skillfile-sources 1.5.0

Source fetching and caching for skillfile: resolver, strategies, sync
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400

use std::process::Command;
use std::sync::OnceLock;

use skillfile_core::error::SkillfileError;

// ---------------------------------------------------------------------------
// GitHub token discovery (cached for process lifetime)
// ---------------------------------------------------------------------------

static TOKEN_CACHE: OnceLock<Option<String>> = OnceLock::new();

/// Token injected from the CLI config file before any command runs.
///
/// The CLI crate reads the config file and calls [`set_config_token`] once at
/// startup. This keeps the `sources` crate free of any dependency on `cli`.
static CONFIG_TOKEN: OnceLock<Option<String>> = OnceLock::new();

/// Inject a GitHub token read from the user config file.
///
/// Must be called before the first use of [`github_token`]. Subsequent calls
/// are ignored (the `OnceLock` is already set).
pub fn set_config_token(token: Option<String>) {
    let _ = CONFIG_TOKEN.set(token);
}

/// Opaque GitHub token handle.
///
/// The raw token string is **not publicly accessible**. The only way to
/// extract it is [`GithubToken::for_url`], which gates on
/// `is_github_url` — making it structurally impossible to leak the
/// token to non-GitHub domains.
pub struct GithubToken(Option<&'static str>);

impl GithubToken {
    /// Extract the token string only for GitHub domains.
    ///
    /// Returns `None` when the URL is not a GitHub domain or when no
    /// token is available. This is the **only** way to obtain the raw
    /// token value.
    #[must_use]
    pub fn for_url(&self, url: &str) -> Option<&'static str> {
        is_github_url(url).then_some(self.0).flatten()
    }
}

/// Discover a GitHub token from environment or `gh` CLI. Cached after first call.
///
/// Returns an opaque [`GithubToken`] — the raw value can only be
/// extracted via [`GithubToken::for_url`] for GitHub domains.
#[must_use]
pub fn github_token() -> GithubToken {
    GithubToken(TOKEN_CACHE.get_or_init(discover_github_token).as_deref())
}

fn env_token(name: &str) -> Option<String> {
    std::env::var(name).ok().filter(|t| !t.is_empty())
}

fn gh_cli_token() -> Option<String> {
    let output = Command::new("gh").args(["auth", "token"]).output().ok()?;
    if !output.status.success() {
        return None;
    }
    let token = String::from_utf8_lossy(&output.stdout).trim().to_string();
    (!token.is_empty()).then_some(token)
}

fn discover_github_token() -> Option<String> {
    if let Some(token) = env_token("GITHUB_TOKEN") {
        return Some(token);
    }
    if let Some(token) = env_token("GH_TOKEN") {
        return Some(token);
    }
    // Config-file token injected by the CLI crate before commands run.
    if let Some(Some(token)) = CONFIG_TOKEN.get() {
        if !token.is_empty() {
            return Some(token.clone());
        }
    }
    gh_cli_token()
}

// ---------------------------------------------------------------------------
// HttpClient trait — abstraction over HTTP GET for testability
// ---------------------------------------------------------------------------

pub struct BearerPost<'a> {
    pub url: &'a str,
    pub body: &'a str,
    pub token: &'a str,
}

/// Contract for HTTP GET requests used by the fetcher/resolver layer.
///
/// Implementations are responsible for:
/// - Setting standard headers (User-Agent, Authorization)
/// - Connection pooling / agent reuse
/// - Error mapping to [`SkillfileError`]
///
/// The trait has three methods covering the HTTP patterns in this codebase:
/// - `get_bytes`: raw file downloads (content from `raw.githubusercontent.com`)
/// - `get_json`: GitHub API calls that may return 4xx gracefully
/// - `post_json`: POST with JSON body (used by some registry APIs)
pub trait HttpClient: Send + Sync {
    /// Returns `Err(SkillfileError::Network)` on HTTP errors (including 404).
    fn get_bytes(&self, url: &str) -> Result<Vec<u8>, SkillfileError>;

    /// GET a URL with `Accept: application/vnd.github.v3+json` header.
    ///
    /// Returns `Ok(None)` on 4xx client errors (used for tentative lookups
    /// like SHA resolution where a missing ref is not fatal).
    /// Returns `Err` on network/server errors.
    fn get_json(&self, url: &str) -> Result<Option<String>, SkillfileError>;

    /// POST a JSON body to a URL and return the response body as bytes.
    ///
    /// Returns `Err(SkillfileError::Network)` on HTTP or network errors.
    fn post_json(&self, url: &str, body: &str) -> Result<Vec<u8>, SkillfileError>;

    /// POST with a custom `Authorization: Bearer` header (for non-GitHub APIs).
    ///
    /// Default: ignores the token and delegates to [`post_json`](Self::post_json).
    /// Test mocks use this default; [`UreqClient`] overrides to send the header.
    ///
    /// # Note
    /// The extra `token` parameter is required by non-GitHub registry APIs (e.g.
    /// skillhub.club).
    fn post_json_with_bearer(&self, req: &BearerPost<'_>) -> Result<Vec<u8>, SkillfileError> {
        self.post_json(req.url, req.body)
    }
}

// ---------------------------------------------------------------------------
// GitHub URL allowlist — tokens must never leave GitHub domains
// ---------------------------------------------------------------------------

/// Returns `true` if `url` targets a GitHub domain that should receive the
/// GitHub `Authorization` header.
///
/// Only exact host matches are accepted — subdomain tricks like
/// `api.github.com.evil.com` are rejected.
fn is_github_url(url: &str) -> bool {
    // Accept both https:// and http:// schemes. In practice only HTTPS URLs
    // are constructed, but accepting HTTP is fail-safe: the token is attached
    // only if the *host* matches, and ureq will negotiate TLS regardless.
    let host = url
        .strip_prefix("https://")
        .or_else(|| url.strip_prefix("http://"))
        .and_then(|s| s.split('/').next())
        .unwrap_or("");
    matches!(host, "api.github.com" | "raw.githubusercontent.com")
}

// ---------------------------------------------------------------------------
// UreqClient — the production implementation backed by ureq
// ---------------------------------------------------------------------------

fn read_response_text(body: &mut ureq::Body, url: &str) -> Result<String, SkillfileError> {
    body.read_to_string()
        .map_err(|e| SkillfileError::Network(format!("failed to read response from {url}: {e}")))
}

/// Production HTTP client backed by `ureq::Agent`.
///
/// Attaches `User-Agent` to every request. GitHub `Authorization` header
/// is only sent to GitHub domains (`api.github.com`,
/// `raw.githubusercontent.com`) — never to third-party registries.
pub struct UreqClient {
    agent: ureq::Agent,
}

impl UreqClient {
    pub fn new() -> Self {
        let config = ureq::config::Config::builder()
            // Preserve Authorization header on same-host HTTPS redirects.
            // GitHub returns 301 for renamed repos (api.github.com -> api.github.com);
            // the default (Never) strips auth, causing 401 on the redirect target.
            .redirect_auth_headers(ureq::config::RedirectAuthHeaders::SameHost)
            .build();
        Self {
            agent: ureq::Agent::new_with_config(config),
        }
    }

    fn build_get(&self, url: &str) -> ureq::RequestBuilder<ureq::typestate::WithoutBody> {
        let mut req = self.agent.get(url).header("User-Agent", "skillfile/1.0");
        if let Some(token) = github_token().for_url(url) {
            req = req.header("Authorization", &format!("Bearer {token}"));
        }
        req
    }

    fn build_post(&self, url: &str) -> ureq::RequestBuilder<ureq::typestate::WithBody> {
        let mut req = self.agent.post(url).header("User-Agent", "skillfile/1.0");
        if let Some(token) = github_token().for_url(url) {
            req = req.header("Authorization", &format!("Bearer {token}"));
        }
        req
    }
}

impl Default for UreqClient {
    fn default() -> Self {
        Self::new()
    }
}

impl HttpClient for UreqClient {
    fn get_bytes(&self, url: &str) -> Result<Vec<u8>, SkillfileError> {
        let mut response = self.build_get(url).call().map_err(|e| match &e {
            ureq::Error::StatusCode(404) => SkillfileError::Network(format!(
                "HTTP 404: {url} not found — check that the path exists in the upstream repo"
            )),
            ureq::Error::StatusCode(code) => {
                SkillfileError::Network(format!("HTTP {code} fetching {url}"))
            }
            _ => SkillfileError::Network(format!("{e} fetching {url}")),
        })?;
        response.body_mut().read_to_vec().map_err(|e| {
            SkillfileError::Network(format!("failed to read response from {url}: {e}"))
        })
    }

    fn get_json(&self, url: &str) -> Result<Option<String>, SkillfileError> {
        let result = self
            .build_get(url)
            .header("Accept", "application/vnd.github.v3+json")
            .call();

        match result {
            Ok(mut response) => read_response_text(response.body_mut(), url).map(Some),
            // 404/422 = ref or repo doesn't exist (tentative lookup, not fatal).
            // 403 = rate-limited or forbidden; 401 = bad token — surface these.
            Err(ureq::Error::StatusCode(code)) if code == 404 || code == 422 => Ok(None),
            Err(ureq::Error::StatusCode(403)) => Err(SkillfileError::Network(format!(
                "HTTP 403 fetching {url} — you may be rate-limited. \
                 Set GITHUB_TOKEN or run `gh auth login` to authenticate."
            ))),
            Err(e) => Err(SkillfileError::Network(format!("{e} fetching {url}"))),
        }
    }

    fn post_json(&self, url: &str, body: &str) -> Result<Vec<u8>, SkillfileError> {
        let mut response = self
            .build_post(url)
            .header("Content-Type", "application/json")
            .send(body.as_bytes())
            .map_err(|e| match &e {
                ureq::Error::StatusCode(code) => {
                    SkillfileError::Network(format!("HTTP {code} posting to {url}"))
                }
                _ => SkillfileError::Network(format!("{e} posting to {url}")),
            })?;
        response.body_mut().read_to_vec().map_err(|e| {
            SkillfileError::Network(format!("failed to read response from {url}: {e}"))
        })
    }

    fn post_json_with_bearer(&self, req: &BearerPost<'_>) -> Result<Vec<u8>, SkillfileError> {
        let (url, token) = (req.url, req.token);
        let mut response = self
            .agent
            .post(url)
            .header("User-Agent", "skillfile/1.0")
            .header("Content-Type", "application/json")
            .header("Authorization", &format!("Bearer {token}"))
            .send(req.body.as_bytes())
            .map_err(|e| match &e {
                ureq::Error::StatusCode(code) => {
                    SkillfileError::Network(format!("HTTP {code} posting to {url}"))
                }
                _ => SkillfileError::Network(format!("{e} posting to {url}")),
            })?;
        response.body_mut().read_to_vec().map_err(|e| {
            SkillfileError::Network(format!("failed to read response from {url}: {e}"))
        })
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn ureq_client_default_creates_successfully() {
        let _client = UreqClient::default();
    }

    /// Verify that `set_config_token` populates `CONFIG_TOKEN`.
    ///
    /// `OnceLock` can only be written once per process; this test confirms the
    /// happy-path write succeeds (or that a prior write is already present).
    #[test]
    fn set_config_token_populates_cache() {
        set_config_token(Some("test-token-abc".to_string()));
        // Either we just set it, or a previous test already set it.
        // Either way the lock must be initialised.
        assert!(CONFIG_TOKEN.get().is_some());
    }

    // -- GithubToken newtype tests -----------------------------------------------
    //
    // Test the opaque wrapper that makes it structurally impossible to
    // extract the raw token without providing a GitHub URL.

    #[test]
    fn github_token_type_for_url_rejects_registries() {
        let token = GithubToken(Some("ghp_secret"));
        assert!(token.for_url("https://agentskill.sh/api/search").is_none());
        assert!(token.for_url("https://skills.sh/api/search").is_none());
        assert!(token
            .for_url("https://www.skillhub.club/api/v1/skills/search")
            .is_none());
    }

    #[test]
    fn github_token_type_for_url_allows_github() {
        let token = GithubToken(Some("ghp_secret"));
        assert_eq!(
            token.for_url("https://api.github.com/repos/o/r"),
            Some("ghp_secret")
        );
        assert_eq!(
            token.for_url("https://raw.githubusercontent.com/o/r/HEAD/f"),
            Some("ghp_secret")
        );
    }

    #[test]
    fn github_token_type_for_url_returns_none_without_token() {
        let token = GithubToken(None);
        assert!(token.for_url("https://api.github.com/repos/o/r").is_none());
    }

    // -- is_github_url tests (token leakage prevention) -----------------------

    #[test]
    fn github_api_url_is_github() {
        assert!(is_github_url("https://api.github.com/repos/owner/repo"));
    }

    #[test]
    fn github_raw_url_is_github() {
        assert!(is_github_url(
            "https://raw.githubusercontent.com/owner/repo/main/file.md"
        ));
    }

    #[test]
    fn github_api_root_is_github() {
        assert!(is_github_url("https://api.github.com/"));
    }

    #[test]
    fn agentskill_url_is_not_github() {
        assert!(!is_github_url(
            "https://agentskill.sh/api/agent/search?q=test"
        ));
    }

    #[test]
    fn skillssh_url_is_not_github() {
        assert!(!is_github_url("https://skills.sh/api/search?q=test"));
    }

    #[test]
    fn skillhub_url_is_not_github() {
        assert!(!is_github_url(
            "https://www.skillhub.club/api/v1/skills/search"
        ));
    }

    #[test]
    fn spoofed_github_subdomain_is_not_github() {
        assert!(!is_github_url("https://api.github.com.evil.com/repos"));
    }

    #[test]
    fn spoofed_raw_subdomain_is_not_github() {
        assert!(!is_github_url(
            "https://raw.githubusercontent.com.evil.com/file"
        ));
    }

    #[test]
    fn empty_url_is_not_github() {
        assert!(!is_github_url(""));
    }

    #[test]
    fn bare_domain_is_not_github() {
        assert!(!is_github_url("api.github.com/repos"));
    }

    #[test]
    fn http_github_url_is_github() {
        assert!(is_github_url("http://api.github.com/repos/owner/repo"));
    }
}