From dcd03435692fed71aa9ef401be91627be3d39815 Mon Sep 17 00:00:00 2001
From: imnyang <imnyang@proton.me>
Date: Sat, 31 May 2025 11:57:52 +0900
Subject: [PATCH] Dist conflicts resolve

---
 .gitignore                                 | 225 ++++++++++++++++++++-
 dist/plugin_package.zip                    | Bin 3712 -> 0 bytes
 dist/plugin_package/manifest.json          |  21 --
 dist/plugin_package/oauth-backend/index.js |  83 --------
 4 files changed, 224 insertions(+), 105 deletions(-)
 delete mode 100644 dist/plugin_package.zip
 delete mode 100644 dist/plugin_package/manifest.json
 delete mode 100644 dist/plugin_package/oauth-backend/index.js

diff --git a/.gitignore b/.gitignore
index 3c3629e..648628f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,224 @@
-node_modules
+# Created by https://www.toptal.com/developers/gitignore/api/node,macos,windows,linux
+# Edit at https://www.toptal.com/developers/gitignore?templates=node,macos,windows,linux
+
+### Linux ###
+*~
+
+# temporary files which can be created if a process still has a handle open of a deleted file
+.fuse_hidden*
+
+# KDE directory preferences
+.directory
+
+# Linux trash folder which might appear on any partition or disk
+.Trash-*
+
+# .nfs files are created when an open file is removed but is still being accessed
+.nfs*
+
+### macOS ###
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+### macOS Patch ###
+# iCloud generated files
+*.icloud
+
+### Node ###
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+.pnpm-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Snowpack dependency directory (https://snowpack.dev/)
+web_modules/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional stylelint cache
+.stylelintcache
+
+# Microbundle cache
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variable files
+.env
+.env.development.local
+.env.test.local
+.env.production.local
+.env.local
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+.parcel-cache
+
+# Next.js build output
+.next
+out
+
+# Nuxt.js build / generate output
+.nuxt
+dist
+
+# Gatsby files
+.cache/
+# Comment in the public line in if your project uses Gatsby and not Next.js
+# https://nextjs.org/blog/next-9-1#public-directory-support
+# public
+
+# vuepress build output
+.vuepress/dist
+
+# vuepress v2.x temp and cache directory
+.temp
+
+# Docusaurus cache and generated files
+.docusaurus
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# TernJS port file
+.tern-port
+
+# Stores VSCode versions used for testing VSCode extensions
+.vscode-test
+
+# yarn v2
+.yarn/cache
+.yarn/unplugged
+.yarn/build-state.yml
+.yarn/install-state.gz
+.pnp.*
+
+### Node Patch ###
+# Serverless Webpack directories
+.webpack/
+
+# Optional stylelint cache
+
+# SvelteKit build / generate output
+.svelte-kit
+
+### Windows ###
+# Windows thumbnail cache files
+Thumbs.db
+Thumbs.db:encryptable
+ehthumbs.db
+ehthumbs_vista.db
+
+# Dump file
+*.stackdump
+
+# Folder config file
+[Dd]esktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msix
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+#!dist/
+dist/*
+packages/frontend/dist
+packages/backend/dist
+#!dist/*.zip
+
+# End of https://www.toptal.com/developers/gitignore/api/node,macos,windows,linux
\ No newline at end of file
diff --git a/dist/plugin_package.zip b/dist/plugin_package.zip
deleted file mode 100644
index 9573ba39c2928d42322ad80411c36ddf032212da..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 3712
zcmWIWW@h1H;9y{2*ub<qiUA4mGB7aYCgx?Pr52ayWfkY=RdXpQC}pN7St%&xCzh6E
z=$4h{<mslQmZT<^<QFOFfTZ&hb5lVI{2fb6G8Do}bMh2iP!yD<78Pga=YiB1=o#o4
zLbRo%7AF^F7L-6`AX<tQAg1JI7ANQDrDdj<7A1mI=t1;=oRD9nWTgOdmx6*4%<AOC
zlGLJt%uKK<1qG$l+{DZrkbNmRi5ZE8=7tXGAQ8Rf{9Krl(ju^ejFOUqVk>?9^vsfs
z(j<@q{cM<FTnY-cU?1jW=4BUyY=v+Oa!S)P^FRX8TnY*bP{*JJR8nGcc4}S<)H($P
zrR>Z+a5!Q}z&wE=k(yUhR9TRpnO6ex3MBlYiu5z{Qc^4QvWgMr7nSCfWI|#hE3qsQ
z61YlW2i9^aD8zEr26(e`Twb>F&RIqV1`vj%15os%rvp9)1_o67AZoFt88HmCFt_RJ
zD-<LqXD6no7VE>@U0jq5b$dxMS7vTOeo=`+wL(Erer{%QYOz9Mu|it0LajntQGTw1
zQd+T+HB6BfNUk8UBm*i3Vj^Voi=o2#AT4EyMG8f!g{7&*CBBIT3bqRRS_%&F@d2Sh
zuJQ2-TKWokspSg3i3J*()?8_&dC8y@rjVJJS)x&#lC24j&*GG9z0|VQypm$Q{5;RR
zlGLK))Pj;Ah@l#Z#g%!<3Lw=+Iv|@g6>ROm+7uK@iYlQj1%>4Nyy6mt(xRN;lA_GK
zbOl?GTD|ntlF*_YklmofgQQBq7VNOlARi659!+a-3@RuTr(_%Hfeg&gN!82APuEC@
z24|H3aAJ&AfV(j@1!N1z?^X&b)o_Dq6W~T=rYUGBmKNpcfx-}!`t&mMl5<K^Qj0Z|
z^dVU+vno|dQ$bBl0k1kGO-+TO)RNMoJeVs%4lGe9NGwXsEk<}JI5n{-IU@ip3i6s>
zF<1cZAc(G_)RfGk)Z~)TqD%!_s2QNZ(ollQ#FrLjD#3Muy#bR7Ey~31mZH=`&lE(+
zd!`@)9+5=!ic?E8z$!t}33mqEDu@G<b23x&O2DQ;d<bzJL^wV(MM+b^-d;gTBR8|S
zI5RI@QwcRxic*UU^7D#QLn;eWF+2#7iZ7`w00lfgV={|_lN0k024o}_YbX^bC+4As
z3`80BFv%}1DJU&bu!Sd71%>>g%=FB>#GLrjq8uwkk_8oi&{PWce0*k#l>)@Wo+$`P
zSS)}d$Vvgm3oXh-R)XY3kQxXV6d2GHUJDB@<SYcs9%-35sR5we4@wy&8G2dynRy!d
z#d;;V1u2<D8k#z=3M#F%s!BIAub>oCfgu7#K_Rg`F|$M=tyr(TD6=HhEi)%o17@s_
zf>*G=pI$LIpJt|2YCwWWM<K5?Cr3xYNE4nEY88?bOOi7bG*XL-AVmcvd?1E{b7@*;
zUP@+Oda+(|QEFmIss^O8f+#D=EXhf=Qc#LcD~?qN2f0JREip4E6;V-u)FIW4RtgEu
z`K3823VHb@3SfsTl;kUb+zra!sYOM#35Y;eKxF-*)IwBoP*Iy&1h2^R3sUoRVKIfM
z(V=mnpiqnOF;t8wAHw~o5DTfwjTAu5g8ZV)DsV-v04+ilobz*XQj<$iJdWyZNHPPb
zIF)J$$1|mt3+84>T2rZp@k5I;L6VSU1<pvI07A}m$RP#I`=Eq~6i!8{B!v<zjIgH(
za9RMB9H0_AwWuh+NF%`&L@8wEDPUGAAlHJU6B_WKN*iJUuDS@~RgB6ARD=~5;H{Ft
zMIH7+5#(TSorNgAK_w%or~}tpP}jloWpPPjNhzqP2L&`pk#l}ZDx!#mn3j{D42gVD
z1z21FQs$AGn37tgp#+ms(zMr$Hi(540T6wVQWoJ5;_4Ad$w#n&RD`HQ&co0|;hR{X
zmy(*3T9OL#xn~O8%b@IqT-$-72$WqxH4!u*>}(Z`4GcgvCse>j!34sG`4rhgh&Pc^
zFeFYul{d%{>9AS}TCtSoW#{FW=OHQ<SeXV+YD5(~+OY~j(0W!OG{{rI7p<WUZMvgm
zO9chgj2R4$b5MGP__3DD2O7a3F_=GVx%{DZ3W|*&B}g8w<$@Imp+P<%IZ(SKqbM~E
zIkSSo9o(8j%dQ}Ck}@o|Vhw+!Q<}9Qc@*R^Y<atuE42dT0dPeOYJhUpT62M#>6{8d
zzs$KA7(h6{n~_O`0nuSYZo-2)Y@h}_0;6=_U|K=a*xL9YaRvqf1_lNWCd?K;s<p^Y
i0=4-edO@TKhF(|?Ai$fI4WxpZftg`90|Uc)uzLY(zDnBw

diff --git a/dist/plugin_package/manifest.json b/dist/plugin_package/manifest.json
deleted file mode 100644
index 18a8e47..0000000
--- a/dist/plugin_package/manifest.json
+++ /dev/null
@@ -1,21 +0,0 @@
-{
-  "id": "oauth-vuln-detector",
-  "name": "OAuth Vuln Detector",
-  "version": "0.0.1",
-  "description": "Detects OAuth misconfiguration.",
-  "author": {
-    "name": "caterpii",
-    "email": "dlaha171@gmail.com",
-    "url": "https://github.com/katerpii"
-  },
-  "links": {},
-  "plugins": [
-    {
-      "id": "oauth-backend",
-      "kind": "backend",
-      "name": "backend",
-      "entrypoint": "oauth-backend/index.js",
-      "runtime": "javascript"
-    }
-  ]
-}
\ No newline at end of file
diff --git a/dist/plugin_package/oauth-backend/index.js b/dist/plugin_package/oauth-backend/index.js
deleted file mode 100644
index d244654..0000000
--- a/dist/plugin_package/oauth-backend/index.js
+++ /dev/null
@@ -1,83 +0,0 @@
-// packages/backend/src/index.ts
-import { promises as fs } from "fs";
-import * as path from "path";
-import os from "os";
-var requestMap = /* @__PURE__ */ new Map();
-function init(sdk) {
-  sdk.events.onInterceptRequest(async (sdk2, req) => {
-    try {
-      const urlString = req.getUrl();
-      const url = new URL(urlString);
-      sdk2.console.log(`[OAuthPlugin] Intercepted request: ${urlString}`);
-      if (!url.pathname.includes("/authorize") && !url.pathname.includes("/auth")) return;
-      const params = new URLSearchParams(url.search);
-      const redirectUri = params.get("redirect_uri");
-      if (!redirectUri) return;
-      const reqId = req.getId();
-      requestMap.set(reqId, redirectUri);
-      const clientId = params.get("client_id") ?? "(missing)";
-      const responseType = params.get("response_type") ?? "(missing)";
-      const isScan = params.has("scan");
-      if (isScan) return;
-      const output = {
-        original_url: urlString,
-        client_id: clientId,
-        redirect_uri: redirectUri,
-        response_type: responseType
-      };
-      try {
-        const filePath = path.join(os.tmpdir(), "oauth-fuzz-input.json");
-        await fs.writeFile(filePath, JSON.stringify(output, null, 2));
-      } catch (err) {
-        await sdk2.findings.create({
-          title: "[fs] Write Failed",
-          description: `Could not write to file: ${err}`,
-          request: req,
-          reporter: "oauth-open-redirect-detector"
-        });
-      }
-      await sdk2.findings.create({
-        title: "[ ] OAuth2 Authorization Request Collected",
-        description: `client_id: ${clientId}
-redirect_uri: ${redirectUri}
-response_type: ${responseType}`,
-        request: req,
-        reporter: "oauth-open-redirect-detector"
-      });
-    } catch (err) {
-      sdk2.console.error(`Error in onInterceptRequest: ${err}`);
-    }
-  });
-  sdk.events.onInterceptResponse(async (sdk2, req, resp) => {
-    try {
-      const reqId = req.getId();
-      const url = new URL(req.getUrl());
-      const status = resp.getCode();
-      const location = resp.getHeader("location")?.[0];
-      const params = new URLSearchParams(url.search);
-      const isScan = params.has("scan");
-      if (!isScan) {
-        requestMap.delete(reqId);
-        return;
-      }
-      if (status >= 300 && status < 400 && location) {
-        const redirectUri = requestMap.get(reqId) ?? "(unknown)";
-        await sdk2.findings.create({
-          title: "[+] Redirect URI Misconfiguration Detected",
-          description: `Status: ${status}
-Location: ${location}
-Original Redirect URI: ${redirectUri}
-Request URL: ${url.href}`,
-          request: req,
-          reporter: "oauth-open-redirect-detector"
-        });
-      }
-      requestMap.delete(reqId);
-    } catch (err) {
-      sdk2.console.error(`Error in onInterceptResponse: ${err}`);
-    }
-  });
-}
-export {
-  init
-};