push.rocks/smartregistry
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(core): Add Cargo and Composer registries with storage, auth and helpers

Browse Source
This commit is contained in:
Jürgen Kunz
2025-11-21 09:13:02 +00:00
parent 92d27d8b15
commit 8d48627301
19 changed files with 1869 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

475
ts/composer/classes.composerregistry.ts Normal file
View File

@@ -0,0 +1,475 @@
/**
* Composer Registry Implementation
* Compliant with Composer v2 repository API
*/
import { BaseRegistry } from '../core/classes.baseregistry.js';
import type { RegistryStorage } from '../core/classes.registrystorage.js';
import type { AuthManager } from '../core/classes.authmanager.js';
import type { IRequestContext, IResponse, IAuthToken } from '../core/interfaces.core.js';
import type {
IComposerPackage,
IComposerPackageMetadata,
IComposerRepository,
} from './interfaces.composer.js';
import {
normalizeVersion,
validateComposerJson,
extractComposerJsonFromZip,
calculateSha1,
parseVendorPackage,
generatePackagesJson,
sortVersions,
} from './helpers.composer.js';
export class ComposerRegistry extends BaseRegistry {
private storage: RegistryStorage;
private authManager: AuthManager;
private basePath: string = '/composer';
private registryUrl: string;
constructor(
storage: RegistryStorage,
authManager: AuthManager,
basePath: string = '/composer',
registryUrl: string = 'http://localhost:5000/composer'
) {
super();
this.storage = storage;
this.authManager = authManager;
this.basePath = basePath;
this.registryUrl = registryUrl;
}
public async init(): Promise<void> {
// Composer registry initialization
}
public getBasePath(): string {
return this.basePath;
}
public async handleRequest(context: IRequestContext): Promise<IResponse> {
const path = context.path.replace(this.basePath, '');
// Extract token from Authorization header
const authHeader = context.headers['authorization'] || context.headers['Authorization'];
let token: IAuthToken | null = null;
if (authHeader) {
if (authHeader.startsWith('Bearer ')) {
const tokenString = authHeader.replace(/^Bearer\s+/i, '');
token = await this.authManager.validateToken(tokenString, 'composer');
} else if (authHeader.startsWith('Basic ')) {
// Handle HTTP Basic Auth
const credentials = Buffer.from(authHeader.replace(/^Basic\s+/i, ''), 'base64').toString('utf-8');
const [username, password] = credentials.split(':');
const userId = await this.authManager.authenticate({ username, password });
if (userId) {
// Create temporary token for this request
token = {
type: 'composer',
userId,
scopes: ['composer:*:*:read'],
readonly: true,
};
}
}
}
// Root packages.json
if (path === '/packages.json' || path === '' || path === '/') {
return this.handlePackagesJson();
}
// Package metadata: /p2/{vendor}/{package}.json or /p2/{vendor}/{package}~dev.json
const metadataMatch = path.match(/^\/p2\/([^\/]+\/[^\/]+?)(~dev)?\.json$/);
if (metadataMatch) {
const [, vendorPackage, devSuffix] = metadataMatch;
const includeDev = !!devSuffix;
return this.handlePackageMetadata(vendorPackage, includeDev, token);
}
// Package list: /packages/list.json?filter=vendor/*
if (path.startsWith('/packages/list.json')) {
const filter = context.query['filter'];
return this.handlePackageList(filter, token);
}
// Package ZIP download: /dists/{vendor}/{package}/{reference}.zip
const distMatch = path.match(/^\/dists\/([^\/]+\/[^\/]+)\/([^\/]+)\.zip$/);
if (distMatch) {
const [, vendorPackage, reference] = distMatch;
return this.handlePackageDownload(vendorPackage, reference, token);
}
// Package upload: PUT /packages/{vendor}/{package}
const uploadMatch = path.match(/^\/packages\/([^\/]+\/[^\/]+)$/);
if (uploadMatch && context.method === 'PUT') {
const vendorPackage = uploadMatch[1];
return this.handlePackageUpload(vendorPackage, context.body, token);
}
// Package delete: DELETE /packages/{vendor}/{package}
if (uploadMatch && context.method === 'DELETE') {
const vendorPackage = uploadMatch[1];
return this.handlePackageDelete(vendorPackage, token);
}
// Version delete: DELETE /packages/{vendor}/{package}/{version}
const versionDeleteMatch = path.match(/^\/packages\/([^\/]+\/[^\/]+)\/(.+)$/);
if (versionDeleteMatch && context.method === 'DELETE') {
const [, vendorPackage, version] = versionDeleteMatch;
return this.handleVersionDelete(vendorPackage, version, token);
}
return {
status: 404,
headers: { 'Content-Type': 'application/json' },
body: { status: 'error', message: 'Not found' },
};
}
protected async checkPermission(
token: IAuthToken | null,
resource: string,
action: string
): Promise<boolean> {
if (!token) return false;
return this.authManager.authorize(token, `composer:package:${resource}`, action);
}
// ========================================================================
// REQUEST HANDLERS
// ========================================================================
private async handlePackagesJson(): Promise<IResponse> {
const availablePackages = await this.storage.listComposerPackages();
const packagesJson = generatePackagesJson(this.registryUrl, availablePackages);
return {
status: 200,
headers: { 'Content-Type': 'application/json' },
body: packagesJson,
};
}
private async handlePackageMetadata(
vendorPackage: string,
includeDev: boolean,
token: IAuthToken | null
): Promise<IResponse> {
// Check read permission
if (!await this.checkPermission(token, vendorPackage, 'read')) {
return {
status: 401,
headers: { 'WWW-Authenticate': 'Bearer realm="composer"' },
body: { status: 'error', message: 'Authentication required' },
};
}
const metadata = await this.storage.getComposerPackageMetadata(vendorPackage);
if (!metadata) {
return {
status: 404,
headers: { 'Content-Type': 'application/json' },
body: { status: 'error', message: 'Package not found' },
};
}
// Filter dev versions if needed
let packages = metadata.packages[vendorPackage] || [];
if (!includeDev) {
packages = packages.filter((pkg: IComposerPackage) =>
!pkg.version.includes('dev') && !pkg.version.includes('alpha') && !pkg.version.includes('beta')
);
}
const response: IComposerPackageMetadata = {
minified: 'composer/2.0',
packages: {
[vendorPackage]: packages,
},
};
return {
status: 200,
headers: {
'Content-Type': 'application/json',
'Last-Modified': metadata.lastModified || new Date().toUTCString(),
},
body: response,
};
}
private async handlePackageList(
filter: string | undefined,
token: IAuthToken | null
): Promise<IResponse> {
let packages = await this.storage.listComposerPackages();
// Apply filter if provided
if (filter) {
const regex = new RegExp('^' + filter.replace(/\*/g, '.*') + '$');
packages = packages.filter(pkg => regex.test(pkg));
}
return {
status: 200,
headers: { 'Content-Type': 'application/json' },
body: { packageNames: packages },
};
}
private async handlePackageDownload(
vendorPackage: string,
reference: string,
token: IAuthToken | null
): Promise<IResponse> {
// Check read permission
if (!await this.checkPermission(token, vendorPackage, 'read')) {
return {
status: 401,
headers: { 'WWW-Authenticate': 'Bearer realm="composer"' },
body: { status: 'error', message: 'Authentication required' },
};
}
const zipData = await this.storage.getComposerPackageZip(vendorPackage, reference);
if (!zipData) {
return {
status: 404,
headers: {},
body: { status: 'error', message: 'Package file not found' },
};
}
return {
status: 200,
headers: {
'Content-Type': 'application/zip',
'Content-Length': zipData.length.toString(),
'Content-Disposition': `attachment; filename="${reference}.zip"`,
},
body: zipData,
};
}
private async handlePackageUpload(
vendorPackage: string,
body: any,
token: IAuthToken | null
): Promise<IResponse> {
// Check write permission
if (!await this.checkPermission(token, vendorPackage, 'write')) {
return {
status: 401,
headers: {},
body: { status: 'error', message: 'Write permission required' },
};
}
if (!body || !Buffer.isBuffer(body)) {
return {
status: 400,
headers: {},
body: { status: 'error', message: 'ZIP file required' },
};
}
// Extract and validate composer.json from ZIP
const composerJson = await extractComposerJsonFromZip(body);
if (!composerJson || !validateComposerJson(composerJson)) {
return {
status: 400,
headers: {},
body: { status: 'error', message: 'Invalid composer.json in ZIP' },
};
}
// Verify package name matches
if (composerJson.name !== vendorPackage) {
return {
status: 400,
headers: {},
body: { status: 'error', message: 'Package name mismatch' },
};
}
const version = composerJson.version;
if (!version) {
return {
status: 400,
headers: {},
body: { status: 'error', message: 'Version required in composer.json' },
};
}
// Calculate SHA-1 hash
const shasum = await calculateSha1(body);
// Generate reference (use version or commit hash)
const reference = composerJson.source?.reference || version.replace(/[^a-zA-Z0-9.-]/g, '-');
// Store ZIP file
await this.storage.putComposerPackageZip(vendorPackage, reference, body);
// Get or create metadata
let metadata = await this.storage.getComposerPackageMetadata(vendorPackage);
if (!metadata) {
metadata = {
packages: {
[vendorPackage]: [],
},
lastModified: new Date().toUTCString(),
};
}
// Build package entry
const packageEntry: IComposerPackage = {
...composerJson,
version_normalized: normalizeVersion(version),
dist: {
type: 'zip',
url: `${this.registryUrl}/dists/${vendorPackage}/${reference}.zip`,
reference,
shasum,
},
time: new Date().toISOString(),
};
// Add to metadata (check if version already exists)
const packages = metadata.packages[vendorPackage] || [];
const existingIndex = packages.findIndex((p: IComposerPackage) => p.version === version);
if (existingIndex >= 0) {
return {
status: 409,
headers: {},
body: { status: 'error', message: 'Version already exists' },
};
}
packages.push(packageEntry);
// Sort by version
const sortedVersions = sortVersions(packages.map((p: IComposerPackage) => p.version));
packages.sort((a: IComposerPackage, b: IComposerPackage) => {
return sortedVersions.indexOf(a.version) - sortedVersions.indexOf(b.version);
});
metadata.packages[vendorPackage] = packages;
metadata.lastModified = new Date().toUTCString();
// Store updated metadata
await this.storage.putComposerPackageMetadata(vendorPackage, metadata);
return {
status: 201,
headers: {},
body: {
status: 'success',
message: 'Package uploaded successfully',
package: vendorPackage,
version,
},
};
}
private async handlePackageDelete(
vendorPackage: string,
token: IAuthToken | null
): Promise<IResponse> {
// Check delete permission
if (!await this.checkPermission(token, vendorPackage, 'delete')) {
return {
status: 401,
headers: {},
body: { status: 'error', message: 'Delete permission required' },
};
}
const metadata = await this.storage.getComposerPackageMetadata(vendorPackage);
if (!metadata) {
return {
status: 404,
headers: {},
body: { status: 'error', message: 'Package not found' },
};
}
// Delete all ZIP files
const packages = metadata.packages[vendorPackage] || [];
for (const pkg of packages) {
if (pkg.dist?.reference) {
await this.storage.deleteComposerPackageZip(vendorPackage, pkg.dist.reference);
}
}
// Delete metadata
await this.storage.deleteComposerPackageMetadata(vendorPackage);
return {
status: 204,
headers: {},
body: null,
};
}
private async handleVersionDelete(
vendorPackage: string,
version: string,
token: IAuthToken | null
): Promise<IResponse> {
// Check delete permission
if (!await this.checkPermission(token, vendorPackage, 'delete')) {
return {
status: 401,
headers: {},
body: { status: 'error', message: 'Delete permission required' },
};
}
const metadata = await this.storage.getComposerPackageMetadata(vendorPackage);
if (!metadata) {
return {
status: 404,
headers: {},
body: { status: 'error', message: 'Package not found' },
};
}
const packages = metadata.packages[vendorPackage] || [];
const versionIndex = packages.findIndex((p: IComposerPackage) => p.version === version);
if (versionIndex === -1) {
return {
status: 404,
headers: {},
body: { status: 'error', message: 'Version not found' },
};
}
// Delete ZIP file
const pkg = packages[versionIndex];
if (pkg.dist?.reference) {
await this.storage.deleteComposerPackageZip(vendorPackage, pkg.dist.reference);
}
// Remove from metadata
packages.splice(versionIndex, 1);
metadata.packages[vendorPackage] = packages;
metadata.lastModified = new Date().toUTCString();
// Save updated metadata
await this.storage.putComposerPackageMetadata(vendorPackage, metadata);
return {
status: 204,
headers: {},
body: null,
};
}
}

139
ts/composer/helpers.composer.ts Normal file
View File

@@ -0,0 +1,139 @@
/**
* Composer Registry Helper Functions
*/
import type { IComposerPackage } from './interfaces.composer.js';
/**
* Normalize version string to Composer format
* Example: "1.0.0" -> "1.0.0.0", "v2.3.1" -> "2.3.1.0"
*/
export function normalizeVersion(version: string): string {
// Remove 'v' prefix if present
let normalized = version.replace(/^v/i, '');
// Handle special versions (dev, alpha, beta, rc)
if (normalized.includes('dev') || normalized.includes('alpha') || normalized.includes('beta') || normalized.includes('RC')) {
// For dev versions, just return as-is with .0 appended if needed
const parts = normalized.split(/[-+]/)[0].split('.');
while (parts.length < 4) {
parts.push('0');
}
return parts.slice(0, 4).join('.');
}
// Split by dots
const parts = normalized.split('.');
// Ensure 4 parts (major.minor.patch.build)
while (parts.length < 4) {
parts.push('0');
}
return parts.slice(0, 4).join('.');
}
/**
* Validate composer.json structure
*/
export function validateComposerJson(composerJson: any): boolean {
return !!(
composerJson &&
typeof composerJson.name === 'string' &&
composerJson.name.includes('/') &&
(composerJson.version || composerJson.require)
);
}
/**
* Extract composer.json from ZIP buffer
*/
export async function extractComposerJsonFromZip(zipBuffer: Buffer): Promise<any | null> {
try {
const AdmZip = (await import('adm-zip')).default;
const zip = new AdmZip(zipBuffer);
const entries = zip.getEntries();
// Look for composer.json in root or first-level directory
for (const entry of entries) {
if (entry.entryName.endsWith('composer.json')) {
const parts = entry.entryName.split('/');
if (parts.length <= 2) { // Root or first-level dir
const content = entry.getData().toString('utf-8');
return JSON.parse(content);
}
}
}
return null;
} catch (error) {
return null;
}
}
/**
* Calculate SHA-1 hash for ZIP file
*/
export async function calculateSha1(data: Buffer): Promise<string> {
const crypto = await import('crypto');
return crypto.createHash('sha1').update(data).digest('hex');
}
/**
* Parse vendor/package format
*/
export function parseVendorPackage(name: string): { vendor: string; package: string } | null {
const parts = name.split('/');
if (parts.length !== 2) {
return null;
}
return { vendor: parts[0], package: parts[1] };
}
/**
* Generate packages.json root repository file
*/
export function generatePackagesJson(
registryUrl: string,
availablePackages: string[]
): any {
return {
'metadata-url': `${registryUrl}/p2/%package%.json`,
'available-packages': availablePackages,
};
}
/**
* Sort versions in semantic version order
*/
export function sortVersions(versions: string[]): string[] {
return versions.sort((a, b) => {
const aParts = a.replace(/^v/i, '').split(/[.-]/).map(part => {
const num = parseInt(part, 10);
return isNaN(num) ? part : num;
});
const bParts = b.replace(/^v/i, '').split(/[.-]/).map(part => {
const num = parseInt(part, 10);
return isNaN(num) ? part : num;
});
for (let i = 0; i < Math.max(aParts.length, bParts.length); i++) {
const aPart = aParts[i] ?? 0;
const bPart = bParts[i] ?? 0;
// Compare numbers numerically, strings lexicographically
if (typeof aPart === 'number' && typeof bPart === 'number') {
if (aPart !== bPart) {
return aPart - bPart;
}
} else {
const aStr = String(aPart);
const bStr = String(bPart);
if (aStr !== bStr) {
return aStr.localeCompare(bStr);
}
}
}
return 0;
});
}

8
ts/composer/index.ts Normal file
View File

@@ -0,0 +1,8 @@
/**
* Composer Registry Module
* Export all public interfaces, classes, and helpers
*/
export { ComposerRegistry } from './classes.composerregistry.js';
export * from './interfaces.composer.js';
export * from './helpers.composer.js';

111
ts/composer/interfaces.composer.ts Normal file
View File

@@ -0,0 +1,111 @@
/**
* Composer Registry Type Definitions
* Compliant with Composer v2 repository API
*/
/**
* Composer package metadata
*/
export interface IComposerPackage {
name: string; // vendor/package-name
version: string; // 1.0.0
version_normalized: string; // 1.0.0.0
type?: string; // library, project, metapackage
description?: string;
keywords?: string[];
homepage?: string;
license?: string[];
authors?: IComposerAuthor[];
require?: Record<string, string>;
'require-dev'?: Record<string, string>;
suggest?: Record<string, string>;
provide?: Record<string, string>;
conflict?: Record<string, string>;
replace?: Record<string, string>;
autoload?: IComposerAutoload;
'autoload-dev'?: IComposerAutoload;
dist?: IComposerDist;
source?: IComposerSource;
time?: string; // ISO 8601 timestamp
support?: Record<string, string>;
funding?: IComposerFunding[];
extra?: Record<string, any>;
}
/**
* Author information
*/
export interface IComposerAuthor {
name: string;
email?: string;
homepage?: string;
role?: string;
}
/**
* PSR-4/PSR-0 autoloading configuration
*/
export interface IComposerAutoload {
'psr-4'?: Record<string, string | string[]>;
'psr-0'?: Record<string, string | string[]>;
classmap?: string[];
files?: string[];
'exclude-from-classmap'?: string[];
}
/**
* Distribution information (ZIP download)
*/
export interface IComposerDist {
type: 'zip' | 'tar' | 'phar';
url: string;
reference?: string; // commit hash or tag
shasum?: string; // SHA-1 hash
}
/**
* Source repository information
*/
export interface IComposerSource {
type: 'git' | 'svn' | 'hg';
url: string;
reference: string; // commit hash, branch, or tag
}
/**
* Funding information
*/
export interface IComposerFunding {
type: string; // github, patreon, etc.
url: string;
}
/**
* Repository metadata (packages.json)
*/
export interface IComposerRepository {
packages?: Record<string, Record<string, IComposerPackage>>;
'metadata-url'?: string; // /p2/%package%.json
'available-packages'?: string[];
'available-package-patterns'?: string[];
'providers-url'?: string;
'notify-batch'?: string;
minified?: string; // "composer/2.0"
}
/**
* Package metadata response (/p2/vendor/package.json)
*/
export interface IComposerPackageMetadata {
packages: Record<string, IComposerPackage[]>;
minified?: string;
lastModified?: string;
}
/**
* Error structure
*/
export interface IComposerError {
status: string;
message: string;
}