npm - @openape/proxy - Versions diffs - 0.2.14 → 0.3.0 - Mend

@openape/proxy 0.2.14 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/dist/index.cjs +833 -0
package/dist/index.cjs.map +1 -0
package/dist/index.js +832 -0
package/dist/index.js.map +1 -0
package/package.json +7 -2
package/.nvmrc +0 -1
package/CHANGELOG.md +0 -140
package/PLAN.md +0 -261
package/bun.lock +0 -229
package/config.toml +0 -35
package/src/audit.ts +0 -20
package/src/auth.ts +0 -57
package/src/config.ts +0 -84
package/src/connect.ts +0 -111
package/src/grants-client.ts +0 -129
package/src/index.ts +0 -69
package/src/matcher.ts +0 -80
package/src/proxy.ts +0 -401
package/src/ssrf.ts +0 -85
package/src/types.ts +0 -65
package/test/auth.test.ts +0 -57
package/test/connect.test.ts +0 -131
package/test/matcher.test.ts +0 -46
package/test/multi-agent.test.ts +0 -122
package/test/ssrf.test.ts +0 -73
package/tsconfig.json +0 -21
package/tsup.config.ts +0 -9
package/vitest.config.ts +0 -18

package/src/ssrf.ts DELETED Viewed

@@ -1,85 +0,0 @@
-import { resolve4, resolve6 } from 'node:dns/promises'
-import { isIP } from 'node:net'
-const PRIVATE_RANGES_V4 = [
-  { prefix: 0x7F000000, mask: 0xFF000000 }, // 127.0.0.0/8
-  { prefix: 0x0A000000, mask: 0xFF000000 }, // 10.0.0.0/8
-  { prefix: 0xAC100000, mask: 0xFFF00000 }, // 172.16.0.0/12
-  { prefix: 0xC0A80000, mask: 0xFFFF0000 }, // 192.168.0.0/16
-  { prefix: 0xA9FE0000, mask: 0xFFFF0000 }, // 169.254.0.0/16
-  { prefix: 0x00000000, mask: 0xFF000000 }, // 0.0.0.0/8
-]
-function ipv4ToNumber(ip: string): number {
-  const parts = ip.split('.').map(Number)
-  return ((parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8) | parts[3]) >>> 0
-}
-function isPrivateIPv4(ip: string): boolean {
-  const num = ipv4ToNumber(ip)
-  return PRIVATE_RANGES_V4.some(r => ((num & r.mask) >>> 0) === r.prefix)
-}
-function isPrivateIPv6(ip: string): boolean {
-  const normalized = ip.toLowerCase()
-  // Loopback ::1
-  if (normalized === '::1') return true
-  // Unspecified ::
-  if (normalized === '::') return true
-  // Link-local fe80::/10
-  if (normalized.startsWith('fe8') || normalized.startsWith('fe9')
-    || normalized.startsWith('fea') || normalized.startsWith('feb')) {
-    return true
-  }
-  // Unique local fd00::/8
-  if (normalized.startsWith('fd')) return true
-  // IPv4-mapped ::ffff:x.x.x.x
-  const v4mapped = normalized.match(/^::ffff:(\d+\.\d+\.\d+\.\d+)$/)
-  if (v4mapped) return isPrivateIPv4(v4mapped[1])
-  return false
-}
-function isPrivateIP(ip: string): boolean {
-  if (isIP(ip) === 4) return isPrivateIPv4(ip)
-  if (isIP(ip) === 6) return isPrivateIPv6(ip)
-  return false
-}
-/**
- * Check if a hostname resolves to a private or loopback IP.
- * If the hostname is already an IP literal, check directly.
- * Otherwise, resolve via DNS and check all results.
- */
-export async function isPrivateOrLoopback(hostname: string): Promise<boolean> {
-  // Direct IP literal
-  if (isIP(hostname)) {
-    return isPrivateIP(hostname)
-  }
-  // localhost shortcut
-  if (hostname === 'localhost') return true
-  // DNS resolution — check both A and AAAA records
-  try {
-    const [v4, v6] = await Promise.allSettled([
-      resolve4(hostname),
-      resolve6(hostname),
-    ])
-    const addrs: string[] = []
-    if (v4.status === 'fulfilled') addrs.push(...v4.value)
-    if (v6.status === 'fulfilled') addrs.push(...v6.value)
-    if (addrs.length === 0) return true // no records — block to be safe
-    return addrs.some(addr => isPrivateIP(addr))
-  }
-  catch {
-    // DNS failure — block to be safe
-    return true
-  }
-}

package/src/types.ts DELETED Viewed

@@ -1,65 +0,0 @@
-/** Single-agent proxy configuration (legacy format, parsed from TOML/JSON) */
-export interface ProxyConfig {
-  proxy: {
-    listen: string
-    idp_url: string
-    agent_email: string
-    default_action: 'block' | 'request' | 'request-async'
-    audit_log?: string
-    mandatory_auth?: boolean
-  }
-  allow: RuleEntry[]
-  deny: RuleEntry[]
-  grant_required: GrantRuleEntry[]
-}
-/** Multi-agent proxy configuration */
-export interface MultiAgentProxyConfig {
-  proxy: {
-    listen: string
-    default_action: 'block' | 'request' | 'request-async'
-    audit_log?: string
-    mandatory_auth?: boolean
-  }
-  agents: AgentConfig[]
-}
-export interface AgentConfig {
-  email: string
-  idp_url: string
-  allow?: RuleEntry[]
-  deny?: RuleEntry[]
-  grant_required?: GrantRuleEntry[]
-}
-export interface RuleEntry {
-  domain: string
-  methods?: string[]
-  path?: string
-  note?: string
-}
-export interface GrantRuleEntry extends RuleEntry {
-  grant_type: 'once' | 'timed' | 'always'
-  permissions?: string[]
-  duration?: number
-}
-export type RuleAction =
-  | { type: 'allow' }
-  | { type: 'deny'; note?: string }
-  | { type: 'grant_required'; rule: GrantRuleEntry }
-export interface AuditEntry {
-  ts: string
-  agent: string
-  action: 'allow' | 'deny' | 'grant_approved' | 'grant_denied' | 'grant_timeout' | 'error'
-  domain: string
-  method: string
-  path: string
-  grant_id?: string | null
-  request_hash?: string
-  rule: string
-  waited_ms?: number
-  error?: string
-}

package/test/auth.test.ts DELETED Viewed

@@ -1,57 +0,0 @@
-import { describe, expect, it } from 'vitest'
-import { AuthError, verifyAgentAuth } from '../src/auth.js'
-describe('verifyAgentAuth', () => {
-  const idpUrl = 'https://id.example.com'
-  describe('non-mandatory mode', () => {
-    it('returns null when no header provided', async () => {
-      const result = await verifyAgentAuth(null, idpUrl, false)
-      expect(result).toBeNull()
-    })
-    it('returns null for invalid header format', async () => {
-      const result = await verifyAgentAuth('Basic abc123', idpUrl, false)
-      expect(result).toBeNull()
-    })
-    it('returns null for invalid JWT', async () => {
-      const result = await verifyAgentAuth('Bearer invalid.token.here', idpUrl, false)
-      expect(result).toBeNull()
-    })
-  })
-  describe('mandatory mode', () => {
-    it('throws AuthError when no header provided', async () => {
-      await expect(
-        verifyAgentAuth(null, idpUrl, true),
-      ).rejects.toThrow(AuthError)
-    })
-    it('throws AuthError with "JWT required" message', async () => {
-      await expect(
-        verifyAgentAuth(null, idpUrl, true),
-      ).rejects.toThrow('JWT required')
-    })
-    it('throws AuthError for invalid header format', async () => {
-      await expect(
-        verifyAgentAuth('Basic abc123', idpUrl, true),
-      ).rejects.toThrow(AuthError)
-    })
-    it('throws AuthError for invalid JWT token', async () => {
-      await expect(
-        verifyAgentAuth('Bearer invalid.token.here', idpUrl, true),
-      ).rejects.toThrow(AuthError)
-    })
-  })
-  describe('authError', () => {
-    it('is an instance of Error', () => {
-      const err = new AuthError('test')
-      expect(err).toBeInstanceOf(Error)
-      expect(err.name).toBe('AuthError')
-    })
-  })
-})

package/test/connect.test.ts DELETED Viewed

@@ -1,131 +0,0 @@
-import { createServer } from 'node:http'
-import { connect } from 'node:net'
-import { describe, expect, it, afterEach } from 'vitest'
-import type { MultiAgentProxyConfig } from '../src/types.js'
-import { handleConnect } from '../src/connect.js'
-function makeConfig(overrides?: Partial<MultiAgentProxyConfig['proxy']>): MultiAgentProxyConfig {
-  return {
-    proxy: {
-      listen: '127.0.0.1:0',
-      default_action: 'block',
-      mandatory_auth: true,
-      ...overrides,
-    },
-    agents: [{
-      email: 'bot@example.com',
-      idp_url: 'https://id.example.com',
-    }],
-  }
-}
-function startProxy(config: MultiAgentProxyConfig): Promise<{ port: number, close: () => Promise<void> }> {
-  return new Promise((resolve) => {
-    const server = createServer((_req, res) => {
-      res.writeHead(200)
-      res.end('ok')
-    })
-    server.on('connect', (req, socket, head) => {
-      handleConnect(config, req, socket, head)
-    })
-    server.listen(0, '127.0.0.1', () => {
-      const addr = server.address() as { port: number }
-      resolve({
-        port: addr.port,
-        close: () => new Promise<void>(r => server.close(() => r())),
-      })
-    })
-  })
-}
-function sendConnect(proxyPort: number, target: string, headers?: Record<string, string>): Promise<{ statusLine: string }> {
-  return new Promise((resolve, reject) => {
-    const socket = connect(proxyPort, '127.0.0.1', () => {
-      let headerStr = `CONNECT ${target} HTTP/1.1\r\nHost: ${target}\r\n`
-      if (headers) {
-        for (const [k, v] of Object.entries(headers)) {
-          headerStr += `${k}: ${v}\r\n`
-        }
-      }
-      headerStr += '\r\n'
-      socket.write(headerStr)
-    })
-    let data = ''
-    socket.on('data', (chunk) => {
-      data += chunk.toString()
-      if (data.includes('\r\n\r\n')) {
-        const statusLine = data.split('\r\n')[0]
-        socket.destroy()
-        resolve({ statusLine })
-      }
-    })
-    socket.on('error', reject)
-    socket.setTimeout(3000, () => {
-      socket.destroy()
-      reject(new Error('Timeout'))
-    })
-  })
-}
-describe('connect handler', () => {
-  let cleanup: (() => Promise<void>) | undefined
-  afterEach(async () => {
-    if (cleanup) {
-      await cleanup()
-      cleanup = undefined
-    }
-  })
-  it('blocks CONNECT to loopback IP (SSRF)', async () => {
-    const config = makeConfig({ mandatory_auth: false })
-    config.agents = [{ email: 'bot@example.com', idp_url: 'https://id.example.com' }]
-    const { port, close } = await startProxy(config)
-    cleanup = close
-    const { statusLine } = await sendConnect(port, '127.0.0.1:3000')
-    expect(statusLine).toContain('403')
-  })
-  it('blocks CONNECT to private IP (SSRF)', async () => {
-    const config = makeConfig({ mandatory_auth: false })
-    config.agents = [{ email: 'bot@example.com', idp_url: 'https://id.example.com' }]
-    const { port, close } = await startProxy(config)
-    cleanup = close
-    const { statusLine } = await sendConnect(port, '10.0.0.1:80')
-    expect(statusLine).toContain('403')
-  })
-  it('returns 401 without JWT when mandatory auth is enabled', async () => {
-    const config = makeConfig({ mandatory_auth: true })
-    const { port, close } = await startProxy(config)
-    cleanup = close
-    const { statusLine } = await sendConnect(port, 'httpbin.org:443')
-    expect(statusLine).toContain('401')
-  })
-  it('returns 401 with invalid JWT when mandatory auth is enabled', async () => {
-    const config = makeConfig({ mandatory_auth: true })
-    const { port, close } = await startProxy(config)
-    cleanup = close
-    const { statusLine } = await sendConnect(port, 'httpbin.org:443', {
-      'Proxy-Authorization': 'Bearer invalid.token.here',
-    })
-    expect(statusLine).toContain('401')
-  })
-  it('blocks malformed target (treated as SSRF)', async () => {
-    const config = makeConfig({ mandatory_auth: false })
-    config.agents = [{ email: 'bot@example.com', idp_url: 'https://id.example.com' }]
-    const { port, close } = await startProxy(config)
-    cleanup = close
-    const { statusLine } = await sendConnect(port, 'not-a-host')
-    expect(statusLine).toContain('403')
-  })
-})

package/test/matcher.test.ts DELETED Viewed

@@ -1,46 +0,0 @@
-import { describe, expect, it } from 'vitest'
-import { evaluateRules } from '../src/matcher.js'
-import type { ProxyConfig } from '../src/types.js'
-const baseConfig: ProxyConfig = {
-  proxy: {
-    listen: '127.0.0.1:9090',
-    idp_url: 'https://id.example.com',
-    agent_email: 'agent@example.com',
-    default_action: 'block',
-  },
-  allow: [],
-  deny: [],
-  grant_required: [],
-}
-describe('evaluateRules', () => {
-  it('prefers deny over allow', () => {
-    const action = evaluateRules(
-      {
-        ...baseConfig,
-        deny: [{ domain: 'api.example.com' }],
-        allow: [{ domain: 'api.example.com' }],
-      },
-      'api.example.com',
-      'GET',
-      '/v1',
-    )
-    expect(action.type).toBe('deny')
-  })
-  it('returns grant_required when matching grant rule', () => {
-    const action = evaluateRules(
-      {
-        ...baseConfig,
-        grant_required: [{ domain: 'api.example.com', grant_type: 'once' }],
-      },
-      'api.example.com',
-      'POST',
-      '/v1',
-    )
-    expect(action.type).toBe('grant_required')
-  })
-})

package/test/multi-agent.test.ts DELETED Viewed

@@ -1,122 +0,0 @@
-import { mkdtempSync, writeFileSync } from 'node:fs'
-import { join } from 'node:path'
-import { tmpdir } from 'node:os'
-import { describe, expect, it } from 'vitest'
-import { loadMultiAgentConfig } from '../src/config.js'
-function tmpFile(name: string, content: string): string {
-  const dir = mkdtempSync(join(tmpdir(), 'proxy-test-'))
-  const path = join(dir, name)
-  writeFileSync(path, content)
-  return path
-}
-describe('loadMultiAgentConfig', () => {
-  it('loads multi-agent TOML config', () => {
-    const path = tmpFile('proxy.toml', `
-[proxy]
-listen = "127.0.0.1:9090"
-default_action = "block"
-mandatory_auth = true
-[[agents]]
-email = "bot1@example.com"
-idp_url = "https://id1.example.com"
-[[agents.allow]]
-domain = "api.github.com"
-[[agents]]
-email = "bot2@example.com"
-idp_url = "https://id2.example.com"
-`)
-    const config = loadMultiAgentConfig(path)
-    expect(config.proxy.listen).toBe('127.0.0.1:9090')
-    expect(config.proxy.default_action).toBe('block')
-    expect(config.proxy.mandatory_auth).toBe(true)
-    expect(config.agents).toHaveLength(2)
-    expect(config.agents[0].email).toBe('bot1@example.com')
-    expect(config.agents[0].idp_url).toBe('https://id1.example.com')
-    expect(config.agents[0].allow).toHaveLength(1)
-    expect(config.agents[0].allow![0].domain).toBe('api.github.com')
-    expect(config.agents[1].email).toBe('bot2@example.com')
-  })
-  it('converts single-agent config to multi-agent format', () => {
-    const path = tmpFile('legacy.toml', `
-[proxy]
-listen = "127.0.0.1:9090"
-idp_url = "https://id.example.com"
-agent_email = "agent@example.com"
-default_action = "request-async"
-[[allow]]
-domain = "*.github.com"
-[[deny]]
-domain = "evil.com"
-[[grant_required]]
-domain = "api.openai.com"
-grant_type = "once"
-`)
-    const config = loadMultiAgentConfig(path)
-    expect(config.proxy.listen).toBe('127.0.0.1:9090')
-    expect(config.proxy.default_action).toBe('request-async')
-    expect(config.agents).toHaveLength(1)
-    expect(config.agents[0].email).toBe('agent@example.com')
-    expect(config.agents[0].idp_url).toBe('https://id.example.com')
-    expect(config.agents[0].allow).toHaveLength(1)
-    expect(config.agents[0].deny).toHaveLength(1)
-    expect(config.agents[0].grant_required).toHaveLength(1)
-  })
-  it('applies mandatory-auth override', () => {
-    const path = tmpFile('override.toml', `
-[proxy]
-listen = "127.0.0.1:9090"
-idp_url = "https://id.example.com"
-agent_email = "agent@example.com"
-`)
-    const config = loadMultiAgentConfig(path, { mandatoryAuth: true })
-    expect(config.proxy.mandatory_auth).toBe(true)
-  })
-  it('loads multi-agent JSON config', () => {
-    const path = tmpFile('proxy.json', JSON.stringify({
-      proxy: {
-        listen: '127.0.0.1:9090',
-        default_action: 'block',
-      },
-      agents: [
-        { email: 'a@b.com', idp_url: 'https://id.example.com' },
-      ],
-    }))
-    const config = loadMultiAgentConfig(path)
-    expect(config.agents).toHaveLength(1)
-    expect(config.agents[0].email).toBe('a@b.com')
-  })
-  it('throws on missing listen', () => {
-    const path = tmpFile('bad.toml', `
-[proxy]
-default_action = "block"
-`)
-    expect(() => loadMultiAgentConfig(path)).toThrow('listen')
-  })
-  it('throws on single-agent without idp_url', () => {
-    const path = tmpFile('bad2.toml', `
-[proxy]
-listen = "127.0.0.1:9090"
-agent_email = "agent@example.com"
-`)
-    expect(() => loadMultiAgentConfig(path)).toThrow('idp_url')
-  })
-})

package/test/ssrf.test.ts DELETED Viewed

@@ -1,73 +0,0 @@
-import { describe, expect, it } from 'vitest'
-import { isPrivateOrLoopback } from '../src/ssrf.js'
-describe('isPrivateOrLoopback', () => {
-  // IPv4 loopback
-  it('blocks 127.0.0.1', async () => {
-    expect(await isPrivateOrLoopback('127.0.0.1')).toBe(true)
-  })
-  it('blocks 127.255.255.255', async () => {
-    expect(await isPrivateOrLoopback('127.255.255.255')).toBe(true)
-  })
-  // RFC 1918
-  it('blocks 10.0.0.1', async () => {
-    expect(await isPrivateOrLoopback('10.0.0.1')).toBe(true)
-  })
-  it('blocks 172.16.0.1', async () => {
-    expect(await isPrivateOrLoopback('172.16.0.1')).toBe(true)
-  })
-  it('blocks 172.31.255.255', async () => {
-    expect(await isPrivateOrLoopback('172.31.255.255')).toBe(true)
-  })
-  it('blocks 192.168.1.1', async () => {
-    expect(await isPrivateOrLoopback('192.168.1.1')).toBe(true)
-  })
-  // Link-local
-  it('blocks 169.254.0.1', async () => {
-    expect(await isPrivateOrLoopback('169.254.0.1')).toBe(true)
-  })
-  // Unspecified
-  it('blocks 0.0.0.0', async () => {
-    expect(await isPrivateOrLoopback('0.0.0.0')).toBe(true)
-  })
-  // IPv6
-  it('blocks ::1', async () => {
-    expect(await isPrivateOrLoopback('::1')).toBe(true)
-  })
-  it('blocks ::', async () => {
-    expect(await isPrivateOrLoopback('::')).toBe(true)
-  })
-  // localhost
-  it('blocks localhost', async () => {
-    expect(await isPrivateOrLoopback('localhost')).toBe(true)
-  })
-  // Public IPs — should NOT be blocked
-  it('allows 8.8.8.8', async () => {
-    expect(await isPrivateOrLoopback('8.8.8.8')).toBe(false)
-  })
-  it('allows 1.1.1.1', async () => {
-    expect(await isPrivateOrLoopback('1.1.1.1')).toBe(false)
-  })
-  // 172.15.x.x is NOT in 172.16.0.0/12
-  it('allows 172.15.255.255', async () => {
-    expect(await isPrivateOrLoopback('172.15.255.255')).toBe(false)
-  })
-  // 172.32.x.x is NOT in 172.16.0.0/12
-  it('allows 172.32.0.1', async () => {
-    expect(await isPrivateOrLoopback('172.32.0.1')).toBe(false)
-  })
-})

package/tsconfig.json DELETED Viewed

@@ -1,21 +0,0 @@
-{
-  "compilerOptions": {
-    "target": "ES2022",
-    "module": "ESNext",
-    "moduleResolution": "bundler",
-    "lib": ["ES2022"],
-    "strict": true,
-    "esModuleInterop": true,
-    "skipLibCheck": true,
-    "forceConsistentCasingInFileNames": true,
-    "resolveJsonModule": true,
-    "isolatedModules": true,
-    "declaration": true,
-    "declarationMap": true,
-    "sourceMap": true,
-    "outDir": "dist",
-    "rootDir": "src"
-  },
-  "include": ["src"],
-  "exclude": ["node_modules", "dist"]
-}

package/tsup.config.ts DELETED Viewed

@@ -1,9 +0,0 @@
-import { defineConfig } from 'tsup'
-export default defineConfig({
-  entry: ['src/index.ts'],
-  format: ['esm', 'cjs'],
-  dts: false,
-  clean: true,
-  sourcemap: true,
-})

package/vitest.config.ts DELETED Viewed

@@ -1,18 +0,0 @@
-import { defineConfig } from 'vitest/config'
-export default defineConfig({
-  test: {
-    environment: 'node',
-    coverage: {
-      provider: 'istanbul',
-      include: ['src/**/*.ts'],
-      exclude: ['src/**/*.test.ts', 'src/**/index.ts', 'src/types/**'],
-      reporter: ['text', 'lcov'],
-      thresholds: {
-        statements: 29,
-        functions: 29,
-        lines: 29,
-      },
-    },
-  },
-})