cloak22 2.2.0

package/src/cookies.ts

@@ -0,0 +1,149 @@
+import fs from "node:fs";
+
+export interface Cookie {
+  name: string;
+  value: string;
+  domain: string;
+  path: string;
+  expires?: number;
+  httpOnly?: boolean;
+  secure?: boolean;
+  sameSite?: "Strict" | "Lax" | "None";
+}
+
+interface BrowserExportCookie {
+  name: string;
+  value: string;
+  domain: string;
+  path: string;
+  expirationDate?: number;
+  hostOnly?: boolean;
+  httpOnly?: boolean;
+  secure?: boolean;
+  session?: boolean;
+  sameSite?: string;
+  storeId?: string;
+}
+
+type CookieFileEntry = Cookie | BrowserExportCookie;
+
+function normalizeSameSite(
+  sameSite: string | undefined
+): Cookie["sameSite"] | undefined {
+  if (!sameSite) return undefined;
+
+  switch (sameSite.toLowerCase()) {
+    case "strict":
+      return "Strict";
+    case "lax":
+      return "Lax";
+    case "none":
+    case "no_restriction":
+      return "None";
+    case "unspecified":
+      return undefined;
+    default:
+      return undefined;
+  }
+}
+
+export function normalizeCookie(raw: Cookie | BrowserExportCookie): Cookie {
+  const cookie: Cookie = {
+    name: raw.name,
+    value: raw.value,
+    domain: raw.domain,
+    path: raw.path,
+  };
+
+  if (typeof raw.httpOnly === "boolean") {
+    cookie.httpOnly = raw.httpOnly;
+  }
+
+  if (typeof raw.secure === "boolean") {
+    cookie.secure = raw.secure;
+  }
+
+  if ("expires" in raw && typeof raw.expires === "number") {
+    cookie.expires = Math.trunc(raw.expires);
+  } else if (
+    "expirationDate" in raw &&
+    typeof raw.expirationDate === "number"
+  ) {
+    cookie.expires = Math.trunc(raw.expirationDate);
+  }
+
+  const sameSite = normalizeSameSite(raw.sameSite);
+  if (sameSite) {
+    cookie.sameSite = sameSite;
+  }
+
+  return cookie;
+}
+
+function isCookieEntry(value: unknown): value is CookieFileEntry {
+  return (
+    Boolean(value) &&
+    typeof value === "object" &&
+    typeof (value as CookieFileEntry).name === "string" &&
+    typeof (value as CookieFileEntry).value === "string" &&
+    typeof (value as CookieFileEntry).domain === "string" &&
+    typeof (value as CookieFileEntry).path === "string"
+  );
+}
+
+function parseCookieFileContents(
+  value: unknown,
+  sourceLabel: string
+): CookieFileEntry[] {
+  let entries: unknown[] | undefined;
+
+  if (Array.isArray(value)) {
+    entries = value;
+  } else if (
+    value &&
+    typeof value === "object" &&
+    "cookies" in value &&
+    Array.isArray(value.cookies)
+  ) {
+    entries = value.cookies;
+  }
+
+  if (!entries) {
+    throw new Error(
+      `${sourceLabel} must contain a JSON array of cookies or a JSON object with a cookies array`
+    );
+  }
+
+  return entries.map((entry: unknown, index: number) => {
+    if (!isCookieEntry(entry)) {
+      throw new Error(
+        `${sourceLabel} contains an invalid cookie at index ${index}`
+      );
+    }
+
+    return entry;
+  });
+}
+
+export function parseCookieFile(
+  contents: string,
+  sourceLabel = "cookie file"
+): Cookie[] {
+  let parsed: unknown;
+
+  try {
+    parsed = JSON.parse(contents);
+  } catch {
+    throw new Error(`${sourceLabel} must contain valid JSON`);
+  }
+
+  return parseCookieFileContents(parsed, sourceLabel).map(normalizeCookie);
+}
+
+export function readCookiesFromFile(
+  filePath: string,
+  readFile: (path: string, encoding: "utf8") => string = fs.readFileSync
+): Cookie[] {
+  const contents = readFile(filePath, "utf8");
+  return parseCookieFile(contents, filePath);
+}

package/src/daemon.ts

@@ -0,0 +1,143 @@
+import childProcess from "node:child_process";
+import fs from "node:fs";
+import type { StoredRunCommand } from "./state-db.js";
+
+type SpawnedProcess = {
+  pid?: number;
+  unref(): void;
+};
+
+type SpawnOptions = {
+  execPath: string;
+  execArgv: string[];
+  scriptPath: string;
+  command: StoredRunCommand;
+  logPath: string;
+  spawnProcess?: typeof childProcess.spawn;
+  openFile?: (path: string, flags: string) => number;
+};
+
+type StopProcessDependencies = {
+  killProcess?: (pid: number, signal?: NodeJS.Signals | number) => void;
+  isProcessRunning?: (pid: number) => boolean;
+  sleep?: (milliseconds: number) => Promise<void>;
+  timeoutMs?: number;
+  intervalMs?: number;
+};
+
+export function buildRunArguments(command: StoredRunCommand): string[] {
+  const args = ["run"];
+
+  if (!command.headless) {
+    args.push("--window");
+  }
+
+  if (command.profile) {
+    args.push("--profile", command.profile);
+  }
+
+  if (command.cookieFile) {
+    args.push("--cookie-file", command.cookieFile);
+  }
+
+  for (const url of command.cookieUrls) {
+    args.push("--cookie-url", url);
+  }
+
+  return args;
+}
+
+export function spawnDaemonProcess(options: SpawnOptions): number {
+  const spawnProcess = options.spawnProcess ?? childProcess.spawn;
+  const openFile = options.openFile ?? fs.openSync;
+  const logFd = openFile(options.logPath, "a");
+  const child = spawnProcess(
+    options.execPath,
+    [
+      ...options.execArgv,
+      options.scriptPath,
+      ...buildRunArguments(options.command),
+    ],
+    {
+      detached: true,
+      stdio: ["ignore", logFd, logFd],
+    }
+  ) as SpawnedProcess;
+
+  child.unref();
+
+  if (typeof child.pid !== "number") {
+    throw new Error("Failed to start cloak daemon.");
+  }
+
+  return child.pid;
+}
+
+export function isProcessRunning(
+  pid: number,
+  killProcess: (pid: number, signal?: NodeJS.Signals | number) => void = process.kill
+): boolean {
+  try {
+    killProcess(pid, 0);
+    return true;
+  } catch (error) {
+    if (
+      error &&
+      typeof error === "object" &&
+      "code" in error &&
+      (error as { code?: string }).code === "ESRCH"
+    ) {
+      return false;
+    }
+
+    throw error;
+  }
+}
+
+export async function stopProcess(
+  pid: number,
+  dependencies: StopProcessDependencies = {}
+): Promise<boolean> {
+  const killProcess = dependencies.killProcess ?? process.kill;
+  const processIsRunning =
+    dependencies.isProcessRunning ?? ((candidatePid: number) => isProcessRunning(candidatePid, killProcess));
+  const sleep =
+    dependencies.sleep ?? ((milliseconds: number) => new Promise((resolve) => setTimeout(resolve, milliseconds)));
+  const timeoutMs = dependencies.timeoutMs ?? 5000;
+  const intervalMs = dependencies.intervalMs ?? 100;
+
+  if (!processIsRunning(pid)) {
+    return false;
+  }
+
+  try {
+    killProcess(pid, "SIGTERM");
+  } catch (error) {
+    if (
+      error &&
+      typeof error === "object" &&
+      "code" in error &&
+      (error as { code?: string }).code === "ESRCH"
+    ) {
+      return false;
+    }
+
+    throw error;
+  }
+
+  const deadline = Date.now() + timeoutMs;
+
+  while (Date.now() < deadline) {
+    if (!processIsRunning(pid)) {
+      return true;
+    }
+
+    await sleep(intervalMs);
+  }
+
+  if (processIsRunning(pid)) {
+    killProcess(pid, "SIGKILL");
+  }
+
+  return !processIsRunning(pid);
+}

package/src/extension.ts

@@ -0,0 +1,201 @@
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import { createHash } from "node:crypto";
+import AdmZip from "adm-zip";
+import { defaultAppRootDir } from "./app-paths.js";
+import { formatInfo } from "./output.js";
+
+export const REQUIRED_EXTENSION_URL =
+  "https://github.com/jackwener/opencli/releases/download/v1.6.8/opencli-extension.zip";
+export const REQUIRED_EXTENSION_ARCHIVE_NAME = "opencli-extension.zip";
+export const REQUIRED_EXTENSION_SHA256 =
+  "a5f51d111e49e7215191a80c2dc822d4ea94950c9e239dc077862a8044bc8d2e";
+
+type DownloadRequiredExtensionDependencies = {
+  fetchImpl?: typeof fetch;
+  validateExtensionArchive?: (archivePath: string) => void;
+  log?: (message: string) => void;
+};
+
+type EnsureRequiredExtensionDependencies = {
+  validateExtensionArchive?: (archivePath: string) => void;
+  downloadRequiredExtension?: (
+    extensionsDir: string,
+    dependencies?: DownloadRequiredExtensionDependencies
+  ) => Promise<string>;
+  log?: (message: string) => void;
+};
+
+type PrepareRequiredExtensionDependencies = {
+  ensureRequiredExtensionArchive?: (
+    extensionsDir: string,
+    dependencies?: EnsureRequiredExtensionDependencies
+  ) => Promise<string>;
+  makeTempDir?: (prefix: string) => string;
+};
+
+export function validateExtensionArchive(archivePath: string): void {
+  let zip: AdmZip;
+
+  try {
+    zip = new AdmZip(archivePath);
+  } catch (error) {
+    throw new Error(`Invalid required extension archive at ${archivePath}`, {
+      cause: error,
+    });
+  }
+
+  const entryNames = zip
+    .getEntries()
+    .filter((entry) => !entry.isDirectory)
+    .map((entry) => normalizeZipEntryName(entry.entryName));
+
+  if (entryNames.length === 0) {
+    throw new Error(`Required extension archive is empty: ${archivePath}`);
+  }
+
+  if (!findManifestEntry(entryNames)) {
+    throw new Error(
+      `Required extension archive must contain manifest.json at the root or one directory deep: ${archivePath}`
+    );
+  }
+
+  const archiveDigest = createHash("sha256")
+    .update(fs.readFileSync(archivePath))
+    .digest("hex");
+
+  if (archiveDigest !== REQUIRED_EXTENSION_SHA256) {
+    throw new Error(
+      `Required extension archive digest mismatch at ${archivePath}: expected ${REQUIRED_EXTENSION_SHA256}, got ${archiveDigest}`
+    );
+  }
+}
+
+export async function downloadRequiredExtensionArchive(
+  extensionsDir: string,
+  dependencies: DownloadRequiredExtensionDependencies = {}
+): Promise<string> {
+  const fetchImpl = dependencies.fetchImpl ?? fetch;
+  const validateArchive = dependencies.validateExtensionArchive ?? validateExtensionArchive;
+  const log = dependencies.log ?? ((message: string) => console.log(formatInfo(message)));
+  const archivePath = path.join(extensionsDir, REQUIRED_EXTENSION_ARCHIVE_NAME);
+  const tempArchivePath = path.join(
+    extensionsDir,
+    `${REQUIRED_EXTENSION_ARCHIVE_NAME}.download-${process.pid}-${Date.now()}`
+  );
+
+  fs.mkdirSync(extensionsDir, { recursive: true });
+
+  const response = await fetchImpl(REQUIRED_EXTENSION_URL);
+  if (!response.ok) {
+    throw new Error(
+      `Failed to download required extension: ${response.status} ${response.statusText}`
+    );
+  }
+
+  const archiveBody = Buffer.from(await response.arrayBuffer());
+
+  fs.writeFileSync(tempArchivePath, archiveBody);
+
+  try {
+    validateArchive(tempArchivePath);
+    fs.rmSync(archivePath, { force: true });
+    fs.renameSync(tempArchivePath, archivePath);
+  } catch (error) {
+    fs.rmSync(tempArchivePath, { force: true });
+    throw error;
+  }
+
+  log(`Prepared required extension archive at ${archivePath}`);
+
+  return archivePath;
+}
+
+export async function ensureRequiredExtensionArchive(
+  extensionsDir: string,
+  dependencies: EnsureRequiredExtensionDependencies = {}
+): Promise<string> {
+  const validateArchive = dependencies.validateExtensionArchive ?? validateExtensionArchive;
+  const downloadRequiredExtension =
+    dependencies.downloadRequiredExtension ?? downloadRequiredExtensionArchive;
+  const log = dependencies.log ?? ((message: string) => console.log(formatInfo(message)));
+  const archivePath = path.join(extensionsDir, REQUIRED_EXTENSION_ARCHIVE_NAME);
+
+  if (fs.existsSync(archivePath)) {
+    try {
+      validateArchive(archivePath);
+      return archivePath;
+    } catch {
+      log(`Repairing required extension archive at ${archivePath}`);
+    }
+  } else {
+    log(`Downloading required extension archive to ${archivePath}`);
+  }
+
+  const refreshedArchivePath = await downloadRequiredExtension(extensionsDir, {
+    validateExtensionArchive: validateArchive,
+    log,
+  });
+  validateArchive(refreshedArchivePath);
+
+  return refreshedArchivePath;
+}
+
+export async function prepareRequiredExtension(
+  extensionsDir: string,
+  dependencies: PrepareRequiredExtensionDependencies = {}
+): Promise<string> {
+  const ensureArchive =
+    dependencies.ensureRequiredExtensionArchive ?? ensureRequiredExtensionArchive;
+  const makeTempDir = dependencies.makeTempDir ?? fs.mkdtempSync;
+  const archivePath = await ensureArchive(extensionsDir);
+  const tempDir = makeTempDir(path.join(os.tmpdir(), "cloak-ext-"));
+
+  new AdmZip(archivePath).extractAllTo(tempDir, true);
+
+  return resolveExtractedExtensionRoot(tempDir);
+}
+
+export async function installRequiredExtension(
+  extensionsDir: string = defaultAppRootDir(),
+  dependencies: EnsureRequiredExtensionDependencies = {}
+): Promise<string> {
+  return ensureRequiredExtensionArchive(extensionsDir, dependencies);
+}
+
+function normalizeZipEntryName(entryName: string): string {
+  return entryName.replace(/\\/g, "/").replace(/^\/+/, "");
+}
+
+function findManifestEntry(entryNames: string[]): string | undefined {
+  return entryNames.find((entryName) => {
+    if (entryName === "manifest.json") {
+      return true;
+    }
+
+    const segments = entryName.split("/");
+    return segments.length === 2 && segments[1] === "manifest.json";
+  });
+}
+
+function resolveExtractedExtensionRoot(extractedDir: string): string {
+  if (fs.existsSync(path.join(extractedDir, "manifest.json"))) {
+    return extractedDir;
+  }
+
+  const nestedExtension = fs
+    .readdirSync(extractedDir, { withFileTypes: true })
+    .filter((entry) => entry.isDirectory())
+    .find((entry) =>
+      fs.existsSync(path.join(extractedDir, entry.name, "manifest.json"))
+    );
+
+  if (!nestedExtension) {
+    throw new Error(
+      `Required extension archive did not extract a manifest.json: ${extractedDir}`
+    );
+  }
+
+  return path.join(extractedDir, nestedExtension.name);
+}

package/src/install-extension.ts

@@ -0,0 +1,13 @@
+#!/usr/bin/env node
+import { installRequiredExtension } from "./extension.js";
+import { formatError, formatSuccess } from "./output.js";
+
+async function run() {
+  const archivePath = await installRequiredExtension();
+  console.log(formatSuccess(`Required extension ready at ${archivePath}`));
+}
+
+run().catch((error) => {
+  console.error(formatError(String(error)));
+  process.exit(1);
+});