@abgov/nx-adsp 12.13.0 → 12.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/generators/angular-app/angular-app.js +19 -10
- package/src/generators/angular-app/angular-app.js.map +1 -1
- package/src/generators/angular-app/schema.d.ts +1 -0
- package/src/generators/angular-app/schema.json +5 -0
- package/src/generators/express-service/express-service.js +27 -7
- package/src/generators/express-service/express-service.js.map +1 -1
- package/src/generators/express-service/files/src/environment.ts__tmpl__ +2 -2
- package/src/generators/express-service/files/src/events.ts__tmpl__ +1 -1
- package/src/generators/express-service/files/src/main.ts__tmpl__ +17 -0
- package/src/generators/mean/mean.js +19 -11
- package/src/generators/mean/mean.js.map +1 -1
- package/src/generators/mern/mern.js +19 -11
- package/src/generators/mern/mern.js.map +1 -1
- package/src/generators/react-app/files/src/app/app.tsx__tmpl__ +3 -3
- package/src/generators/react-app/files/src/declarations.d.ts__tmpl__ +1 -0
- package/src/generators/react-app/react-app.js +19 -10
- package/src/generators/react-app/react-app.js.map +1 -1
- package/src/generators/react-app/schema.d.ts +1 -0
- package/src/generators/react-app/schema.json +5 -0
- package/src/utils/keycloak-admin.d.ts +27 -0
- package/src/utils/keycloak-admin.js +288 -0
- package/src/utils/keycloak-admin.js.map +1 -0
package/package.json
CHANGED
|
@@ -4,6 +4,7 @@ exports.default = default_1;
|
|
|
4
4
|
const tslib_1 = require("tslib");
|
|
5
5
|
const nx_oc_1 = require("@abgov/nx-oc");
|
|
6
6
|
const agent_1 = require("../../utils/agent");
|
|
7
|
+
const keycloak_admin_1 = require("../../utils/keycloak-admin");
|
|
7
8
|
const plugin_version_1 = require("../../utils/plugin-version");
|
|
8
9
|
const devkit_1 = require("@nx/devkit");
|
|
9
10
|
const path = require("path");
|
|
@@ -54,14 +55,14 @@ function addFiles(host, options) {
|
|
|
54
55
|
}
|
|
55
56
|
function default_1(host, options) {
|
|
56
57
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
57
|
-
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o;
|
|
58
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p;
|
|
58
59
|
const normalizedOptions = yield normalizeOptions(host, options);
|
|
59
60
|
const { applicationGenerator: initAngular } = yield Promise.resolve().then(() => require('@nx/angular/generators'));
|
|
60
61
|
yield initAngular(host, {
|
|
61
62
|
name: options.name,
|
|
62
63
|
prefix: normalizedOptions.projectName,
|
|
63
64
|
linter: 'none',
|
|
64
|
-
directory:
|
|
65
|
+
directory: normalizedOptions.projectRoot,
|
|
65
66
|
skipFormat: true,
|
|
66
67
|
});
|
|
67
68
|
(0, devkit_1.addDependenciesToPackageJson)(host, {
|
|
@@ -79,7 +80,6 @@ function default_1(host, options) {
|
|
|
79
80
|
for (const file of ['app.ts', 'app.html', 'app.css', 'app.spec.ts', 'nx-welcome.ts']) {
|
|
80
81
|
host.delete(`${normalizedOptions.projectRoot}/src/app/${file}`);
|
|
81
82
|
}
|
|
82
|
-
const layout = (0, devkit_1.getWorkspaceLayout)(host);
|
|
83
83
|
const config = (0, devkit_1.readProjectConfiguration)(host, options.name);
|
|
84
84
|
// Remove the generated fileReplacements for production — single environment.ts
|
|
85
85
|
// is pre-populated from tenant config at generation time.
|
|
@@ -91,7 +91,7 @@ function default_1(host, options) {
|
|
|
91
91
|
`${normalizedOptions.projectRoot}/src/silent-check-sso.html`,
|
|
92
92
|
{
|
|
93
93
|
glob: 'nginx.conf',
|
|
94
|
-
input:
|
|
94
|
+
input: normalizedOptions.projectRoot,
|
|
95
95
|
output: './',
|
|
96
96
|
},
|
|
97
97
|
] });
|
|
@@ -101,13 +101,22 @@ function default_1(host, options) {
|
|
|
101
101
|
}
|
|
102
102
|
(0, devkit_1.updateProjectConfiguration)(host, options.name, config);
|
|
103
103
|
yield (0, devkit_1.formatFiles)(host);
|
|
104
|
-
if (normalizedOptions.adsp
|
|
104
|
+
if (normalizedOptions.adsp) {
|
|
105
105
|
const accessToken = (_c = normalizedOptions.adsp.accessToken) !== null && _c !== void 0 ? _c : options.accessToken;
|
|
106
|
-
const
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
106
|
+
const clientId = `urn:ads:${normalizedOptions.adsp.tenant}:${normalizedOptions.projectName}`;
|
|
107
|
+
yield (0, keycloak_admin_1.ensurePublicClient)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, clientId, accessToken);
|
|
108
|
+
if (options.serviceClientId) {
|
|
109
|
+
yield (0, keycloak_admin_1.ensureAudienceMapper)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, clientId, options.serviceClientId, accessToken);
|
|
110
|
+
yield (0, keycloak_admin_1.ensureClientRoleScope)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, clientId, options.serviceClientId, 'example-role', accessToken);
|
|
111
|
+
}
|
|
112
|
+
}
|
|
113
|
+
if (normalizedOptions.adsp && !options.skipAgent) {
|
|
114
|
+
const accessToken = (_d = normalizedOptions.adsp.accessToken) !== null && _d !== void 0 ? _d : options.accessToken;
|
|
115
|
+
const appComponentTs = (_f = (_e = host.read(`${normalizedOptions.projectRoot}/src/app/app.component.ts`)) === null || _e === void 0 ? void 0 : _e.toString()) !== null && _f !== void 0 ? _f : '';
|
|
116
|
+
const appComponentHtml = (_h = (_g = host.read(`${normalizedOptions.projectRoot}/src/app/app.component.html`)) === null || _g === void 0 ? void 0 : _g.toString()) !== null && _h !== void 0 ? _h : '';
|
|
117
|
+
const appConfigTs = (_k = (_j = host.read(`${normalizedOptions.projectRoot}/src/app/app.config.ts`)) === null || _j === void 0 ? void 0 : _j.toString()) !== null && _k !== void 0 ? _k : '';
|
|
118
|
+
const appRoutesTs = (_m = (_l = host.read(`${normalizedOptions.projectRoot}/src/app/app.routes.ts`)) === null || _l === void 0 ? void 0 : _l.toString()) !== null && _m !== void 0 ? _m : '';
|
|
119
|
+
const environmentTs = (_p = (_o = host.read(`${normalizedOptions.projectRoot}/src/environments/environment.ts`)) === null || _o === void 0 ? void 0 : _o.toString()) !== null && _p !== void 0 ? _p : '';
|
|
111
120
|
yield (0, agent_1.confirmAfterAgentInterrupt)(yield (0, agent_1.consultAgent)(normalizedOptions.adsp.directoryServiceUrl, accessToken, {
|
|
112
121
|
projectName: normalizedOptions.projectName,
|
|
113
122
|
projectType: 'angular-app',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"angular-app.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/angular-app/angular-app.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"angular-app.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/angular-app/angular-app.ts"],"names":[],"mappings":";;AAiGA,4BAuIC;;AAxOD,wCAAyE;AACzE,6CAA6E;AAC7E,+DAA6G;AAC7G,+DAA4D;AAC5D,uCAYoB;AACpB,6BAA6B;AAG7B,SAAe,gBAAgB,CAC7B,IAAU,EACV,OAAkC;;QAElC,MAAM,WAAW,GAAG,IAAA,cAAK,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC;QACjD,MAAM,WAAW,GAAG,GAAG,IAAA,2BAAkB,EAAC,IAAI,CAAC,CAAC,OAAO,IAAI,WAAW,EAAE,CAAC;QACzE,MAAM,kBAAkB,GAAG,cAAc,WAAW,EAAE,CAAC;QAEvD,MAAM,IAAI,GAAG,MAAM,IAAA,4BAAoB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAEvD,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC;YAC/C,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC;YACpB,CAAC,CAAC,OAAO,CAAC,KAAK;gBACf,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;gBACjB,CAAC,CAAC,EAAE,CAAC;QAEP,uCACK,OAAO,KACV,WAAW;YACX,WAAW;YACX,kBAAkB;YAClB,IAAI;YACJ,YAAY,IACZ;IACJ,CAAC;CAAA;AAED,SAAS,QAAQ,CAAC,IAAU,EAAE,OAAyB;IACrD,MAAM,eAAe,+DAChB,OAAO,GACP,OAAO,CAAC,IAAI,GACZ,IAAA,cAAK,EAAC,OAAO,CAAC,IAAI,CAAC,KACtB,cAAc,EAAE,IAAA,uBAAc,EAAC,OAAO,CAAC,WAAW,CAAC,EACnD,IAAI,EAAE,EAAE,GACT,CAAC;IACF,IAAA,sBAAa,EACX,IAAI,EACJ,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,EAC7B,OAAO,CAAC,WAAW,EACnB,eAAe,CAChB,CAAC;IACF,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC;IACrD,IAAI,YAAY,EAAE,CAAC;QACjB,mDAAmD;QACnD,6CAA6C;QAC7C,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC,MAAM,CAC9C,CAAC,SAAS,EAAE,UAAU,EAAE,EAAE;YACxB,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YAElD,MAAM,KAAK,GAAG;gBACZ,MAAM,EAAE,GAAG,WAAW,CAAC,QAAQ,cAC7B,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAC9C,EAAE;gBACF,MAAM,EAAE,WAAW,CAAC,QAAQ,KAAK,QAAQ;gBACzC,YAAY,EAAE,KAAK;gBACnB,WAAW,EAAE,EAAE;aAChB,CAAC;YAEF,8DAA8D;YAC9D,IAAI,WAAW,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,CAAC,WAAW,GAAG;oBAClB,CAAC,IAAI,UAAU,CAAC,QAAQ,EAAE,CAAC,EAAE,WAAW,CAAC,QAAQ;iBAClD,CAAC;YACJ,CAAC;YAED,uCACK,SAAS,KACZ,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,KAAK,IAC5B;QACJ,CAAC,EACD,EAAE,CACH,CAAC;QACF,IAAA,kBAAS,EAAC,IAAI,EAAE,GAAG,OAAO,CAAC,WAAW,kBAAkB,EAAE,YAAY,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAGD,mBAA+B,IAAU,EAAE,OAAkC;;;QAC3E,MAAM,iBAAiB,GAAG,MAAM,gBAAgB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAEhE,MAAM,EAAE,oBAAoB,EAAE,WAAW,EAAE,GAAG,2CAC5C,wBAAwB,EACzB,CAAC;QACF,MAAM,WAAW,CAAC,IAAI,EAAE;YACtB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,MAAM,EAAE,iBAAiB,CAAC,WAAW;YACrC,MAAM,EAAE,MAAM;YACd,SAAS,EAAE,iBAAiB,CAAC,WAAW;YACxC,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;QAEH,IAAA,qCAA4B,EAC1B,IAAI,EACJ;YACE,2BAA2B,EAAE,OAAO;YACpC,sBAAsB,EAAE,OAAO;YAC/B,6BAA6B,EAAE,QAAQ;YACvC,uBAAuB,EAAE,QAAQ;YACjC,kBAAkB,EAAE,SAAS;YAC7B,aAAa,EAAE,SAAS;YACxB,SAAS,EAAE,SAAS;SACrB,EACD,EAAE,CACH,CAAC;QAEF,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;QAErD,gFAAgF;QAChF,8DAA8D;QAC9D,KAAK,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,eAAe,CAAC,EAAE,CAAC;YACrF,IAAI,CAAC,MAAM,CAAC,GAAG,iBAAiB,CAAC,WAAW,YAAY,IAAI,EAAE,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,MAAM,GAAG,IAAA,iCAAwB,EAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;QAE5D,+EAA+E;QAC/E,0DAA0D;QAC1D,IAAI,MAAA,MAAA,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,0CAAE,UAAU,0CAAE,gBAAgB,EAAE,CAAC;YACtE,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,gBAAgB,CAAC;QACzE,CAAC;QAED,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,mCACvB,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,KAC/B,SAAS,EAAE,CAAC,SAAS,CAAC,EACtB,MAAM,EAAE;gBACN,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM;gBACtC,GAAG,iBAAiB,CAAC,WAAW,4BAA4B;gBAC5D;oBACE,IAAI,EAAE,YAAY;oBAClB,KAAK,EAAE,iBAAiB,CAAC,WAAW;oBACpC,MAAM,EAAE,IAAI;iBACb;aACF,GACF,CAAC;QAEF,IAAI,UAAU,EAAE,CAAC;YACf,oEAAoE;YACpE,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,mCACvB,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,KAC/B,WAAW,EAAE,GAAG,iBAAiB,CAAC,WAAW,kBAAkB,GAChE,CAAC;QACJ,CAAC;QAED,IAAA,mCAA0B,EAAC,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAEvD,MAAM,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;QAExB,IAAI,iBAAiB,CAAC,IAAI,EAAE,CAAC;YAC3B,MAAM,WAAW,GAAG,MAAA,iBAAiB,CAAC,IAAI,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC;YAC9E,MAAM,QAAQ,GAAG,WAAW,iBAAiB,CAAC,IAAI,CAAC,MAAM,IAAI,iBAAiB,CAAC,WAAW,EAAE,CAAC;YAC7F,MAAM,IAAA,mCAAkB,EACtB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,QAAQ,EACR,WAAW,CACZ,CAAC;YACF,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;gBAC5B,MAAM,IAAA,qCAAoB,EACxB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,QAAQ,EACR,OAAO,CAAC,eAAe,EACvB,WAAW,CACZ,CAAC;gBACF,MAAM,IAAA,sCAAqB,EACzB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,QAAQ,EACR,OAAO,CAAC,eAAe,EACvB,cAAc,EACd,WAAW,CACZ,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,iBAAiB,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YACjD,MAAM,WAAW,GAAG,MAAA,iBAAiB,CAAC,IAAI,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC;YAC9E,MAAM,cAAc,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,2BAA2B,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YAChH,MAAM,gBAAgB,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,6BAA6B,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YACpH,MAAM,WAAW,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,wBAAwB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YAC1G,MAAM,WAAW,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,wBAAwB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YAC1G,MAAM,aAAa,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,kCAAkC,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YACtH,MAAM,IAAA,kCAA0B,EAAC,MAAM,IAAA,oBAAY,EACjD,iBAAiB,CAAC,IAAI,CAAC,mBAAmB,EAC1C,WAAW,EACX;gBACE,WAAW,EAAE,iBAAiB,CAAC,WAAW;gBAC1C,WAAW,EAAE,aAAa;gBAC1B,MAAM,EAAE,iBAAiB,CAAC,IAAI,CAAC,MAAM;gBACrC,aAAa,EAAE,+BAAc;gBAC7B,aAAa,EAAE;oBACb,0BAA0B,EAAE,cAAc;oBAC1C,4BAA4B,EAAE,gBAAgB;oBAC9C,uBAAuB,EAAE,WAAW;oBACpC,uBAAuB,EAAE,WAAW;oBACpC,iCAAiC,EAAE,aAAa;iBACjD;aACF,EACD,IAAI,EACJ,iBAAiB,CAAC,WAAW,CAC9B,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAA,2BAAmB,EAAC,IAAI,kCACzB,iBAAiB,KACpB,OAAO,EAAE,UAAU,EACnB,OAAO,EAAE,iBAAiB,CAAC,WAAW,IACtC,CAAC;QAEH,OAAO,GAAG,EAAE;YACV,IAAA,4BAAmB,EAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC;IACJ,CAAC;CAAA"}
|
|
@@ -7,6 +7,7 @@ export interface AngularAppGeneratorSchema {
|
|
|
7
7
|
accessToken?: string;
|
|
8
8
|
tenant?: string;
|
|
9
9
|
tenantRealm?: string;
|
|
10
|
+
serviceClientId?: string;
|
|
10
11
|
proxy?: NginxProxyConfiguration | NginxProxyConfiguration[];
|
|
11
12
|
/** When true, skip the agent interaction. Used by composite generators that run the agent themselves. */
|
|
12
13
|
skipAgent?: boolean;
|
|
@@ -46,6 +46,11 @@
|
|
|
46
46
|
"description": "Access token for retrieving configuration from ADSP APIs.",
|
|
47
47
|
"alias": "at"
|
|
48
48
|
},
|
|
49
|
+
"serviceClientId": {
|
|
50
|
+
"type": "string",
|
|
51
|
+
"description": "Client ID of a paired backend service (e.g. urn:ads:my-tenant:my-svc). When provided with --tenant, configures audience mapping and example-role scope on the frontend client.",
|
|
52
|
+
"alias": "sc"
|
|
53
|
+
},
|
|
49
54
|
"proxy": {
|
|
50
55
|
"oneOf": [
|
|
51
56
|
{
|
|
@@ -7,6 +7,7 @@ const devkit_1 = require("@nx/devkit");
|
|
|
7
7
|
const eslint_1 = require("@nx/eslint");
|
|
8
8
|
const path = require("path");
|
|
9
9
|
const agent_1 = require("../../utils/agent");
|
|
10
|
+
const keycloak_admin_1 = require("../../utils/keycloak-admin");
|
|
10
11
|
const plugin_version_1 = require("../../utils/plugin-version");
|
|
11
12
|
function normalizeOptions(host, options) {
|
|
12
13
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
@@ -53,10 +54,10 @@ function addFiles(host, options) {
|
|
|
53
54
|
}
|
|
54
55
|
function default_1(host, options) {
|
|
55
56
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
56
|
-
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l;
|
|
57
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m;
|
|
57
58
|
const normalizedOptions = yield normalizeOptions(host, options);
|
|
58
59
|
const { applicationGenerator: initExpress } = yield Promise.resolve().then(() => require('@nx/express'));
|
|
59
|
-
yield initExpress(host, Object.assign(Object.assign({}, options), { skipFormat: true, skipPackageJson: false, linter: eslint_1.Linter.EsLint, unitTestRunner: 'jest', js: false, directory:
|
|
60
|
+
yield initExpress(host, Object.assign(Object.assign({}, options), { skipFormat: true, skipPackageJson: false, linter: eslint_1.Linter.EsLint, unitTestRunner: 'jest', js: false, directory: normalizedOptions.projectRoot }));
|
|
60
61
|
(0, devkit_1.addDependenciesToPackageJson)(host, Object.assign(Object.assign({ '@abgov/adsp-service-sdk': '^2.23.0', compression: '^1.8.1', cors: '^2.8.5', dotenv: '^16.4.7', envalid: '^8.0.0', helmet: '^8.0.0', passport: '^0.7.0', 'passport-anonymous': '^1.0.1', zod: '^3.0.0' }, (normalizedOptions.database === 'postgres' ? { '@prisma/client': '^6.0.0' } : {})), (normalizedOptions.database === 'mongo' ? { mongoose: '^8.0.0' } : {})), Object.assign({ '@types/compression': '^1.7.5', '@types/cors': '^2.8.17', '@types/passport': '^1.0.16', '@types/passport-anonymous': '^1.0.3' }, (normalizedOptions.database === 'postgres' ? { prisma: '^6.0.0' } : {})));
|
|
61
62
|
addFiles(host, normalizedOptions);
|
|
62
63
|
if (normalizedOptions.database !== 'none') {
|
|
@@ -107,6 +108,25 @@ function default_1(host, options) {
|
|
|
107
108
|
(0, devkit_1.updateProjectConfiguration)(host, normalizedOptions.projectName, Object.assign(Object.assign({}, projectConfig), { targets }));
|
|
108
109
|
}
|
|
109
110
|
yield (0, devkit_1.formatFiles)(host);
|
|
111
|
+
if (normalizedOptions.adsp) {
|
|
112
|
+
const clientId = `urn:ads:${normalizedOptions.adsp.tenant}:${normalizedOptions.projectName}`;
|
|
113
|
+
const accessToken = (_c = normalizedOptions.accessToken) !== null && _c !== void 0 ? _c : normalizedOptions.adsp.accessToken;
|
|
114
|
+
const clientSecret = yield (0, keycloak_admin_1.ensureServiceClient)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, clientId, accessToken);
|
|
115
|
+
if (clientSecret) {
|
|
116
|
+
const envPath = `${normalizedOptions.projectRoot}/.env`;
|
|
117
|
+
const existing = host.exists(envPath) ? host.read(envPath).toString() : '';
|
|
118
|
+
if (!existing.includes('CLIENT_SECRET=')) {
|
|
119
|
+
host.write(envPath, `${existing ? existing.trimEnd() + '\n' : ''}CLIENT_SECRET=${clientSecret}\n`);
|
|
120
|
+
}
|
|
121
|
+
const gitignorePath = '.gitignore';
|
|
122
|
+
if (host.exists(gitignorePath)) {
|
|
123
|
+
const gitignoreContent = host.read(gitignorePath).toString();
|
|
124
|
+
if (!gitignoreContent.includes('.env')) {
|
|
125
|
+
host.write(gitignorePath, `${gitignoreContent.trimEnd()}\n${normalizedOptions.projectRoot}/.env\n`);
|
|
126
|
+
}
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
}
|
|
110
130
|
// Consult the nx-adsp-agent to augment the project with ADSP capabilities.
|
|
111
131
|
// The agent has access to template tools and a workspace; it generates new
|
|
112
132
|
// files and modifications to integration files (main.ts, environment.ts)
|
|
@@ -117,16 +137,16 @@ function default_1(host, options) {
|
|
|
117
137
|
// from the single realm login already performed during normalizeOptions.
|
|
118
138
|
// token from the single realm login. Fall back to a new login only when the
|
|
119
139
|
// full interactive flow was used and no token is available.
|
|
120
|
-
const accessToken = (
|
|
140
|
+
const accessToken = (_d = normalizedOptions.accessToken) !== null && _d !== void 0 ? _d : (yield (0, nx_oc_1.realmLogin)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm).catch((err) => {
|
|
121
141
|
var _a;
|
|
122
142
|
process.stdout.write(`Agent sign-in failed (${(_a = err === null || err === void 0 ? void 0 : err.message) !== null && _a !== void 0 ? _a : err}) — skipping agent interaction.\n`);
|
|
123
143
|
return undefined;
|
|
124
144
|
}));
|
|
125
|
-
const mainTs = (
|
|
126
|
-
const environmentTs = (
|
|
127
|
-
const eventsTs = (
|
|
145
|
+
const mainTs = (_f = (_e = host.read(`${normalizedOptions.projectRoot}/src/main.ts`)) === null || _e === void 0 ? void 0 : _e.toString()) !== null && _f !== void 0 ? _f : '';
|
|
146
|
+
const environmentTs = (_h = (_g = host.read(`${normalizedOptions.projectRoot}/src/environment.ts`)) === null || _g === void 0 ? void 0 : _g.toString()) !== null && _h !== void 0 ? _h : '';
|
|
147
|
+
const eventsTs = (_k = (_j = host.read(`${normalizedOptions.projectRoot}/src/events.ts`)) === null || _j === void 0 ? void 0 : _j.toString()) !== null && _k !== void 0 ? _k : '';
|
|
128
148
|
const databaseTs = normalizedOptions.database !== 'none'
|
|
129
|
-
? (
|
|
149
|
+
? (_m = (_l = host.read(`${normalizedOptions.projectRoot}/src/database.ts`)) === null || _l === void 0 ? void 0 : _l.toString()) !== null && _m !== void 0 ? _m : ''
|
|
130
150
|
: undefined;
|
|
131
151
|
const agentResult = yield (0, agent_1.consultAgent)(normalizedOptions.adsp.directoryServiceUrl, accessToken, {
|
|
132
152
|
projectName: normalizedOptions.projectName,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"express-service.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/express-service/express-service.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"express-service.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/express-service/express-service.ts"],"names":[],"mappings":";;AA+FA,4BA4MC;;AA3SD,wCAAmH;AACnH,uCAUoB;AACpB,uCAAoC;AACpC,6BAA6B;AAC7B,6CAAiD;AACjD,+DAAiE;AACjE,+DAA4D;AAG5D,SAAe,gBAAgB,CAC7B,IAAU,EACV,OAAe;;;QAEf,MAAM,WAAW,GAAG,IAAA,cAAK,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC;QACjD,MAAM,WAAW,GAAG,GAAG,IAAA,2BAAkB,EAAC,IAAI,CAAC,CAAC,OAAO,IAAI,WAAW,EAAE,CAAC;QAEzE,IAAI,IAA8C,CAAC;QAEnD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,uFAAuF;YACvF,uDAAuD;YACvD,MAAM,GAAG,GAAG,oBAAY,CAAC,MAAA,OAAO,CAAC,GAAG,mCAAI,MAAM,CAAC,CAAC;YAChD,MAAM,gBAAgB,GAAG,CAAC,MAAM,IAAA,sBAAc,EAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC;YAE5G,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,2CAAa,OAAO,EAAC,CAAC;YACjD,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAC9B,IAAI,GAAG,CAAC,wBAAwB,EAAE,gBAAgB,CAAC,CAAC,IAAI,EACxD,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,CACrC,CAAC;YAEF,MAAM,UAAU,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,0CAAG,CAAC,CAAC,CAAC;YACtC,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,MAAM,IAAI,KAAK,CAAC,WAAW,OAAO,CAAC,MAAM,kBAAkB,GAAG,CAAC,mBAAmB,GAAG,CAAC,CAAC;YACzF,CAAC;YAED,MAAM,WAAW,GAAG,MAAA,OAAO,CAAC,WAAW,mCAAI,UAAU,CAAC,KAAK,CAAC;YAE5D,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;gBACzB,OAAO,mCACF,OAAO,KACV,WAAW,EAAE,MAAM,IAAA,kBAAU,EAAC,GAAG,CAAC,gBAAgB,EAAE,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,GACxF,CAAC;YACJ,CAAC;YAED,IAAI,GAAG;gBACL,MAAM,EAAE,UAAU,CAAC,IAAI;gBACvB,WAAW;gBACX,gBAAgB,EAAE,GAAG,CAAC,gBAAgB;gBACtC,mBAAmB,EAAE,GAAG,CAAC,mBAAmB;aAC7C,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,IAAI,GAAG,MAAM,IAAA,4BAAoB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACnD,CAAC;QAED,uCACK,OAAO,KACV,WAAW;YACX,WAAW;YACX,IAAI,EACJ,QAAQ,EAAE,MAAA,OAAO,CAAC,QAAQ,mCAAI,MAAM,IACpC;IACJ,CAAC;CAAA;AAED,SAAS,QAAQ,CAAC,IAAU,EAAE,OAAyB;IACrD,MAAM,eAAe,iDAChB,OAAO,GACP,OAAO,CAAC,IAAI,KACf,IAAI,EAAE,EAAE,GACT,CAAC;IACF,IAAA,sBAAa,EACX,IAAI,EACJ,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,EAC7B,OAAO,CAAC,WAAW,EACnB,eAAe,CAChB,CAAC;IACF,IAAI,OAAO,CAAC,QAAQ,KAAK,UAAU,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACpE,IAAA,sBAAa,EACX,IAAI,EACJ,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,OAAO,CAAC,QAAQ,EAAE,CAAC,EACjD,OAAO,CAAC,WAAW,EACnB,eAAe,CAChB,CAAC;IACJ,CAAC;AACH,CAAC;AAED,mBAA+B,IAAU,EAAE,OAAe;;;QACxD,MAAM,iBAAiB,GAAG,MAAM,gBAAgB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAEhE,MAAM,EAAE,oBAAoB,EAAE,WAAW,EAAE,GAAG,2CAAa,aAAa,EAAC,CAAC;QAC1E,MAAM,WAAW,CAAC,IAAI,kCACjB,OAAO,KACV,UAAU,EAAE,IAAI,EAChB,eAAe,EAAE,KAAK,EACtB,MAAM,EAAE,eAAM,CAAC,MAAM,EACrB,cAAc,EAAE,MAAM,EACtB,EAAE,EAAE,KAAK,EACT,SAAS,EAAE,iBAAiB,CAAC,WAAW,IACxC,CAAC;QAEH,IAAA,qCAA4B,EAC1B,IAAI,gCAEF,yBAAyB,EAAE,SAAS,EACpC,WAAW,EAAE,QAAQ,EACrB,IAAI,EAAE,QAAQ,EACd,MAAM,EAAE,SAAS,EACjB,OAAO,EAAE,QAAQ,EACjB,MAAM,EAAE,QAAQ,EAChB,QAAQ,EAAE,QAAQ,EAClB,oBAAoB,EAAE,QAAQ,EAC9B,GAAG,EAAE,QAAQ,IACV,CAAC,iBAAiB,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GACjF,CAAC,iBAAiB,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,mBAGzE,oBAAoB,EAAE,QAAQ,EAC9B,aAAa,EAAE,SAAS,EACxB,iBAAiB,EAAE,SAAS,EAC5B,2BAA2B,EAAE,QAAQ,IAClC,CAAC,iBAAiB,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAE7E,CAAC;QAEF,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;QAElC,IAAI,iBAAiB,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;YAC1C,MAAM,aAAa,GAAG,IAAA,iCAAwB,EAAC,IAAI,EAAE,iBAAiB,CAAC,WAAW,CAAC,CAAC;YACpF,MAAM,OAAO,qBAAQ,aAAa,CAAC,OAAO,CAAE,CAAC;YAE7C,OAAO,CAAC,QAAQ,CAAC,GAAG;gBAClB,QAAQ,EAAE,iBAAiB;gBAC3B,OAAO,EAAE;oBACP,OAAO,EAAE,wBAAwB;oBACjC,GAAG,EAAE,eAAe;iBACrB;aACF,CAAC;YAEF,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBACrB,OAAO,CAAC,OAAO,CAAC,mCACX,OAAO,CAAC,OAAO,CAAC,KACnB,SAAS,EAAE,CAAC,GAAG,CAAC,MAAA,OAAO,CAAC,OAAO,CAAC,CAAC,SAAS,mCAAI,EAAE,CAAC,EAAE,QAAQ,CAAC,GAC7D,CAAC;YACJ,CAAC;YAED,IAAI,iBAAiB,CAAC,QAAQ,KAAK,UAAU,EAAE,CAAC;gBAC9C,OAAO,CAAC,aAAa,CAAC,GAAG;oBACvB,QAAQ,EAAE,iBAAiB;oBAC3B,OAAO,EAAE,EAAE,OAAO,EAAE,qBAAqB,EAAE,GAAG,EAAE,eAAe,EAAE;iBAClE,CAAC;gBACF,OAAO,CAAC,YAAY,CAAC,GAAG;oBACtB,QAAQ,EAAE,iBAAiB;oBAC3B,OAAO,EAAE,EAAE,OAAO,EAAE,wBAAwB,EAAE,GAAG,EAAE,eAAe,EAAE;iBACrE,CAAC;gBACF,OAAO,CAAC,mBAAmB,CAAC,GAAG;oBAC7B,QAAQ,EAAE,iBAAiB;oBAC3B,OAAO,EAAE,EAAE,OAAO,EAAE,2BAA2B,EAAE,GAAG,EAAE,eAAe,EAAE;iBACxE,CAAC;gBACF,OAAO,CAAC,WAAW,CAAC,GAAG;oBACrB,QAAQ,EAAE,iBAAiB;oBAC3B,OAAO,EAAE,EAAE,OAAO,EAAE,mBAAmB,EAAE,GAAG,EAAE,eAAe,EAAE;iBAChE,CAAC;gBAEF,6EAA6E;gBAC7E,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;oBACrB,OAAO,CAAC,OAAO,CAAC,mCACX,OAAO,CAAC,OAAO,CAAC,KACnB,SAAS,EAAE,CAAC,GAAG,CAAC,MAAA,OAAO,CAAC,OAAO,CAAC,CAAC,SAAS,mCAAI,EAAE,CAAC,EAAE,aAAa,CAAC,GAClE,CAAC;gBACJ,CAAC;gBAED,2EAA2E;gBAC3E,yEAAyE;gBACzE,MAAM,aAAa,GAAG,YAAY,CAAC;gBACnC,MAAM,WAAW,GAAG,GAAG,iBAAiB,CAAC,WAAW,iBAAiB,CAAC;gBACtE,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,CAAC;oBAC/B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,QAAQ,EAAE,CAAC;oBACpD,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;wBACnC,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,KAAK,WAAW,IAAI,CAAC,CAAC;oBACtE,CAAC;gBACH,CAAC;YACH,CAAC;YAED,IAAA,mCAA0B,EAAC,IAAI,EAAE,iBAAiB,CAAC,WAAW,kCACzD,aAAa,KAChB,OAAO,IACP,CAAC;QACL,CAAC;QAED,MAAM,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;QAExB,IAAI,iBAAiB,CAAC,IAAI,EAAE,CAAC;YAC3B,MAAM,QAAQ,GAAG,WAAW,iBAAiB,CAAC,IAAI,CAAC,MAAM,IAAI,iBAAiB,CAAC,WAAW,EAAE,CAAC;YAC7F,MAAM,WAAW,GAAG,MAAA,iBAAiB,CAAC,WAAW,mCAAI,iBAAiB,CAAC,IAAI,CAAC,WAAW,CAAC;YACxF,MAAM,YAAY,GAAG,MAAM,IAAA,oCAAmB,EAC5C,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,QAAQ,EACR,WAAW,CACZ,CAAC;YACF,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,OAAO,GAAG,GAAG,iBAAiB,CAAC,WAAW,OAAO,CAAC;gBACxD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3E,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;oBACzC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,iBAAiB,YAAY,IAAI,CAAC,CAAC;gBACrG,CAAC;gBACD,MAAM,aAAa,GAAG,YAAY,CAAC;gBACnC,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,CAAC;oBAC/B,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,QAAQ,EAAE,CAAC;oBAC7D,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;wBACvC,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,gBAAgB,CAAC,OAAO,EAAE,KAAK,iBAAiB,CAAC,WAAW,SAAS,CAAC,CAAC;oBACtG,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,2EAA2E;QAC3E,yEAAyE;QACzE,6CAA6C;QAC7C,yEAAyE;QACzE,IAAI,iBAAiB,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YACjD,4EAA4E;YAC5E,yEAAyE;YACzE,4EAA4E;YAC5E,4DAA4D;YAC5D,MAAM,WAAW,GACf,MAAA,iBAAiB,CAAC,WAAW,mCAC7B,CAAC,MAAM,IAAA,kBAAU,EACf,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,CACnC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;;gBACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,OAAO,mCAAI,GAAG,mCAAmC,CAAC,CAAC;gBACtG,OAAO,SAAS,CAAC;YACnB,CAAC,CAAC,CAAC,CAAC;YAEN,MAAM,MAAM,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,cAAc,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YAC3F,MAAM,aAAa,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,qBAAqB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YACzG,MAAM,QAAQ,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,gBAAgB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YAC/F,MAAM,UAAU,GACd,iBAAiB,CAAC,QAAQ,KAAK,MAAM;gBACnC,CAAC,CAAC,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,kBAAkB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;gBACjF,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,WAAW,GAAG,MAAM,IAAA,oBAAY,EACpC,iBAAiB,CAAC,IAAI,CAAC,mBAAmB,EAC1C,WAAW,EACX;gBACE,WAAW,EAAE,iBAAiB,CAAC,WAAW;gBAC1C,WAAW,EAAE,iBAAiB;gBAC9B,MAAM,EAAE,iBAAiB,CAAC,IAAI,CAAC,MAAM;gBACrC,aAAa,EAAE,+BAAc;gBAC7B,aAAa,kBACX,aAAa,EAAE,MAAM,EACrB,oBAAoB,EAAE,aAAa,EACnC,eAAe,EAAE,QAAQ,IACtB,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CACzD;aACF,EACD,IAAI,EACJ,iBAAiB,CAAC,WAAW,CAC9B,CAAC;YAEF,0EAA0E;YAC1E,sEAAsE;YACtE,qEAAqE;YACrE,IAAI,WAAW,IAAI,WAAW,CAAC,YAAY,KAAK,CAAC,EAAE,CAAC;gBAClD,MAAM,EAAE,MAAM,EAAE,GAAG,2CAAa,UAAU,EAAC,CAAC;gBAC5C,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAuB;oBACrD,IAAI,EAAE,SAAS;oBACf,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,mFAAmF;oBAC5F,OAAO,EAAE,CAAC,WAAW,CAAC,WAAW;iBAClC,CAAC,CAAC;gBACH,IAAI,CAAC,OAAO,EAAE,CAAC;oBACb,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;gBACzC,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,IAAA,2BAAmB,EAAC,IAAI,kCACzB,iBAAiB,KACpB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,iBAAiB,CAAC,WAAW,EACtC,QAAQ,EAAE,iBAAiB,CAAC,QAAQ,IACpC,CAAC;QAEH,OAAO,GAAG,EAAE;YACV,IAAA,4BAAmB,EAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC;IACJ,CAAC;CAAA"}
|
|
@@ -3,12 +3,12 @@ import { cleanEnv, num, str } from 'envalid';
|
|
|
3
3
|
import { resolve } from 'path';
|
|
4
4
|
|
|
5
5
|
config({
|
|
6
|
-
path: resolve(process.cwd(), '
|
|
6
|
+
path: resolve(process.cwd(), '<%= projectRoot %>/.env'),
|
|
7
7
|
});
|
|
8
8
|
<% if (database !== 'none') { %>
|
|
9
9
|
// .env.local is written by 'nx dev-db' with the local database connection string.
|
|
10
10
|
config({
|
|
11
|
-
path: resolve(process.cwd(), '
|
|
11
|
+
path: resolve(process.cwd(), '<%= projectRoot %>/.env.local'),
|
|
12
12
|
override: true,
|
|
13
13
|
});
|
|
14
14
|
<% } %>
|
|
@@ -4,7 +4,7 @@ import type { DomainEvent, DomainEventDefinition } from '@abgov/adsp-service-sdk
|
|
|
4
4
|
// a human-readable description, and a JSON Schema for the payload.
|
|
5
5
|
// Register all definitions in initializeService({ events: [...] }) in main.ts.
|
|
6
6
|
|
|
7
|
-
const EXAMPLE_EVENT_NAME = '
|
|
7
|
+
const EXAMPLE_EVENT_NAME = 'example';
|
|
8
8
|
|
|
9
9
|
export const exampleEventDefinition: DomainEventDefinition = {
|
|
10
10
|
name: EXAMPLE_EVENT_NAME,
|
|
@@ -82,10 +82,27 @@ async function initializeApp() {
|
|
|
82
82
|
res.json({
|
|
83
83
|
_links: {
|
|
84
84
|
self: { href: '/<%= projectName %>/v1' },
|
|
85
|
+
public: { href: '/<%= projectName %>/v1/public' },
|
|
86
|
+
private: { href: '/<%= projectName %>/v1/private' },
|
|
85
87
|
},
|
|
86
88
|
});
|
|
87
89
|
});
|
|
88
90
|
|
|
91
|
+
// Public endpoint — no authentication required.
|
|
92
|
+
app.get('/<%= projectName %>/v1/public', (_req, res) => {
|
|
93
|
+
res.json({ message: 'Hello from the public <%= projectName %> API.' });
|
|
94
|
+
});
|
|
95
|
+
|
|
96
|
+
// Private endpoint — requires an authenticated tenant user.
|
|
97
|
+
app.get(
|
|
98
|
+
'/<%= projectName %>/v1/private',
|
|
99
|
+
passport.authenticate(['tenant'], { session: false }),
|
|
100
|
+
(req, res) => {
|
|
101
|
+
const user = req.user as { name?: string } | undefined;
|
|
102
|
+
res.json({ message: `Hello, ${user?.name ?? 'authenticated user'}.` });
|
|
103
|
+
}
|
|
104
|
+
);
|
|
105
|
+
|
|
89
106
|
// Example: protected route demonstrating authorize, input validation, and a domain event.
|
|
90
107
|
// Require 'example-role' — replace with a role relevant to your service.
|
|
91
108
|
// Remove or replace this route once you have real business logic.
|
|
@@ -7,6 +7,7 @@ const nx_oc_1 = require("@abgov/nx-oc");
|
|
|
7
7
|
const angular_app_1 = require("../angular-app/angular-app");
|
|
8
8
|
const express_service_1 = require("../express-service/express-service");
|
|
9
9
|
const agent_1 = require("../../utils/agent");
|
|
10
|
+
const keycloak_admin_1 = require("../../utils/keycloak-admin");
|
|
10
11
|
const plugin_version_1 = require("../../utils/plugin-version");
|
|
11
12
|
function normalizeOptions(host, options) {
|
|
12
13
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
@@ -20,7 +21,7 @@ function normalizeOptions(host, options) {
|
|
|
20
21
|
}
|
|
21
22
|
function default_1(host, options) {
|
|
22
23
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
23
|
-
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u;
|
|
24
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u, _v;
|
|
24
25
|
const normalizedOptions = yield normalizeOptions(host, options);
|
|
25
26
|
const projectName = (0, devkit_1.names)(options.name).fileName;
|
|
26
27
|
const serviceName = `${projectName}-service`;
|
|
@@ -34,13 +35,20 @@ function default_1(host, options) {
|
|
|
34
35
|
location: '/api/',
|
|
35
36
|
proxyPass: `http://${serviceName}:3333/${serviceName}/`,
|
|
36
37
|
}, skipAgent: true }));
|
|
38
|
+
if (normalizedOptions.adsp) {
|
|
39
|
+
const accessToken = (_a = normalizedOptions.adsp.accessToken) !== null && _a !== void 0 ? _a : normalizedOptions.accessToken;
|
|
40
|
+
const serviceClientId = `urn:ads:${normalizedOptions.adsp.tenant}:${serviceName}`;
|
|
41
|
+
const appClientId = `urn:ads:${normalizedOptions.adsp.tenant}:${appName}`;
|
|
42
|
+
yield (0, keycloak_admin_1.ensureAudienceMapper)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, appClientId, serviceClientId, accessToken);
|
|
43
|
+
yield (0, keycloak_admin_1.ensureClientRoleScope)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, appClientId, serviceClientId, 'example-role', accessToken);
|
|
44
|
+
}
|
|
37
45
|
if (normalizedOptions.adsp && !normalizedOptions.skipAgent) {
|
|
38
46
|
// Single conversation covering the full stack. Files from both projects are
|
|
39
47
|
// uploaded with service/ and app/ prefixes so the agent can write to both,
|
|
40
48
|
// and are routed to the correct project root when applied.
|
|
41
49
|
// Use the token from --tenant login if available; fall back to a realm login
|
|
42
50
|
// when the interactive flow was used (which only obtains a core-realm token).
|
|
43
|
-
const accessToken = (
|
|
51
|
+
const accessToken = (_b = normalizedOptions.adsp.accessToken) !== null && _b !== void 0 ? _b : (yield (0, nx_oc_1.realmLogin)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm).catch((err) => {
|
|
44
52
|
var _a;
|
|
45
53
|
process.stdout.write(`\n[nx-adsp] Agent sign-in failed (${(_a = err === null || err === void 0 ? void 0 : err.message) !== null && _a !== void 0 ? _a : err}) — skipping agent interaction.\n`);
|
|
46
54
|
return undefined;
|
|
@@ -51,15 +59,15 @@ function default_1(host, options) {
|
|
|
51
59
|
tenant: normalizedOptions.adsp.tenant,
|
|
52
60
|
pluginVersion: plugin_version_1.PLUGIN_VERSION,
|
|
53
61
|
existingFiles: {
|
|
54
|
-
'service/src/main.ts': (
|
|
55
|
-
'service/src/environment.ts': (
|
|
56
|
-
'service/src/database.ts': (
|
|
57
|
-
'service/src/events.ts': (
|
|
58
|
-
'app/src/app/app.component.ts': (
|
|
59
|
-
'app/src/app/app.component.html': (
|
|
60
|
-
'app/src/app/app.config.ts': (
|
|
61
|
-
'app/src/app/app.routes.ts': (
|
|
62
|
-
'app/src/environments/environment.ts': (
|
|
62
|
+
'service/src/main.ts': (_d = (_c = host.read(`${serviceRoot}/src/main.ts`)) === null || _c === void 0 ? void 0 : _c.toString()) !== null && _d !== void 0 ? _d : '',
|
|
63
|
+
'service/src/environment.ts': (_f = (_e = host.read(`${serviceRoot}/src/environment.ts`)) === null || _e === void 0 ? void 0 : _e.toString()) !== null && _f !== void 0 ? _f : '',
|
|
64
|
+
'service/src/database.ts': (_h = (_g = host.read(`${serviceRoot}/src/database.ts`)) === null || _g === void 0 ? void 0 : _g.toString()) !== null && _h !== void 0 ? _h : '',
|
|
65
|
+
'service/src/events.ts': (_k = (_j = host.read(`${serviceRoot}/src/events.ts`)) === null || _j === void 0 ? void 0 : _j.toString()) !== null && _k !== void 0 ? _k : '',
|
|
66
|
+
'app/src/app/app.component.ts': (_m = (_l = host.read(`${appRoot}/src/app/app.component.ts`)) === null || _l === void 0 ? void 0 : _l.toString()) !== null && _m !== void 0 ? _m : '',
|
|
67
|
+
'app/src/app/app.component.html': (_p = (_o = host.read(`${appRoot}/src/app/app.component.html`)) === null || _o === void 0 ? void 0 : _o.toString()) !== null && _p !== void 0 ? _p : '',
|
|
68
|
+
'app/src/app/app.config.ts': (_r = (_q = host.read(`${appRoot}/src/app/app.config.ts`)) === null || _q === void 0 ? void 0 : _q.toString()) !== null && _r !== void 0 ? _r : '',
|
|
69
|
+
'app/src/app/app.routes.ts': (_t = (_s = host.read(`${appRoot}/src/app/app.routes.ts`)) === null || _s === void 0 ? void 0 : _s.toString()) !== null && _t !== void 0 ? _t : '',
|
|
70
|
+
'app/src/environments/environment.ts': (_v = (_u = host.read(`${appRoot}/src/environments/environment.ts`)) === null || _u === void 0 ? void 0 : _u.toString()) !== null && _v !== void 0 ? _v : '',
|
|
63
71
|
},
|
|
64
72
|
}, host, serviceRoot, { additionalRoots: { 'app': appRoot } }));
|
|
65
73
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mean.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/mean/mean.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"mean.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/mean/mean.ts"],"names":[],"mappings":";;AAoBA,4BA0FC;;AA9GD,uCAA+F;AAC/F,wCAAgE;AAChE,4DAAwD;AACxD,wEAAoE;AAEpE,6CAA6E;AAC7E,+DAAyF;AACzF,+DAA4D;AAE5D,SAAe,gBAAgB,CAC7B,IAAU,EACV,OAAe;;;QAEf,MAAM,IAAI,GAAG,MAAM,IAAA,4BAAoB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACvD,wEAAwE;QACxE,+EAA+E;QAC/E,iDAAiD;QACjD,uCAAY,OAAO,KAAE,WAAW,EAAE,MAAA,IAAI,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,EAAE,IAAI,IAAG;IACpF,CAAC;CAAA;AAED,mBAA+B,IAAU,EAAE,OAAe;;;QACxD,MAAM,iBAAiB,GAAG,MAAM,gBAAgB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAChE,MAAM,WAAW,GAAG,IAAA,cAAK,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC;QACjD,MAAM,WAAW,GAAG,GAAG,WAAW,UAAU,CAAC;QAC7C,MAAM,OAAO,GAAG,GAAG,WAAW,MAAM,CAAC;QACrC,MAAM,OAAO,GAAG,IAAA,2BAAkB,EAAC,IAAI,CAAC,CAAC,OAAO,CAAC;QACjD,MAAM,WAAW,GAAG,GAAG,OAAO,IAAI,WAAW,EAAE,CAAC;QAChD,MAAM,OAAO,GAAG,GAAG,OAAO,IAAI,OAAO,EAAE,CAAC;QAExC,gFAAgF;QAChF,MAAM,IAAA,yBAAkB,EAAC,IAAI,kCAAO,iBAAiB,KAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,IAAG,CAAC;QAChH,MAAM,IAAA,qBAAc,EAAC,IAAI,kCACpB,iBAAiB,KACpB,IAAI,EAAE,OAAO,EACb,KAAK,EAAE;gBACL,QAAQ,EAAE,OAAO;gBACjB,SAAS,EAAE,UAAU,WAAW,SAAS,WAAW,GAAG;aACxD,EACD,SAAS,EAAE,IAAI,IACf,CAAC;QAEH,IAAI,iBAAiB,CAAC,IAAI,EAAE,CAAC;YAC3B,MAAM,WAAW,GAAG,MAAA,iBAAiB,CAAC,IAAI,CAAC,WAAW,mCAAI,iBAAiB,CAAC,WAAW,CAAC;YACxF,MAAM,eAAe,GAAG,WAAW,iBAAiB,CAAC,IAAI,CAAC,MAAM,IAAI,WAAW,EAAE,CAAC;YAClF,MAAM,WAAW,GAAG,WAAW,iBAAiB,CAAC,IAAI,CAAC,MAAM,IAAI,OAAO,EAAE,CAAC;YAC1E,MAAM,IAAA,qCAAoB,EACxB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,WAAW,EACX,eAAe,EACf,WAAW,CACZ,CAAC;YACF,MAAM,IAAA,sCAAqB,EACzB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,WAAW,EACX,eAAe,EACf,cAAc,EACd,WAAW,CACZ,CAAC;QACJ,CAAC;QAED,IAAI,iBAAiB,CAAC,IAAI,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,CAAC;YAC3D,4EAA4E;YAC5E,2EAA2E;YAC3E,2DAA2D;YAC3D,6EAA6E;YAC7E,8EAA8E;YAC9E,MAAM,WAAW,GACf,MAAA,iBAAiB,CAAC,IAAI,CAAC,WAAW,mCAClC,CAAC,MAAM,IAAA,kBAAU,EACf,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,CACnC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;;gBACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,qCAAqC,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,OAAO,mCAAI,GAAG,mCAAmC,CAC5F,CAAC;gBACF,OAAO,SAAS,CAAC;YACnB,CAAC,CAAC,CAAC,CAAC;YACN,MAAM,IAAA,kCAA0B,EAAC,MAAM,IAAA,oBAAY,EACjD,iBAAiB,CAAC,IAAI,CAAC,mBAAmB,EAC1C,WAAW,EACX;gBACE,WAAW;gBACX,WAAW,EAAE,MAAM;gBACnB,MAAM,EAAE,iBAAiB,CAAC,IAAI,CAAC,MAAM;gBACrC,aAAa,EAAE,+BAAc;gBAC7B,aAAa,EAAE;oBACb,qBAAqB,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,cAAc,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAChF,4BAA4B,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,qBAAqB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAC9F,yBAAyB,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,kBAAkB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBACxF,uBAAuB,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,gBAAgB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBACpF,8BAA8B,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,2BAA2B,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAClG,gCAAgC,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,6BAA6B,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBACtG,2BAA2B,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,wBAAwB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAC5F,2BAA2B,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,wBAAwB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAC5F,qCAAqC,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,kCAAkC,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;iBACjH;aACF,EACD,IAAI,EACJ,WAAW,EACX,EAAE,eAAe,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,CACxC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;QAExB,OAAO,GAAG,EAAE;YACV,IAAA,4BAAmB,EAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC;IACJ,CAAC;CAAA"}
|
|
@@ -7,6 +7,7 @@ const nx_oc_1 = require("@abgov/nx-oc");
|
|
|
7
7
|
const express_service_1 = require("../express-service/express-service");
|
|
8
8
|
const react_app_1 = require("../react-app/react-app");
|
|
9
9
|
const agent_1 = require("../../utils/agent");
|
|
10
|
+
const keycloak_admin_1 = require("../../utils/keycloak-admin");
|
|
10
11
|
const plugin_version_1 = require("../../utils/plugin-version");
|
|
11
12
|
function normalizeOptions(host, options) {
|
|
12
13
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
@@ -20,7 +21,7 @@ function normalizeOptions(host, options) {
|
|
|
20
21
|
}
|
|
21
22
|
function default_1(host, options) {
|
|
22
23
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
23
|
-
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u;
|
|
24
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t, _u, _v;
|
|
24
25
|
const normalizedOptions = yield normalizeOptions(host, options);
|
|
25
26
|
const projectName = (0, devkit_1.names)(options.name).fileName;
|
|
26
27
|
const serviceName = `${projectName}-service`;
|
|
@@ -34,13 +35,20 @@ function default_1(host, options) {
|
|
|
34
35
|
location: '/api/',
|
|
35
36
|
proxyPass: `http://${serviceName}:3333/${serviceName}/`,
|
|
36
37
|
}, skipAgent: true }));
|
|
38
|
+
if (normalizedOptions.adsp) {
|
|
39
|
+
const accessToken = (_a = normalizedOptions.adsp.accessToken) !== null && _a !== void 0 ? _a : normalizedOptions.accessToken;
|
|
40
|
+
const serviceClientId = `urn:ads:${normalizedOptions.adsp.tenant}:${serviceName}`;
|
|
41
|
+
const appClientId = `urn:ads:${normalizedOptions.adsp.tenant}:${appName}`;
|
|
42
|
+
yield (0, keycloak_admin_1.ensureAudienceMapper)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, appClientId, serviceClientId, accessToken);
|
|
43
|
+
yield (0, keycloak_admin_1.ensureClientRoleScope)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, appClientId, serviceClientId, 'example-role', accessToken);
|
|
44
|
+
}
|
|
37
45
|
if (normalizedOptions.adsp && !normalizedOptions.skipAgent) {
|
|
38
46
|
// Single conversation covering the full stack. Files from both projects are
|
|
39
47
|
// uploaded with service/ and app/ prefixes so the agent can write to both,
|
|
40
48
|
// and are routed to the correct project root when applied.
|
|
41
49
|
// Use the token from --tenant login if available; fall back to a realm login
|
|
42
50
|
// when the interactive flow was used (which only obtains a core-realm token).
|
|
43
|
-
const accessToken = (
|
|
51
|
+
const accessToken = (_b = normalizedOptions.adsp.accessToken) !== null && _b !== void 0 ? _b : (yield (0, nx_oc_1.realmLogin)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm).catch((err) => {
|
|
44
52
|
var _a;
|
|
45
53
|
process.stdout.write(`\n[nx-adsp] Agent sign-in failed (${(_a = err === null || err === void 0 ? void 0 : err.message) !== null && _a !== void 0 ? _a : err}) — skipping agent interaction.\n`);
|
|
46
54
|
return undefined;
|
|
@@ -51,15 +59,15 @@ function default_1(host, options) {
|
|
|
51
59
|
tenant: normalizedOptions.adsp.tenant,
|
|
52
60
|
pluginVersion: plugin_version_1.PLUGIN_VERSION,
|
|
53
61
|
existingFiles: {
|
|
54
|
-
'service/src/main.ts': (
|
|
55
|
-
'service/src/environment.ts': (
|
|
56
|
-
'service/src/database.ts': (
|
|
57
|
-
'service/src/events.ts': (
|
|
58
|
-
'app/src/app/app.tsx': (
|
|
59
|
-
'app/src/store.ts': (
|
|
60
|
-
'app/src/environments/environment.ts': (
|
|
61
|
-
'app/src/app/config.slice.ts': (
|
|
62
|
-
'app/src/app/intake.slice.ts': (
|
|
62
|
+
'service/src/main.ts': (_d = (_c = host.read(`${serviceRoot}/src/main.ts`)) === null || _c === void 0 ? void 0 : _c.toString()) !== null && _d !== void 0 ? _d : '',
|
|
63
|
+
'service/src/environment.ts': (_f = (_e = host.read(`${serviceRoot}/src/environment.ts`)) === null || _e === void 0 ? void 0 : _e.toString()) !== null && _f !== void 0 ? _f : '',
|
|
64
|
+
'service/src/database.ts': (_h = (_g = host.read(`${serviceRoot}/src/database.ts`)) === null || _g === void 0 ? void 0 : _g.toString()) !== null && _h !== void 0 ? _h : '',
|
|
65
|
+
'service/src/events.ts': (_k = (_j = host.read(`${serviceRoot}/src/events.ts`)) === null || _j === void 0 ? void 0 : _j.toString()) !== null && _k !== void 0 ? _k : '',
|
|
66
|
+
'app/src/app/app.tsx': (_m = (_l = host.read(`${appRoot}/src/app/app.tsx`)) === null || _l === void 0 ? void 0 : _l.toString()) !== null && _m !== void 0 ? _m : '',
|
|
67
|
+
'app/src/store.ts': (_p = (_o = host.read(`${appRoot}/src/store.ts`)) === null || _o === void 0 ? void 0 : _o.toString()) !== null && _p !== void 0 ? _p : '',
|
|
68
|
+
'app/src/environments/environment.ts': (_r = (_q = host.read(`${appRoot}/src/environments/environment.ts`)) === null || _q === void 0 ? void 0 : _q.toString()) !== null && _r !== void 0 ? _r : '',
|
|
69
|
+
'app/src/app/config.slice.ts': (_t = (_s = host.read(`${appRoot}/src/app/config.slice.ts`)) === null || _s === void 0 ? void 0 : _s.toString()) !== null && _t !== void 0 ? _t : '',
|
|
70
|
+
'app/src/app/intake.slice.ts': (_v = (_u = host.read(`${appRoot}/src/app/intake.slice.ts`)) === null || _u === void 0 ? void 0 : _u.toString()) !== null && _v !== void 0 ? _v : '',
|
|
63
71
|
},
|
|
64
72
|
}, host, serviceRoot, { additionalRoots: { 'app': appRoot } }));
|
|
65
73
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mern.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/mern/mern.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"mern.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/mern/mern.ts"],"names":[],"mappings":";;AAoBA,4BA0FC;;AA9GD,uCAA+F;AAC/F,wCAAgE;AAChE,wEAAoE;AACpE,sDAAkD;AAElD,6CAA6E;AAC7E,+DAAyF;AACzF,+DAA4D;AAE5D,SAAe,gBAAgB,CAC7B,IAAU,EACV,OAAe;;;QAEf,MAAM,IAAI,GAAG,MAAM,IAAA,4BAAoB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACvD,wEAAwE;QACxE,6EAA6E;QAC7E,iDAAiD;QACjD,uCAAY,OAAO,KAAE,WAAW,EAAE,MAAA,IAAI,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,EAAE,IAAI,IAAG;IACpF,CAAC;CAAA;AAED,mBAA+B,IAAU,EAAE,OAAe;;;QACxD,MAAM,iBAAiB,GAAG,MAAM,gBAAgB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAChE,MAAM,WAAW,GAAG,IAAA,cAAK,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC;QACjD,MAAM,WAAW,GAAG,GAAG,WAAW,UAAU,CAAC;QAC7C,MAAM,OAAO,GAAG,GAAG,WAAW,MAAM,CAAC;QACrC,MAAM,OAAO,GAAG,IAAA,2BAAkB,EAAC,IAAI,CAAC,CAAC,OAAO,CAAC;QACjD,MAAM,WAAW,GAAG,GAAG,OAAO,IAAI,WAAW,EAAE,CAAC;QAChD,MAAM,OAAO,GAAG,GAAG,OAAO,IAAI,OAAO,EAAE,CAAC;QAExC,gFAAgF;QAChF,MAAM,IAAA,yBAAkB,EAAC,IAAI,kCAAO,iBAAiB,KAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,IAAG,CAAC;QAChH,MAAM,IAAA,mBAAY,EAAC,IAAI,kCAClB,iBAAiB,KACpB,IAAI,EAAE,OAAO,EACb,KAAK,EAAE;gBACL,QAAQ,EAAE,OAAO;gBACjB,SAAS,EAAE,UAAU,WAAW,SAAS,WAAW,GAAG;aACxD,EACD,SAAS,EAAE,IAAI,IACf,CAAC;QAEH,IAAI,iBAAiB,CAAC,IAAI,EAAE,CAAC;YAC3B,MAAM,WAAW,GAAG,MAAA,iBAAiB,CAAC,IAAI,CAAC,WAAW,mCAAI,iBAAiB,CAAC,WAAW,CAAC;YACxF,MAAM,eAAe,GAAG,WAAW,iBAAiB,CAAC,IAAI,CAAC,MAAM,IAAI,WAAW,EAAE,CAAC;YAClF,MAAM,WAAW,GAAG,WAAW,iBAAiB,CAAC,IAAI,CAAC,MAAM,IAAI,OAAO,EAAE,CAAC;YAC1E,MAAM,IAAA,qCAAoB,EACxB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,WAAW,EACX,eAAe,EACf,WAAW,CACZ,CAAC;YACF,MAAM,IAAA,sCAAqB,EACzB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,WAAW,EACX,eAAe,EACf,cAAc,EACd,WAAW,CACZ,CAAC;QACJ,CAAC;QAED,IAAI,iBAAiB,CAAC,IAAI,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,CAAC;YAC3D,4EAA4E;YAC5E,2EAA2E;YAC3E,2DAA2D;YAC3D,6EAA6E;YAC7E,8EAA8E;YAC9E,MAAM,WAAW,GACf,MAAA,iBAAiB,CAAC,IAAI,CAAC,WAAW,mCAClC,CAAC,MAAM,IAAA,kBAAU,EACf,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,CACnC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;;gBACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,qCAAqC,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,OAAO,mCAAI,GAAG,mCAAmC,CAC5F,CAAC;gBACF,OAAO,SAAS,CAAC;YACnB,CAAC,CAAC,CAAC,CAAC;YACN,MAAM,IAAA,kCAA0B,EAAC,MAAM,IAAA,oBAAY,EACjD,iBAAiB,CAAC,IAAI,CAAC,mBAAmB,EAC1C,WAAW,EACX;gBACE,WAAW;gBACX,WAAW,EAAE,MAAM;gBACnB,MAAM,EAAE,iBAAiB,CAAC,IAAI,CAAC,MAAM;gBACrC,aAAa,EAAE,+BAAc;gBAC7B,aAAa,EAAE;oBACb,qBAAqB,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,cAAc,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAChF,4BAA4B,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,qBAAqB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAC9F,yBAAyB,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,kBAAkB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBACxF,uBAAuB,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,gBAAgB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBACpF,qBAAqB,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,kBAAkB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAChF,kBAAkB,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,eAAe,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAC1E,qCAAqC,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,kCAAkC,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAChH,6BAA6B,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,0BAA0B,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;oBAChG,6BAA6B,EAAE,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,OAAO,0BAA0B,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE;iBACjG;aACF,EACD,IAAI,EACJ,WAAW,EACX,EAAE,eAAe,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,CACxC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;QAExB,OAAO,GAAG,EAAE;YACV,IAAA,4BAAmB,EAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC;IACJ,CAAC;CAAA"}
|
|
@@ -55,9 +55,9 @@ export function App() {
|
|
|
55
55
|
<p>Don't panic. Start editing the project to build your digital service.</p>
|
|
56
56
|
<h3>A few things you might want to do next:</h3>
|
|
57
57
|
<ul className={styles.nextSteps}>
|
|
58
|
-
<li>
|
|
59
|
-
<li>
|
|
60
|
-
<li>
|
|
58
|
+
<li>Public API: <strong>{publicResource || 'Not retrieved — is the backend service running?'}</strong></li>
|
|
59
|
+
<li>Private API (sign in to access): <strong>{privateResource || 'Not retrieved — sign in first.'}</strong></li>
|
|
60
|
+
<li>Extend the API: add routes to <code>/<%= projectName %>/v1</code> in the backend service.</li>
|
|
61
61
|
</ul>
|
|
62
62
|
</section>
|
|
63
63
|
</main>
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
declare module '*.css';
|
|
@@ -4,6 +4,7 @@ exports.default = default_1;
|
|
|
4
4
|
const tslib_1 = require("tslib");
|
|
5
5
|
const nx_oc_1 = require("@abgov/nx-oc");
|
|
6
6
|
const agent_1 = require("../../utils/agent");
|
|
7
|
+
const keycloak_admin_1 = require("../../utils/keycloak-admin");
|
|
7
8
|
const plugin_version_1 = require("../../utils/plugin-version");
|
|
8
9
|
const devkit_1 = require("@nx/devkit");
|
|
9
10
|
const eslint_1 = require("@nx/eslint");
|
|
@@ -60,7 +61,7 @@ function removeFiles(host, options) {
|
|
|
60
61
|
}
|
|
61
62
|
function default_1(host, options) {
|
|
62
63
|
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
63
|
-
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o;
|
|
64
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p;
|
|
64
65
|
const normalizedOptions = yield normalizeOptions(host, options);
|
|
65
66
|
const { applicationGenerator: initReact } = yield Promise.resolve().then(() => require('@nx/react'));
|
|
66
67
|
// Setting strict to false because of: https://github.com/nrwl/nx/issues/8180
|
|
@@ -72,7 +73,7 @@ function default_1(host, options) {
|
|
|
72
73
|
unitTestRunner: 'jest',
|
|
73
74
|
e2eTestRunner: 'cypress',
|
|
74
75
|
strict: false,
|
|
75
|
-
directory:
|
|
76
|
+
directory: normalizedOptions.projectRoot,
|
|
76
77
|
});
|
|
77
78
|
(0, devkit_1.addDependenciesToPackageJson)(host, {
|
|
78
79
|
'@abgov/design-tokens': '1.8.0',
|
|
@@ -88,7 +89,6 @@ function default_1(host, options) {
|
|
|
88
89
|
});
|
|
89
90
|
const addedProxy = addFiles(host, normalizedOptions);
|
|
90
91
|
removeFiles(host, normalizedOptions);
|
|
91
|
-
const layout = (0, devkit_1.getWorkspaceLayout)(host);
|
|
92
92
|
const config = (0, devkit_1.readProjectConfiguration)(host, options.name);
|
|
93
93
|
// Remove the generated fileReplacements for production — we use a single
|
|
94
94
|
// environment.ts with runtime env vars rather than a build-time swap.
|
|
@@ -99,7 +99,7 @@ function default_1(host, options) {
|
|
|
99
99
|
...config.targets.build.options.assets,
|
|
100
100
|
{
|
|
101
101
|
glob: 'nginx.conf',
|
|
102
|
-
input:
|
|
102
|
+
input: normalizedOptions.projectRoot,
|
|
103
103
|
output: './',
|
|
104
104
|
},
|
|
105
105
|
], webpackConfig: `${normalizedOptions.projectRoot}/webpack.config.js` });
|
|
@@ -109,13 +109,22 @@ function default_1(host, options) {
|
|
|
109
109
|
}
|
|
110
110
|
(0, devkit_1.updateProjectConfiguration)(host, options.name, config);
|
|
111
111
|
yield (0, devkit_1.formatFiles)(host);
|
|
112
|
-
if (normalizedOptions.adsp
|
|
112
|
+
if (normalizedOptions.adsp) {
|
|
113
113
|
const accessToken = (_c = normalizedOptions.adsp.accessToken) !== null && _c !== void 0 ? _c : options.accessToken;
|
|
114
|
-
const
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
114
|
+
const clientId = `urn:ads:${normalizedOptions.adsp.tenant}:${normalizedOptions.projectName}`;
|
|
115
|
+
yield (0, keycloak_admin_1.ensurePublicClient)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, clientId, accessToken);
|
|
116
|
+
if (options.serviceClientId) {
|
|
117
|
+
yield (0, keycloak_admin_1.ensureAudienceMapper)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, clientId, options.serviceClientId, accessToken);
|
|
118
|
+
yield (0, keycloak_admin_1.ensureClientRoleScope)(normalizedOptions.adsp.accessServiceUrl, normalizedOptions.adsp.tenantRealm, clientId, options.serviceClientId, 'example-role', accessToken);
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
if (normalizedOptions.adsp && !options.skipAgent) {
|
|
122
|
+
const accessToken = (_d = normalizedOptions.adsp.accessToken) !== null && _d !== void 0 ? _d : options.accessToken;
|
|
123
|
+
const appTs = (_f = (_e = host.read(`${normalizedOptions.projectRoot}/src/app/app.tsx`)) === null || _e === void 0 ? void 0 : _e.toString()) !== null && _f !== void 0 ? _f : '';
|
|
124
|
+
const storeTs = (_h = (_g = host.read(`${normalizedOptions.projectRoot}/src/store.ts`)) === null || _g === void 0 ? void 0 : _g.toString()) !== null && _h !== void 0 ? _h : '';
|
|
125
|
+
const environmentTs = (_k = (_j = host.read(`${normalizedOptions.projectRoot}/src/environments/environment.ts`)) === null || _j === void 0 ? void 0 : _j.toString()) !== null && _k !== void 0 ? _k : '';
|
|
126
|
+
const configSliceTs = (_m = (_l = host.read(`${normalizedOptions.projectRoot}/src/app/config.slice.ts`)) === null || _l === void 0 ? void 0 : _l.toString()) !== null && _m !== void 0 ? _m : '';
|
|
127
|
+
const intakeSliceTs = (_p = (_o = host.read(`${normalizedOptions.projectRoot}/src/app/intake.slice.ts`)) === null || _o === void 0 ? void 0 : _o.toString()) !== null && _p !== void 0 ? _p : '';
|
|
119
128
|
yield (0, agent_1.confirmAfterAgentInterrupt)(yield (0, agent_1.consultAgent)(normalizedOptions.adsp.directoryServiceUrl, accessToken, {
|
|
120
129
|
projectName: normalizedOptions.projectName,
|
|
121
130
|
projectType: 'react-app',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"react-app.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/react-app/react-app.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"react-app.js","sourceRoot":"","sources":["../../../../../../packages/nx-adsp/src/generators/react-app/react-app.ts"],"names":[],"mappings":";;AAsGA,4BAuIC;;AA7OD,wCAAyE;AACzE,6CAA6E;AAC7E,+DAA6G;AAC7G,+DAA4D;AAC5D,uCAWoB;AACpB,uCAAoC;AACpC,6BAA6B;AAG7B,SAAe,gBAAgB,CAC7B,IAAU,EACV,OAAe;;QAEf,MAAM,WAAW,GAAG,IAAA,cAAK,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC;QACjD,MAAM,WAAW,GAAG,GAAG,IAAA,2BAAkB,EAAC,IAAI,CAAC,CAAC,OAAO,IAAI,WAAW,EAAE,CAAC;QACzE,MAAM,kBAAkB,GAAG,cAAc,WAAW,EAAE,CAAC;QAEvD,MAAM,IAAI,GAAG,MAAM,IAAA,4BAAoB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAEvD,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC;YAC/C,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC;YACpB,CAAC,CAAC,OAAO,CAAC,KAAK;gBACf,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;gBACjB,CAAC,CAAC,EAAE,CAAC;QAEP,uCACK,OAAO,KACV,WAAW;YACX,WAAW;YACX,kBAAkB;YAClB,IAAI;YACJ,YAAY,IACZ;IACJ,CAAC;CAAA;AAED,SAAS,QAAQ,CAAC,IAAU,EAAE,OAAyB;IACrD,MAAM,eAAe,iDAChB,OAAO,GACP,OAAO,CAAC,IAAI,KACf,IAAI,EAAE,EAAE,GACT,CAAC;IACF,IAAA,sBAAa,EACX,IAAI,EACJ,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,EAC7B,OAAO,CAAC,WAAW,EACnB,eAAe,CAChB,CAAC;IAEF,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC;IACrD,IAAI,YAAY,EAAE,CAAC;QACjB,mDAAmD;QACnD,6CAA6C;QAC7C,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC,MAAM,CAC9C,CAAC,SAAS,EAAE,UAAU,EAAE,EAAE;YACxB,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YAElD,MAAM,KAAK,GAAG;gBACZ,MAAM,EAAE,GAAG,WAAW,CAAC,QAAQ,cAC7B,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAC9C,EAAE;gBACF,MAAM,EAAE,WAAW,CAAC,QAAQ,KAAK,QAAQ;gBACzC,YAAY,EAAE,KAAK;gBACnB,WAAW,EAAE,EAAE;aAChB,CAAC;YAEF,8DAA8D;YAC9D,IAAI,WAAW,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,CAAC,WAAW,GAAG;oBAClB,CAAC,IAAI,UAAU,CAAC,QAAQ,EAAE,CAAC,EAAE,WAAW,CAAC,QAAQ;iBAClD,CAAC;YACJ,CAAC;YAED,uCACK,SAAS,KACZ,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,KAAK,IAC5B;QACJ,CAAC,EACD,EAAE,CACH,CAAC;QAEF,IAAA,kBAAS,EAAC,IAAI,EAAE,GAAG,OAAO,CAAC,WAAW,kBAAkB,EAAE,YAAY,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,WAAW,CAAC,IAAU,EAAE,OAAyB;IACxD,IAAI,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC,WAAW,mBAAmB,CAAC,CAAC;IACvD,IAAI,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC,WAAW,mBAAmB,CAAC,CAAC;IACvD,IAAI,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC,WAAW,yBAAyB,CAAC,CAAC;AAC/D,CAAC;AAED,mBAA+B,IAAU,EAAE,OAAe;;;QACxD,MAAM,iBAAiB,GAAG,MAAM,gBAAgB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAEhE,MAAM,EAAE,oBAAoB,EAAE,SAAS,EAAE,GAAG,2CAAa,WAAW,EAAC,CAAC;QAEtE,6EAA6E;QAC7E,MAAM,SAAS,CAAC,IAAI,EAAE;YACpB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,IAAI;YAChB,MAAM,EAAE,eAAM,CAAC,MAAM;YACrB,cAAc,EAAE,MAAM;YACtB,aAAa,EAAE,SAAS;YACxB,MAAM,EAAE,KAAK;YACb,SAAS,EAAE,iBAAiB,CAAC,WAAW;SACzC,CAAC,CAAC;QAEH,IAAA,qCAA4B,EAC1B,IAAI,EACJ;YACE,sBAAsB,EAAE,OAAO;YAC/B,yBAAyB,EAAE,QAAQ;YACnC,uBAAuB,EAAE,QAAQ;YACjC,kBAAkB,EAAE,QAAQ;YAC5B,aAAa,EAAE,SAAS;YACxB,aAAa,EAAE,QAAQ;YACvB,kBAAkB,EAAE,QAAQ;SAC7B,EACD;YACE,qBAAqB,EAAE,QAAQ;YAC/B,kBAAkB,EAAE,QAAQ;SAC7B,CACF,CAAC;QAEF,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;QACrD,WAAW,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;QAErC,MAAM,MAAM,GAAG,IAAA,iCAAwB,EAAC,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;QAE5D,yEAAyE;QACzE,sEAAsE;QACtE,IAAI,MAAA,MAAA,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,0CAAE,UAAU,0CAAE,gBAAgB,EAAE,CAAC;YACtE,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC,gBAAgB,CAAC;QACzE,CAAC;QAED,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,mCACvB,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,KAC/B,MAAM,EAAE;gBACN,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM;gBACtC;oBACE,IAAI,EAAE,YAAY;oBAClB,KAAK,EAAE,iBAAiB,CAAC,WAAW;oBACpC,MAAM,EAAE,IAAI;iBACb;aACF,EACD,aAAa,EAAE,GAAG,iBAAiB,CAAC,WAAW,oBAAoB,GACpE,CAAC;QAEF,IAAI,UAAU,EAAE,CAAC;YACf,oEAAoE;YACpE,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,mCACvB,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,KAC/B,WAAW,EAAE,GAAG,iBAAiB,CAAC,WAAW,kBAAkB,GAChE,CAAC;QACJ,CAAC;QAED,IAAA,mCAA0B,EAAC,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAEvD,MAAM,IAAA,oBAAW,EAAC,IAAI,CAAC,CAAC;QAExB,IAAI,iBAAiB,CAAC,IAAI,EAAE,CAAC;YAC3B,MAAM,WAAW,GAAG,MAAA,iBAAiB,CAAC,IAAI,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC;YAC9E,MAAM,QAAQ,GAAG,WAAW,iBAAiB,CAAC,IAAI,CAAC,MAAM,IAAI,iBAAiB,CAAC,WAAW,EAAE,CAAC;YAC7F,MAAM,IAAA,mCAAkB,EACtB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,QAAQ,EACR,WAAW,CACZ,CAAC;YACF,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;gBAC5B,MAAM,IAAA,qCAAoB,EACxB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,QAAQ,EACR,OAAO,CAAC,eAAe,EACvB,WAAW,CACZ,CAAC;gBACF,MAAM,IAAA,sCAAqB,EACzB,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,EACvC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAClC,QAAQ,EACR,OAAO,CAAC,eAAe,EACvB,cAAc,EACd,WAAW,CACZ,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,iBAAiB,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YACjD,MAAM,WAAW,GAAG,MAAA,iBAAiB,CAAC,IAAI,CAAC,WAAW,mCAAI,OAAO,CAAC,WAAW,CAAC;YAC9E,MAAM,KAAK,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,kBAAkB,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YAC9F,MAAM,OAAO,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,eAAe,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YAC7F,MAAM,aAAa,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,kCAAkC,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YACtH,MAAM,aAAa,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,0BAA0B,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YAC9G,MAAM,aAAa,GAAG,MAAA,MAAA,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,WAAW,0BAA0B,CAAC,0CAAE,QAAQ,EAAE,mCAAI,EAAE,CAAC;YAC9G,MAAM,IAAA,kCAA0B,EAAC,MAAM,IAAA,oBAAY,EACjD,iBAAiB,CAAC,IAAI,CAAC,mBAAmB,EAC1C,WAAW,EACX;gBACE,WAAW,EAAE,iBAAiB,CAAC,WAAW;gBAC1C,WAAW,EAAE,WAAW;gBACxB,MAAM,EAAE,iBAAiB,CAAC,IAAI,CAAC,MAAM;gBACrC,aAAa,EAAE,+BAAc;gBAC7B,aAAa,EAAE;oBACb,iBAAiB,EAAE,KAAK;oBACxB,cAAc,EAAE,OAAO;oBACvB,iCAAiC,EAAE,aAAa;oBAChD,yBAAyB,EAAE,aAAa;oBACxC,yBAAyB,EAAE,aAAa;iBACzC;aACF,EACD,IAAI,EACJ,iBAAiB,CAAC,WAAW,CAC9B,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAA,2BAAmB,EAAC,IAAI,kCACzB,iBAAiB,KACpB,OAAO,EAAE,UAAU,EACnB,OAAO,EAAE,iBAAiB,CAAC,WAAW,IACtC,CAAC;QAEH,OAAO,GAAG,EAAE;YACV,IAAA,4BAAmB,EAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC;IACJ,CAAC;CAAA"}
|
|
@@ -7,6 +7,7 @@ export interface Schema {
|
|
|
7
7
|
accessToken?: string;
|
|
8
8
|
tenant?: string;
|
|
9
9
|
tenantRealm?: string;
|
|
10
|
+
serviceClientId?: string;
|
|
10
11
|
proxy?: NginxProxyConfiguration | NginxProxyConfiguration[];
|
|
11
12
|
/** When true, skip the agent interaction. Used by composite generators that run the agent themselves. */
|
|
12
13
|
skipAgent?: boolean;
|
|
@@ -46,6 +46,11 @@
|
|
|
46
46
|
"description": "Access token for retrieving configuration from ADSP APIs.",
|
|
47
47
|
"alias": "at"
|
|
48
48
|
},
|
|
49
|
+
"serviceClientId": {
|
|
50
|
+
"type": "string",
|
|
51
|
+
"description": "Client ID of a paired backend service (e.g. urn:ads:my-tenant:my-svc). When provided with --tenant, configures audience mapping and example-role scope on the frontend client.",
|
|
52
|
+
"alias": "sc"
|
|
53
|
+
},
|
|
49
54
|
"proxy": {
|
|
50
55
|
"oneOf": [
|
|
51
56
|
{
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Ensures a confidential service-account client exists in the tenant realm.
|
|
3
|
+
* Returns the client secret when a new client is created; returns null when
|
|
4
|
+
* the client already existed or the operation could not be completed.
|
|
5
|
+
*/
|
|
6
|
+
export declare function ensureServiceClient(accessServiceUrl: string, realm: string, clientId: string, accessToken: string | undefined): Promise<string | null>;
|
|
7
|
+
/**
|
|
8
|
+
* Ensures a public (browser-based) client exists in the tenant realm.
|
|
9
|
+
* No-ops if the client already exists.
|
|
10
|
+
* Uses http://localhost:4200/* as the default redirect URI for local development;
|
|
11
|
+
* add production URIs via the ADSP admin portal after deployment.
|
|
12
|
+
*/
|
|
13
|
+
export declare function ensurePublicClient(accessServiceUrl: string, realm: string, clientId: string, accessToken: string | undefined): Promise<void>;
|
|
14
|
+
/**
|
|
15
|
+
* Ensures the frontend (public) client has a protocol mapper that includes the
|
|
16
|
+
* backend service client ID in the `aud` claim of issued access tokens.
|
|
17
|
+
* Required so the backend can validate tokens obtained via the frontend login.
|
|
18
|
+
*/
|
|
19
|
+
export declare function ensureAudienceMapper(accessServiceUrl: string, realm: string, frontendClientId: string, backendClientId: string, accessToken: string | undefined): Promise<void>;
|
|
20
|
+
/**
|
|
21
|
+
* Adds a backend client role to the frontend client's scope so that users with
|
|
22
|
+
* the role have it included in tokens issued via the frontend, and Keycloak
|
|
23
|
+
* includes the backend client in the `aud` claim for those users.
|
|
24
|
+
* Used alongside ensureAudienceMapper: the mapper covers all authenticated users,
|
|
25
|
+
* the scope mapping wires up the RBAC demo for users assigned the role.
|
|
26
|
+
*/
|
|
27
|
+
export declare function ensureClientRoleScope(accessServiceUrl: string, realm: string, frontendClientId: string, backendClientId: string, roleName: string, accessToken: string | undefined): Promise<void>;
|
|
@@ -0,0 +1,288 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// Keycloak admin REST API helpers used at generation time to provision clients.
|
|
3
|
+
// All calls are best-effort: failures are logged and the generator continues.
|
|
4
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.ensureServiceClient = ensureServiceClient;
|
|
6
|
+
exports.ensurePublicClient = ensurePublicClient;
|
|
7
|
+
exports.ensureAudienceMapper = ensureAudienceMapper;
|
|
8
|
+
exports.ensureClientRoleScope = ensureClientRoleScope;
|
|
9
|
+
const tslib_1 = require("tslib");
|
|
10
|
+
function listClients(accessServiceUrl, realm, clientId, accessToken) {
|
|
11
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
12
|
+
const { default: axios } = yield Promise.resolve().then(() => require('axios'));
|
|
13
|
+
const url = new URL(`/auth/admin/realms/${realm}/clients`, accessServiceUrl).href;
|
|
14
|
+
const { data } = yield axios.get(url, {
|
|
15
|
+
params: { clientId },
|
|
16
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
17
|
+
});
|
|
18
|
+
return data;
|
|
19
|
+
});
|
|
20
|
+
}
|
|
21
|
+
function createClient(accessServiceUrl, realm, representation, accessToken) {
|
|
22
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
23
|
+
const { default: axios } = yield Promise.resolve().then(() => require('axios'));
|
|
24
|
+
const url = new URL(`/auth/admin/realms/${realm}/clients`, accessServiceUrl).href;
|
|
25
|
+
const response = yield axios.post(url, representation, {
|
|
26
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
27
|
+
});
|
|
28
|
+
const location = response.headers['location'];
|
|
29
|
+
return location.split('/').pop();
|
|
30
|
+
});
|
|
31
|
+
}
|
|
32
|
+
function ensureClientRole(accessServiceUrl, realm, clientUuid, roleName, description, accessToken) {
|
|
33
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
34
|
+
var _a;
|
|
35
|
+
const { default: axios } = yield Promise.resolve().then(() => require('axios'));
|
|
36
|
+
const baseUrl = new URL(`/auth/admin/realms/${realm}/clients/${clientUuid}/roles`, accessServiceUrl).href;
|
|
37
|
+
try {
|
|
38
|
+
yield axios.get(`${baseUrl}/${encodeURIComponent(roleName)}`, {
|
|
39
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
catch (err) {
|
|
43
|
+
if (((_a = err === null || err === void 0 ? void 0 : err.response) === null || _a === void 0 ? void 0 : _a.status) === 404) {
|
|
44
|
+
yield axios.post(baseUrl, { name: roleName, description }, {
|
|
45
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
46
|
+
});
|
|
47
|
+
}
|
|
48
|
+
else {
|
|
49
|
+
throw err;
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
});
|
|
53
|
+
}
|
|
54
|
+
function assignRoleToServiceAccount(accessServiceUrl, realm, userId, platformClientId, roleName, accessToken) {
|
|
55
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
56
|
+
const { default: axios } = yield Promise.resolve().then(() => require('axios'));
|
|
57
|
+
const platformClients = yield listClients(accessServiceUrl, realm, platformClientId, accessToken);
|
|
58
|
+
const platformClient = platformClients.find((c) => c.clientId === platformClientId);
|
|
59
|
+
if (!platformClient) {
|
|
60
|
+
process.stdout.write(`[nx-adsp] Platform client '${platformClientId}' not found in realm — skipping role assignment.\n`);
|
|
61
|
+
return;
|
|
62
|
+
}
|
|
63
|
+
const roleUrl = new URL(`/auth/admin/realms/${realm}/clients/${platformClient.id}/roles/${encodeURIComponent(roleName)}`, accessServiceUrl).href;
|
|
64
|
+
const { data: role } = yield axios.get(roleUrl, {
|
|
65
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
66
|
+
});
|
|
67
|
+
const mappingsUrl = new URL(`/auth/admin/realms/${realm}/users/${userId}/role-mappings/clients/${platformClient.id}`, accessServiceUrl).href;
|
|
68
|
+
const { data: existing } = yield axios.get(mappingsUrl, {
|
|
69
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
70
|
+
});
|
|
71
|
+
if (existing.some((r) => r.name === roleName)) {
|
|
72
|
+
return;
|
|
73
|
+
}
|
|
74
|
+
yield axios.post(mappingsUrl, [{ id: role.id, name: roleName }], {
|
|
75
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
76
|
+
});
|
|
77
|
+
process.stdout.write(`[nx-adsp] Assigned '${platformClientId}:${roleName}' to service account.\n`);
|
|
78
|
+
});
|
|
79
|
+
}
|
|
80
|
+
function ensureServiceAccountRoles(accessServiceUrl, realm, serviceClientUuid, roles, accessToken) {
|
|
81
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
82
|
+
const { default: axios } = yield Promise.resolve().then(() => require('axios'));
|
|
83
|
+
const userUrl = new URL(`/auth/admin/realms/${realm}/clients/${serviceClientUuid}/service-account-user`, accessServiceUrl).href;
|
|
84
|
+
const { data: user } = yield axios.get(userUrl, {
|
|
85
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
86
|
+
});
|
|
87
|
+
yield Promise.all(roles.map(({ platformClientId, roleName }) => assignRoleToServiceAccount(accessServiceUrl, realm, user.id, platformClientId, roleName, accessToken)));
|
|
88
|
+
});
|
|
89
|
+
}
|
|
90
|
+
function getClientSecret(accessServiceUrl, realm, clientUuid, accessToken) {
|
|
91
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
92
|
+
const { default: axios } = yield Promise.resolve().then(() => require('axios'));
|
|
93
|
+
const url = new URL(`/auth/admin/realms/${realm}/clients/${clientUuid}/client-secret`, accessServiceUrl).href;
|
|
94
|
+
const { data } = yield axios.get(url, {
|
|
95
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
96
|
+
});
|
|
97
|
+
return data.value;
|
|
98
|
+
});
|
|
99
|
+
}
|
|
100
|
+
function logAdminError(clientId, err) {
|
|
101
|
+
var _a, _b;
|
|
102
|
+
const status = (_a = err === null || err === void 0 ? void 0 : err.response) === null || _a === void 0 ? void 0 : _a.status;
|
|
103
|
+
if (status === 401 || status === 403) {
|
|
104
|
+
process.stdout.write(`[nx-adsp] Cannot manage client '${clientId}' — insufficient permissions.\n` +
|
|
105
|
+
` Create it manually in the ADSP admin portal.\n`);
|
|
106
|
+
}
|
|
107
|
+
else {
|
|
108
|
+
process.stdout.write(`[nx-adsp] Failed to provision client '${clientId}': ${(_b = err === null || err === void 0 ? void 0 : err.message) !== null && _b !== void 0 ? _b : err}\n`);
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
/**
|
|
112
|
+
* Ensures a confidential service-account client exists in the tenant realm.
|
|
113
|
+
* Returns the client secret when a new client is created; returns null when
|
|
114
|
+
* the client already existed or the operation could not be completed.
|
|
115
|
+
*/
|
|
116
|
+
function ensureServiceClient(accessServiceUrl, realm, clientId, accessToken) {
|
|
117
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
118
|
+
if (!accessToken)
|
|
119
|
+
return null;
|
|
120
|
+
try {
|
|
121
|
+
const existing = yield listClients(accessServiceUrl, realm, clientId, accessToken);
|
|
122
|
+
const platformRoles = [
|
|
123
|
+
{ platformClientId: 'urn:ads:platform:tenant-service', roleName: 'platform-service' },
|
|
124
|
+
{ platformClientId: 'urn:ads:platform:event-service', roleName: 'event-sender' },
|
|
125
|
+
{ platformClientId: 'urn:ads:platform:configuration-service', roleName: 'configured-service' },
|
|
126
|
+
];
|
|
127
|
+
const existingClient = existing.find((c) => c.clientId === clientId);
|
|
128
|
+
if (existingClient) {
|
|
129
|
+
process.stdout.write(`[nx-adsp] Client '${clientId}' already exists.\n`);
|
|
130
|
+
yield ensureClientRole(accessServiceUrl, realm, existingClient.id, 'example-role', 'Example RBAC role — replace with roles relevant to your service.', accessToken);
|
|
131
|
+
yield Promise.all([
|
|
132
|
+
ensureServiceAccountRoles(accessServiceUrl, realm, existingClient.id, platformRoles, accessToken),
|
|
133
|
+
ensureAudienceMapper(accessServiceUrl, realm, clientId, 'urn:ads:platform:push-service', accessToken),
|
|
134
|
+
]);
|
|
135
|
+
return getClientSecret(accessServiceUrl, realm, existingClient.id, accessToken);
|
|
136
|
+
}
|
|
137
|
+
const uuid = yield createClient(accessServiceUrl, realm, {
|
|
138
|
+
clientId,
|
|
139
|
+
enabled: true,
|
|
140
|
+
protocol: 'openid-connect',
|
|
141
|
+
publicClient: false,
|
|
142
|
+
serviceAccountsEnabled: true,
|
|
143
|
+
directAccessGrantsEnabled: false,
|
|
144
|
+
standardFlowEnabled: false,
|
|
145
|
+
}, accessToken);
|
|
146
|
+
const secret = yield getClientSecret(accessServiceUrl, realm, uuid, accessToken);
|
|
147
|
+
yield ensureClientRole(accessServiceUrl, realm, uuid, 'example-role', 'Example RBAC role — replace with roles relevant to your service.', accessToken);
|
|
148
|
+
yield Promise.all([
|
|
149
|
+
ensureServiceAccountRoles(accessServiceUrl, realm, uuid, platformRoles, accessToken),
|
|
150
|
+
ensureAudienceMapper(accessServiceUrl, realm, clientId, 'urn:ads:platform:push-service', accessToken),
|
|
151
|
+
]);
|
|
152
|
+
process.stdout.write(`[nx-adsp] Created service client '${clientId}'.\n`);
|
|
153
|
+
return secret;
|
|
154
|
+
}
|
|
155
|
+
catch (err) {
|
|
156
|
+
logAdminError(clientId, err);
|
|
157
|
+
return null;
|
|
158
|
+
}
|
|
159
|
+
});
|
|
160
|
+
}
|
|
161
|
+
/**
|
|
162
|
+
* Ensures a public (browser-based) client exists in the tenant realm.
|
|
163
|
+
* No-ops if the client already exists.
|
|
164
|
+
* Uses http://localhost:4200/* as the default redirect URI for local development;
|
|
165
|
+
* add production URIs via the ADSP admin portal after deployment.
|
|
166
|
+
*/
|
|
167
|
+
function ensurePublicClient(accessServiceUrl, realm, clientId, accessToken) {
|
|
168
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
169
|
+
if (!accessToken)
|
|
170
|
+
return;
|
|
171
|
+
try {
|
|
172
|
+
const existing = yield listClients(accessServiceUrl, realm, clientId, accessToken);
|
|
173
|
+
if (existing.some((c) => c.clientId === clientId)) {
|
|
174
|
+
process.stdout.write(`[nx-adsp] Client '${clientId}' already exists.\n`);
|
|
175
|
+
return;
|
|
176
|
+
}
|
|
177
|
+
yield createClient(accessServiceUrl, realm, {
|
|
178
|
+
clientId,
|
|
179
|
+
enabled: true,
|
|
180
|
+
protocol: 'openid-connect',
|
|
181
|
+
publicClient: true,
|
|
182
|
+
serviceAccountsEnabled: false,
|
|
183
|
+
directAccessGrantsEnabled: false,
|
|
184
|
+
standardFlowEnabled: true,
|
|
185
|
+
redirectUris: ['http://localhost:4200/*'],
|
|
186
|
+
webOrigins: ['+'],
|
|
187
|
+
attributes: {
|
|
188
|
+
'pkce.code.challenge.method': 'S256',
|
|
189
|
+
'post.logout.redirect.uris': 'http://localhost:4200/*',
|
|
190
|
+
},
|
|
191
|
+
}, accessToken);
|
|
192
|
+
process.stdout.write(`[nx-adsp] Created public client '${clientId}'.\n`);
|
|
193
|
+
}
|
|
194
|
+
catch (err) {
|
|
195
|
+
logAdminError(clientId, err);
|
|
196
|
+
}
|
|
197
|
+
});
|
|
198
|
+
}
|
|
199
|
+
/**
|
|
200
|
+
* Ensures the frontend (public) client has a protocol mapper that includes the
|
|
201
|
+
* backend service client ID in the `aud` claim of issued access tokens.
|
|
202
|
+
* Required so the backend can validate tokens obtained via the frontend login.
|
|
203
|
+
*/
|
|
204
|
+
function ensureAudienceMapper(accessServiceUrl, realm, frontendClientId, backendClientId, accessToken) {
|
|
205
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
206
|
+
if (!accessToken)
|
|
207
|
+
return;
|
|
208
|
+
try {
|
|
209
|
+
const existing = yield listClients(accessServiceUrl, realm, frontendClientId, accessToken);
|
|
210
|
+
const client = existing.find((c) => c.clientId === frontendClientId);
|
|
211
|
+
if (!client) {
|
|
212
|
+
process.stdout.write(`[nx-adsp] Client '${frontendClientId}' not found — skipping audience mapper.\n`);
|
|
213
|
+
return;
|
|
214
|
+
}
|
|
215
|
+
const { default: axios } = yield Promise.resolve().then(() => require('axios'));
|
|
216
|
+
const mappersUrl = new URL(`/auth/admin/realms/${realm}/clients/${client.id}/protocol-mappers/models`, accessServiceUrl).href;
|
|
217
|
+
const { data: mappers } = yield axios.get(mappersUrl, {
|
|
218
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
219
|
+
});
|
|
220
|
+
const alreadyMapped = mappers.some((m) => { var _a; return ((_a = m.config) === null || _a === void 0 ? void 0 : _a['included.client.audience']) === backendClientId; });
|
|
221
|
+
if (alreadyMapped) {
|
|
222
|
+
process.stdout.write(`[nx-adsp] Audience mapper for '${backendClientId}' already present on '${frontendClientId}'.\n`);
|
|
223
|
+
return;
|
|
224
|
+
}
|
|
225
|
+
yield axios.post(mappersUrl, {
|
|
226
|
+
name: `audience-${backendClientId}`,
|
|
227
|
+
protocol: 'openid-connect',
|
|
228
|
+
protocolMapper: 'oidc-audience-mapper',
|
|
229
|
+
consentRequired: false,
|
|
230
|
+
config: {
|
|
231
|
+
'included.client.audience': backendClientId,
|
|
232
|
+
'id.token.claim': 'false',
|
|
233
|
+
'access.token.claim': 'true',
|
|
234
|
+
},
|
|
235
|
+
}, { headers: { Authorization: `Bearer ${accessToken}` } });
|
|
236
|
+
process.stdout.write(`[nx-adsp] Added audience mapper '${backendClientId}' → '${frontendClientId}'.\n`);
|
|
237
|
+
}
|
|
238
|
+
catch (err) {
|
|
239
|
+
logAdminError(frontendClientId, err);
|
|
240
|
+
}
|
|
241
|
+
});
|
|
242
|
+
}
|
|
243
|
+
/**
|
|
244
|
+
* Adds a backend client role to the frontend client's scope so that users with
|
|
245
|
+
* the role have it included in tokens issued via the frontend, and Keycloak
|
|
246
|
+
* includes the backend client in the `aud` claim for those users.
|
|
247
|
+
* Used alongside ensureAudienceMapper: the mapper covers all authenticated users,
|
|
248
|
+
* the scope mapping wires up the RBAC demo for users assigned the role.
|
|
249
|
+
*/
|
|
250
|
+
function ensureClientRoleScope(accessServiceUrl, realm, frontendClientId, backendClientId, roleName, accessToken) {
|
|
251
|
+
return tslib_1.__awaiter(this, void 0, void 0, function* () {
|
|
252
|
+
if (!accessToken)
|
|
253
|
+
return;
|
|
254
|
+
try {
|
|
255
|
+
const { default: axios } = yield Promise.resolve().then(() => require('axios'));
|
|
256
|
+
const [frontendClients, backendClients] = yield Promise.all([
|
|
257
|
+
listClients(accessServiceUrl, realm, frontendClientId, accessToken),
|
|
258
|
+
listClients(accessServiceUrl, realm, backendClientId, accessToken),
|
|
259
|
+
]);
|
|
260
|
+
const frontendClient = frontendClients.find((c) => c.clientId === frontendClientId);
|
|
261
|
+
const backendClient = backendClients.find((c) => c.clientId === backendClientId);
|
|
262
|
+
if (!frontendClient || !backendClient) {
|
|
263
|
+
process.stdout.write(`[nx-adsp] Could not find clients for role scope mapping — skipping.\n`);
|
|
264
|
+
return;
|
|
265
|
+
}
|
|
266
|
+
const roleUrl = new URL(`/auth/admin/realms/${realm}/clients/${backendClient.id}/roles/${encodeURIComponent(roleName)}`, accessServiceUrl).href;
|
|
267
|
+
const { data: role } = yield axios.get(roleUrl, {
|
|
268
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
269
|
+
});
|
|
270
|
+
const scopeUrl = new URL(`/auth/admin/realms/${realm}/clients/${frontendClient.id}/scope-mappings/clients/${backendClient.id}`, accessServiceUrl).href;
|
|
271
|
+
const { data: existingMappings } = yield axios.get(scopeUrl, {
|
|
272
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
273
|
+
});
|
|
274
|
+
if (existingMappings.some((r) => r.name === roleName)) {
|
|
275
|
+
process.stdout.write(`[nx-adsp] Scope mapping '${backendClientId}:${roleName}' already present on '${frontendClientId}'.\n`);
|
|
276
|
+
return;
|
|
277
|
+
}
|
|
278
|
+
yield axios.post(scopeUrl, [{ id: role.id, name: roleName }], {
|
|
279
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
280
|
+
});
|
|
281
|
+
process.stdout.write(`[nx-adsp] Added scope mapping '${backendClientId}:${roleName}' to '${frontendClientId}'.\n`);
|
|
282
|
+
}
|
|
283
|
+
catch (err) {
|
|
284
|
+
logAdminError(frontendClientId, err);
|
|
285
|
+
}
|
|
286
|
+
});
|
|
287
|
+
}
|
|
288
|
+
//# sourceMappingURL=keycloak-admin.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"keycloak-admin.js","sourceRoot":"","sources":["../../../../../packages/nx-adsp/src/utils/keycloak-admin.ts"],"names":[],"mappings":";AAAA,gFAAgF;AAChF,8EAA8E;;AAuL9E,kDAoEC;AAQD,gDAwCC;AAOD,oDA6DC;AASD,sDA2DC;;AA/ZD,SAAe,WAAW,CACxB,gBAAwB,EACxB,KAAa,EACb,QAAgB,EAChB,WAAmB;;QAEnB,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,2CAAa,OAAO,EAAC,CAAC;QACjD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,sBAAsB,KAAK,UAAU,EAAE,gBAAgB,CAAC,CAAC,IAAI,CAAC;QAClF,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAiC,GAAG,EAAE;YACpE,MAAM,EAAE,EAAE,QAAQ,EAAE;YACpB,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;SACpD,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;CAAA;AAED,SAAe,YAAY,CACzB,gBAAwB,EACxB,KAAa,EACb,cAAuC,EACvC,WAAmB;;QAEnB,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,2CAAa,OAAO,EAAC,CAAC;QACjD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,sBAAsB,KAAK,UAAU,EAAE,gBAAgB,CAAC,CAAC,IAAI,CAAC;QAClF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAO,GAAG,EAAE,cAAc,EAAE;YAC3D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;SACpD,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAW,CAAC;QACxD,OAAO,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;IACnC,CAAC;CAAA;AAED,SAAe,gBAAgB,CAC7B,gBAAwB,EACxB,KAAa,EACb,UAAkB,EAClB,QAAgB,EAChB,WAAmB,EACnB,WAAmB;;;QAEnB,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,2CAAa,OAAO,EAAC,CAAC;QACjD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,sBAAsB,KAAK,YAAY,UAAU,QAAQ,EAAE,gBAAgB,CAAC,CAAC,IAAI,CAAC;QAC1G,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,OAAO,IAAI,kBAAkB,CAAC,QAAQ,CAAC,EAAE,EAAE;gBAC5D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;aACpD,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAA,MAAC,GAA0C,aAA1C,GAAG,uBAAH,GAAG,CAAyC,QAAQ,0CAAE,MAAM,MAAK,GAAG,EAAE,CAAC;gBAC1E,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,EAAE;oBACzD,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;iBACpD,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC;IACH,CAAC;CAAA;AAED,SAAe,0BAA0B,CACvC,gBAAwB,EACxB,KAAa,EACb,MAAc,EACd,gBAAwB,EACxB,QAAgB,EAChB,WAAmB;;QAEnB,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,2CAAa,OAAO,EAAC,CAAC;QAEjD,MAAM,eAAe,GAAG,MAAM,WAAW,CAAC,gBAAgB,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,CAAC,CAAC;QAClG,MAAM,cAAc,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,gBAAgB,CAAC,CAAC;QACpF,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,8BAA8B,gBAAgB,oDAAoD,CACnG,CAAC;YACF,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,GAAG,CACrB,sBAAsB,KAAK,YAAY,cAAc,CAAC,EAAE,UAAU,kBAAkB,CAAC,QAAQ,CAAC,EAAE,EAChG,gBAAgB,CACjB,CAAC,IAAI,CAAC;QACP,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAA+B,OAAO,EAAE;YAC5E,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;SACpD,CAAC,CAAC;QAEH,MAAM,WAAW,GAAG,IAAI,GAAG,CACzB,sBAAsB,KAAK,UAAU,MAAM,0BAA0B,cAAc,CAAC,EAAE,EAAE,EACxF,gBAAgB,CACjB,CAAC,IAAI,CAAC;QACP,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAiC,WAAW,EAAE;YACtF,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;SACpD,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;YAC9C,OAAO;QACT,CAAC;QAED,MAAM,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;YAC/D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;SACpD,CAAC,CAAC;QAEH,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,uBAAuB,gBAAgB,IAAI,QAAQ,yBAAyB,CAC7E,CAAC;IACJ,CAAC;CAAA;AAED,SAAe,yBAAyB,CACtC,gBAAwB,EACxB,KAAa,EACb,iBAAyB,EACzB,KAA4D,EAC5D,WAAmB;;QAEnB,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,2CAAa,OAAO,EAAC,CAAC;QAEjD,MAAM,OAAO,GAAG,IAAI,GAAG,CACrB,sBAAsB,KAAK,YAAY,iBAAiB,uBAAuB,EAC/E,gBAAgB,CACjB,CAAC,IAAI,CAAC;QACP,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAiB,OAAO,EAAE;YAC9D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;SACpD,CAAC,CAAC;QAEH,MAAM,OAAO,CAAC,GAAG,CACf,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,gBAAgB,EAAE,QAAQ,EAAE,EAAE,EAAE,CAC3C,0BAA0B,CAAC,gBAAgB,EAAE,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,CAAC,CACtG,CACF,CAAC;IACJ,CAAC;CAAA;AAED,SAAe,eAAe,CAC5B,gBAAwB,EACxB,KAAa,EACb,UAAkB,EAClB,WAAmB;;QAEnB,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,2CAAa,OAAO,EAAC,CAAC;QACjD,MAAM,GAAG,GAAG,IAAI,GAAG,CACjB,sBAAsB,KAAK,YAAY,UAAU,gBAAgB,EACjE,gBAAgB,CACjB,CAAC,IAAI,CAAC;QACP,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAA6B,GAAG,EAAE;YAChE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;SACpD,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CAAA;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,GAAY;;IACnD,MAAM,MAAM,GAAG,MAAC,GAA0C,aAA1C,GAAG,uBAAH,GAAG,CAAyC,QAAQ,0CAAE,MAAM,CAAC;IAC7E,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;QACrC,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,mCAAmC,QAAQ,iCAAiC;YAC1E,yDAAyD,CAC5D,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,yCAAyC,QAAQ,MAAM,MAAC,GAAa,aAAb,GAAG,uBAAH,GAAG,CAAY,OAAO,mCAAI,GAAG,IAAI,CAC1F,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAsB,mBAAmB,CACvC,gBAAwB,EACxB,KAAa,EACb,QAAgB,EAChB,WAA+B;;QAE/B,IAAI,CAAC,WAAW;YAAE,OAAO,IAAI,CAAC;QAE9B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,gBAAgB,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;YACnF,MAAM,aAAa,GAAG;gBACpB,EAAE,gBAAgB,EAAE,iCAAiC,EAAE,QAAQ,EAAE,kBAAkB,EAAE;gBACrF,EAAE,gBAAgB,EAAE,gCAAgC,EAAE,QAAQ,EAAE,cAAc,EAAE;gBAChF,EAAE,gBAAgB,EAAE,wCAAwC,EAAE,QAAQ,EAAE,oBAAoB,EAAE;aAC/F,CAAC;YAEF,MAAM,cAAc,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;YACrE,IAAI,cAAc,EAAE,CAAC;gBACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,QAAQ,qBAAqB,CAAC,CAAC;gBACzE,MAAM,gBAAgB,CACpB,gBAAgB,EAChB,KAAK,EACL,cAAc,CAAC,EAAE,EACjB,cAAc,EACd,kEAAkE,EAClE,WAAW,CACZ,CAAC;gBACF,MAAM,OAAO,CAAC,GAAG,CAAC;oBAChB,yBAAyB,CAAC,gBAAgB,EAAE,KAAK,EAAE,cAAc,CAAC,EAAE,EAAE,aAAa,EAAE,WAAW,CAAC;oBACjG,oBAAoB,CAAC,gBAAgB,EAAE,KAAK,EAAE,QAAQ,EAAE,+BAA+B,EAAE,WAAW,CAAC;iBACtG,CAAC,CAAC;gBACH,OAAO,eAAe,CAAC,gBAAgB,EAAE,KAAK,EAAE,cAAc,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC;YAClF,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,YAAY,CAC7B,gBAAgB,EAChB,KAAK,EACL;gBACE,QAAQ;gBACR,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,gBAAgB;gBAC1B,YAAY,EAAE,KAAK;gBACnB,sBAAsB,EAAE,IAAI;gBAC5B,yBAAyB,EAAE,KAAK;gBAChC,mBAAmB,EAAE,KAAK;aAC3B,EACD,WAAW,CACZ,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,gBAAgB,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;YACjF,MAAM,gBAAgB,CACpB,gBAAgB,EAChB,KAAK,EACL,IAAI,EACJ,cAAc,EACd,kEAAkE,EAClE,WAAW,CACZ,CAAC;YACF,MAAM,OAAO,CAAC,GAAG,CAAC;gBAChB,yBAAyB,CAAC,gBAAgB,EAAE,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,CAAC;gBACpF,oBAAoB,CAAC,gBAAgB,EAAE,KAAK,EAAE,QAAQ,EAAE,+BAA+B,EAAE,WAAW,CAAC;aACtG,CAAC,CAAC;YACH,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,QAAQ,MAAM,CAAC,CAAC;YAC1E,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,aAAa,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC7B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;CAAA;AAED;;;;;GAKG;AACH,SAAsB,kBAAkB,CACtC,gBAAwB,EACxB,KAAa,EACb,QAAgB,EAChB,WAA+B;;QAE/B,IAAI,CAAC,WAAW;YAAE,OAAO;QAEzB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,gBAAgB,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;YACnF,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,EAAE,CAAC;gBAClD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,QAAQ,qBAAqB,CAAC,CAAC;gBACzE,OAAO;YACT,CAAC;YAED,MAAM,YAAY,CAChB,gBAAgB,EAChB,KAAK,EACL;gBACE,QAAQ;gBACR,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,gBAAgB;gBAC1B,YAAY,EAAE,IAAI;gBAClB,sBAAsB,EAAE,KAAK;gBAC7B,yBAAyB,EAAE,KAAK;gBAChC,mBAAmB,EAAE,IAAI;gBACzB,YAAY,EAAE,CAAC,yBAAyB,CAAC;gBACzC,UAAU,EAAE,CAAC,GAAG,CAAC;gBACjB,UAAU,EAAE;oBACV,4BAA4B,EAAE,MAAM;oBACpC,2BAA2B,EAAE,yBAAyB;iBACvD;aACF,EACD,WAAW,CACZ,CAAC;YAEF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,QAAQ,MAAM,CAAC,CAAC;QAC3E,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,aAAa,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;CAAA;AAED;;;;GAIG;AACH,SAAsB,oBAAoB,CACxC,gBAAwB,EACxB,KAAa,EACb,gBAAwB,EACxB,eAAuB,EACvB,WAA+B;;QAE/B,IAAI,CAAC,WAAW;YAAE,OAAO;QAEzB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,gBAAgB,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,CAAC,CAAC;YAC3F,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,gBAAgB,CAAC,CAAC;YACrE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,qBAAqB,gBAAgB,2CAA2C,CACjF,CAAC;gBACF,OAAO;YACT,CAAC;YAED,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,2CAAa,OAAO,EAAC,CAAC;YACjD,MAAM,UAAU,GAAG,IAAI,GAAG,CACxB,sBAAsB,KAAK,YAAY,MAAM,CAAC,EAAE,0BAA0B,EAC1E,gBAAgB,CACjB,CAAC,IAAI,CAAC;YAEP,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAiC,UAAU,EAAE;gBACpF,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;aACpD,CAAC,CAAC;YAEH,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAChC,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,CAAA,MAAA,CAAC,CAAC,MAAM,0CAAG,0BAA0B,CAAC,MAAK,eAAe,CAAA,EAAA,CAClE,CAAC;YACF,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,kCAAkC,eAAe,yBAAyB,gBAAgB,MAAM,CACjG,CAAC;gBACF,OAAO;YACT,CAAC;YAED,MAAM,KAAK,CAAC,IAAI,CACd,UAAU,EACV;gBACE,IAAI,EAAE,YAAY,eAAe,EAAE;gBACnC,QAAQ,EAAE,gBAAgB;gBAC1B,cAAc,EAAE,sBAAsB;gBACtC,eAAe,EAAE,KAAK;gBACtB,MAAM,EAAE;oBACN,0BAA0B,EAAE,eAAe;oBAC3C,gBAAgB,EAAE,OAAO;oBACzB,oBAAoB,EAAE,MAAM;iBAC7B;aACF,EACD,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,EAAE,CACxD,CAAC;YAEF,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,oCAAoC,eAAe,QAAQ,gBAAgB,MAAM,CAClF,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,aAAa,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;CAAA;AAED;;;;;;GAMG;AACH,SAAsB,qBAAqB,CACzC,gBAAwB,EACxB,KAAa,EACb,gBAAwB,EACxB,eAAuB,EACvB,QAAgB,EAChB,WAA+B;;QAE/B,IAAI,CAAC,WAAW;YAAE,OAAO;QAEzB,IAAI,CAAC;YACH,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,2CAAa,OAAO,EAAC,CAAC;YAEjD,MAAM,CAAC,eAAe,EAAE,cAAc,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;gBAC1D,WAAW,CAAC,gBAAgB,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,CAAC;gBACnE,WAAW,CAAC,gBAAgB,EAAE,KAAK,EAAE,eAAe,EAAE,WAAW,CAAC;aACnE,CAAC,CAAC;YAEH,MAAM,cAAc,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,gBAAgB,CAAC,CAAC;YACpF,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,eAAe,CAAC,CAAC;YAEjF,IAAI,CAAC,cAAc,IAAI,CAAC,aAAa,EAAE,CAAC;gBACtC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,uEAAuE,CAAC,CAAC;gBAC9F,OAAO;YACT,CAAC;YAED,MAAM,OAAO,GAAG,IAAI,GAAG,CACrB,sBAAsB,KAAK,YAAY,aAAa,CAAC,EAAE,UAAU,kBAAkB,CAAC,QAAQ,CAAC,EAAE,EAC/F,gBAAgB,CACjB,CAAC,IAAI,CAAC;YACP,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAA+B,OAAO,EAAE;gBAC5E,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;aACpD,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,IAAI,GAAG,CACtB,sBAAsB,KAAK,YAAY,cAAc,CAAC,EAAE,2BAA2B,aAAa,CAAC,EAAE,EAAE,EACrG,gBAAgB,CACjB,CAAC,IAAI,CAAC;YACP,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAiC,QAAQ,EAAE;gBAC3F,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;aACpD,CAAC,CAAC;YAEH,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;gBACtD,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,4BAA4B,eAAe,IAAI,QAAQ,yBAAyB,gBAAgB,MAAM,CACvG,CAAC;gBACF,OAAO;YACT,CAAC;YAED,MAAM,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;gBAC5D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;aACpD,CAAC,CAAC;YAEH,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,kCAAkC,eAAe,IAAI,QAAQ,SAAS,gBAAgB,MAAM,CAC7F,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,aAAa,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;CAAA"}
|