feat(app sec): Handle App Sec url

.github/workflows/coding-standards.yml

@@ -46,11 +46,6 @@ jobs:
       - name: Add-ons install
         run: ddev get julienloizelet/ddev-tools
 
-      - name: Add Redis, Memcached and X-Debug
-        if: ${{ matrix.php-version == '8.3' }}
-        run: |
-          cp .ddev/okaeli-add-on/common/custom_files/config.php83missing.yaml .ddev/config.php83missing.yaml
-
       - name: Start DDEV  with PHP ${{ matrix.php-version }}
         run: ddev start
 

.github/workflows/markdown.yml → .github/workflows/doc-links.yml

@@ -1,11 +1,14 @@
 on:
   workflow_dispatch:
-
-name: Markdown files test and update
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
 
 permissions:
-  contents: write
-  pull-requests: write
+  contents: read
 
 jobs:
   markdown-test-and-update:
@@ -34,12 +37,3 @@ jobs:
           cd extension
           awesome_bot --files README.md --allow-dupe --allow 401 --skip-save-results --white-list ddev.site --base-url http://localhost:8080/
           awesome_bot docs/*.md --skip-save-results --allow-dupe --allow 401 --white-list crowdsec.net/v2,ddev.site --base-url http://localhost:8080/docs/
-
-      - name: Generate table of contents
-        uses: technote-space/toc-generator@v4
-        with:
-          MAX_HEADER_LEVEL: 5
-          COMMIT_NAME: CrowdSec Dev Bot
-          TARGET_PATHS: 'docs/*.md'
-          CHECK_ONLY_DEFAULT_BRANCH: true
-          CREATE_PR: true

.github/workflows/unit-and-integration-test.yml

@@ -51,13 +51,13 @@ jobs:
       - name: Add-ons install
         run: ddev get julienloizelet/ddev-tools
 
-      - name: Add Redis, Memcached and X-Debug
-        if: ${{ matrix.php-version == '8.3' }}
-        run: |
-          cp .ddev/okaeli-add-on/common/custom_files/config.php83missing.yaml .ddev/config.php83missing.yaml  
-
-      - name: Start DDEV  with PHP ${{ matrix.php-version }}
-        run: ddev start
+      - name: Start DDEV
+        uses: nick-fields/retry@v3
+        with:
+          timeout_minutes: 5
+          max_attempts: 3
+          shell: bash
+          command: ddev start
 
       - name: Some DEBUG information
         run: |

CHANGELOG.md

@@ -10,6 +10,23 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 The [public API](https://semver.org/spec/v2.0.0.html#spec-item-1) of this library consists of all public or protected methods, properties and constants belonging to 
 the `src` folder.
 
+As far as possible, we try to adhere to [Symfony guidelines](https://symfony.com/doc/current/contributing/code/bc.html#working-on-symfony-code) when deciding whether a change is a breaking change or not.
+
+---
+
+## [2.3.0](https://github.com/crowdsecurity/php-common/releases/tag/v2.3.0) - 2024-??-??
+[_Compare with previous release_](https://github.com/crowdsecurity/php-common/compare/v2.2.0...v2.3.0)
+
+
+### Changed
+
+- Modify `Client\AbstractClient` class to handle App Sec request
+
+### Added
+
+- Add `setHeaders` public method in `Client\HttpMessage\Request` class
+
+
 ---
 
 ## [2.2.0](https://github.com/crowdsecurity/php-common/releases/tag/v2.2.0) - 2023-12-07

docs/DEVELOPER.md

@@ -10,20 +10,10 @@
 
 - [Local development](#local-development)
   - [DDEV setup](#ddev-setup)
-    - [DDEV installation](#ddev-installation)
-    - [Prepare DDEV PHP environment](#prepare-ddev-php-environment)
   - [DDEV Usage](#ddev-usage)
-    - [Use composer to update or install the lib](#use-composer-to-update-or-install-the-lib)
-    - [Unit test](#unit-test)
-    - [Coding standards](#coding-standards)
-      - [PHPCS Fixer](#phpcs-fixer)
-      - [PHPSTAN](#phpstan)
-      - [PHP Mess Detector](#php-mess-detector)
-      - [PHPCS and PHPCBF](#phpcs-and-phpcbf)
-      - [PSALM](#psalm)
-      - [PHP Unit Code coverage](#php-unit-code-coverage)
 - [Commit message](#commit-message)
   - [Allowed message `type` values](#allowed-message-type-values)
+- [Update documentation table of contents](#update-documentation-table-of-contents)
 - [Release process](#release-process)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
@@ -243,6 +233,24 @@ chmod +x .git/hooks/commit-msg
 - style (formatting; no production code change)
 - test (adding missing tests, refactoring tests; no production code change)
 
+
+## Update documentation table of contents
+
+To update the table of contents in the documentation, you can use [the `doctoc` tool](https://github.com/thlorenz/doctoc).
+
+First, install it:
+
+```bash
+npm install -g doctoc
+```
+
+Then, run it in the documentation folder:
+
+```bash
+doctoc docs/* --maxlevel 3  
+```
+
+
 ## Release process
 
 We are using [semantic versioning](https://semver.org/) to determine a version number. To verify the current tag, 

src/Client/AbstractClient.php

@@ -8,6 +8,7 @@
 use CrowdSec\Common\Client\HttpMessage\Response;
 use CrowdSec\Common\Client\RequestHandler\Curl;
 use CrowdSec\Common\Client\RequestHandler\RequestHandlerInterface;
+use CrowdSec\Common\Constants;
 use Monolog\Handler\NullHandler;
 use Monolog\Logger;
 use Psr\Log\LoggerInterface;
@@ -44,15 +45,20 @@ abstract class AbstractClient
      * @var string
      */
     private $url;
+    /**
+     * @var string
+     */
+    private $appSecUrl;
 
     public function __construct(
         array $configs,
-        RequestHandlerInterface $requestHandler = null,
-        LoggerInterface $logger = null
+        ?RequestHandlerInterface $requestHandler = null,
+        ?LoggerInterface $logger = null
     ) {
         $this->configs = $configs;
         $this->requestHandler = ($requestHandler) ?: new Curl($this->configs);
         $this->url = $this->getConfig('api_url');
+        $this->appSecUrl = $this->getConfig('app_sec_url');
         if (!$logger) {
             $logger = new Logger('null');
             $logger->pushHandler(new NullHandler());
@@ -82,9 +88,11 @@ public function getRequestHandler(): RequestHandlerInterface
         return $this->requestHandler;
     }
 
-    public function getUrl(): string
+    public function getUrl(string $type = Constants::TYPE_API): string
     {
-        return rtrim($this->url, '/') . '/';
+        $url = Constants::TYPE_APPSEC === $type ? $this->appSecUrl : $this->url;
+
+        return rtrim($url, '/') . '/';
     }
 
     /**
@@ -96,7 +104,8 @@ protected function request(
         string $method,
         string $endpoint,
         array $parameters = [],
-        array $headers = []
+        array $headers = [],
+        string $type = Constants::TYPE_API
     ): array {
         $method = strtoupper($method);
         if (!in_array($method, $this->allowedMethods)) {
@@ -106,7 +115,7 @@ protected function request(
         }
 
         $response = $this->sendRequest(
-            new Request($this->getFullUrl($endpoint), $method, $headers, $parameters)
+            new Request($this->getFullUrl($endpoint, $type), $method, $headers, $parameters)
         );
 
         return $this->formatResponseBody($response);
@@ -151,8 +160,8 @@ private function formatResponseBody(Response $response): array
         return $decoded;
     }
 
-    private function getFullUrl(string $endpoint): string
+    private function getFullUrl(string $endpoint, string $type = Constants::TYPE_API): string
     {
-        return $this->getUrl() . ltrim($endpoint, '/');
+        return $this->getUrl($type) . ltrim($endpoint, '/');
     }
 }

src/Client/HttpMessage/Request.php

@@ -62,4 +62,11 @@ public function getUri(): string
     {
         return $this->uri;
     }
+
+    public function setHeaders(array $headers): Request
+    {
+        $this->headers = $headers;
+
+        return $this;
+    }
 }

src/Constants.php

@@ -84,6 +84,14 @@ class Constants
      * @var string The CrowdSec range scope for decisions
      */
     public const SCOPE_RANGE = 'range';
+    /**
+     * @var string The API type
+     */
+    public const TYPE_API = 'api';
+    /**
+     * @var string The APPSEC type
+     */
+    public const TYPE_APPSEC = 'app_sec';
     /**
      * @var string The current version of this library
      */

tests/Constants.php

@@ -37,4 +37,6 @@ class Constants
     public const API_TIMEOUT = 25;
 
     public const API_URL = 'http://unit.crowdsec.net';
+
+    public const APPSEC_URL = 'http://unit-appsec.crowdsec.net';
 }

tests/Unit/AbstractClientTest.php

@@ -5,7 +5,7 @@
 namespace CrowdSec\Common\Tests\Unit;
 
 /**
- * Test for file storage.
+ * Test for client.
  *
  * @author    CrowdSec team
  *
@@ -26,7 +26,6 @@
 use CrowdSec\Common\Tests\PHPUnitUtil;
 use CrowdSec\Common\Tests\Unit\AbstractClient as TestAbstractClient;
 use Monolog\Logger;
-use PHPUnit\TextUI\XmlConfiguration\File;
 
 /**
  * @covers \CrowdSec\Common\Client\AbstractClient::__construct
@@ -55,11 +54,11 @@
  */
 final class AbstractClientTest extends TestAbstractClient
 {
-    protected $configs = ['api_url' => Constants::API_URL];
+    protected $configs = ['api_url' => Constants::API_URL, 'app_sec_url' => Constants::APPSEC_URL];
 
     public function testConstruct()
     {
-        $configs = array_merge($this->configs, ['api_url' => Constants::API_URL]);
+        $configs = $this->configs;
         $client = $this->getMockForAbstractClass(AbstractClient::class, [$configs]);
 
         $this->assertEquals(
@@ -70,6 +69,10 @@ public function testConstruct()
             Constants::API_URL,
             $client->getConfig('api_url'),
             'Config should be set');
+        $this->assertEquals(
+            Constants::APPSEC_URL,
+            $client->getConfig('app_sec_url'),
+            'Config should be set');
 
         $requestHandler = $client->getRequestHandler();
 
@@ -88,7 +91,7 @@ public function testConstruct()
             $client->getUrl(),
             'Url should have a trailing slash');
 
-        $configs = array_merge($this->configs, ['api_url' => Constants::API_URL]);
+        $configs = $this->configs;
         $requestHandler = $this->getFGCMock();
         $logger = new FileLog();
         $client = $this->getMockForAbstractClass(AbstractClient::class, [$configs, $requestHandler, $logger]);
@@ -113,7 +116,7 @@ public function testConstruct()
     public function testPrivateOrProtectedMethods()
     {
         // getFullUrl
-        $configs = array_merge($this->configs, ['api_url' => Constants::API_URL]);
+        $configs = $this->configs;
         $client = $this->getMockForAbstractClass(AbstractClient::class, [$configs]);
 
         $fullUrl = PHPUnitUtil::callMethod(
@@ -126,6 +129,16 @@ public function testPrivateOrProtectedMethods()
             $fullUrl,
             'Full Url should be ok'
         );
+        $fullUrl = PHPUnitUtil::callMethod(
+            $client,
+            'getFullUrl',
+            ['/test-endpoint', 'app_sec']
+        );
+        $this->assertEquals(
+            Constants::APPSEC_URL . '/test-endpoint',
+            $fullUrl,
+            'Full Url should be ok for AppSec'
+        );
         // formatResponseBody
         $jsonBody = json_encode(['message' => 'ok']);
 
@@ -277,7 +290,7 @@ public function testPrivateOrProtectedMethods()
 
     public function testSendRequest()
     {
-        $configs = array_merge($this->configs, ['api_url' => Constants::API_URL]);
+        $configs = $this->configs;
         $requestHandler = $this->getCurlMock(['handle']);
 
         $client = $this->getMockForAbstractClass(AbstractClient::class, [$configs, $requestHandler]);

tests/Unit/AbstractConfigurationTest.php

@@ -5,7 +5,7 @@
 namespace CrowdSec\Common\Tests\Unit;
 
 /**
- * Test for file storage.
+ * Test for configuration.
  *
  * @author    CrowdSec team
  *

tests/Unit/ConsoleLogTest.php

@@ -5,7 +5,7 @@
 namespace CrowdSec\Common\Tests\Unit;
 
 /**
- * Test for file storage.
+ * Test for console logger.
  *
  * @author    CrowdSec team
  *

tests/Unit/FileLogTest.php

@@ -5,7 +5,7 @@
 namespace CrowdSec\Common\Tests\Unit;
 
 /**
- * Test for file storage.
+ * Test for file logger.
  *
  * @author    CrowdSec team
  *

tests/Unit/RequestTest.php

@@ -25,6 +25,7 @@
  * @covers \CrowdSec\Common\Client\HttpMessage\Request::getUri
  * @covers \CrowdSec\Common\Client\HttpMessage\Request::__construct
  * @covers \CrowdSec\Common\Client\HttpMessage\AbstractMessage::getHeaders
+ * @covers \CrowdSec\Common\Client\HttpMessage\Request::setHeaders
  */
 final class RequestTest extends TestCase
 {
@@ -71,4 +72,26 @@ public function testConstructor()
             'Request headers should be set'
         );
     }
+
+    public function testSetHeaders()
+    {
+        $request = new Request(
+            'test-uri',
+            'POST',
+            ['test' => 'test', 'User-Agent' => TestConstants::USER_AGENT_SUFFIX],
+            ['foo' => 'bar']
+        );
+
+        $request->setHeaders(['test' => 'test2']);
+
+        $headers = $request->getHeaders();
+
+        $this->assertEquals(
+            [
+                'test' => 'test2',
+            ],
+            $headers,
+            'Request headers should be set'
+        );
+    }
 }