse", () => {
+  it("connecte un client SSE", () => {
+    const sse = new ApiSse(new Logger({ context: "Test" }));
+    const res = mockRes();
+    // On espionne writeHead et write
+    const writeHeadSpy = jest.spyOn(res, "writeHead");
+    const writeSpy = jest.spyOn(res, "write");
+    sse.handle(res);
+    expect(writeHeadSpy).toHaveBeenCalledWith(200, {
+      "Content-Type": "text/event-stream",
+      "Cache-Control": "no-cache",
+      Connection: "keep-alive",
+    });
+    expect(writeSpy).toHaveBeenCalled();
+  });
+  it("broadcast un event à tous les clients", () => {
+    const sse = new ApiSse(new Logger({ context: "Test" }));
+    const res1 = mockRes();
+    const res2 = mockRes();
+    const spy1 = jest.spyOn(res1, "write");
+    const spy2 = jest.spyOn(res2, "write");
+    sse.handle(res1);
+    sse.handle(res2);
+    sse.broadcast({ id: "123", type: "http" });
+    expect(spy1).toHaveBeenCalled();
+    expect(spy2).toHaveBeenCalled();
+    const payload = spy1.mock.calls[spy1.mock.calls.length - 1][0];
+    expect(payload).toContain("event: event");
+    expect(payload).toContain('"id":"123"');
+  });
+  it("supprime un client à la fermeture", () => {
+    const sse = new ApiSse(new Logger({ context: "Test" }));
+    const res = mockRes();
+    sse.handle(res);
+    expect((sse as any).clients.size).toBe(1);
+    res.emit("close");
+    expect((sse as any).clients.size).toBe(0);
+  });
+  it("envoie un event SSE avec le bon format", () => {
+    const sse = new ApiSse(new Logger({ context: "Test" }));
+    const res = mockRes();
+    const spy = jest.spyOn(res, "write");
+    sse.handle(res);
+    sse.broadcast({ id: "abc", type: "dns" });
+    const payload = spy.mock.calls[spy.mock.calls.length - 1][0];
+    expect(payload).toContain("event: event");
+    expect(payload).toContain("data:");
+    expect(payload).toContain('"id":"abc"');
+    expect(payload.endsWith("\n\n")).toBe(true);
+  });
+  it("broadcast ne plante pas s'il n'y a aucun client", () => {
+    const sse = new ApiSse(new Logger({ context: "Test" }));
+    expect(() => {
+      sse.broadcast({ id: "x", type: "http" });
+    }).not.toThrow();
+  });
+  it("ne duplique pas un client déjà enregistré", () => {
+    const sse = new ApiSse(new Logger({ context: "Test" }));
+    const res = mockRes();
+    sse.handle(res);
+    // simulate duplicate registration attempt
+    (sse as any).clients.add(res);
+    expect((sse as any).clients.size).toBe(1);
+  });
+});

package/src/listeners/api/api.controllers.ts CHANGED Viewed

@@ -1,67 +1,67 @@
-import { ServerResponse } from "http";
-import { StorageManager } from "../../core/storage";
-export class ApiController {
-  static async listEvents(
-    url: URL,
-    res: ServerResponse,
-    storage: StorageManager,
-  ): Promise<void> {
-    const type = url.searchParams.get("type") ?? undefined;
-    const page = Number(url.searchParams.get("page") ?? 1);
-    const limit = Number(url.searchParams.get("limit") ?? 50);
-    const events = await storage.listEvents({ type, page, limit });
-    res.writeHead(200, { "Content-Type": "application/json" });
-    res.end(JSON.stringify({ success: true, events }));
-  }
-  static async getEvent(
-    id: string,
-    res: ServerResponse,
-    storage: StorageManager,
-  ): Promise<void> {
-    const event = await storage.getEvent(id);
-    if (!event) {
-      res.writeHead(404, { "Content-Type": "application/json" });
-      res.end(JSON.stringify({ success: false, error: "Not found" }));
-      return;
-    }
-    res.writeHead(200, { "Content-Type": "application/json" });
-    res.end(JSON.stringify({ success: true, event }));
-  }
-  static async deleteAll(
-    res: ServerResponse,
-    storage: StorageManager,
-  ): Promise<void> {
-    await storage.clearEvents();
-    res.writeHead(200, { "Content-Type": "application/json" });
-    res.end(JSON.stringify({ success: true }));
-  }
-  static async deleteOne(
-    id: string,
-    res: ServerResponse,
-    storage: StorageManager,
-  ): Promise<void> {
-    const ok = await storage.deleteEvent(id);
-    res.writeHead(200, { "Content-Type": "application/json" });
-    res.end(JSON.stringify({ success: ok }));
-  }
-  static async stats(
-    res: ServerResponse,
-    storage: StorageManager,
-  ): Promise<void> {
-    const stats = await storage.getStats();
-    res.writeHead(200, { "Content-Type": "application/json" });
-    res.end(JSON.stringify({ success: true, stats }));
-  }
-}
+import { ServerResponse } from "http";
+import { StorageManager } from "../../core/storage";
+export class ApiController {
+  static async listEvents(
+    url: URL,
+    res: ServerResponse,
+    storage: StorageManager,
+  ): Promise<void> {
+    const type = url.searchParams.get("type") ?? undefined;
+    const page = Number(url.searchParams.get("page") ?? 1);
+    const limit = Number(url.searchParams.get("limit") ?? 50);
+    const events = await storage.listEvents({ type, page, limit });
+    res.writeHead(200, { "Content-Type": "application/json" });
+    res.end(JSON.stringify({ success: true, events }));
+  }
+  static async getEvent(
+    id: string,
+    res: ServerResponse,
+    storage: StorageManager,
+  ): Promise<void> {
+    const event = await storage.getEvent(id);
+    if (!event) {
+      res.writeHead(404, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ success: false, error: "Not found" }));
+      return;
+    }
+    res.writeHead(200, { "Content-Type": "application/json" });
+    res.end(JSON.stringify({ success: true, event }));
+  }
+  static async deleteAll(
+    res: ServerResponse,
+    storage: StorageManager,
+  ): Promise<void> {
+    await storage.clearEvents();
+    res.writeHead(200, { "Content-Type": "application/json" });
+    res.end(JSON.stringify({ success: true }));
+  }
+  static async deleteOne(
+    id: string,
+    res: ServerResponse,
+    storage: StorageManager,
+  ): Promise<void> {
+    const ok = await storage.deleteEvent(id);
+    res.writeHead(200, { "Content-Type": "application/json" });
+    res.end(JSON.stringify({ success: ok }));
+  }
+  static async stats(
+    res: ServerResponse,
+    storage: StorageManager,
+  ): Promise<void> {
+    const stats = await storage.getStats();
+    res.writeHead(200, { "Content-Type": "application/json" });
+    res.end(JSON.stringify({ success: true, stats }));
+  }
+}

package/src/listeners/api/api.extractor.ts CHANGED Viewed

@@ -1,43 +1,43 @@
-import { IncomingMessage } from "http";
-import { RawEvent } from "../../types/event.types";
-export class ApiExtractor {
-  static async extract(req: IncomingMessage): Promise<RawEvent> {
-    const ip = req.socket.remoteAddress ?? "";
-    const method = req.method ?? "";
-    const url = new URL(req.url ?? "", `http://${req.headers.host}`);
-    const path = url.pathname;
-    const query: Record<string, string> = {};
-    for (const [key, value] of url.searchParams.entries()) {
-      query[key] = value;
-    }
-    // Lecture du body (si POST/PUT/PATCH)
-    let body: any = null;
-    if (method !== "GET" && method !== "HEAD") {
-      body = await new Promise((resolve) => {
-        let data = "";
-        req.on("data", (chunk) => (data += chunk));
-        req.on("end", () => {
-          try {
-            resolve(JSON.parse(data));
-          } catch {
-            resolve(data);
-          }
-        });
-      });
-    }
-    return {
-      ip,
-      method,
-      path,
-      headers: req.headers,
-      query,
-      body,
-      raw: req,
-    };
-  }
-}
+import { IncomingMessage } from "http";
+import { RawEvent } from "../../types/event.types";
+export class ApiExtractor {
+  static async extract(req: IncomingMessage): Promise<RawEvent> {
+    const ip = req.socket.remoteAddress ?? "";
+    const method = req.method ?? "";
+    const url = new URL(req.url ?? "", `http://${req.headers.host}`);
+    const path = url.pathname;
+    const query: Record<string, string> = {};
+    for (const [key, value] of url.searchParams.entries()) {
+      query[key] = value;
+    }
+    // Lecture du body (si POST/PUT/PATCH)
+    let body: any = null;
+    if (method !== "GET" && method !== "HEAD") {
+      body = await new Promise((resolve) => {
+        let data = "";
+        req.on("data", (chunk) => (data += chunk));
+        req.on("end", () => {
+          try {
+            resolve(JSON.parse(data));
+          } catch {
+            resolve(data);
+          }
+        });
+      });
+    }
+    return {
+      ip,
+      method,
+      path,
+      headers: req.headers,
+      query,
+      body,
+      raw: req,
+    };
+  }
+}

package/src/listeners/api/api.listener.ts CHANGED Viewed

@@ -1,50 +1,50 @@
-import { createServer, IncomingMessage, Server, ServerResponse } from "http";
-import { Logger } from "../../core/logger";
-import { StorageManager } from "../../core/storage";
-import { handleApiRequest } from "./api.routes";
-import { ApiSse } from "./api.sse";
-export interface ApiListenerOptions {
-  port: number;
-  logger?: Logger;
-}
-export class ApiListener {
-  private logger: Logger;
-  private server: Server | null = null;
-  private sse: ApiSse;
-  constructor(
-    private storage: StorageManager,
-    private options: ApiListenerOptions,
-  ) {
-    this.logger = options.logger ?? new Logger({ context: "ApiListener" });
-    this.sse = new ApiSse(this.logger);
-  }
-  async start() {
-    this.server = createServer((req: IncomingMessage, res: ServerResponse) => {
-      void handleApiRequest(req, res, this.storage, this.sse, this.logger);
-    });
-    this.server.listen(this.options.port, () => {
-      this.logger.info(`API Listener started on port ${this.options.port}`);
-    });
-  }
-  async stop() {
-    this.sse.closeAll();
-    if (this.server) {
-      this.server.close();
-      this.server = null;
-    }
-    this.logger.info("API Listener stopped");
-  }
-  // Méthode appelée par ton CoreRouter / CoreServer après chaque event
-  public broadcastEvent(event: any) {
-    this.sse.broadcast(event);
-  }
-}
+import { createServer, IncomingMessage, Server, ServerResponse } from "http";
+import { Logger } from "../../core/logger";
+import { StorageManager } from "../../core/storage";
+import { handleApiRequest } from "./api.routes";
+import { ApiSse } from "./api.sse";
+export interface ApiListenerOptions {
+  port: number;
+  logger?: Logger;
+}
+export class ApiListener {
+  private logger: Logger;
+  private server: Server | null = null;
+  private sse: ApiSse;
+  constructor(
+    private storage: StorageManager,
+    private options: ApiListenerOptions,
+  ) {
+    this.logger = options.logger ?? new Logger({ context: "ApiListener" });
+    this.sse = new ApiSse(this.logger);
+  }
+  async start() {
+    this.server = createServer((req: IncomingMessage, res: ServerResponse) => {
+      void handleApiRequest(req, res, this.storage, this.sse, this.logger);
+    });
+    this.server.listen(this.options.port, () => {
+      this.logger.info(`API Listener started on port ${this.options.port}`);
+    });
+  }
+  async stop() {
+    this.sse.closeAll();
+    if (this.server) {
+      this.server.close();
+      this.server = null;
+    }
+    this.logger.info("API Listener stopped");
+  }
+  // Méthode appelée par ton CoreRouter / CoreServer après chaque event
+  public broadcastEvent(event: any) {
+    this.sse.broadcast(event);
+  }
+}