web-agent-bridge 3.3.0 → 3.4.0

package/bin/wab-init.js

@@ -0,0 +1,223 @@
+#!/usr/bin/env node
+/**
+ * wab-init — Zero-Config WAB initializer
+ *
+ * Usage:
+ *   npx wab-init                     # interactive
+ *   npx wab-init --site=https://acme.com --name="Acme" --yes
+ *
+ * Detects project type (Next.js, Nuxt, Laravel, WordPress, static) and
+ * scaffolds /.well-known/wab.json with sensible defaults plus prints
+ * platform-specific DNS TXT instructions.
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const readline = require('readline');
+
+const ARG = parseArgs(process.argv.slice(2));
+
+function parseArgs(argv) {
+  const out = { _: [] };
+  for (const a of argv) {
+    if (a.startsWith('--')) {
+      const [k, ...rest] = a.slice(2).split('=');
+      out[k] = rest.length ? rest.join('=') : true;
+    } else out._.push(a);
+  }
+  return out;
+}
+
+function ask(rl, q, def) {
+  return new Promise((resolve) => {
+    const prompt = def ? `${q} [${def}]: ` : `${q}: `;
+    rl.question(prompt, (ans) => resolve((ans || '').trim() || def || ''));
+  });
+}
+
+/* ------------------------------------------------------------------ */
+/* Project detection                                                  */
+/* ------------------------------------------------------------------ */
+
+function detectProject(cwd) {
+  const has = (f) => fs.existsSync(path.join(cwd, f));
+  const pkgPath = path.join(cwd, 'package.json');
+  let pkg = null;
+  if (has('package.json')) {
+    try { pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8')); } catch {}
+  }
+  const deps = pkg ? Object.assign({}, pkg.dependencies || {}, pkg.devDependencies || {}) : {};
+
+  if (deps.next) return { type: 'nextjs', pkg };
+  if (deps.nuxt || deps.nuxt3 || deps['nuxt-edge']) return { type: 'nuxt', pkg };
+  if (deps['@sveltejs/kit']) return { type: 'sveltekit', pkg };
+  if (deps.astro) return { type: 'astro', pkg };
+  if (deps.gatsby) return { type: 'gatsby', pkg };
+  if (deps['react-scripts'] || deps.vite) return { type: 'spa', pkg };
+  if (has('wp-config.php') || has('wp-content')) return { type: 'wordpress', pkg };
+  if (has('artisan') && has('composer.json')) return { type: 'laravel', pkg };
+  if (has('composer.json')) return { type: 'php', pkg };
+  if (has('manage.py')) return { type: 'django', pkg };
+  if (has('Gemfile')) return { type: 'rails', pkg };
+  if (pkg) return { type: 'node', pkg };
+  return { type: 'static', pkg: null };
+}
+
+function publicDirFor(type, cwd) {
+  const candidates = {
+    nextjs: ['public'],
+    nuxt: ['public', 'static'],
+    sveltekit: ['static'],
+    astro: ['public'],
+    gatsby: ['static'],
+    spa: ['public'],
+    wordpress: ['.'],
+    laravel: ['public'],
+    php: ['public', '.'],
+    django: ['static'],
+    rails: ['public'],
+    node: ['public', '.'],
+    static: ['.']
+  };
+  for (const c of candidates[type] || ['.']) {
+    if (fs.existsSync(path.join(cwd, c))) return c;
+  }
+  return '.';
+}
+
+/* ------------------------------------------------------------------ */
+/* wab.json builder                                                    */
+/* ------------------------------------------------------------------ */
+
+function buildWabJson({ siteUrl, name, description, projectType }) {
+  const baseActions = [
+    { name: 'home', description: 'Open homepage', url: siteUrl }
+  ];
+
+  // Project-aware default action hints (heuristic, user can edit).
+  const hints = {
+    wordpress: [
+      { name: 'browseBlog', description: 'Browse blog posts', url: `${siteUrl}/?feed=rss2` },
+      { name: 'searchSite', description: 'Search the site', urlTemplate: `${siteUrl}/?s={query}` }
+    ],
+    nextjs: [
+      { name: 'browseSitemap', description: 'Site URL inventory', url: `${siteUrl}/sitemap.xml` }
+    ],
+    laravel: [
+      { name: 'browseSitemap', description: 'Site URL inventory', url: `${siteUrl}/sitemap.xml` }
+    ],
+    static: []
+  };
+
+  return {
+    version: '1.0',
+    site: name,
+    description: description || `${name} — managed by Web Agent Bridge`,
+    url: siteUrl,
+    project_type: projectType,
+    generated_at: new Date().toISOString(),
+    generator: 'wab-init',
+    discovery: {
+      well_known: `${siteUrl}/.well-known/wab.json`,
+      dns_txt_record: `_wab.${new URL(siteUrl).hostname}`
+    },
+    actions: [...baseActions, ...(hints[projectType] || [])],
+    trust: {
+      signed: false,
+      note: 'Run `npm run wab:sign` (or scripts/sign-wab-domain.js) to add an Ed25519 signature.'
+    }
+  };
+}
+
+/* ------------------------------------------------------------------ */
+/* DNS instructions                                                   */
+/* ------------------------------------------------------------------ */
+
+function dnsInstructions(host) {
+  return `
+DNS Discovery (recommended for full WAB Trust):
+  Add this TXT record at your DNS provider:
+
+    Name:  _wab.${host}
+    Type:  TXT
+    Value: v=wab1; well-known=https://${host}/.well-known/wab.json
+
+Cloudflare:    DNS → Records → Add record (Type=TXT)
+Route 53:      Hosted zones → Create record (Type=TXT)
+Namecheap:     Advanced DNS → Add New Record (Type=TXT)
+GoDaddy:       DNS Management → Add → TXT
+cPanel:        Zone Editor → Add Record → TXT
+
+After publishing, verify at:
+  https://www.webagentbridge.com/check?host=${host}
+`;
+}
+
+/* ------------------------------------------------------------------ */
+/* Main                                                               */
+/* ------------------------------------------------------------------ */
+
+async function main() {
+  const cwd = process.cwd();
+  const detected = detectProject(cwd);
+  console.log(`\n  Web Agent Bridge — wab-init`);
+  console.log(`  Detected project: ${detected.type}` +
+              (detected.pkg && detected.pkg.name ? ` (${detected.pkg.name})` : '') + '\n');
+
+  let siteUrl = ARG.site || ARG.url;
+  let name = ARG.name;
+  let description = ARG.description;
+
+  if (!ARG.yes && (!siteUrl || !name)) {
+    const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+    try {
+      siteUrl = siteUrl || await ask(rl, 'Site URL (https://example.com)', 'https://example.com');
+      name = name || await ask(rl, 'Site name', detected.pkg && detected.pkg.name || 'My Site');
+      description = description || await ask(rl, 'Short description', '');
+    } finally {
+      rl.close();
+    }
+  }
+
+  if (!siteUrl) siteUrl = 'https://example.com';
+  if (!name) name = (detected.pkg && detected.pkg.name) || 'My Site';
+
+  // Normalize URL
+  if (!/^https?:\/\//i.test(siteUrl)) siteUrl = `https://${siteUrl}`;
+  siteUrl = siteUrl.replace(/\/+$/, '');
+  const host = new URL(siteUrl).hostname;
+
+  const wab = buildWabJson({ siteUrl, name, description, projectType: detected.type });
+
+  const pubDir = publicDirFor(detected.type, cwd);
+  const wellKnownDir = path.join(cwd, pubDir, '.well-known');
+  const wabPath = path.join(wellKnownDir, 'wab.json');
+
+  if (fs.existsSync(wabPath) && !ARG.force && !ARG.yes) {
+    console.log(`\n  ! ${path.relative(cwd, wabPath)} already exists. Use --force to overwrite.`);
+    process.exit(2);
+  }
+
+  fs.mkdirSync(wellKnownDir, { recursive: true });
+  fs.writeFileSync(wabPath, JSON.stringify(wab, null, 2) + '\n');
+
+  console.log(`\n  Wrote: ${path.relative(cwd, wabPath)}`);
+  console.log(`  URL:   ${siteUrl}/.well-known/wab.json`);
+  console.log(dnsInstructions(host));
+  console.log(`  Next steps:`);
+  console.log(`    1. Deploy your site so /.well-known/wab.json is publicly reachable.`);
+  console.log(`    2. Add the DNS TXT record above.`);
+  console.log(`    3. (Optional) Sign with Ed25519: see scripts/sign-wab-domain.js`);
+  console.log(`    4. Verify: https://www.webagentbridge.com/check?host=${host}\n`);
+}
+
+if (require.main === module) {
+  main().catch((e) => {
+    console.error('wab-init failed:', e.message);
+    process.exit(1);
+  });
+}
+
+module.exports = { detectProject, buildWabJson, publicDirFor };

package/examples/azure-dns-wab.js

@@ -0,0 +1,83 @@
+#!/usr/bin/env node
+/**
+ * azure-dns-wab.js — enable/disable WAB DNS Discovery TXT record on Azure DNS.
+ *
+ * Auth: Bearer token from Azure CLI:
+ *   az account get-access-token --resource https://management.azure.com/ --query accessToken -o tsv
+ *
+ * Usage:
+ *   AZURE_TOKEN="…"  node azure-dns-wab.js enable  example.com <subscription-id> <resource-group> <zone-name>
+ *   AZURE_TOKEN="…"  node azure-dns-wab.js disable example.com <subscription-id> <resource-group> <zone-name>
+ *   node azure-dns-wab.js status example.com
+ *
+ * Required role on the DNS zone: "DNS Zone Contributor"
+ */
+
+'use strict';
+
+const fetch = (() => { try { return require('node-fetch'); } catch { return globalThis.fetch; } })();
+
+const [,, action, domain, subId, rg, zone] = process.argv;
+const TOKEN    = process.env.AZURE_TOKEN;
+const WAB_BASE = process.env.WAB_BASE_URL || 'https://www.webagentbridge.com';
+const ENDPOINT = process.env.WAB_ENDPOINT || `https://${domain}/.well-known/wab.json`;
+const API_VER  = '2018-05-01';
+
+if (!action || !domain) { console.error('Usage: node azure-dns-wab.js <enable|disable|status> <domain> [subscription-id] [resource-group] [zone-name]'); process.exit(1); }
+if (!['enable','disable','status'].includes(action)) { console.error('Action must be: enable | disable | status'); process.exit(1); }
+if (action !== 'status') {
+  if (!TOKEN) { console.error('Set AZURE_TOKEN (run: az account get-access-token --resource https://management.azure.com/ --query accessToken -o tsv)'); process.exit(1); }
+  if (!subId || !rg || !zone) { console.error('Need <subscription-id> <resource-group> <zone-name>'); process.exit(1); }
+}
+
+const azPath = (subId, rg, zone) =>
+  `https://management.azure.com/subscriptions/${subId}/resourceGroups/${rg}` +
+  `/providers/Microsoft.Network/dnsZones/${zone}/TXT/_wab?api-version=${API_VER}`;
+
+async function azReq(method, url, body) {
+  const r = await fetch(url, {
+    method,
+    headers: { 'Authorization': `Bearer ${TOKEN}`, 'Content-Type': 'application/json' },
+    body: body ? JSON.stringify(body) : undefined,
+  });
+  const text = await r.text();
+  if (!r.ok && !(method === 'DELETE' && r.status === 404)) {
+    throw new Error(`Azure ${method} ${r.status}: ${text}`);
+  }
+  return text ? JSON.parse(text) : {};
+}
+
+async function getTpl() {
+  const j = await (await fetch(`${WAB_BASE}/api/discovery/provider/record-template?domain=${encodeURIComponent(domain)}&endpoint=${encodeURIComponent(ENDPOINT)}`)).json();
+  if (!j.record || !j.record.value) throw new Error('Could not fetch WAB record template');
+  return j.record.value;
+}
+
+async function main() {
+  console.log(`[WAB] Action: ${action} | Domain: ${domain}`);
+
+  if (action === 'status') {
+    const j = await (await fetch(`${WAB_BASE}/api/discovery/provider/status?domain=${encodeURIComponent(domain)}`)).json();
+    console.log(`[WAB] Status: ${j.status}`);
+    console.log(JSON.stringify(j, null, 2));
+    return;
+  }
+
+  const url = azPath(subId, rg, zone);
+
+  if (action === 'enable') {
+    const txtVal = await getTpl();
+    console.log(`[WAB] TXT value: ${txtVal}`);
+    await azReq('PUT', url, { properties: { TTL: 3600, TXTRecords: [{ value: [txtVal] }] } });
+    console.log('[Azure DNS] PUT _wab TXT record done');
+    console.log('[WAB] WAB Discovery ENABLED.');
+  }
+
+  if (action === 'disable') {
+    await azReq('DELETE', url);
+    console.log('[Azure DNS] _wab TXT record deleted');
+    console.log('[WAB] WAB Discovery DISABLED.');
+  }
+}
+
+main().catch(err => { console.error('[ERROR]', err.message); process.exit(1); });

package/examples/cloudflare-wab-dns.js

@@ -0,0 +1,121 @@
+#!/usr/bin/env node
+/**
+ * cloudflare-wab-dns.js
+ * ---------------------
+ * CLI tool: enable or disable WAB DNS Discovery TXT record on Cloudflare.
+ *
+ * Usage:
+ *   CF_API_TOKEN=<token> node cloudflare-wab-dns.js enable  example.com
+ *   CF_API_TOKEN=<token> node cloudflare-wab-dns.js disable example.com
+ *   CF_API_TOKEN=<token> node cloudflare-wab-dns.js status  example.com
+ *
+ * Optional: set WAB_ENDPOINT env var to override the endpoint URL in the TXT record.
+ *
+ * Required npm package: node-fetch (v2 for CommonJS):
+ *   npm install node-fetch@2
+ */
+
+'use strict';
+
+const fetch = (() => {
+  try { return require('node-fetch'); }
+  catch { return globalThis.fetch; }
+})();
+
+const CF_TOKEN   = process.env.CF_API_TOKEN;
+const [,, action, domain] = process.argv;
+
+if (!CF_TOKEN) { console.error('Error: CF_API_TOKEN env variable is required.'); process.exit(1); }
+if (!action || !domain) {
+  console.error('Usage: node cloudflare-wab-dns.js <enable|disable|status> <domain>');
+  process.exit(1);
+}
+if (!['enable', 'disable', 'status'].includes(action)) {
+  console.error('Action must be one of: enable, disable, status');
+  process.exit(1);
+}
+
+const CF_BASE  = 'https://api.cloudflare.com/client/v4';
+const WAB_BASE = process.env.WAB_BASE_URL || 'https://www.webagentbridge.com';
+const ENDPOINT = process.env.WAB_ENDPOINT || `https://${domain}/.well-known/wab.json`;
+
+function cfHeaders() {
+  return { 'Authorization': `Bearer ${CF_TOKEN}`, 'Content-Type': 'application/json' };
+}
+
+async function cfGet(path) {
+  const r = await fetch(`${CF_BASE}${path}`, { headers: cfHeaders() });
+  const j = await r.json();
+  if (!j.success) throw new Error(`CF API error: ${JSON.stringify(j.errors)}`);
+  return j;
+}
+
+async function getZoneId() {
+  const j = await cfGet(`/zones?name=${encodeURIComponent(domain)}`);
+  if (!j.result[0]) throw new Error(`Zone not found for domain "${domain}"`);
+  return j.result[0].id;
+}
+
+async function getRecordTemplate() {
+  const url = `${WAB_BASE}/api/discovery/provider/record-template?domain=${encodeURIComponent(domain)}&endpoint=${encodeURIComponent(ENDPOINT)}`;
+  const r   = await fetch(url);
+  const j   = await r.json();
+  if (!j.record || !j.record.value) throw new Error('Could not fetch WAB record template');
+  return j.record.value;
+}
+
+async function findExistingRecord(zoneId) {
+  const j = await cfGet(`/zones/${zoneId}/dns_records?type=TXT&name=_wab.${domain}`);
+  return j.result && j.result[0] ? j.result[0] : null;
+}
+
+async function main() {
+  console.log(`[WAB] Action: ${action} | Domain: ${domain}`);
+
+  if (action === 'status') {
+    const url = `${WAB_BASE}/api/discovery/provider/status?domain=${encodeURIComponent(domain)}`;
+    const j   = await (await fetch(url)).json();
+    console.log(`[WAB] Status: ${j.status}`);
+    console.log(JSON.stringify(j, null, 2));
+    return;
+  }
+
+  const txtValue = await getRecordTemplate();
+  console.log(`[WAB] TXT value: ${txtValue}`);
+
+  const zoneId   = await getZoneId();
+  console.log(`[CF]  Zone ID:   ${zoneId}`);
+
+  const existing = await findExistingRecord(zoneId);
+  const recBase  = `${CF_BASE}/zones/${zoneId}/dns_records`;
+
+  if (action === 'enable') {
+    const body = JSON.stringify({ type: 'TXT', name: `_wab.${domain}`, content: txtValue, ttl: 3600 });
+    if (existing) {
+      const r = await fetch(`${recBase}/${existing.id}`, { method: 'PUT', headers: cfHeaders(), body });
+      const j = await r.json();
+      if (!j.success) throw new Error(`PUT failed: ${JSON.stringify(j.errors)}`);
+      console.log(`[CF]  Updated TXT record (id=${existing.id})`);
+    } else {
+      const r = await fetch(recBase, { method: 'POST', headers: cfHeaders(), body });
+      const j = await r.json();
+      if (!j.success) throw new Error(`POST failed: ${JSON.stringify(j.errors)}`);
+      console.log(`[CF]  Created TXT record (id=${j.result.id})`);
+    }
+    console.log('[WAB] WAB Discovery ENABLED. Verification may take up to 60 s for DNS propagation.');
+  }
+
+  if (action === 'disable') {
+    if (!existing) {
+      console.log('[CF]  No _wab TXT record found. Already disabled.');
+      return;
+    }
+    const r = await fetch(`${recBase}/${existing.id}`, { method: 'DELETE', headers: cfHeaders() });
+    const j = await r.json();
+    if (!j.success) throw new Error(`DELETE failed: ${JSON.stringify(j.errors)}`);
+    console.log(`[CF]  Deleted TXT record (id=${existing.id})`);
+    console.log('[WAB] WAB Discovery DISABLED.');
+  }
+}
+
+main().catch(err => { console.error('[ERROR]', err.message); process.exit(1); });

package/examples/cpanel-wab-dns.js

@@ -0,0 +1,114 @@
+#!/usr/bin/env node
+/**
+ * cpanel-wab-dns.js
+ * ------------------
+ * CLI tool: enable or disable WAB DNS Discovery TXT record via cPanel UAPI.
+ *
+ * Usage:
+ *   CPANEL_API_TOKEN=<token> node cpanel-wab-dns.js enable  example.com cpanel.example.com myuser
+ *   CPANEL_API_TOKEN=<token> node cpanel-wab-dns.js disable example.com cpanel.example.com myuser
+ *   CPANEL_API_TOKEN=<token> node cpanel-wab-dns.js status  example.com
+ *
+ * Optional env vars:
+ *   CPANEL_PORT=2083        (default: 2083)
+ *   CPANEL_PASSWORD         (used instead of API token when set; token preferred)
+ *   WAB_BASE_URL            (default: https://www.webagentbridge.com)
+ *   WAB_ENDPOINT            (override the wab.json endpoint URL in the TXT record)
+ *   NODE_TLS_REJECT_UNAUTHORIZED=0   (set to bypass self-signed cert on test servers)
+ *
+ * Required: node-fetch v2 for CommonJS environments:
+ *   npm install node-fetch@2
+ */
+
+'use strict';
+
+const fetch = (() => {
+  try { return require('node-fetch'); }
+  catch { return globalThis.fetch; }
+})();
+
+const [,, action, domain, cpHost, cpUser] = process.argv;
+
+const CP_PORT  = process.env.CPANEL_PORT     || '2083';
+const CP_TOKEN = process.env.CPANEL_API_TOKEN;
+const CP_PASS  = process.env.CPANEL_PASSWORD;
+const WAB_BASE = process.env.WAB_BASE_URL    || 'https://www.webagentbridge.com';
+const ENDPOINT = process.env.WAB_ENDPOINT    || `https://${domain}/.well-known/wab.json`;
+
+if (!action || !domain)              { console.error('Usage: node cpanel-wab-dns.js <enable|disable|status> <domain> [cpanel-host] [username]'); process.exit(1); }
+if (!['enable','disable','status'].includes(action)) { console.error('Action must be: enable | disable | status'); process.exit(1); }
+if (action !== 'status' && (!cpHost || !cpUser))     { console.error('cpanel-host and username required for enable/disable'); process.exit(1); }
+if (action !== 'status' && !CP_TOKEN && !CP_PASS)    { console.error('Set CPANEL_API_TOKEN or CPANEL_PASSWORD env variable'); process.exit(1); }
+
+function cpHeaders() {
+  if (CP_TOKEN) return { Authorization: `cpanel ${cpUser}:${CP_TOKEN}` };
+  const b64 = Buffer.from(`${cpUser}:${CP_PASS}`).toString('base64');
+  return { Authorization: `Basic ${b64}` };
+}
+
+function cpUrl(func, params = {}) {
+  const qs = new URLSearchParams({ domain, ...params }).toString();
+  return `https://${cpHost}:${CP_PORT}/execute/ZoneEdit/${func}?${qs}`;
+}
+
+async function cpCall(func, params = {}) {
+  const r = await fetch(cpUrl(func, params), { headers: cpHeaders() });
+  const j = await r.json();
+  if (j.errors && j.errors.length) throw new Error(`cPanel error: ${j.errors.join(', ')}`);
+  return j;
+}
+
+async function getRecordTemplate() {
+  const url = `${WAB_BASE}/api/discovery/provider/record-template?domain=${encodeURIComponent(domain)}&endpoint=${encodeURIComponent(ENDPOINT)}`;
+  const j   = await (await fetch(url)).json();
+  if (!j.record || !j.record.value) throw new Error('Could not fetch WAB record template');
+  return j.record.value;
+}
+
+async function listWabRecords() {
+  const j = await cpCall('fetch_zone_records', { type: 'TXT', name: `_wab.${domain}.` });
+  return Array.isArray(j.data) ? j.data : [];
+}
+
+async function main() {
+  console.log(`[WAB] Action: ${action} | Domain: ${domain}`);
+
+  if (action === 'status') {
+    const url = `${WAB_BASE}/api/discovery/provider/status?domain=${encodeURIComponent(domain)}`;
+    const j   = await (await fetch(url)).json();
+    console.log(`[WAB] Status: ${j.status}`);
+    console.log(JSON.stringify(j, null, 2));
+    return;
+  }
+
+  const txtValue = await getRecordTemplate();
+  console.log(`[WAB] TXT value: ${txtValue}`);
+
+  const records  = await listWabRecords();
+  const existing = records[0] || null;
+  console.log(`[CP]  Existing _wab TXT records: ${records.length}`);
+
+  if (action === 'enable') {
+    const payload = { type: 'TXT', name: `_wab.${domain}.`, txtdata: txtValue, ttl: 3600 };
+    if (existing) {
+      const j = await cpCall('edit_zone_record', { ...payload, line: existing.line });
+      console.log(`[CP]  Updated TXT record (line=${existing.line})`);
+      console.log(JSON.stringify(j, null, 2));
+    } else {
+      const j = await cpCall('add_zone_record', payload);
+      console.log('[CP]  Created TXT record');
+      console.log(JSON.stringify(j, null, 2));
+    }
+    console.log('[WAB] WAB Discovery ENABLED. Propagation may take up to 60 s.');
+  }
+
+  if (action === 'disable') {
+    if (!existing) { console.log('[CP]  No _wab record found — already disabled.'); return; }
+    const j = await cpCall('remove_zone_record', { line: existing.line });
+    console.log(`[CP]  Deleted TXT record (line=${existing.line})`);
+    console.log(JSON.stringify(j, null, 2));
+    console.log('[WAB] WAB Discovery DISABLED.');
+  }
+}
+
+main().catch(err => { console.error('[ERROR]', err.message); process.exit(1); });