abapgit-agent 1.7.2 → 1.8.1

package/src/utils/abap-http.js

@@ -0,0 +1,347 @@
+/**
+ * ABAP HTTP request wrapper with CSRF token and session management
+ */
+const https = require('https');
+const http = require('http');
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+const crypto = require('crypto');
+
+/**
+ * ABAP HTTP client with CSRF token, cookie, and session caching
+ */
+class AbapHttp {
+  constructor(config) {
+    this.config = config;
+    this.csrfToken = null;
+    this.cookies = null;
+
+    // Session cache file path
+    const configHash = crypto.createHash('md5')
+      .update(`${config.host}:${config.user}:${config.client}`)
+      .digest('hex')
+      .substring(0, 8);
+
+    this.sessionFile = path.join(os.tmpdir(), `abapgit-session-${configHash}.json`);
+
+    // Try to load cached session
+    this.loadSession();
+  }
+
+  /**
+   * Load session from cache file if valid
+   */
+  loadSession() {
+    if (!fs.existsSync(this.sessionFile)) {
+      return;
+    }
+
+    try {
+      const session = JSON.parse(fs.readFileSync(this.sessionFile, 'utf8'));
+
+      // Check if expired (with 2-minute safety margin)
+      const now = Date.now();
+      const safetyMargin = 2 * 60 * 1000;  // 2 minutes
+
+      if (session.expiresAt > now + safetyMargin) {
+        this.csrfToken = session.csrfToken;
+        this.cookies = session.cookies;
+        // Silent - no console output for cached session
+      } else {
+        // Session expired
+        this.clearSession();
+      }
+    } catch (e) {
+      // Corrupted cache file - clear it
+      this.clearSession();
+    }
+  }
+
+  /**
+   * Save session to cache file
+   */
+  saveSession() {
+    // Conservative expiration: 15 minutes
+    // (ABAP default session timeout is typically 20 minutes)
+    const expiresAt = Date.now() + (15 * 60 * 1000);
+
+    try {
+      fs.writeFileSync(this.sessionFile, JSON.stringify({
+        csrfToken: this.csrfToken,
+        cookies: this.cookies,
+        expiresAt,
+        savedAt: Date.now()
+      }));
+    } catch (e) {
+      // Ignore write errors - session caching is optional
+    }
+  }
+
+  /**
+   * Clear cached session
+   */
+  clearSession() {
+    this.csrfToken = null;
+    this.cookies = null;
+
+    try {
+      if (fs.existsSync(this.sessionFile)) {
+        fs.unlinkSync(this.sessionFile);
+      }
+    } catch (e) {
+      // Ignore file deletion errors
+    }
+  }
+
+  /**
+   * Detect if error is due to expired/invalid session
+   * @param {Error|object} error - Error object or response
+   * @returns {boolean} True if auth error
+   */
+  isAuthError(error) {
+    // HTTP status codes
+    if (error.statusCode === 401) return true;  // Unauthorized
+    if (error.statusCode === 403) return true;  // Forbidden
+
+    // Error message patterns
+    const message = (error.message || error.error || '').toLowerCase();
+    if (message.includes('csrf')) return true;
+    if (message.includes('token')) return true;
+    if (message.includes('session')) return true;
+    if (message.includes('expired')) return true;
+    if (message.includes('unauthorized')) return true;
+    if (message.includes('forbidden')) return true;
+
+    // Response body patterns
+    if (error.body) {
+      const bodyStr = JSON.stringify(error.body).toLowerCase();
+      if (bodyStr.includes('csrf')) return true;
+      if (bodyStr.includes('session')) return true;
+      if (bodyStr.includes('expired')) return true;
+    }
+
+    return false;
+  }
+
+  /**
+   * Fetch CSRF token using GET /health with X-CSRF-Token: fetch
+   * @returns {Promise<string>} CSRF token
+   */
+  async fetchCsrfToken() {
+    const url = new URL(`/sap/bc/z_abapgit_agent/health`, `https://${this.config.host}:${this.config.sapport}`);
+
+    return new Promise((resolve, reject) => {
+      const options = {
+        hostname: url.hostname,
+        port: url.port,
+        path: url.pathname,
+        method: 'GET',
+        headers: {
+          'Authorization': `Basic ${Buffer.from(`${this.config.user}:${this.config.password}`).toString('base64')}`,
+          'sap-client': this.config.client,
+          'sap-language': this.config.language || 'EN',
+          'X-CSRF-Token': 'fetch',
+          'Content-Type': 'application/json'
+        },
+        agent: new https.Agent({ rejectUnauthorized: false })
+      };
+
+      const req = https.request(options, (res) => {
+        const csrfToken = res.headers['x-csrf-token'];
+
+        // Save cookies from response
+        const setCookie = res.headers['set-cookie'];
+        if (setCookie) {
+          this.cookies = Array.isArray(setCookie)
+            ? setCookie.map(c => c.split(';')[0]).join('; ')
+            : setCookie.split(';')[0];
+        }
+
+        let body = '';
+        res.on('data', chunk => body += chunk);
+        res.on('end', () => {
+          this.csrfToken = csrfToken;
+
+          // Save session to cache
+          this.saveSession();
+
+          resolve(csrfToken);
+        });
+      });
+
+      req.on('error', reject);
+      req.end();
+    });
+  }
+
+  /**
+   * Make HTTP request to ABAP REST endpoint with automatic retry on auth failure
+   * @param {string} method - HTTP method (GET, POST, DELETE)
+   * @param {string} urlPath - URL path
+   * @param {object} data - Request body (for POST)
+   * @param {object} options - Additional options (headers, csrfToken, isRetry)
+   * @returns {Promise<object>} Response JSON
+   */
+  async request(method, urlPath, data = null, options = {}) {
+    try {
+      // Try with current session (cached or fresh)
+      return await this._makeRequest(method, urlPath, data, options);
+
+    } catch (error) {
+      // Check if it's an authentication/authorization failure
+      if (this.isAuthError(error) && !options.isRetry) {
+        // Session expired - refresh and retry once
+        console.error('⚠️  Session expired, refreshing...');
+
+        // Clear stale session
+        this.clearSession();
+
+        // Fetch fresh token/cookies
+        await this.fetchCsrfToken();
+
+        // Retry ONCE with fresh session
+        return await this._makeRequest(method, urlPath, data, {
+          ...options,
+          isRetry: true  // Prevent infinite loop
+        });
+      }
+
+      // Not an auth error or already retried - propagate
+      throw error;
+    }
+  }
+
+  /**
+   * Internal request implementation (no retry logic)
+   * @param {string} method - HTTP method
+   * @param {string} urlPath - URL path
+   * @param {object} data - Request body
+   * @param {object} options - Additional options
+   * @returns {Promise<object>} Response JSON
+   */
+  async _makeRequest(method, urlPath, data = null, options = {}) {
+    return new Promise((resolve, reject) => {
+      const url = new URL(urlPath, `https://${this.config.host}:${this.config.sapport}`);
+
+      const headers = {
+        'Content-Type': 'application/json',
+        'sap-client': this.config.client,
+        'sap-language': this.config.language || 'EN',
+        ...options.headers
+      };
+
+      // Add authorization
+      headers['Authorization'] = `Basic ${Buffer.from(`${this.config.user}:${this.config.password}`).toString('base64')}`;
+
+      // Add CSRF token for POST
+      if (method === 'POST' && options.csrfToken) {
+        headers['X-CSRF-Token'] = options.csrfToken;
+      }
+
+      // Add cookies if available
+      if (this.cookies) {
+        headers['Cookie'] = this.cookies;
+      }
+
+      const reqOptions = {
+        hostname: url.hostname,
+        port: url.port,
+        path: url.pathname + url.search,
+        method,
+        headers,
+        agent: new https.Agent({ rejectUnauthorized: false })
+      };
+
+      const req = (url.protocol === 'https:' ? https : http).request(reqOptions, (res) => {
+        // Check for auth errors
+        if (res.statusCode === 401 || res.statusCode === 403) {
+          reject({
+            statusCode: res.statusCode,
+            message: `Authentication failed: ${res.statusCode}`,
+            isAuthError: true
+          });
+          return;
+        }
+
+        let body = '';
+        res.on('data', chunk => body += chunk);
+        res.on('end', () => {
+          try {
+            // Handle unescaped newlines from ABAP - replace actual newlines with \n
+            const cleanedBody = body.replace(/\n/g, '\\n');
+            const parsed = JSON.parse(cleanedBody);
+
+            // Check for CSRF/session errors in response body
+            if (this.isAuthError(parsed)) {
+              reject({
+                statusCode: res.statusCode,
+                message: 'CSRF token or session error',
+                body: parsed,
+                isAuthError: true
+              });
+              return;
+            }
+
+            resolve(parsed);
+          } catch (e) {
+            // Fallback: try to extract JSON from response
+            const jsonMatch = body.match(/\{[\s\S]*\}/);
+            if (jsonMatch) {
+              try {
+                const parsed = JSON.parse(jsonMatch[0].replace(/\n/g, '\\n'));
+                resolve(parsed);
+              } catch (e2) {
+                resolve({ raw: body, error: e2.message });
+              }
+            } else {
+              resolve({ raw: body, error: e.message });
+            }
+          }
+        });
+      });
+
+      req.on('error', reject);
+
+      if (data) {
+        req.write(JSON.stringify(data));
+      }
+      req.end();
+    });
+  }
+
+  /**
+   * Convenience method for GET requests
+   * @param {string} urlPath - URL path
+   * @param {object} options - Additional options
+   * @returns {Promise<object>} Response JSON
+   */
+  async get(urlPath, options = {}) {
+    return this.request('GET', urlPath, null, options);
+  }
+
+  /**
+   * Convenience method for POST requests
+   * @param {string} urlPath - URL path
+   * @param {object} data - Request body
+   * @param {object} options - Additional options (must include csrfToken)
+   * @returns {Promise<object>} Response JSON
+   */
+  async post(urlPath, data, options = {}) {
+    return this.request('POST', urlPath, data, options);
+  }
+
+  /**
+   * Convenience method for DELETE requests
+   * @param {string} urlPath - URL path
+   * @param {object} options - Additional options
+   * @returns {Promise<object>} Response JSON
+   */
+  async delete(urlPath, options = {}) {
+    return this.request('DELETE', urlPath, null, options);
+  }
+}
+
+module.exports = {
+  AbapHttp
+};

package/src/utils/git-utils.js

@@ -0,0 +1,58 @@
+/**
+ * Git-related utilities
+ */
+const pathModule = require('path');
+const fs = require('fs');
+
+/**
+ * Get git remote URL from .git/config
+ * @returns {string|null} Git remote URL or null if not found
+ */
+function getRemoteUrl() {
+  const gitConfigPath = pathModule.join(process.cwd(), '.git', 'config');
+
+  if (!fs.existsSync(gitConfigPath)) {
+    return null;
+  }
+
+  const content = fs.readFileSync(gitConfigPath, 'utf8');
+  const remoteMatch = content.match(/\[remote "origin"\]/);
+
+  if (!remoteMatch) {
+    return null;
+  }
+
+  const urlMatch = content.match(/	url = (.+)/);
+  return urlMatch ? urlMatch[1].trim() : null;
+}
+
+/**
+ * Get current git branch from .git/HEAD
+ * @returns {string} Current branch name or 'main' as default
+ */
+function getBranch() {
+  const headPath = pathModule.join(process.cwd(), '.git', 'HEAD');
+
+  if (!fs.existsSync(headPath)) {
+    return 'main';
+  }
+
+  const content = fs.readFileSync(headPath, 'utf8').trim();
+  const match = content.match(/ref: refs\/heads\/(.+)/);
+  return match ? match[1] : 'main';
+}
+
+/**
+ * Check if current directory is a git repository
+ * @returns {boolean} True if .git directory exists
+ */
+function isGitRepo() {
+  const gitPath = pathModule.join(process.cwd(), '.git');
+  return fs.existsSync(gitPath);
+}
+
+module.exports = {
+  getRemoteUrl,
+  getBranch,
+  isGitRepo
+};

package/src/utils/validators.js

@@ -0,0 +1,72 @@
+/**
+ * Input validation utilities
+ */
+
+/**
+ * Convert ISO date formats (YYYY-MM-DD) to ABAP DATS format (YYYYMMDD) in WHERE clause
+ * This allows users to use familiar ISO date formats while ensuring compatibility with ABAP SQL
+ * @param {string} whereClause - SQL WHERE clause
+ * @returns {string} - WHERE clause with dates converted to YYYYMMDD format
+ */
+function convertDatesInWhereClause(whereClause) {
+  if (!whereClause) return whereClause;
+
+  // Pattern to match ISO date format: 'YYYY-MM-DD'
+  const isoDatePattern = /'\d{4}-\d{2}-\d{2}'/g;
+
+  return whereClause.replace(isoDatePattern, (match) => {
+    // Extract YYYY, MM, DD from 'YYYY-MM-DD'
+    const dateContent = match.slice(1, -1); // Remove quotes: YYYY-MM-DD
+    const [year, month, day] = dateContent.split('-');
+    // Return in ABAP format: 'YYYYMMDD'
+    return `'${year}${month}${day}'`;
+  });
+}
+
+/**
+ * Validate package name format
+ * @param {string} packageName - ABAP package name
+ * @returns {boolean} True if valid
+ */
+function isValidPackageName(packageName) {
+  if (!packageName) return false;
+  // Package names: $PACKAGE or ZPACKAGE (can contain _ and alphanumeric)
+  return /^(\$|Z|Y)[A-Z0-9_]{0,29}$/i.test(packageName);
+}
+
+/**
+ * Validate object name format
+ * @param {string} objectName - ABAP object name
+ * @returns {boolean} True if valid
+ */
+function isValidObjectName(objectName) {
+  if (!objectName) return false;
+  // Object names: up to 30 characters, alphanumeric + underscore
+  return /^[A-Z0-9_/]{1,30}$/i.test(objectName);
+}
+
+/**
+ * Parse file path to extract object type and name
+ * @param {string} filePath - File path (e.g., "src/zcl_my_class.clas.abap")
+ * @returns {object|null} {type, name} or null if invalid
+ */
+function parseObjectFromFile(filePath) {
+  const fileName = filePath.split('/').pop();
+
+  // Match patterns: zcl_class.clas.abap, zif_intf.intf.abap, etc.
+  const match = fileName.match(/^([a-z0-9_]+)\.(clas|intf|prog|fugr|ddls|tabl|dtel|ttyp|stru)\..*$/i);
+
+  if (!match) return null;
+
+  return {
+    name: match[1].toUpperCase(),
+    type: match[2].toUpperCase()
+  };
+}
+
+module.exports = {
+  convertDatesInWhereClause,
+  isValidPackageName,
+  isValidObjectName,
+  parseObjectFromFile
+};

package/src/utils/version-check.js

@@ -0,0 +1,80 @@
+/**
+ * CLI <> ABAP version compatibility check
+ */
+const pathModule = require('path');
+const fs = require('fs');
+const https = require('https');
+
+/**
+ * Get CLI version from package.json
+ * @returns {string} CLI version or '1.0.0' as default
+ */
+function getCliVersion() {
+  const packageJsonPath = pathModule.join(__dirname, '..', '..', 'package.json');
+  if (fs.existsSync(packageJsonPath)) {
+    const pkg = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
+    return pkg.version || '1.0.0';
+  }
+  return '1.0.0';
+}
+
+/**
+ * Check version compatibility between CLI and ABAP API
+ * @param {object} config - ABAP connection config
+ * @returns {Promise<object>} Version compatibility result
+ */
+async function checkCompatibility(config) {
+  const cliVersion = getCliVersion();
+
+  try {
+    const url = new URL(`/sap/bc/z_abapgit_agent/health`, `https://${config.host}:${config.sapport}`);
+
+    return new Promise((resolve) => {
+      const options = {
+        hostname: url.hostname,
+        port: url.port,
+        path: url.pathname,
+        method: 'GET',
+        headers: {
+          'Authorization': `Basic ${Buffer.from(`${config.user}:${config.password}`).toString('base64')}`,
+          'sap-client': config.client,
+          'sap-language': config.language || 'EN',
+          'Content-Type': 'application/json'
+        },
+        agent: new https.Agent({ rejectUnauthorized: false })
+      };
+
+      const req = https.request(options, (res) => {
+        let body = '';
+        res.on('data', chunk => body += chunk);
+        res.on('end', () => {
+          try {
+            const result = JSON.parse(body);
+            const apiVersion = result.version || '1.0.0';
+
+            if (cliVersion !== apiVersion) {
+              console.log(`\n⚠️  Version mismatch: CLI ${cliVersion}, ABAP API ${apiVersion}`);
+              console.log('   Some commands may not work correctly.');
+              console.log('   Update ABAP code: abapgit-agent pull\n');
+            }
+            resolve({ cliVersion, apiVersion, compatible: cliVersion === apiVersion });
+          } catch (e) {
+            resolve({ cliVersion, apiVersion: null, compatible: false, error: e.message });
+          }
+        });
+      });
+
+      req.on('error', (e) => {
+        resolve({ cliVersion, apiVersion: null, compatible: false, error: e.message });
+      });
+      req.end();
+    });
+  } catch (error) {
+    return { cliVersion, apiVersion: null, compatible: false, error: error.message };
+  }
+}
+
+module.exports = {
+  getCliVersion,
+  checkCompatibility
+};