@nasl/cli 0.1.15 → 0.1.17

package/dist/bin/naslc.mjs

@@ -15,7 +15,7 @@ import require$$5 from 'assert';
 import require$$3 from 'http';
 import require$$4$1 from 'https';
 import require$$0$6 from 'url';
-import require$$8 from 'crypto';
+import crypto$1 from 'crypto';
 import http2 from 'http2';
 import zlib from 'zlib';
 
@@ -22077,7 +22077,7 @@ function requireForm_data () {
 	var parseUrl = require$$0$6.parse;
 	var fs = require$$0$2;
 	var Stream = stream$4.Stream;
-	var crypto = require$$8;
+	var crypto = crypto$1;
 	var mime = requireMimeTypes();
 	var asynckit = requireAsynckit();
 	var setToStringTag = /*@__PURE__*/ requireEsSetTostringtag();
@@ -22986,7 +22986,7 @@ const generateString = (size = 16, alphabet = ALPHABET.ALPHA_DIGIT) => {
   let str = '';
   const {length} = alphabet;
   const randomValues = new Uint32Array(size);
-  require$$8.randomFillSync(randomValues);
+  crypto$1.randomFillSync(randomValues);
   for (let i = 0; i < size; i++) {
     str += alphabet[randomValues[i] % length];
   }
@@ -28771,14 +28771,199 @@ const {
   mergeConfig
 } = axios;
 
-function createAxios(baseURL) {
-    return axios.create({
+// Unique ID creation requires a high quality random # generator. In the browser we therefore
+// require the crypto API and do not support built-in fallback to lower quality random number
+// generators (like Math.random()).
+let getRandomValues;
+const rnds8 = new Uint8Array(16);
+function rng() {
+  // lazy load so that environments that need to polyfill have a chance to do so
+  if (!getRandomValues) {
+    // getRandomValues needs to be invoked in a context where "this" is a Crypto implementation.
+    getRandomValues = typeof crypto !== 'undefined' && crypto.getRandomValues && crypto.getRandomValues.bind(crypto);
+
+    if (!getRandomValues) {
+      throw new Error('crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported');
+    }
+  }
+
+  return getRandomValues(rnds8);
+}
+
+/**
+ * Convert array of 16 byte values to UUID string format of the form:
+ * XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
+ */
+
+const byteToHex = [];
+
+for (let i = 0; i < 256; ++i) {
+  byteToHex.push((i + 0x100).toString(16).slice(1));
+}
+
+function unsafeStringify(arr, offset = 0) {
+  // Note: Be careful editing this code!  It's been tuned for performance
+  // and works in ways you may not expect. See https://github.com/uuidjs/uuid/pull/434
+  return byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + '-' + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + '-' + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + '-' + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + '-' + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]];
+}
+
+const randomUUID = typeof crypto !== 'undefined' && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+var native = {
+  randomUUID
+};
+
+function v4(options, buf, offset) {
+  if (native.randomUUID && true && !options) {
+    return native.randomUUID();
+  }
+
+  options = options || {};
+  const rnds = options.random || (options.rng || rng)(); // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`
+
+  rnds[6] = rnds[6] & 0x0f | 0x40;
+  rnds[8] = rnds[8] & 0x3f | 0x80; // Copy bytes to buffer, if provided
+
+  return unsafeStringify(rnds);
+}
+
+/**
+ * 构建签名字符串
+ */
+function buildStringToSign(appKey, nonce, timestamp, secretKey) {
+    return `${appKey}&${nonce}&${timestamp}&${secretKey}`;
+}
+/**
+ * 生成 MD5 签名
+ */
+function generateSignature(plainText) {
+    return crypto$1.createHash('md5').update(plainText).digest('hex');
+}
+/**
+ * 生成客户端签名信息
+ * @param appKey AppKey
+ * @param secretKey SecretKey
+ * @returns 签名信息
+ */
+function generateClientSignature(appKey, secretKey) {
+    const timestamp = Math.floor(Date.now() / 1000).toString();
+    const nonce = v4();
+    const plainText = buildStringToSign(appKey, nonce, timestamp, secretKey);
+    const signature = generateSignature(plainText);
+    return {
+        appKey,
+        timestamp,
+        nonce,
+        signature,
+    };
+}
+/**
+ * 生成基础认证头
+ * @param ak AppKey
+ * @param sk SecretKey
+ * @returns 基础认证头
+ */
+function generateBaseHeaders(ak, sk) {
+    const { timestamp, signature, nonce } = generateClientSignature(ak, sk);
+    return {
+        'Content-Type': 'application/json',
+        'x-appKey': ak,
+        'x-timestamp': timestamp,
+        'x-nonce': nonce,
+        'x-signature': signature,
+    };
+}
+/**
+ * 获取租户的 signInfo
+ * @param options 服务器选项
+ * @param baseHeaders 基础认证头
+ * @returns x-signInfo 值
+ */
+async function fetchSignInfo(options, baseHeaders) {
+    const tenantName = options.tenantName || 'defaulttenant';
+    const userName = tenantName === 'defaulttenant' ? 'admin' : `${tenantName}-admin`;
+    const data = {
+        tenantName,
+        userName,
+        source: 'Normal',
+    };
+    const url = `${options.serverBaseURL}/openapi/v3/auth/getSignInfo`;
+    try {
+        const tempAxios = axios.create({
+            headers: baseHeaders,
+            timeout: 120000,
+        });
+        const response = await tempAxios.post(url, data);
+        return response?.data?.result || null;
+    }
+    catch (error) {
+        console.error('Error fetching sign info:', error.response?.data);
+        return null;
+    }
+}
+/**
+ * 生成完整的认证头（包含 x-signInfo）
+ * @param options 服务器选项
+ * @returns 完整的认证头
+ */
+async function generateCompleteHeaders(options) {
+    const headers = {
+        'Content-Type': 'application/json',
+    };
+    const OPENAPI_AK = options.OPENAPI_AK || process.env.LCAP_OPENAPI_AK;
+    const OPENAPI_SK = options.OPENAPI_SK || process.env.LCAP_OPENAPI_SK;
+    // 如果没有提供 ak 和 sk，返回基础 headers
+    if (!OPENAPI_AK || !OPENAPI_SK) {
+        throw new Error(`配置了 useOPENAPI，但没有提供 OPENAPI_AK 和 OPENAPI_SK:
+- 可取消配置 useOPENAPI
+- 在 nasl.config.json 中配置 OPENAPI_AK 和 OPENAPI_SK，或者在环境变量中配置 LCAP_OPENAPI_AK 和 LCAP_OPENAPI_SK`);
+    }
+    // 生成基础认证头
+    const baseHeaders = generateBaseHeaders(OPENAPI_AK, OPENAPI_SK);
+    Object.assign(headers, baseHeaders);
+    // 获取 signInfo
+    const signInfo = await fetchSignInfo(options, headers);
+    if (signInfo) {
+        headers['x-signInfo'] = signInfo;
+    }
+    return headers;
+}
+
+/**
+ * 创建 Axios 实例
+ * @param options 服务器选项，包含认证信息
+ * @returns Axios 实例
+ */
+async function createAxios(options) {
+    // 如果需要鉴权，拼接 /openapi/v3/nasl；否则使用原始 URL
+    const serverBaseURL = new URL(options.serverBaseURL).origin;
+    const useOPENAPI = options.useOPENAPI || process.env.USE_LCAP_OPENAPI === 'true';
+    const baseURL = useOPENAPI ? `${serverBaseURL}/openapi/v3/nasl` : `${serverBaseURL}/api/v1/nasl`;
+    // 如果需要鉴权，生成完整的认证头；否则只使用基础 headers
+    const headers = useOPENAPI ? await generateCompleteHeaders(options) : { 'Content-Type': 'application/json' };
+    console.log('本次服务调用方为:', baseURL);
+    const instance = axios.create({
         baseURL,
-        headers: {
-            'Content-Type': 'application/json',
-        },
+        headers,
         timeout: 120000,
     });
+    const oldPost = instance.post;
+    instance.post = async (url, data, config) => {
+        return oldPost(url, data, config).then((res) => {
+            const data = res.data;
+            if (data.code !== 200)
+                throw new Error(JSON.stringify(data));
+            return res;
+        }).catch((err) => {
+            // console.log(err.response ? err.response.data : err);
+            if (err.response) {
+                throw new Error(JSON.stringify(err.response.data));
+            }
+            else {
+                throw err;
+            }
+        });
+    };
+    return instance;
 }
 
 /**
@@ -28788,13 +28973,11 @@ function createAxios(baseURL) {
 async function compileApi(fullNaturalTS, options) {
     // 这里需要调用实际的编译服务接口
     // 示例实现：
-    const axios = createAxios(options.serverBaseURL);
+    const axios = await createAxios(options);
     const res = await axios.post(`/compile/tsx?ideVersion=${options.ideVersion}&needAnnotation=true`, fullNaturalTS, {
         headers: { 'Content-Type': 'text/plain' },
     });
     const data = res.data;
-    if (data.code !== 200)
-        throw new Error(data.message);
     const { bundle } = data.result;
     const fileMap = bundle.frontendBundle.files;
     const files = Object.keys(fileMap).map((key) => {
@@ -37667,10 +37850,7 @@ async function compile(entry, options) {
     logger.info('正在调用编译服务...');
     try {
         const fullNaturalTS = composeToString(collectedFiles);
-        const outputFiles = await compileApi(fullNaturalTS, {
-            serverBaseURL: config.serverBaseURL,
-            ideVersion: config.ideVersion,
-        });
+        const outputFiles = await compileApi(fullNaturalTS, config);
         logger.success('编译成功！');
         // 写入输出文件
         for (const file of outputFiles) {
@@ -37697,7 +37877,7 @@ async function tryCompile(entry, options) {
     }
 }
 
-var version = "0.1.15";
+var version = "0.1.17";
 var pkg = {
 	version: version};