@linkup-ai/abap-ai 0.1.0

package/dist/adt-client.js

@@ -0,0 +1,383 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.http = exports.SUPPORTED_OBJECT_TYPES = exports.AdtError = exports.SAP_LANGUAGE = exports.SAP_USER = void 0;
+exports.resolveAdtPath = resolveAdtPath;
+exports.adtGet = adtGet;
+exports.adtGetXml = adtGetXml;
+exports.adtGetWithEtag = adtGetWithEtag;
+exports.adtPut = adtPut;
+exports.adtLock = adtLock;
+exports.adtUnlock = adtUnlock;
+exports.adtDelete = adtDelete;
+exports.adtPostXml = adtPostXml;
+exports.adtGetXmlWithParams = adtGetXmlWithParams;
+exports.adtPostText = adtPostText;
+exports.ensureSession = ensureSession;
+exports.resetSession = resetSession;
+const axios_1 = __importDefault(require("axios"));
+const axios_cookiejar_support_1 = require("axios-cookiejar-support");
+const tough_cookie_1 = require("tough-cookie");
+const logger_js_1 = require("./logger.js");
+// ─── Configuração via env ─────────────────────────────────────────
+const SAP_URL = process.env.SAP_URL ?? "";
+exports.SAP_USER = process.env.SAP_USER ?? "";
+const SAP_PASS = process.env.SAP_PASS ?? "";
+const SAP_CLIENT = process.env.SAP_CLIENT ?? "100";
+exports.SAP_LANGUAGE = process.env.SAP_LANGUAGE ?? "PT";
+/** Timeout em ms para chamadas ADT (padrão: 60s, configurável via SAP_TIMEOUT) */
+const SAP_TIMEOUT = parseInt(process.env.SAP_TIMEOUT ?? "60000", 10);
+/** Número máximo de retries em 401 (sessão expirada) */
+const MAX_RETRIES = 1;
+let session = null;
+// ─── HTTP Client ──────────────────────────────────────────────────
+function createHttpClient() {
+    const jar = new tough_cookie_1.CookieJar();
+    // NODE_TLS_REJECT_UNAUTHORIZED=0 já está definido no mcp.json para ignorar certs self-signed.
+    // axios-cookiejar-support@4 é incompatível com httpsAgent customizado — não usar.
+    return (0, axios_cookiejar_support_1.wrapper)(axios_1.default.create({
+        baseURL: `${SAP_URL}/sap/bc/adt`,
+        jar,
+        withCredentials: true,
+        auth: { username: exports.SAP_USER, password: SAP_PASS },
+        params: { "sap-client": SAP_CLIENT, "sap-language": exports.SAP_LANGUAGE },
+        timeout: SAP_TIMEOUT,
+    }));
+}
+const http = createHttpClient();
+exports.http = http;
+// ─── Sessão CSRF ──────────────────────────────────────────────────
+/** Máximo de tentativas para obter CSRF token */
+const CSRF_MAX_RETRIES = 3;
+/** Intervalo entre tentativas de CSRF (ms) */
+const CSRF_RETRY_DELAY = 1000;
+async function ensureSession() {
+    if (session)
+        return session.csrfToken;
+    let lastError;
+    for (let attempt = 1; attempt <= CSRF_MAX_RETRIES; attempt++) {
+        try {
+            const response = await http.get("/discovery", {
+                headers: { "X-CSRF-Token": "Fetch", Accept: "application/xml" },
+                validateStatus: (status) => status < 500, // 406 é esperado mas traz o CSRF token
+            });
+            const token = response.headers["x-csrf-token"];
+            if (token) {
+                session = { csrfToken: token };
+                return token;
+            }
+            lastError = new AdtError("CSRF token não retornado pelo SAP ADT.", 0, "/discovery");
+        }
+        catch (error) {
+            lastError = error;
+        }
+        // Retry com backoff linear (1s, 2s, 3s)
+        if (attempt < CSRF_MAX_RETRIES) {
+            await new Promise((r) => setTimeout(r, CSRF_RETRY_DELAY * attempt));
+        }
+    }
+    throw lastError instanceof AdtError
+        ? lastError
+        : new AdtError("Falha ao obter CSRF token do SAP ADT após 3 tentativas. Verifique se o serviço /sap/bc/adt/discovery está ativo.", 0, "/discovery");
+}
+function resetSession() {
+    session = null;
+}
+// ─── Erros tipados ────────────────────────────────────────────────
+class AdtError extends Error {
+    statusCode;
+    path;
+    sapMessage;
+    constructor(message, statusCode, path, sapMessage) {
+        super(message);
+        this.statusCode = statusCode;
+        this.path = path;
+        this.sapMessage = sapMessage;
+        this.name = "AdtError";
+    }
+}
+exports.AdtError = AdtError;
+function isAxiosError(error) {
+    return typeof error === "object" && error !== null && ("response" in error || "code" in error);
+}
+// ─── Mensagens de erro em português ───────────────────────────────
+function translateError(error, path) {
+    if (error instanceof AdtError)
+        return error;
+    if (isAxiosError(error)) {
+        const status = error.response?.status ?? 0;
+        const sapMsg = typeof error.response?.data === "string"
+            ? extractSapMessage(error.response.data)
+            : undefined;
+        switch (status) {
+            case 401:
+                return new AdtError("Credenciais inválidas ou sessão expirada. Verifique SAP_USER e SAP_PASS.", 401, path, sapMsg);
+            case 403:
+                return new AdtError(`Sem autorização para acessar ${path}. Verifique as autorizações do usuário ${exports.SAP_USER} no SAP.`, 403, path, sapMsg);
+            case 404:
+                return new AdtError(`Objeto não encontrado: ${path}. Verifique o nome e tipo do objeto.`, 404, path, sapMsg);
+            case 409:
+                return new AdtError(`Conflito ao acessar ${path}. O objeto pode estar bloqueado por outro usuário.`, 409, path, sapMsg);
+            case 412:
+                return new AdtError(`ETag desatualizado para ${path}. O objeto foi modificado por outro processo. Tente novamente.`, 412, path, sapMsg);
+            case 422:
+                return new AdtError(sapMsg || `Erro de validação em ${path}. Verifique os dados enviados.`, 422, path, sapMsg);
+            default:
+                if (status >= 400) {
+                    return new AdtError(sapMsg || `Erro HTTP ${status} ao acessar ${path}: ${error.response?.statusText ?? "erro desconhecido"}`, status, path, sapMsg);
+                }
+        }
+        // Erros de rede (sem response)
+        if (error.code === "ECONNREFUSED") {
+            return new AdtError(`Conexão recusada: ${SAP_URL}. Verifique se o SAP está acessível e a VPN está conectada.`, 0, path);
+        }
+        if (error.code === "ECONNABORTED" || error.code === "ETIMEDOUT") {
+            return new AdtError(`Timeout ao acessar ${path} (limite: ${SAP_TIMEOUT / 1000}s). O servidor SAP pode estar lento ou inacessível.`, 0, path);
+        }
+        if (error.code === "ENOTFOUND") {
+            return new AdtError(`Host não encontrado: ${SAP_URL}. Verifique a URL do SAP e a resolução DNS.`, 0, path);
+        }
+        if (error.code === "UNABLE_TO_VERIFY_LEAF_SIGNATURE" || error.code === "DEPTH_ZERO_SELF_SIGNED_CERT") {
+            return new AdtError(`Certificado SSL inválido para ${SAP_URL}. Defina NODE_TLS_REJECT_UNAUTHORIZED=0 no mcp.json.`, 0, path);
+        }
+    }
+    const msg = error instanceof Error ? error.message : String(error);
+    return new AdtError(`Erro inesperado em ${path}: ${msg}`, 0, path);
+}
+/** Extrai mensagem de erro do XML de resposta SAP */
+function extractSapMessage(xml) {
+    // SAP retorna erros em <exc:exception><exc:message>
+    const match = xml.match(/<(?:exc:)?message[^>]*>([^<]+)<\/(?:exc:)?message>/i)
+        || xml.match(/<msg[^>]*>([^<]+)<\/msg>/i)
+        || xml.match(/<shortText>([^<]+)<\/shortText>/i);
+    return match?.[1]?.trim();
+}
+// ─── Retry com logging ────────────────────────────────────────────
+/**
+ * Wrapper central: executa uma operação ADT com retry automático em 401
+ * e logging de cada chamada.
+ */
+async function withRetry(method, path, fn) {
+    let lastError;
+    for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+        const elapsed = (0, logger_js_1.startTimer)();
+        try {
+            const result = await fn();
+            (0, logger_js_1.logCall)({
+                timestamp: new Date().toISOString(),
+                method,
+                path,
+                status: 200,
+                duration_ms: elapsed(),
+            });
+            return result;
+        }
+        catch (error) {
+            const duration = elapsed();
+            lastError = error;
+            const status = isAxiosError(error) ? (error.response?.status ?? 0) : 0;
+            (0, logger_js_1.logCall)({
+                timestamp: new Date().toISOString(),
+                method,
+                path,
+                status,
+                duration_ms: duration,
+                error: error instanceof Error ? error.message : String(error),
+            });
+            // 401 = sessão expirada → reseta e tenta de novo (apenas 1x)
+            if (status === 401 && attempt < MAX_RETRIES) {
+                resetSession();
+                continue;
+            }
+            // Timeout → tenta de novo (apenas 1x)
+            if (isAxiosError(error) && (error.code === "ECONNABORTED" || error.code === "ETIMEDOUT") && attempt < MAX_RETRIES) {
+                continue;
+            }
+            break;
+        }
+    }
+    throw translateError(lastError, path);
+}
+// ─── Mapeamento de tipo SAP para caminho ADT ─────────────────────
+const TYPE_TO_PATH = {
+    // Objetos ABAP clássicos
+    "PROG/P": "programs/programs",
+    "CLAS/OC": "oo/classes",
+    "FUGR/FF": "functions/functionmodules",
+    "DOMA/D": "ddic/domains",
+    "DTEL/D": "ddic/dataelements",
+    "TABL/DT": "ddic/tables",
+    "TABL/DS": "ddic/structures",
+    "INTF/OI": "oo/interfaces",
+    // Objetos RAP / Fiori
+    "DDLS/DF": "ddic/ddl/sources",
+    "DDLX/MX": "ddic/ddlx/sources",
+    "SRVD/SRV": "ddic/srvd/sources",
+    "BDEF/BDO": "bo/behaviordefinitions",
+    "SRVB/SVB": "businessservices/bindings",
+    // Objetos adicionais
+    "FUGR/F": "functions/groups",
+    "TTYP/TT": "ddic/tabletypes",
+    "MSAG/N": "messageclass",
+    // Transformações
+    "XSLT/XT": "transformations/xslt",
+    "XSLT/ST": "transformations/simple",
+    // Enhancements
+    "ENHS/ES": "enhancements/spots",
+    "ENHO/EO": "enhancements/implementations",
+    // DDIC adicional
+    "ENQU/DL": "ddic/lockobjects/sources",
+    "NROB/NR": "numberranges/objects",
+    "SUSO/B": "authorization/authorizationobjects",
+};
+function resolveAdtPath(objectType) {
+    const path = TYPE_TO_PATH[objectType];
+    if (!path)
+        throw new AdtError(`Tipo de objeto não suportado: ${objectType}. Tipos válidos: ${Object.keys(TYPE_TO_PATH).join(", ")}`, 0, "");
+    return path;
+}
+// ─── Funções ADT com retry e logging ──────────────────────────────
+async function adtGet(path) {
+    return withRetry("GET", path, async () => {
+        await ensureSession();
+        const response = await http.get(path, {
+            headers: { Accept: "text/plain" },
+            responseType: "text",
+        });
+        return response.data;
+    });
+}
+async function adtGetXml(path) {
+    return withRetry("GET_XML", path, async () => {
+        await ensureSession();
+        const response = await http.get(path, {
+            headers: { Accept: "application/xml" },
+            responseType: "text",
+        });
+        return response.data;
+    });
+}
+async function adtGetWithEtag(path) {
+    return withRetry("GET_ETAG", path, async () => {
+        await ensureSession();
+        const response = await http.get(path, {
+            headers: { Accept: "text/plain" },
+            responseType: "text",
+        });
+        const etag = response.headers["etag"];
+        if (!etag)
+            throw new AdtError("ETag não retornado pelo servidor — impossível gravar com segurança. Verifique se o objeto suporta edição via ADT.", 0, path);
+        return { source: response.data, etag };
+    });
+}
+async function adtPut(path, source, etag, transportRequest) {
+    await withRetry("PUT", path, async () => {
+        const csrf = await ensureSession();
+        const params = {};
+        if (transportRequest)
+            params.corrNr = transportRequest;
+        await http.put(path, source, {
+            headers: {
+                "Content-Type": "text/plain",
+                "X-CSRF-Token": csrf,
+                "If-Match": etag,
+            },
+            params,
+        });
+    });
+}
+async function adtLock(objectPath) {
+    return withRetry("LOCK", objectPath, async () => {
+        const csrf = await ensureSession();
+        const resp = await http.post(objectPath, "", {
+            headers: { "X-CSRF-Token": csrf },
+            params: { _action: "LOCK", accessMode: "MODIFY" },
+            validateStatus: (status) => status < 500,
+            responseType: "text",
+        });
+        if (resp.status >= 300) {
+            throw new AdtError(`Falha ao bloquear objeto ${objectPath} (status ${resp.status}). O objeto pode estar bloqueado por outro usuário.`, resp.status, objectPath);
+        }
+        // Extrair lockHandle do XML de resposta
+        const data = typeof resp.data === "string" ? resp.data : "";
+        const handleMatch = data.match(/<LOCK_HANDLE>([^<]+)<\/LOCK_HANDLE>/);
+        return handleMatch?.[1] ?? "";
+    });
+}
+async function adtUnlock(objectPath) {
+    await withRetry("UNLOCK", objectPath, async () => {
+        const csrf = await ensureSession();
+        await http.post(objectPath, "", {
+            headers: { "X-CSRF-Token": csrf },
+            params: { _action: "UNLOCK" },
+            validateStatus: (status) => status < 500,
+        });
+    });
+}
+async function adtDelete(path, transportRequest) {
+    await withRetry("DELETE", path, async () => {
+        const csrf = await ensureSession();
+        const params = {};
+        if (transportRequest)
+            params.corrNr = transportRequest;
+        await http.delete(path, {
+            headers: { "X-CSRF-Token": csrf },
+            params,
+        });
+    });
+}
+async function adtPostXml(path, body, params, accept = "application/xml") {
+    return withRetry("POST_XML", path, async () => {
+        const csrf = await ensureSession();
+        const response = await http.post(path, body, {
+            headers: {
+                "Content-Type": "application/xml",
+                Accept: accept,
+                "X-CSRF-Token": csrf,
+            },
+            params,
+            responseType: "text",
+            validateStatus: (status) => status < 500,
+        });
+        return {
+            data: response.data,
+            status: response.status,
+            headers: response.headers,
+        };
+    });
+}
+async function adtGetXmlWithParams(path, params) {
+    return withRetry("GET_XML", path, async () => {
+        await ensureSession();
+        const response = await http.get(path, {
+            headers: { Accept: "application/xml" },
+            params,
+            responseType: "text",
+        });
+        return response.data;
+    });
+}
+async function adtPostText(path, body, params, accept = "application/xml") {
+    return withRetry("POST_TEXT", path, async () => {
+        const csrf = await ensureSession();
+        const response = await http.post(path, body, {
+            headers: {
+                "Content-Type": "text/plain",
+                Accept: accept,
+                "X-CSRF-Token": csrf,
+            },
+            params,
+            responseType: "text",
+            validateStatus: (status) => status < 500,
+        });
+        return {
+            data: response.data,
+            status: response.status,
+            headers: response.headers,
+        };
+    });
+}
+// ─── Exports ──────────────────────────────────────────────────────
+exports.SUPPORTED_OBJECT_TYPES = Object.keys(TYPE_TO_PATH);

package/dist/cli/activate.js

@@ -0,0 +1,127 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readLicense = readLicense;
+exports.activate = activate;
+const crypto = __importStar(require("crypto"));
+const fs = __importStar(require("fs"));
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+const LICENSE_DIR = path.join(os.homedir(), ".abap-ai");
+const LICENSE_PATH = path.join(LICENSE_DIR, "license.json");
+// ── Beta key validation (offline, HMAC-based) ───────────────────────
+// Em produção será substituído por fetch ao license server (api.lkpabap.ai)
+const BETA_SECRET = "lkp-beta-2026-xK9mQ3vR";
+const PLAN_MAP = { ST: "starter", PR: "pro", EN: "enterprise" };
+function validateBetaKey(key) {
+    const upper = key.toUpperCase();
+    const match = upper.match(/^LK-([A-Z]{2})([A-Z]{2})-([A-Z0-9]{4})-([A-Z0-9]{4})$/);
+    if (!match)
+        return null;
+    const [, planCode, modeCode, rand, checksum] = match;
+    const plan = PLAN_MAP[planCode];
+    if (!plan || modeCode !== "BK")
+        return null;
+    // Recalcula HMAC e compara com o checksum da chave
+    const payload = `${planCode}${modeCode}-${rand}`;
+    const expected = crypto
+        .createHmac("sha256", BETA_SECRET)
+        .update(payload)
+        .digest("hex")
+        .toUpperCase()
+        .slice(0, 4);
+    if (checksum !== expected)
+        return null;
+    return { plan };
+}
+function saveLicense(license) {
+    if (!fs.existsSync(LICENSE_DIR)) {
+        fs.mkdirSync(LICENSE_DIR, { recursive: true });
+    }
+    fs.writeFileSync(LICENSE_PATH, JSON.stringify(license, null, 2) + "\n", "utf-8");
+}
+function readLicense() {
+    try {
+        const raw = fs.readFileSync(LICENSE_PATH, "utf-8");
+        return JSON.parse(raw);
+    }
+    catch {
+        return null;
+    }
+}
+async function activate(key) {
+    console.log("\n  ⏳ Validando licença...");
+    const keyPattern = /^LK-[A-Z0-9]{4}-[A-Z0-9]{4}-[A-Z0-9]{4}$/i;
+    if (!keyPattern.test(key)) {
+        console.log(`  ✗ Formato de chave inválido.`);
+        console.log(`    Formato esperado: LK-XXXX-XXXX-XXXX`);
+        console.log(`    Adquira em: https://lkpabap.ai\n`);
+        process.exit(1);
+    }
+    // ── Tenta validação offline (beta keys com HMAC) ──────────────────
+    // TODO: Quando o license server existir, tentar fetch a api.lkpabap.ai primeiro
+    const beta = validateBetaKey(key);
+    if (!beta) {
+        console.log(`  ✗ Chave inválida ou expirada.`);
+        console.log(`    Verifique a chave recebida ou solicite uma nova.\n`);
+        process.exit(1);
+    }
+    const { plan } = beta;
+    const license = {
+        key: key.toUpperCase(),
+        plan,
+        limits: {
+            systems: plan === "starter" ? 1 : plan === "pro" ? 3 : -1,
+            calls_per_day: plan === "starter" ? 200 : -1,
+        },
+        expires: new Date(Date.now() + 90 * 24 * 60 * 60 * 1000).toISOString().split("T")[0],
+        validated_at: new Date().toISOString(),
+    };
+    saveLicense(license);
+    const planLabel = `${plan.charAt(0).toUpperCase() + plan.slice(1)} (BYOK)`;
+    const systemsLabel = license.limits.systems === -1 ? "Ilimitado" : `até ${license.limits.systems}`;
+    const callsLabel = license.limits.calls_per_day === -1 ? "Ilimitado" : `${license.limits.calls_per_day}/dia`;
+    console.log(`  ✓ Licença válida!`);
+    console.log(`
+  ╭──────────────────────────────────────────╮
+  │  Plano:        ${planLabel.padEnd(25)}│
+  │  Válido até:   ${license.expires.padEnd(25)}│
+  │  Sistemas:     ${systemsLabel.padEnd(25)}│
+  │  Chamadas/dia: ${callsLabel.padEnd(25)}│
+  │${" ".repeat(42)}│
+  │  Licença salva em ~/.abap-ai/license${" ".repeat(4)}│
+  ╰──────────────────────────────────────────╯`);
+    console.log(`\n  Próximo passo: abap-ai init\n`);
+}