#!/usr/bin/env bash
set -euo pipefail

usage() {
  cat <<'EOF'
Usage:
  api-recon.sh <base_url>

Examples:
  api-recon.sh https://target
  api-recon.sh https://target/api
EOF
}

[[ $# -eq 1 ]] || { usage >&2; exit 2; }
BASE="${1%/}"

echo "[*] Base: $BASE"
echo
echo "[*] Docs / schema paths"
for p in /openapi.json /swagger.json /swagger /swagger-ui /api/docs /docs /redoc /graphql /api/graphql; do
  code=$(curl -sk -o /dev/null -w "%{http_code}" "$BASE$p" || true)
  printf "%-24s %s\n" "$p" "$code"
done

echo
echo "[*] OPTIONS probes"
for p in / /api /api/users /graphql; do
  echo "== $BASE$p =="
  curl -sk -X OPTIONS -D - -o /dev/null "$BASE$p" | sed -n '1,12p'
  echo
done

echo "[*] CORS probe"
curl -sk -D - -o /dev/null "$BASE/api" -H 'Origin: https://evil.example' | sed -n '1,20p' || true
echo

echo "[*] GraphQL __typename probe"
curl -sk "$BASE/graphql" \
  -H 'Content-Type: application/json' \
  -d '{"query":"query{__typename}"}' || true
echo