@push.rocks/smartregistry 1.1.1 → 1.4.0

package/ts/composer/classes.composerregistry.ts

@@ -0,0 +1,475 @@
+/**
+ * Composer Registry Implementation
+ * Compliant with Composer v2 repository API
+ */
+
+import { BaseRegistry } from '../core/classes.baseregistry.js';
+import type { RegistryStorage } from '../core/classes.registrystorage.js';
+import type { AuthManager } from '../core/classes.authmanager.js';
+import type { IRequestContext, IResponse, IAuthToken } from '../core/interfaces.core.js';
+import type {
+  IComposerPackage,
+  IComposerPackageMetadata,
+  IComposerRepository,
+} from './interfaces.composer.js';
+import {
+  normalizeVersion,
+  validateComposerJson,
+  extractComposerJsonFromZip,
+  calculateSha1,
+  parseVendorPackage,
+  generatePackagesJson,
+  sortVersions,
+} from './helpers.composer.js';
+
+export class ComposerRegistry extends BaseRegistry {
+  private storage: RegistryStorage;
+  private authManager: AuthManager;
+  private basePath: string = '/composer';
+  private registryUrl: string;
+
+  constructor(
+    storage: RegistryStorage,
+    authManager: AuthManager,
+    basePath: string = '/composer',
+    registryUrl: string = 'http://localhost:5000/composer'
+  ) {
+    super();
+    this.storage = storage;
+    this.authManager = authManager;
+    this.basePath = basePath;
+    this.registryUrl = registryUrl;
+  }
+
+  public async init(): Promise<void> {
+    // Composer registry initialization
+  }
+
+  public getBasePath(): string {
+    return this.basePath;
+  }
+
+  public async handleRequest(context: IRequestContext): Promise<IResponse> {
+    const path = context.path.replace(this.basePath, '');
+
+    // Extract token from Authorization header
+    const authHeader = context.headers['authorization'] || context.headers['Authorization'];
+    let token: IAuthToken | null = null;
+
+    if (authHeader) {
+      if (authHeader.startsWith('Bearer ')) {
+        const tokenString = authHeader.replace(/^Bearer\s+/i, '');
+        token = await this.authManager.validateToken(tokenString, 'composer');
+      } else if (authHeader.startsWith('Basic ')) {
+        // Handle HTTP Basic Auth
+        const credentials = Buffer.from(authHeader.replace(/^Basic\s+/i, ''), 'base64').toString('utf-8');
+        const [username, password] = credentials.split(':');
+        const userId = await this.authManager.authenticate({ username, password });
+        if (userId) {
+          // Create temporary token for this request
+          token = {
+            type: 'composer',
+            userId,
+            scopes: ['composer:*:*:read'],
+            readonly: true,
+          };
+        }
+      }
+    }
+
+    // Root packages.json
+    if (path === '/packages.json' || path === '' || path === '/') {
+      return this.handlePackagesJson();
+    }
+
+    // Package metadata: /p2/{vendor}/{package}.json or /p2/{vendor}/{package}~dev.json
+    const metadataMatch = path.match(/^\/p2\/([^\/]+\/[^\/]+?)(~dev)?\.json$/);
+    if (metadataMatch) {
+      const [, vendorPackage, devSuffix] = metadataMatch;
+      const includeDev = !!devSuffix;
+      return this.handlePackageMetadata(vendorPackage, includeDev, token);
+    }
+
+    // Package list: /packages/list.json?filter=vendor/*
+    if (path.startsWith('/packages/list.json')) {
+      const filter = context.query['filter'];
+      return this.handlePackageList(filter, token);
+    }
+
+    // Package ZIP download: /dists/{vendor}/{package}/{reference}.zip
+    const distMatch = path.match(/^\/dists\/([^\/]+\/[^\/]+)\/([^\/]+)\.zip$/);
+    if (distMatch) {
+      const [, vendorPackage, reference] = distMatch;
+      return this.handlePackageDownload(vendorPackage, reference, token);
+    }
+
+    // Package upload: PUT /packages/{vendor}/{package}
+    const uploadMatch = path.match(/^\/packages\/([^\/]+\/[^\/]+)$/);
+    if (uploadMatch && context.method === 'PUT') {
+      const vendorPackage = uploadMatch[1];
+      return this.handlePackageUpload(vendorPackage, context.body, token);
+    }
+
+    // Package delete: DELETE /packages/{vendor}/{package}
+    if (uploadMatch && context.method === 'DELETE') {
+      const vendorPackage = uploadMatch[1];
+      return this.handlePackageDelete(vendorPackage, token);
+    }
+
+    // Version delete: DELETE /packages/{vendor}/{package}/{version}
+    const versionDeleteMatch = path.match(/^\/packages\/([^\/]+\/[^\/]+)\/(.+)$/);
+    if (versionDeleteMatch && context.method === 'DELETE') {
+      const [, vendorPackage, version] = versionDeleteMatch;
+      return this.handleVersionDelete(vendorPackage, version, token);
+    }
+
+    return {
+      status: 404,
+      headers: { 'Content-Type': 'application/json' },
+      body: { status: 'error', message: 'Not found' },
+    };
+  }
+
+  protected async checkPermission(
+    token: IAuthToken | null,
+    resource: string,
+    action: string
+  ): Promise<boolean> {
+    if (!token) return false;
+    return this.authManager.authorize(token, `composer:package:${resource}`, action);
+  }
+
+  // ========================================================================
+  // REQUEST HANDLERS
+  // ========================================================================
+
+  private async handlePackagesJson(): Promise<IResponse> {
+    const availablePackages = await this.storage.listComposerPackages();
+    const packagesJson = generatePackagesJson(this.registryUrl, availablePackages);
+
+    return {
+      status: 200,
+      headers: { 'Content-Type': 'application/json' },
+      body: packagesJson,
+    };
+  }
+
+  private async handlePackageMetadata(
+    vendorPackage: string,
+    includeDev: boolean,
+    token: IAuthToken | null
+  ): Promise<IResponse> {
+    // Check read permission
+    if (!await this.checkPermission(token, vendorPackage, 'read')) {
+      return {
+        status: 401,
+        headers: { 'WWW-Authenticate': 'Bearer realm="composer"' },
+        body: { status: 'error', message: 'Authentication required' },
+      };
+    }
+
+    const metadata = await this.storage.getComposerPackageMetadata(vendorPackage);
+
+    if (!metadata) {
+      return {
+        status: 404,
+        headers: { 'Content-Type': 'application/json' },
+        body: { status: 'error', message: 'Package not found' },
+      };
+    }
+
+    // Filter dev versions if needed
+    let packages = metadata.packages[vendorPackage] || [];
+    if (!includeDev) {
+      packages = packages.filter((pkg: IComposerPackage) =>
+        !pkg.version.includes('dev') && !pkg.version.includes('alpha') && !pkg.version.includes('beta')
+      );
+    }
+
+    const response: IComposerPackageMetadata = {
+      minified: 'composer/2.0',
+      packages: {
+        [vendorPackage]: packages,
+      },
+    };
+
+    return {
+      status: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Last-Modified': metadata.lastModified || new Date().toUTCString(),
+      },
+      body: response,
+    };
+  }
+
+  private async handlePackageList(
+    filter: string | undefined,
+    token: IAuthToken | null
+  ): Promise<IResponse> {
+    let packages = await this.storage.listComposerPackages();
+
+    // Apply filter if provided
+    if (filter) {
+      const regex = new RegExp('^' + filter.replace(/\*/g, '.*') + '$');
+      packages = packages.filter(pkg => regex.test(pkg));
+    }
+
+    return {
+      status: 200,
+      headers: { 'Content-Type': 'application/json' },
+      body: { packageNames: packages },
+    };
+  }
+
+  private async handlePackageDownload(
+    vendorPackage: string,
+    reference: string,
+    token: IAuthToken | null
+  ): Promise<IResponse> {
+    // Check read permission
+    if (!await this.checkPermission(token, vendorPackage, 'read')) {
+      return {
+        status: 401,
+        headers: { 'WWW-Authenticate': 'Bearer realm="composer"' },
+        body: { status: 'error', message: 'Authentication required' },
+      };
+    }
+
+    const zipData = await this.storage.getComposerPackageZip(vendorPackage, reference);
+
+    if (!zipData) {
+      return {
+        status: 404,
+        headers: {},
+        body: { status: 'error', message: 'Package file not found' },
+      };
+    }
+
+    return {
+      status: 200,
+      headers: {
+        'Content-Type': 'application/zip',
+        'Content-Length': zipData.length.toString(),
+        'Content-Disposition': `attachment; filename="${reference}.zip"`,
+      },
+      body: zipData,
+    };
+  }
+
+  private async handlePackageUpload(
+    vendorPackage: string,
+    body: any,
+    token: IAuthToken | null
+  ): Promise<IResponse> {
+    // Check write permission
+    if (!await this.checkPermission(token, vendorPackage, 'write')) {
+      return {
+        status: 401,
+        headers: {},
+        body: { status: 'error', message: 'Write permission required' },
+      };
+    }
+
+    if (!body || !Buffer.isBuffer(body)) {
+      return {
+        status: 400,
+        headers: {},
+        body: { status: 'error', message: 'ZIP file required' },
+      };
+    }
+
+    // Extract and validate composer.json from ZIP
+    const composerJson = await extractComposerJsonFromZip(body);
+    if (!composerJson || !validateComposerJson(composerJson)) {
+      return {
+        status: 400,
+        headers: {},
+        body: { status: 'error', message: 'Invalid composer.json in ZIP' },
+      };
+    }
+
+    // Verify package name matches
+    if (composerJson.name !== vendorPackage) {
+      return {
+        status: 400,
+        headers: {},
+        body: { status: 'error', message: 'Package name mismatch' },
+      };
+    }
+
+    const version = composerJson.version;
+    if (!version) {
+      return {
+        status: 400,
+        headers: {},
+        body: { status: 'error', message: 'Version required in composer.json' },
+      };
+    }
+
+    // Calculate SHA-1 hash
+    const shasum = await calculateSha1(body);
+
+    // Generate reference (use version or commit hash)
+    const reference = composerJson.source?.reference || version.replace(/[^a-zA-Z0-9.-]/g, '-');
+
+    // Store ZIP file
+    await this.storage.putComposerPackageZip(vendorPackage, reference, body);
+
+    // Get or create metadata
+    let metadata = await this.storage.getComposerPackageMetadata(vendorPackage);
+    if (!metadata) {
+      metadata = {
+        packages: {
+          [vendorPackage]: [],
+        },
+        lastModified: new Date().toUTCString(),
+      };
+    }
+
+    // Build package entry
+    const packageEntry: IComposerPackage = {
+      ...composerJson,
+      version_normalized: normalizeVersion(version),
+      dist: {
+        type: 'zip',
+        url: `${this.registryUrl}/dists/${vendorPackage}/${reference}.zip`,
+        reference,
+        shasum,
+      },
+      time: new Date().toISOString(),
+    };
+
+    // Add to metadata (check if version already exists)
+    const packages = metadata.packages[vendorPackage] || [];
+    const existingIndex = packages.findIndex((p: IComposerPackage) => p.version === version);
+
+    if (existingIndex >= 0) {
+      return {
+        status: 409,
+        headers: {},
+        body: { status: 'error', message: 'Version already exists' },
+      };
+    }
+
+    packages.push(packageEntry);
+
+    // Sort by version
+    const sortedVersions = sortVersions(packages.map((p: IComposerPackage) => p.version));
+    packages.sort((a: IComposerPackage, b: IComposerPackage) => {
+      return sortedVersions.indexOf(a.version) - sortedVersions.indexOf(b.version);
+    });
+
+    metadata.packages[vendorPackage] = packages;
+    metadata.lastModified = new Date().toUTCString();
+
+    // Store updated metadata
+    await this.storage.putComposerPackageMetadata(vendorPackage, metadata);
+
+    return {
+      status: 201,
+      headers: {},
+      body: {
+        status: 'success',
+        message: 'Package uploaded successfully',
+        package: vendorPackage,
+        version,
+      },
+    };
+  }
+
+  private async handlePackageDelete(
+    vendorPackage: string,
+    token: IAuthToken | null
+  ): Promise<IResponse> {
+    // Check delete permission
+    if (!await this.checkPermission(token, vendorPackage, 'delete')) {
+      return {
+        status: 401,
+        headers: {},
+        body: { status: 'error', message: 'Delete permission required' },
+      };
+    }
+
+    const metadata = await this.storage.getComposerPackageMetadata(vendorPackage);
+    if (!metadata) {
+      return {
+        status: 404,
+        headers: {},
+        body: { status: 'error', message: 'Package not found' },
+      };
+    }
+
+    // Delete all ZIP files
+    const packages = metadata.packages[vendorPackage] || [];
+    for (const pkg of packages) {
+      if (pkg.dist?.reference) {
+        await this.storage.deleteComposerPackageZip(vendorPackage, pkg.dist.reference);
+      }
+    }
+
+    // Delete metadata
+    await this.storage.deleteComposerPackageMetadata(vendorPackage);
+
+    return {
+      status: 204,
+      headers: {},
+      body: null,
+    };
+  }
+
+  private async handleVersionDelete(
+    vendorPackage: string,
+    version: string,
+    token: IAuthToken | null
+  ): Promise<IResponse> {
+    // Check delete permission
+    if (!await this.checkPermission(token, vendorPackage, 'delete')) {
+      return {
+        status: 401,
+        headers: {},
+        body: { status: 'error', message: 'Delete permission required' },
+      };
+    }
+
+    const metadata = await this.storage.getComposerPackageMetadata(vendorPackage);
+    if (!metadata) {
+      return {
+        status: 404,
+        headers: {},
+        body: { status: 'error', message: 'Package not found' },
+      };
+    }
+
+    const packages = metadata.packages[vendorPackage] || [];
+    const versionIndex = packages.findIndex((p: IComposerPackage) => p.version === version);
+
+    if (versionIndex === -1) {
+      return {
+        status: 404,
+        headers: {},
+        body: { status: 'error', message: 'Version not found' },
+      };
+    }
+
+    // Delete ZIP file
+    const pkg = packages[versionIndex];
+    if (pkg.dist?.reference) {
+      await this.storage.deleteComposerPackageZip(vendorPackage, pkg.dist.reference);
+    }
+
+    // Remove from metadata
+    packages.splice(versionIndex, 1);
+    metadata.packages[vendorPackage] = packages;
+    metadata.lastModified = new Date().toUTCString();
+
+    // Save updated metadata
+    await this.storage.putComposerPackageMetadata(vendorPackage, metadata);
+
+    return {
+      status: 204,
+      headers: {},
+      body: null,
+    };
+  }
+}

package/ts/composer/helpers.composer.ts

@@ -0,0 +1,139 @@
+/**
+ * Composer Registry Helper Functions
+ */
+
+import type { IComposerPackage } from './interfaces.composer.js';
+
+/**
+ * Normalize version string to Composer format
+ * Example: "1.0.0" -> "1.0.0.0", "v2.3.1" -> "2.3.1.0"
+ */
+export function normalizeVersion(version: string): string {
+  // Remove 'v' prefix if present
+  let normalized = version.replace(/^v/i, '');
+
+  // Handle special versions (dev, alpha, beta, rc)
+  if (normalized.includes('dev') || normalized.includes('alpha') || normalized.includes('beta') || normalized.includes('RC')) {
+    // For dev versions, just return as-is with .0 appended if needed
+    const parts = normalized.split(/[-+]/)[0].split('.');
+    while (parts.length < 4) {
+      parts.push('0');
+    }
+    return parts.slice(0, 4).join('.');
+  }
+
+  // Split by dots
+  const parts = normalized.split('.');
+
+  // Ensure 4 parts (major.minor.patch.build)
+  while (parts.length < 4) {
+    parts.push('0');
+  }
+
+  return parts.slice(0, 4).join('.');
+}
+
+/**
+ * Validate composer.json structure
+ */
+export function validateComposerJson(composerJson: any): boolean {
+  return !!(
+    composerJson &&
+    typeof composerJson.name === 'string' &&
+    composerJson.name.includes('/') &&
+    (composerJson.version || composerJson.require)
+  );
+}
+
+/**
+ * Extract composer.json from ZIP buffer
+ */
+export async function extractComposerJsonFromZip(zipBuffer: Buffer): Promise<any | null> {
+  try {
+    const AdmZip = (await import('adm-zip')).default;
+    const zip = new AdmZip(zipBuffer);
+    const entries = zip.getEntries();
+
+    // Look for composer.json in root or first-level directory
+    for (const entry of entries) {
+      if (entry.entryName.endsWith('composer.json')) {
+        const parts = entry.entryName.split('/');
+        if (parts.length <= 2) { // Root or first-level dir
+          const content = entry.getData().toString('utf-8');
+          return JSON.parse(content);
+        }
+      }
+    }
+
+    return null;
+  } catch (error) {
+    return null;
+  }
+}
+
+/**
+ * Calculate SHA-1 hash for ZIP file
+ */
+export async function calculateSha1(data: Buffer): Promise<string> {
+  const crypto = await import('crypto');
+  return crypto.createHash('sha1').update(data).digest('hex');
+}
+
+/**
+ * Parse vendor/package format
+ */
+export function parseVendorPackage(name: string): { vendor: string; package: string } | null {
+  const parts = name.split('/');
+  if (parts.length !== 2) {
+    return null;
+  }
+  return { vendor: parts[0], package: parts[1] };
+}
+
+/**
+ * Generate packages.json root repository file
+ */
+export function generatePackagesJson(
+  registryUrl: string,
+  availablePackages: string[]
+): any {
+  return {
+    'metadata-url': `${registryUrl}/p2/%package%.json`,
+    'available-packages': availablePackages,
+  };
+}
+
+/**
+ * Sort versions in semantic version order
+ */
+export function sortVersions(versions: string[]): string[] {
+  return versions.sort((a, b) => {
+    const aParts = a.replace(/^v/i, '').split(/[.-]/).map(part => {
+      const num = parseInt(part, 10);
+      return isNaN(num) ? part : num;
+    });
+    const bParts = b.replace(/^v/i, '').split(/[.-]/).map(part => {
+      const num = parseInt(part, 10);
+      return isNaN(num) ? part : num;
+    });
+
+    for (let i = 0; i < Math.max(aParts.length, bParts.length); i++) {
+      const aPart = aParts[i] ?? 0;
+      const bPart = bParts[i] ?? 0;
+
+      // Compare numbers numerically, strings lexicographically
+      if (typeof aPart === 'number' && typeof bPart === 'number') {
+        if (aPart !== bPart) {
+          return aPart - bPart;
+        }
+      } else {
+        const aStr = String(aPart);
+        const bStr = String(bPart);
+        if (aStr !== bStr) {
+          return aStr.localeCompare(bStr);
+        }
+      }
+    }
+    return 0;
+  });
+}

package/ts/composer/index.ts

@@ -0,0 +1,8 @@
+/**
+ * Composer Registry Module
+ * Export all public interfaces, classes, and helpers
+ */
+
+export { ComposerRegistry } from './classes.composerregistry.js';
+export * from './interfaces.composer.js';
+export * from './helpers.composer.js';