npm - @backstage/integration - Versions diffs - 2.0.0 → 2.0.1-next.0 - Mend

@backstage/integration 2.0.0 → 2.0.1-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/CHANGELOG.md +9 -0
package/dist/github/SingleInstanceGithubCredentialsProvider.cjs.js +8 -0
package/dist/github/SingleInstanceGithubCredentialsProvider.cjs.js.map +1 -1
package/dist/github/SingleInstanceGithubCredentialsProvider.esm.js +8 -0
package/dist/github/SingleInstanceGithubCredentialsProvider.esm.js.map +1 -1
package/dist/index.cjs.js +64 -64
package/dist/index.d.ts +1 -1
package/package.json +5 -5

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,14 @@
 # @backstage/integration
+## 2.0.1-next.0
+### Patch Changes
+- d112499: Fixed `SingleInstanceGithubCredentialsProvider` to return app credentials when `getCredentials` is called with a bare host URL (e.g. `https://github.com`) instead of falling back to a personal access token.
+- Updated dependencies
+  - @backstage/errors@1.3.0-next.0
+  - @backstage/config@1.3.7-next.0
 ## 2.0.0
 ### Major Changes

package/dist/github/SingleInstanceGithubCredentialsProvider.cjs.js CHANGED Viewed

@@ -65,6 +65,14 @@ class GithubAppManager {
     this.publicAccess = config.publicAccess ?? false;
   }
   async getInstallationCredentials(owner, repo) {
+    if (!owner) {
+      const auth = authApp.createAppAuth({
+        appId: this.baseAuthConfig.appId,
+        privateKey: this.baseAuthConfig.privateKey
+      });
+      const { token } = await auth({ type: "app" });
+      return { accessToken: token };
+    }
     if (this.allowedInstallationOwners) {
       if (!this.allowedInstallationOwners?.includes(
         owner.toLocaleLowerCase("en-US")

package/dist/github/SingleInstanceGithubCredentialsProvider.cjs.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"SingleInstanceGithubCredentialsProvider.cjs.js","sources":["../../src/github/SingleInstanceGithubCredentialsProvider.ts"],"sourcesContent":["/\n Copyright 2021 The Backstage Authors\n \n Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n \n http://www.apache.org/licenses/LICENSE-2.0\n \n Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n /\n\nimport parseGitUrl from 'git-url-parse';\nimport { GithubAppConfig, GithubIntegrationConfig } from './config';\nimport { createAppAuth } from '@octokit/auth-app';\nimport { Octokit, RestEndpointMethodTypes } from '@octokit/rest';\nimport { DateTime } from 'luxon';\nimport {\n GithubCredentials,\n GithubCredentialsProvider,\n GithubCredentialType,\n} from './types';\n\ntype InstallationData = {\n installationId: number;\n suspended: boolean;\n};\n\ntype InstallationTokenData = {\n token: string;\n expiresAt: DateTime;\n repositories?: String[];\n};\n\nclass Cache {\n private readonly tokenCache = new Map<string, InstallationTokenData>();\n\n async getOrCreateToken(\n owner: string,\n repo: string \| undefined,\n supplier: () => Promise<InstallationTokenData>,\n ): Promise<{ accessToken: string }> {\n let existingInstallationData = this.tokenCache.get(owner);\n\n if (\n !existingInstallationData \|\|\n this.isExpired(existingInstallationData.expiresAt)\n ) {\n existingInstallationData = await supplier();\n // Allow 10 minutes grace to account for clock skew\n existingInstallationData.expiresAt =\n existingInstallationData.expiresAt.minus({ minutes: 10 });\n this.tokenCache.set(owner, existingInstallationData);\n }\n\n if (!this.appliesToRepo(existingInstallationData, repo)) {\n throw new Error(\n `The Backstage GitHub application used in the ${owner} organization does not have access to a repository with the name ${repo}`,\n );\n }\n\n return { accessToken: existingInstallationData.token };\n }\n\n private isExpired = (date: DateTime) => DateTime.local() > date;\n\n private appliesToRepo(tokenData: InstallationTokenData, repo?: string) {\n // If no specific repo has been requested the token is applicable\n if (repo === undefined) {\n return true;\n }\n // If the token is restricted to repositories, the token only applies if the repo is in the allow list\n if (tokenData.repositories !== undefined) {\n return tokenData.repositories.includes(repo);\n }\n // Otherwise the token is applicable\n return true;\n }\n}\n\n/\n This accept header is required when calling App APIs in GitHub Enterprise.\n * It has no effect on calls to github.com and can probably be removed entirely\n * once GitHub Apps is out of preview.\n /\nconst HEADERS = {\n Accept: 'application/vnd.github.machine-man-preview+json',\n};\n\n/\n GithubAppManager issues and caches tokens for a specific GitHub App.\n /\nclass GithubAppManager {\n private readonly appClient: Octokit;\n private readonly baseUrl?: string;\n private readonly baseAuthConfig: { appId: number; privateKey: string };\n private readonly cache = new Cache();\n private readonly allowedInstallationOwners: string[] \| undefined; // undefined allows all installations\n public readonly publicAccess: boolean;\n\n constructor(config: GithubAppConfig, baseUrl?: string) {\n this.allowedInstallationOwners = config.allowedInstallationOwners?.map(\n owner => owner.toLocaleLowerCase('en-US'),\n );\n this.baseUrl = baseUrl;\n this.baseAuthConfig = {\n appId: config.appId,\n privateKey: config.privateKey.replace(/\\\\n/gm, '\\n'),\n };\n this.appClient = new Octokit({\n baseUrl,\n headers: HEADERS,\n authStrategy: createAppAuth,\n auth: this.baseAuthConfig,\n });\n this.publicAccess = config.publicAccess ?? false;\n }\n\n async getInstallationCredentials(\n owner: string,\n repo?: string,\n ): Promise<{ accessToken: string \| undefined }> {\n if (this.allowedInstallationOwners) {\n if (\n !this.allowedInstallationOwners?.includes(\n owner.toLocaleLowerCase('en-US'),\n )\n ) {\n return { accessToken: undefined }; // An empty token allows anonymous access to public repos\n }\n }\n\n // Go and grab an access token for the app scoped to a repository if provided, if not use the organisation installation.\n return this.cache.getOrCreateToken(owner, repo, async () => {\n const { installationId, suspended } = await this.getInstallationData(\n owner,\n );\n if (suspended) {\n throw new Error(`The GitHub application for ${owner} is suspended`);\n }\n\n const result = await this.appClient.apps.createInstallationAccessToken({\n installation_id: installationId,\n headers: HEADERS,\n });\n\n let repositoryNames;\n\n if (result.data.repository_selection === 'selected') {\n const installationClient = new Octokit({\n baseUrl: this.baseUrl,\n auth: result.data.token,\n });\n const repos = await installationClient.paginate(\n installationClient.apps.listReposAccessibleToInstallation,\n );\n // The return type of the paginate method is incorrect.\n const repositories: RestEndpointMethodTypes['apps']['listReposAccessibleToInstallation']['response']['data']['repositories'] =\n repos.repositories ?? repos;\n\n repositoryNames = repositories.map(repository => repository.name);\n }\n return {\n token: result.data.token,\n expiresAt: DateTime.fromISO(result.data.expires_at),\n repositories: repositoryNames,\n };\n });\n }\n\n async getPublicInstallationToken(): Promise<{ accessToken: string }> {\n const [installation] = await this.getInstallations();\n\n if (!installation) {\n throw new Error(`No installation found for public app`);\n }\n\n return this.cache.getOrCreateToken(\n `public:${installation.id}`,\n undefined,\n async () => {\n const result = await this.appClient.apps.createInstallationAccessToken({\n installation_id: installation.id,\n headers: HEADERS,\n });\n\n return {\n token: result.data.token,\n expiresAt: DateTime.fromISO(result.data.expires_at),\n };\n },\n );\n }\n\n getInstallations(): Promise<\n RestEndpointMethodTypes['apps']['listInstallations']['response']['data']\n > {\n return this.appClient.paginate(this.appClient.apps.listInstallations);\n }\n\n private async getInstallationData(owner: string): Promise<InstallationData> {\n const allInstallations = await this.getInstallations();\n const installation = allInstallations.find(\n inst =>\n inst.account &&\n 'login' in inst.account &&\n inst.account.login?.toLocaleLowerCase('en-US') ===\n owner.toLocaleLowerCase('en-US'),\n );\n\n if (installation) {\n return {\n installationId: installation.id,\n suspended: Boolean(installation.suspended_by),\n };\n }\n\n const notFoundError = new Error(\n `No app installation found for ${owner} in ${this.baseAuthConfig.appId}`,\n );\n notFoundError.name = 'NotFoundError';\n throw notFoundError;\n }\n}\n\n/\n Corresponds to a Github installation which internally could hold several GitHub Apps.\n \n @public\n /\nexport class GithubAppCredentialsMux {\n private readonly apps: GithubAppManager[];\n\n constructor(config: GithubIntegrationConfig, appIds: number[] = []) {\n this.apps =\n config.apps\n ?.filter(app => (appIds.length ? appIds.includes(app.appId) : true))\n .map(ac => new GithubAppManager(ac, config.apiBaseUrl)) ?? [];\n }\n\n async getAllInstallations(): Promise<\n RestEndpointMethodTypes['apps']['listInstallations']['response']['data']\n > {\n if (!this.apps.length) {\n return [];\n }\n\n const installs = await Promise.all(\n this.apps.map(app => app.getInstallations()),\n );\n\n return installs.flat();\n }\n\n async getAppToken(owner: string, repo?: string): Promise<string \| undefined> {\n if (this.apps.length === 0) {\n return undefined;\n }\n\n const results = await Promise.all(\n this.apps.map(app =>\n app.getInstallationCredentials(owner, repo).then(\n credentials => ({ credentials, error: undefined }),\n error => ({ credentials: undefined, error }),\n ),\n ),\n );\n\n const result = results.find(\n resultItem => resultItem.credentials?.accessToken,\n );\n\n if (result) {\n return result.credentials!.accessToken;\n }\n\n // If there was no token returned, then let's find a public access app and use an installation to get a token.\n const publicAccessApp = this.apps.find(app => app.publicAccess);\n if (publicAccessApp) {\n const publicResult = await publicAccessApp\n .getPublicInstallationToken()\n .then(\n credentials => ({ credentials, error: undefined }),\n error => ({ credentials: undefined, error }),\n );\n\n if (publicResult.credentials?.accessToken) {\n return publicResult.credentials.accessToken;\n }\n }\n\n const errors = results.map(r => r.error);\n const notNotFoundError = errors.find(err => err?.name !== 'NotFoundError');\n if (notNotFoundError) {\n throw notNotFoundError;\n }\n\n return undefined;\n }\n}\n\n/\n Handles the creation and caching of credentials for GitHub integrations.\n \n @public\n * @remarks\n \n TODO: Possibly move this to a backend only package so that it's not used in the frontend by mistake\n /\nexport class SingleInstanceGithubCredentialsProvider\n implements GithubCredentialsProvider\n{\n static create: (\n config: GithubIntegrationConfig,\n ) => GithubCredentialsProvider = config => {\n return new SingleInstanceGithubCredentialsProvider(\n new GithubAppCredentialsMux(config),\n config.token,\n );\n };\n\n private readonly githubAppCredentialsMux: GithubAppCredentialsMux;\n private readonly token?: string;\n\n private constructor(\n githubAppCredentialsMux: GithubAppCredentialsMux,\n token?: string,\n ) {\n this.githubAppCredentialsMux = githubAppCredentialsMux;\n this.token = token;\n }\n\n /\n Returns {@link GithubCredentials} for a given URL.\n \n @remarks\n \n Consecutive calls to this method with the same URL will return cached\n * credentials.\n \n The shortest lifetime for a token returned is 10 minutes.\n \n @example\n * ```ts\n * const { token, headers } = await getCredentials({\n * url: 'github.com/backstage/foobar'\n * })\n * ```\n \n @param opts - The organization or repository URL\n * @returns A promise of {@link GithubCredentials}.\n */\n async getCredentials(opts: { url: string }): Promise<GithubCredentials> {\n const parsed = parseGitUrl(opts.url);\n\n const owner = parsed.owner \|\| parsed.name;\n const repo = parsed.owner ? parsed.name : undefined;\n\n let type: GithubCredentialType = 'app';\n let token = await this.githubAppCredentialsMux.getAppToken(owner, repo);\n if (!token) {\n type = 'token';\n token = this.token;\n }\n\n return {\n headers: token ? { Authorization: `Bearer ${token}` } : undefined,\n token,\n type,\n };\n }\n}\n"],"names":["DateTime","Octokit","createAppAuth","parseGitUrl"],"mappings":";;;;;;;;;;;AAsCA,MAAM,KAAA,CAAM;AAAA,EACO,UAAA,uBAAiB,GAAA,EAAmC;AAAA,EAErE,MAAM,gBAAA,CACJ,KAAA,EACA,IAAA,EACA,QAAA,EACkC;AAClC,IAAA,IAAI,wBAAA,GAA2B,IAAA,CAAK,UAAA,CAAW,GAAA,CAAI,KAAK,CAAA;AAExD,IAAA,IACE,CAAC,wBAAA,IACD,IAAA,CAAK,SAAA,CAAU,wBAAA,CAAyB,SAAS,CAAA,EACjD;AACA,MAAA,wBAAA,GAA2B,MAAM,QAAA,EAAS;AAE1C,MAAA,wBAAA,CAAyB,YACvB,wBAAA,CAAyB,SAAA,CAAU,MAAM,EAAE,OAAA,EAAS,IAAI,CAAA;AAC1D,MAAA,IAAA,CAAK,UAAA,CAAW,GAAA,CAAI,KAAA,EAAO,wBAAwB,CAAA;AAAA,IACrD;AAEA,IAAA,IAAI,CAAC,IAAA,CAAK,aAAA,CAAc,wBAAA,EAA0B,IAAI,CAAA,EAAG;AACvD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,6CAAA,EAAgD,KAAK,CAAA,iEAAA,EAAoE,IAAI,CAAA;AAAA,OAC/H;AAAA,IACF;AAEA,IAAA,OAAO,EAAE,WAAA,EAAa,wBAAA,CAAyB,KAAA,EAAM;AAAA,EACvD;AAAA,EAEQ,SAAA,GAAY,CAAC,IAAA,KAAmBA,cAAA,CAAS,OAAM,GAAI,IAAA;AAAA,EAEnD,aAAA,CAAc,WAAkC,IAAA,EAAe;AAErE,IAAA,IAAI,SAAS,MAAA,EAAW;AACtB,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,SAAA,CAAU,iBAAiB,MAAA,EAAW;AACxC,MAAA,OAAO,SAAA,CAAU,YAAA,CAAa,QAAA,CAAS,IAAI,CAAA;AAAA,IAC7C;AAEA,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAOA,MAAM,OAAA,GAAU;AAAA,EACd,MAAA,EAAQ;AACV,CAAA;AAKA,MAAM,gBAAA,CAAiB;AAAA,EACJ,SAAA;AAAA,EACA,OAAA;AAAA,EACA,cAAA;AAAA,EACA,KAAA,GAAQ,IAAI,KAAA,EAAM;AAAA,EAClB,yBAAA;AAAA;AAAA,EACD,YAAA;AAAA,EAEhB,WAAA,CAAY,QAAyB,OAAA,EAAkB;AACrD,IAAA,IAAA,CAAK,yBAAA,GAA4B,OAAO,yBAAA,EAA2B,GAAA;AAAA,MACjE,CAAA,KAAA,KAAS,KAAA,CAAM,iBAAA,CAAkB,OAAO;AAAA,KAC1C;AACA,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AACf,IAAA,IAAA,CAAK,cAAA,GAAiB;AAAA,MACpB,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,UAAA,EAAY,MAAA,CAAO,UAAA,CAAW,OAAA,CAAQ,SAAS,IAAI;AAAA,KACrD;AACA,IAAA,IAAA,CAAK,SAAA,GAAY,IAAIC,YAAA,CAAQ;AAAA,MAC3B,OAAA;AAAA,MACA,OAAA,EAAS,OAAA;AAAA,MACT,YAAA,EAAcC,qBAAA;AAAA,MACd,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AACD,IAAA,IAAA,CAAK,YAAA,GAAe,OAAO,YAAA,IAAgB,KAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,0BAAA,CACJ,KAAA,EACA,IAAA,EAC8C;AAC9C,IAAA,IAAI,KAAK,yBAAA,EAA2B;AAClC,MAAA,IACE,CAAC,KAAK,yBAAA,EAA2B,QAAA;AAAA,QAC/B,KAAA,CAAM,kBAAkB,OAAO;AAAA,OACjC,EACA;AACA,QAAA,OAAO,EAAE,aAAa,MAAA,EAAU;AAAA,MAClC;AAAA,IACF;AAGA,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,gBAAA,CAAiB,KAAA,EAAO,MAAM,YAAY;AAC1D,MAAA,MAAM,EAAE,cAAA,EAAgB,SAAA,EAAU,GAAI,MAAM,IAAA,CAAK,mBAAA;AAAA,QAC/C;AAAA,OACF;AACA,MAAA,IAAI,SAAA,EAAW;AACb,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,KAAK,CAAA,aAAA,CAAe,CAAA;AAAA,MACpE;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,KAAK,6BAAA,CAA8B;AAAA,QACrE,eAAA,EAAiB,cAAA;AAAA,QACjB,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,IAAI,eAAA;AAEJ,MAAA,IAAI,MAAA,CAAO,IAAA,CAAK,oBAAA,KAAyB,UAAA,EAAY;AACnD,QAAA,MAAM,kBAAA,GAAqB,IAAID,YAAA,CAAQ;AAAA,UACrC,SAAS,IAAA,CAAK,OAAA;AAAA,UACd,IAAA,EAAM,OAAO,IAAA,CAAK;AAAA,SACnB,CAAA;AACD,QAAA,MAAM,KAAA,GAAQ,MAAM,kBAAA,CAAmB,QAAA;AAAA,UACrC,mBAAmB,IAAA,CAAK;AAAA,SAC1B;AAEA,QAAA,MAAM,YAAA,GACJ,MAAM,YAAA,IAAgB,KAAA;AAExB,QAAA,eAAA,GAAkB,YAAA,CAAa,GAAA,CAAI,CAAA,UAAA,KAAc,UAAA,CAAW,IAAI,CAAA;AAAA,MAClE;AACA,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,QACnB,SAAA,EAAWD,cAAA,CAAS,OAAA,CAAQ,MAAA,CAAO,KAAK,UAAU,CAAA;AAAA,QAClD,YAAA,EAAc;AAAA,OAChB;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,0BAAA,GAA+D;AACnE,IAAA,MAAM,CAAC,YAAY,CAAA,GAAI,MAAM,KAAK,gBAAA,EAAiB;AAEnD,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,MAAM,CAAA,oCAAA,CAAsC,CAAA;AAAA,IACxD;AAEA,IAAA,OAAO,KAAK,KAAA,CAAM,gBAAA;AAAA,MAChB,CAAA,OAAA,EAAU,aAAa,EAAE,CAAA,CAAA;AAAA,MACzB,MAAA;AAAA,MACA,YAAY;AACV,QAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,KAAK,6BAAA,CAA8B;AAAA,UACrE,iBAAiB,YAAA,CAAa,EAAA;AAAA,UAC9B,OAAA,EAAS;AAAA,SACV,CAAA;AAED,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,UACnB,SAAA,EAAWA,cAAA,CAAS,OAAA,CAAQ,MAAA,CAAO,KAAK,UAAU;AAAA,SACpD;AAAA,MACF;AAAA,KACF;AAAA,EACF;AAAA,EAEA,gBAAA,GAEE;AACA,IAAA,OAAO,KAAK,SAAA,CAAU,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,KAAK,iBAAiB,CAAA;AAAA,EACtE;AAAA,EAEA,MAAc,oBAAoB,KAAA,EAA0C;AAC1E,IAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,gBAAA,EAAiB;AACrD,IAAA,MAAM,eAAe,gBAAA,CAAiB,IAAA;AAAA,MACpC,CAAA,IAAA,KACE,IAAA,CAAK,OAAA,IACL,OAAA,IAAW,KAAK,OAAA,IAChB,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,iBAAA,CAAkB,OAAO,CAAA,KAC3C,KAAA,CAAM,kBAAkB,OAAO;AAAA,KACrC;AAEA,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,OAAO;AAAA,QACL,gBAAgB,YAAA,CAAa,EAAA;AAAA,QAC7B,SAAA,EAAW,OAAA,CAAQ,YAAA,CAAa,YAAY;AAAA,OAC9C;AAAA,IACF;AAEA,IAAA,MAAM,gBAAgB,IAAI,KAAA;AAAA,MACxB,CAAA,8BAAA,EAAiC,KAAK,CAAA,IAAA,EAAO,IAAA,CAAK,eAAe,KAAK,CAAA;AAAA,KACxE;AACA,IAAA,aAAA,CAAc,IAAA,GAAO,eAAA;AACrB,IAAA,MAAM,aAAA;AAAA,EACR;AACF;AAOO,MAAM,uBAAA,CAAwB;AAAA,EAClB,IAAA;AAAA,EAEjB,WAAA,CAAY,MAAA,EAAiC,MAAA,GAAmB,EAAC,EAAG;AAClE,IAAA,IAAA,CAAK,IAAA,GACH,OAAO,IAAA,EACH,MAAA,CAAO,SAAQ,MAAA,CAAO,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,GAAA,CAAI,KAAK,IAAI,IAAK,CAAA,CAClE,GAAA,CAAI,CAAA,EAAA,KAAM,IAAI,gBAAA,CAAiB,IAAI,MAAA,CAAO,UAAU,CAAC,CAAA,IAAK,EAAC;AAAA,EAClE;AAAA,EAEA,MAAM,mBAAA,GAEJ;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,IAAA,CAAK,MAAA,EAAQ;AACrB,MAAA,OAAO,EAAC;AAAA,IACV;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,OAAA,CAAQ,GAAA;AAAA,MAC7B,KAAK,IAAA,CAAK,GAAA,CAAI,CAAA,GAAA,KAAO,GAAA,CAAI,kBAAkB;AAAA,KAC7C;AAEA,IAAA,OAAO,SAAS,IAAA,EAAK;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,CAAY,KAAA,EAAe,IAAA,EAA4C;AAC3E,IAAA,IAAI,IAAA,CAAK,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AAC1B,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,GAAA;AAAA,MAC5B,KAAK,IAAA,CAAK,GAAA;AAAA,QAAI,CAAA,GAAA,KACZ,GAAA,CAAI,0BAAA,CAA2B,KAAA,EAAO,IAAI,CAAA,CAAE,IAAA;AAAA,UAC1C,CAAA,WAAA,MAAgB,EAAE,WAAA,EAAa,KAAA,EAAO,MAAA,EAAU,CAAA;AAAA,UAChD,CAAA,KAAA,MAAU,EAAE,WAAA,EAAa,MAAA,EAAW,KAAA,EAAM;AAAA;AAC5C;AACF,KACF;AAEA,IAAA,MAAM,SAAS,OAAA,CAAQ,IAAA;AAAA,MACrB,CAAA,UAAA,KAAc,WAAW,WAAA,EAAa;AAAA,KACxC;AAEA,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,OAAO,OAAO,WAAA,CAAa,WAAA;AAAA,IAC7B;AAGA,IAAA,MAAM,kBAAkB,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,CAAA,GAAA,KAAO,IAAI,YAAY,CAAA;AAC9D,IAAA,IAAI,eAAA,EAAiB;AACnB,MAAA,MAAM,YAAA,GAAe,MAAM,eAAA,CACxB,0BAAA,EAA2B,CAC3B,IAAA;AAAA,QACC,CAAA,WAAA,MAAgB,EAAE,WAAA,EAAa,KAAA,EAAO,MAAA,EAAU,CAAA;AAAA,QAChD,CAAA,KAAA,MAAU,EAAE,WAAA,EAAa,MAAA,EAAW,KAAA,EAAM;AAAA,OAC5C;AAEF,MAAA,IAAI,YAAA,CAAa,aAAa,WAAA,EAAa;AACzC,QAAA,OAAO,aAAa,WAAA,CAAY,WAAA;AAAA,MAClC;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,KAAK,CAAA;AACvC,IAAA,MAAM,mBAAmB,MAAA,CAAO,IAAA,CAAK,CAAA,GAAA,KAAO,GAAA,EAAK,SAAS,eAAe,CAAA;AACzE,IAAA,IAAI,gBAAA,EAAkB;AACpB,MAAA,MAAM,gBAAA;AAAA,IACR;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AACF;AAUO,MAAM,uCAAA,CAEb;AAAA,EACE,OAAO,SAE0B,CAAA,MAAA,KAAU;AACzC,IAAA,OAAO,IAAI,uCAAA;AAAA,MACT,IAAI,wBAAwB,MAAM,CAAA;AAAA,MAClC,MAAA,CAAO;AAAA,KACT;AAAA,EACF,CAAA;AAAA,EAEiB,uBAAA;AAAA,EACA,KAAA;AAAA,EAET,WAAA,CACN,yBACA,KAAA,EACA;AACA,IAAA,IAAA,CAAK,uBAAA,GAA0B,uBAAA;AAC/B,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBA,MAAM,eAAe,IAAA,EAAmD;AACtE,IAAA,MAAM,MAAA,GAASG,4BAAA,CAAY,IAAA,CAAK,GAAG,CAAA;AAEnC,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,IAAA;AACrC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,KAAA,GAAQ,MAAA,CAAO,IAAA,GAAO,MAAA;AAE1C,IAAA,IAAI,IAAA,GAA6B,KAAA;AACjC,IAAA,IAAI,QAAQ,MAAM,IAAA,CAAK,uBAAA,CAAwB,WAAA,CAAY,OAAO,IAAI,CAAA;AACtE,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,IAAA,GAAO,OAAA;AACP,MAAA,KAAA,GAAQ,IAAA,CAAK,KAAA;AAAA,IACf;AAEA,IAAA,OAAO;AAAA,MACL,SAAS,KAAA,GAAQ,EAAE,eAAe,CAAA,OAAA,EAAU,KAAK,IAAG,GAAI,MAAA;AAAA,MACxD,KAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACF;;;;;"}
1	+ {"version":3,"file":"SingleInstanceGithubCredentialsProvider.cjs.js","sources":["../../src/github/SingleInstanceGithubCredentialsProvider.ts"],"sourcesContent":["/\n Copyright 2021 The Backstage Authors\n \n Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n \n http://www.apache.org/licenses/LICENSE-2.0\n \n Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n /\n\nimport parseGitUrl from 'git-url-parse';\nimport { GithubAppConfig, GithubIntegrationConfig } from './config';\nimport { createAppAuth } from '@octokit/auth-app';\nimport { Octokit, RestEndpointMethodTypes } from '@octokit/rest';\nimport { DateTime } from 'luxon';\nimport {\n GithubCredentials,\n GithubCredentialsProvider,\n GithubCredentialType,\n} from './types';\n\ntype InstallationData = {\n installationId: number;\n suspended: boolean;\n};\n\ntype InstallationTokenData = {\n token: string;\n expiresAt: DateTime;\n repositories?: String[];\n};\n\nclass Cache {\n private readonly tokenCache = new Map<string, InstallationTokenData>();\n\n async getOrCreateToken(\n owner: string,\n repo: string \| undefined,\n supplier: () => Promise<InstallationTokenData>,\n ): Promise<{ accessToken: string }> {\n let existingInstallationData = this.tokenCache.get(owner);\n\n if (\n !existingInstallationData \|\|\n this.isExpired(existingInstallationData.expiresAt)\n ) {\n existingInstallationData = await supplier();\n // Allow 10 minutes grace to account for clock skew\n existingInstallationData.expiresAt =\n existingInstallationData.expiresAt.minus({ minutes: 10 });\n this.tokenCache.set(owner, existingInstallationData);\n }\n\n if (!this.appliesToRepo(existingInstallationData, repo)) {\n throw new Error(\n `The Backstage GitHub application used in the ${owner} organization does not have access to a repository with the name ${repo}`,\n );\n }\n\n return { accessToken: existingInstallationData.token };\n }\n\n private isExpired = (date: DateTime) => DateTime.local() > date;\n\n private appliesToRepo(tokenData: InstallationTokenData, repo?: string) {\n // If no specific repo has been requested the token is applicable\n if (repo === undefined) {\n return true;\n }\n // If the token is restricted to repositories, the token only applies if the repo is in the allow list\n if (tokenData.repositories !== undefined) {\n return tokenData.repositories.includes(repo);\n }\n // Otherwise the token is applicable\n return true;\n }\n}\n\n/\n This accept header is required when calling App APIs in GitHub Enterprise.\n * It has no effect on calls to github.com and can probably be removed entirely\n * once GitHub Apps is out of preview.\n /\nconst HEADERS = {\n Accept: 'application/vnd.github.machine-man-preview+json',\n};\n\n/\n GithubAppManager issues and caches tokens for a specific GitHub App.\n /\nclass GithubAppManager {\n private readonly appClient: Octokit;\n private readonly baseUrl?: string;\n private readonly baseAuthConfig: { appId: number; privateKey: string };\n private readonly cache = new Cache();\n private readonly allowedInstallationOwners: string[] \| undefined; // undefined allows all installations\n public readonly publicAccess: boolean;\n\n constructor(config: GithubAppConfig, baseUrl?: string) {\n this.allowedInstallationOwners = config.allowedInstallationOwners?.map(\n owner => owner.toLocaleLowerCase('en-US'),\n );\n this.baseUrl = baseUrl;\n this.baseAuthConfig = {\n appId: config.appId,\n privateKey: config.privateKey.replace(/\\\\n/gm, '\\n'),\n };\n this.appClient = new Octokit({\n baseUrl,\n headers: HEADERS,\n authStrategy: createAppAuth,\n auth: this.baseAuthConfig,\n });\n this.publicAccess = config.publicAccess ?? false;\n }\n\n async getInstallationCredentials(\n owner?: string,\n repo?: string,\n ): Promise<{ accessToken: string \| undefined }> {\n // No owner means a bare host URL (e.g. https://github.com) — return an\n // app-level JWT rather than an installation token.\n if (!owner) {\n const auth = createAppAuth({\n appId: this.baseAuthConfig.appId,\n privateKey: this.baseAuthConfig.privateKey,\n });\n const { token } = await auth({ type: 'app' });\n return { accessToken: token };\n }\n\n if (this.allowedInstallationOwners) {\n if (\n !this.allowedInstallationOwners?.includes(\n owner.toLocaleLowerCase('en-US'),\n )\n ) {\n return { accessToken: undefined }; // An empty token allows anonymous access to public repos\n }\n }\n\n // Go and grab an access token for the app scoped to a repository if provided, if not use the organisation installation.\n return this.cache.getOrCreateToken(owner, repo, async () => {\n const { installationId, suspended } = await this.getInstallationData(\n owner,\n );\n if (suspended) {\n throw new Error(`The GitHub application for ${owner} is suspended`);\n }\n\n const result = await this.appClient.apps.createInstallationAccessToken({\n installation_id: installationId,\n headers: HEADERS,\n });\n\n let repositoryNames;\n\n if (result.data.repository_selection === 'selected') {\n const installationClient = new Octokit({\n baseUrl: this.baseUrl,\n auth: result.data.token,\n });\n const repos = await installationClient.paginate(\n installationClient.apps.listReposAccessibleToInstallation,\n );\n // The return type of the paginate method is incorrect.\n const repositories: RestEndpointMethodTypes['apps']['listReposAccessibleToInstallation']['response']['data']['repositories'] =\n repos.repositories ?? repos;\n\n repositoryNames = repositories.map(repository => repository.name);\n }\n return {\n token: result.data.token,\n expiresAt: DateTime.fromISO(result.data.expires_at),\n repositories: repositoryNames,\n };\n });\n }\n\n async getPublicInstallationToken(): Promise<{ accessToken: string }> {\n const [installation] = await this.getInstallations();\n\n if (!installation) {\n throw new Error(`No installation found for public app`);\n }\n\n return this.cache.getOrCreateToken(\n `public:${installation.id}`,\n undefined,\n async () => {\n const result = await this.appClient.apps.createInstallationAccessToken({\n installation_id: installation.id,\n headers: HEADERS,\n });\n\n return {\n token: result.data.token,\n expiresAt: DateTime.fromISO(result.data.expires_at),\n };\n },\n );\n }\n\n getInstallations(): Promise<\n RestEndpointMethodTypes['apps']['listInstallations']['response']['data']\n > {\n return this.appClient.paginate(this.appClient.apps.listInstallations);\n }\n\n private async getInstallationData(owner: string): Promise<InstallationData> {\n const allInstallations = await this.getInstallations();\n const installation = allInstallations.find(\n inst =>\n inst.account &&\n 'login' in inst.account &&\n inst.account.login?.toLocaleLowerCase('en-US') ===\n owner.toLocaleLowerCase('en-US'),\n );\n\n if (installation) {\n return {\n installationId: installation.id,\n suspended: Boolean(installation.suspended_by),\n };\n }\n\n const notFoundError = new Error(\n `No app installation found for ${owner} in ${this.baseAuthConfig.appId}`,\n );\n notFoundError.name = 'NotFoundError';\n throw notFoundError;\n }\n}\n\n/\n Corresponds to a Github installation which internally could hold several GitHub Apps.\n \n @public\n /\nexport class GithubAppCredentialsMux {\n private readonly apps: GithubAppManager[];\n\n constructor(config: GithubIntegrationConfig, appIds: number[] = []) {\n this.apps =\n config.apps\n ?.filter(app => (appIds.length ? appIds.includes(app.appId) : true))\n .map(ac => new GithubAppManager(ac, config.apiBaseUrl)) ?? [];\n }\n\n async getAllInstallations(): Promise<\n RestEndpointMethodTypes['apps']['listInstallations']['response']['data']\n > {\n if (!this.apps.length) {\n return [];\n }\n\n const installs = await Promise.all(\n this.apps.map(app => app.getInstallations()),\n );\n\n return installs.flat();\n }\n\n async getAppToken(\n owner?: string,\n repo?: string,\n ): Promise<string \| undefined> {\n if (this.apps.length === 0) {\n return undefined;\n }\n\n const results = await Promise.all(\n this.apps.map(app =>\n app.getInstallationCredentials(owner, repo).then(\n credentials => ({ credentials, error: undefined }),\n error => ({ credentials: undefined, error }),\n ),\n ),\n );\n\n const result = results.find(\n resultItem => resultItem.credentials?.accessToken,\n );\n\n if (result) {\n return result.credentials!.accessToken;\n }\n\n // If there was no token returned, then let's find a public access app and use an installation to get a token.\n const publicAccessApp = this.apps.find(app => app.publicAccess);\n if (publicAccessApp) {\n const publicResult = await publicAccessApp\n .getPublicInstallationToken()\n .then(\n credentials => ({ credentials, error: undefined }),\n error => ({ credentials: undefined, error }),\n );\n\n if (publicResult.credentials?.accessToken) {\n return publicResult.credentials.accessToken;\n }\n }\n\n const errors = results.map(r => r.error);\n const notNotFoundError = errors.find(err => err?.name !== 'NotFoundError');\n if (notNotFoundError) {\n throw notNotFoundError;\n }\n\n return undefined;\n }\n}\n\n/\n Handles the creation and caching of credentials for GitHub integrations.\n \n @public\n * @remarks\n \n TODO: Possibly move this to a backend only package so that it's not used in the frontend by mistake\n /\nexport class SingleInstanceGithubCredentialsProvider\n implements GithubCredentialsProvider\n{\n static create: (\n config: GithubIntegrationConfig,\n ) => GithubCredentialsProvider = config => {\n return new SingleInstanceGithubCredentialsProvider(\n new GithubAppCredentialsMux(config),\n config.token,\n );\n };\n\n private readonly githubAppCredentialsMux: GithubAppCredentialsMux;\n private readonly token?: string;\n\n private constructor(\n githubAppCredentialsMux: GithubAppCredentialsMux,\n token?: string,\n ) {\n this.githubAppCredentialsMux = githubAppCredentialsMux;\n this.token = token;\n }\n\n /\n Returns {@link GithubCredentials} for a given URL.\n \n @remarks\n \n Consecutive calls to this method with the same URL will return cached\n * credentials.\n \n The shortest lifetime for a token returned is 10 minutes.\n \n @example\n * ```ts\n * const { token, headers } = await getCredentials({\n * url: 'github.com/backstage/foobar'\n * })\n * ```\n \n @param opts - The organization or repository URL\n * @returns A promise of {@link GithubCredentials}.\n */\n async getCredentials(opts: { url: string }): Promise<GithubCredentials> {\n const parsed = parseGitUrl(opts.url);\n\n const owner = parsed.owner \|\| parsed.name;\n const repo = parsed.owner ? parsed.name : undefined;\n\n let type: GithubCredentialType = 'app';\n let token = await this.githubAppCredentialsMux.getAppToken(owner, repo);\n if (!token) {\n type = 'token';\n token = this.token;\n }\n\n return {\n headers: token ? { Authorization: `Bearer ${token}` } : undefined,\n token,\n type,\n };\n }\n}\n"],"names":["DateTime","Octokit","createAppAuth","parseGitUrl"],"mappings":";;;;;;;;;;;AAsCA,MAAM,KAAA,CAAM;AAAA,EACO,UAAA,uBAAiB,GAAA,EAAmC;AAAA,EAErE,MAAM,gBAAA,CACJ,KAAA,EACA,IAAA,EACA,QAAA,EACkC;AAClC,IAAA,IAAI,wBAAA,GAA2B,IAAA,CAAK,UAAA,CAAW,GAAA,CAAI,KAAK,CAAA;AAExD,IAAA,IACE,CAAC,wBAAA,IACD,IAAA,CAAK,SAAA,CAAU,wBAAA,CAAyB,SAAS,CAAA,EACjD;AACA,MAAA,wBAAA,GAA2B,MAAM,QAAA,EAAS;AAE1C,MAAA,wBAAA,CAAyB,YACvB,wBAAA,CAAyB,SAAA,CAAU,MAAM,EAAE,OAAA,EAAS,IAAI,CAAA;AAC1D,MAAA,IAAA,CAAK,UAAA,CAAW,GAAA,CAAI,KAAA,EAAO,wBAAwB,CAAA;AAAA,IACrD;AAEA,IAAA,IAAI,CAAC,IAAA,CAAK,aAAA,CAAc,wBAAA,EAA0B,IAAI,CAAA,EAAG;AACvD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,6CAAA,EAAgD,KAAK,CAAA,iEAAA,EAAoE,IAAI,CAAA;AAAA,OAC/H;AAAA,IACF;AAEA,IAAA,OAAO,EAAE,WAAA,EAAa,wBAAA,CAAyB,KAAA,EAAM;AAAA,EACvD;AAAA,EAEQ,SAAA,GAAY,CAAC,IAAA,KAAmBA,cAAA,CAAS,OAAM,GAAI,IAAA;AAAA,EAEnD,aAAA,CAAc,WAAkC,IAAA,EAAe;AAErE,IAAA,IAAI,SAAS,MAAA,EAAW;AACtB,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,SAAA,CAAU,iBAAiB,MAAA,EAAW;AACxC,MAAA,OAAO,SAAA,CAAU,YAAA,CAAa,QAAA,CAAS,IAAI,CAAA;AAAA,IAC7C;AAEA,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAOA,MAAM,OAAA,GAAU;AAAA,EACd,MAAA,EAAQ;AACV,CAAA;AAKA,MAAM,gBAAA,CAAiB;AAAA,EACJ,SAAA;AAAA,EACA,OAAA;AAAA,EACA,cAAA;AAAA,EACA,KAAA,GAAQ,IAAI,KAAA,EAAM;AAAA,EAClB,yBAAA;AAAA;AAAA,EACD,YAAA;AAAA,EAEhB,WAAA,CAAY,QAAyB,OAAA,EAAkB;AACrD,IAAA,IAAA,CAAK,yBAAA,GAA4B,OAAO,yBAAA,EAA2B,GAAA;AAAA,MACjE,CAAA,KAAA,KAAS,KAAA,CAAM,iBAAA,CAAkB,OAAO;AAAA,KAC1C;AACA,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AACf,IAAA,IAAA,CAAK,cAAA,GAAiB;AAAA,MACpB,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,UAAA,EAAY,MAAA,CAAO,UAAA,CAAW,OAAA,CAAQ,SAAS,IAAI;AAAA,KACrD;AACA,IAAA,IAAA,CAAK,SAAA,GAAY,IAAIC,YAAA,CAAQ;AAAA,MAC3B,OAAA;AAAA,MACA,OAAA,EAAS,OAAA;AAAA,MACT,YAAA,EAAcC,qBAAA;AAAA,MACd,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AACD,IAAA,IAAA,CAAK,YAAA,GAAe,OAAO,YAAA,IAAgB,KAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,0BAAA,CACJ,KAAA,EACA,IAAA,EAC8C;AAG9C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,OAAOA,qBAAA,CAAc;AAAA,QACzB,KAAA,EAAO,KAAK,cAAA,CAAe,KAAA;AAAA,QAC3B,UAAA,EAAY,KAAK,cAAA,CAAe;AAAA,OACjC,CAAA;AACD,MAAA,MAAM,EAAE,OAAM,GAAI,MAAM,KAAK,EAAE,IAAA,EAAM,OAAO,CAAA;AAC5C,MAAA,OAAO,EAAE,aAAa,KAAA,EAAM;AAAA,IAC9B;AAEA,IAAA,IAAI,KAAK,yBAAA,EAA2B;AAClC,MAAA,IACE,CAAC,KAAK,yBAAA,EAA2B,QAAA;AAAA,QAC/B,KAAA,CAAM,kBAAkB,OAAO;AAAA,OACjC,EACA;AACA,QAAA,OAAO,EAAE,aAAa,MAAA,EAAU;AAAA,MAClC;AAAA,IACF;AAGA,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,gBAAA,CAAiB,KAAA,EAAO,MAAM,YAAY;AAC1D,MAAA,MAAM,EAAE,cAAA,EAAgB,SAAA,EAAU,GAAI,MAAM,IAAA,CAAK,mBAAA;AAAA,QAC/C;AAAA,OACF;AACA,MAAA,IAAI,SAAA,EAAW;AACb,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,KAAK,CAAA,aAAA,CAAe,CAAA;AAAA,MACpE;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,KAAK,6BAAA,CAA8B;AAAA,QACrE,eAAA,EAAiB,cAAA;AAAA,QACjB,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,IAAI,eAAA;AAEJ,MAAA,IAAI,MAAA,CAAO,IAAA,CAAK,oBAAA,KAAyB,UAAA,EAAY;AACnD,QAAA,MAAM,kBAAA,GAAqB,IAAID,YAAA,CAAQ;AAAA,UACrC,SAAS,IAAA,CAAK,OAAA;AAAA,UACd,IAAA,EAAM,OAAO,IAAA,CAAK;AAAA,SACnB,CAAA;AACD,QAAA,MAAM,KAAA,GAAQ,MAAM,kBAAA,CAAmB,QAAA;AAAA,UACrC,mBAAmB,IAAA,CAAK;AAAA,SAC1B;AAEA,QAAA,MAAM,YAAA,GACJ,MAAM,YAAA,IAAgB,KAAA;AAExB,QAAA,eAAA,GAAkB,YAAA,CAAa,GAAA,CAAI,CAAA,UAAA,KAAc,UAAA,CAAW,IAAI,CAAA;AAAA,MAClE;AACA,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,QACnB,SAAA,EAAWD,cAAA,CAAS,OAAA,CAAQ,MAAA,CAAO,KAAK,UAAU,CAAA;AAAA,QAClD,YAAA,EAAc;AAAA,OAChB;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,0BAAA,GAA+D;AACnE,IAAA,MAAM,CAAC,YAAY,CAAA,GAAI,MAAM,KAAK,gBAAA,EAAiB;AAEnD,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,MAAM,CAAA,oCAAA,CAAsC,CAAA;AAAA,IACxD;AAEA,IAAA,OAAO,KAAK,KAAA,CAAM,gBAAA;AAAA,MAChB,CAAA,OAAA,EAAU,aAAa,EAAE,CAAA,CAAA;AAAA,MACzB,MAAA;AAAA,MACA,YAAY;AACV,QAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,KAAK,6BAAA,CAA8B;AAAA,UACrE,iBAAiB,YAAA,CAAa,EAAA;AAAA,UAC9B,OAAA,EAAS;AAAA,SACV,CAAA;AAED,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,UACnB,SAAA,EAAWA,cAAA,CAAS,OAAA,CAAQ,MAAA,CAAO,KAAK,UAAU;AAAA,SACpD;AAAA,MACF;AAAA,KACF;AAAA,EACF;AAAA,EAEA,gBAAA,GAEE;AACA,IAAA,OAAO,KAAK,SAAA,CAAU,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,KAAK,iBAAiB,CAAA;AAAA,EACtE;AAAA,EAEA,MAAc,oBAAoB,KAAA,EAA0C;AAC1E,IAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,gBAAA,EAAiB;AACrD,IAAA,MAAM,eAAe,gBAAA,CAAiB,IAAA;AAAA,MACpC,CAAA,IAAA,KACE,IAAA,CAAK,OAAA,IACL,OAAA,IAAW,KAAK,OAAA,IAChB,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,iBAAA,CAAkB,OAAO,CAAA,KAC3C,KAAA,CAAM,kBAAkB,OAAO;AAAA,KACrC;AAEA,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,OAAO;AAAA,QACL,gBAAgB,YAAA,CAAa,EAAA;AAAA,QAC7B,SAAA,EAAW,OAAA,CAAQ,YAAA,CAAa,YAAY;AAAA,OAC9C;AAAA,IACF;AAEA,IAAA,MAAM,gBAAgB,IAAI,KAAA;AAAA,MACxB,CAAA,8BAAA,EAAiC,KAAK,CAAA,IAAA,EAAO,IAAA,CAAK,eAAe,KAAK,CAAA;AAAA,KACxE;AACA,IAAA,aAAA,CAAc,IAAA,GAAO,eAAA;AACrB,IAAA,MAAM,aAAA;AAAA,EACR;AACF;AAOO,MAAM,uBAAA,CAAwB;AAAA,EAClB,IAAA;AAAA,EAEjB,WAAA,CAAY,MAAA,EAAiC,MAAA,GAAmB,EAAC,EAAG;AAClE,IAAA,IAAA,CAAK,IAAA,GACH,OAAO,IAAA,EACH,MAAA,CAAO,SAAQ,MAAA,CAAO,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,GAAA,CAAI,KAAK,IAAI,IAAK,CAAA,CAClE,GAAA,CAAI,CAAA,EAAA,KAAM,IAAI,gBAAA,CAAiB,IAAI,MAAA,CAAO,UAAU,CAAC,CAAA,IAAK,EAAC;AAAA,EAClE;AAAA,EAEA,MAAM,mBAAA,GAEJ;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,IAAA,CAAK,MAAA,EAAQ;AACrB,MAAA,OAAO,EAAC;AAAA,IACV;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,OAAA,CAAQ,GAAA;AAAA,MAC7B,KAAK,IAAA,CAAK,GAAA,CAAI,CAAA,GAAA,KAAO,GAAA,CAAI,kBAAkB;AAAA,KAC7C;AAEA,IAAA,OAAO,SAAS,IAAA,EAAK;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,CACJ,KAAA,EACA,IAAA,EAC6B;AAC7B,IAAA,IAAI,IAAA,CAAK,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AAC1B,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,GAAA;AAAA,MAC5B,KAAK,IAAA,CAAK,GAAA;AAAA,QAAI,CAAA,GAAA,KACZ,GAAA,CAAI,0BAAA,CAA2B,KAAA,EAAO,IAAI,CAAA,CAAE,IAAA;AAAA,UAC1C,CAAA,WAAA,MAAgB,EAAE,WAAA,EAAa,KAAA,EAAO,MAAA,EAAU,CAAA;AAAA,UAChD,CAAA,KAAA,MAAU,EAAE,WAAA,EAAa,MAAA,EAAW,KAAA,EAAM;AAAA;AAC5C;AACF,KACF;AAEA,IAAA,MAAM,SAAS,OAAA,CAAQ,IAAA;AAAA,MACrB,CAAA,UAAA,KAAc,WAAW,WAAA,EAAa;AAAA,KACxC;AAEA,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,OAAO,OAAO,WAAA,CAAa,WAAA;AAAA,IAC7B;AAGA,IAAA,MAAM,kBAAkB,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,CAAA,GAAA,KAAO,IAAI,YAAY,CAAA;AAC9D,IAAA,IAAI,eAAA,EAAiB;AACnB,MAAA,MAAM,YAAA,GAAe,MAAM,eAAA,CACxB,0BAAA,EAA2B,CAC3B,IAAA;AAAA,QACC,CAAA,WAAA,MAAgB,EAAE,WAAA,EAAa,KAAA,EAAO,MAAA,EAAU,CAAA;AAAA,QAChD,CAAA,KAAA,MAAU,EAAE,WAAA,EAAa,MAAA,EAAW,KAAA,EAAM;AAAA,OAC5C;AAEF,MAAA,IAAI,YAAA,CAAa,aAAa,WAAA,EAAa;AACzC,QAAA,OAAO,aAAa,WAAA,CAAY,WAAA;AAAA,MAClC;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,KAAK,CAAA;AACvC,IAAA,MAAM,mBAAmB,MAAA,CAAO,IAAA,CAAK,CAAA,GAAA,KAAO,GAAA,EAAK,SAAS,eAAe,CAAA;AACzE,IAAA,IAAI,gBAAA,EAAkB;AACpB,MAAA,MAAM,gBAAA;AAAA,IACR;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AACF;AAUO,MAAM,uCAAA,CAEb;AAAA,EACE,OAAO,SAE0B,CAAA,MAAA,KAAU;AACzC,IAAA,OAAO,IAAI,uCAAA;AAAA,MACT,IAAI,wBAAwB,MAAM,CAAA;AAAA,MAClC,MAAA,CAAO;AAAA,KACT;AAAA,EACF,CAAA;AAAA,EAEiB,uBAAA;AAAA,EACA,KAAA;AAAA,EAET,WAAA,CACN,yBACA,KAAA,EACA;AACA,IAAA,IAAA,CAAK,uBAAA,GAA0B,uBAAA;AAC/B,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBA,MAAM,eAAe,IAAA,EAAmD;AACtE,IAAA,MAAM,MAAA,GAASG,4BAAA,CAAY,IAAA,CAAK,GAAG,CAAA;AAEnC,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,IAAA;AACrC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,KAAA,GAAQ,MAAA,CAAO,IAAA,GAAO,MAAA;AAE1C,IAAA,IAAI,IAAA,GAA6B,KAAA;AACjC,IAAA,IAAI,QAAQ,MAAM,IAAA,CAAK,uBAAA,CAAwB,WAAA,CAAY,OAAO,IAAI,CAAA;AACtE,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,IAAA,GAAO,OAAA;AACP,MAAA,KAAA,GAAQ,IAAA,CAAK,KAAA;AAAA,IACf;AAEA,IAAA,OAAO;AAAA,MACL,SAAS,KAAA,GAAQ,EAAE,eAAe,CAAA,OAAA,EAAU,KAAK,IAAG,GAAI,MAAA;AAAA,MACxD,KAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACF;;;;;"}

package/dist/github/SingleInstanceGithubCredentialsProvider.esm.js CHANGED Viewed

@@ -59,6 +59,14 @@ class GithubAppManager {
     this.publicAccess = config.publicAccess ?? false;
   }
   async getInstallationCredentials(owner, repo) {
+    if (!owner) {
+      const auth = createAppAuth({
+        appId: this.baseAuthConfig.appId,
+        privateKey: this.baseAuthConfig.privateKey
+      });
+      const { token } = await auth({ type: "app" });
+      return { accessToken: token };
+    }
     if (this.allowedInstallationOwners) {
       if (!this.allowedInstallationOwners?.includes(
         owner.toLocaleLowerCase("en-US")

package/dist/github/SingleInstanceGithubCredentialsProvider.esm.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"SingleInstanceGithubCredentialsProvider.esm.js","sources":["../../src/github/SingleInstanceGithubCredentialsProvider.ts"],"sourcesContent":["/\n Copyright 2021 The Backstage Authors\n \n Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n \n http://www.apache.org/licenses/LICENSE-2.0\n \n Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n /\n\nimport parseGitUrl from 'git-url-parse';\nimport { GithubAppConfig, GithubIntegrationConfig } from './config';\nimport { createAppAuth } from '@octokit/auth-app';\nimport { Octokit, RestEndpointMethodTypes } from '@octokit/rest';\nimport { DateTime } from 'luxon';\nimport {\n GithubCredentials,\n GithubCredentialsProvider,\n GithubCredentialType,\n} from './types';\n\ntype InstallationData = {\n installationId: number;\n suspended: boolean;\n};\n\ntype InstallationTokenData = {\n token: string;\n expiresAt: DateTime;\n repositories?: String[];\n};\n\nclass Cache {\n private readonly tokenCache = new Map<string, InstallationTokenData>();\n\n async getOrCreateToken(\n owner: string,\n repo: string \| undefined,\n supplier: () => Promise<InstallationTokenData>,\n ): Promise<{ accessToken: string }> {\n let existingInstallationData = this.tokenCache.get(owner);\n\n if (\n !existingInstallationData \|\|\n this.isExpired(existingInstallationData.expiresAt)\n ) {\n existingInstallationData = await supplier();\n // Allow 10 minutes grace to account for clock skew\n existingInstallationData.expiresAt =\n existingInstallationData.expiresAt.minus({ minutes: 10 });\n this.tokenCache.set(owner, existingInstallationData);\n }\n\n if (!this.appliesToRepo(existingInstallationData, repo)) {\n throw new Error(\n `The Backstage GitHub application used in the ${owner} organization does not have access to a repository with the name ${repo}`,\n );\n }\n\n return { accessToken: existingInstallationData.token };\n }\n\n private isExpired = (date: DateTime) => DateTime.local() > date;\n\n private appliesToRepo(tokenData: InstallationTokenData, repo?: string) {\n // If no specific repo has been requested the token is applicable\n if (repo === undefined) {\n return true;\n }\n // If the token is restricted to repositories, the token only applies if the repo is in the allow list\n if (tokenData.repositories !== undefined) {\n return tokenData.repositories.includes(repo);\n }\n // Otherwise the token is applicable\n return true;\n }\n}\n\n/\n This accept header is required when calling App APIs in GitHub Enterprise.\n * It has no effect on calls to github.com and can probably be removed entirely\n * once GitHub Apps is out of preview.\n /\nconst HEADERS = {\n Accept: 'application/vnd.github.machine-man-preview+json',\n};\n\n/\n GithubAppManager issues and caches tokens for a specific GitHub App.\n /\nclass GithubAppManager {\n private readonly appClient: Octokit;\n private readonly baseUrl?: string;\n private readonly baseAuthConfig: { appId: number; privateKey: string };\n private readonly cache = new Cache();\n private readonly allowedInstallationOwners: string[] \| undefined; // undefined allows all installations\n public readonly publicAccess: boolean;\n\n constructor(config: GithubAppConfig, baseUrl?: string) {\n this.allowedInstallationOwners = config.allowedInstallationOwners?.map(\n owner => owner.toLocaleLowerCase('en-US'),\n );\n this.baseUrl = baseUrl;\n this.baseAuthConfig = {\n appId: config.appId,\n privateKey: config.privateKey.replace(/\\\\n/gm, '\\n'),\n };\n this.appClient = new Octokit({\n baseUrl,\n headers: HEADERS,\n authStrategy: createAppAuth,\n auth: this.baseAuthConfig,\n });\n this.publicAccess = config.publicAccess ?? false;\n }\n\n async getInstallationCredentials(\n owner: string,\n repo?: string,\n ): Promise<{ accessToken: string \| undefined }> {\n if (this.allowedInstallationOwners) {\n if (\n !this.allowedInstallationOwners?.includes(\n owner.toLocaleLowerCase('en-US'),\n )\n ) {\n return { accessToken: undefined }; // An empty token allows anonymous access to public repos\n }\n }\n\n // Go and grab an access token for the app scoped to a repository if provided, if not use the organisation installation.\n return this.cache.getOrCreateToken(owner, repo, async () => {\n const { installationId, suspended } = await this.getInstallationData(\n owner,\n );\n if (suspended) {\n throw new Error(`The GitHub application for ${owner} is suspended`);\n }\n\n const result = await this.appClient.apps.createInstallationAccessToken({\n installation_id: installationId,\n headers: HEADERS,\n });\n\n let repositoryNames;\n\n if (result.data.repository_selection === 'selected') {\n const installationClient = new Octokit({\n baseUrl: this.baseUrl,\n auth: result.data.token,\n });\n const repos = await installationClient.paginate(\n installationClient.apps.listReposAccessibleToInstallation,\n );\n // The return type of the paginate method is incorrect.\n const repositories: RestEndpointMethodTypes['apps']['listReposAccessibleToInstallation']['response']['data']['repositories'] =\n repos.repositories ?? repos;\n\n repositoryNames = repositories.map(repository => repository.name);\n }\n return {\n token: result.data.token,\n expiresAt: DateTime.fromISO(result.data.expires_at),\n repositories: repositoryNames,\n };\n });\n }\n\n async getPublicInstallationToken(): Promise<{ accessToken: string }> {\n const [installation] = await this.getInstallations();\n\n if (!installation) {\n throw new Error(`No installation found for public app`);\n }\n\n return this.cache.getOrCreateToken(\n `public:${installation.id}`,\n undefined,\n async () => {\n const result = await this.appClient.apps.createInstallationAccessToken({\n installation_id: installation.id,\n headers: HEADERS,\n });\n\n return {\n token: result.data.token,\n expiresAt: DateTime.fromISO(result.data.expires_at),\n };\n },\n );\n }\n\n getInstallations(): Promise<\n RestEndpointMethodTypes['apps']['listInstallations']['response']['data']\n > {\n return this.appClient.paginate(this.appClient.apps.listInstallations);\n }\n\n private async getInstallationData(owner: string): Promise<InstallationData> {\n const allInstallations = await this.getInstallations();\n const installation = allInstallations.find(\n inst =>\n inst.account &&\n 'login' in inst.account &&\n inst.account.login?.toLocaleLowerCase('en-US') ===\n owner.toLocaleLowerCase('en-US'),\n );\n\n if (installation) {\n return {\n installationId: installation.id,\n suspended: Boolean(installation.suspended_by),\n };\n }\n\n const notFoundError = new Error(\n `No app installation found for ${owner} in ${this.baseAuthConfig.appId}`,\n );\n notFoundError.name = 'NotFoundError';\n throw notFoundError;\n }\n}\n\n/\n Corresponds to a Github installation which internally could hold several GitHub Apps.\n \n @public\n /\nexport class GithubAppCredentialsMux {\n private readonly apps: GithubAppManager[];\n\n constructor(config: GithubIntegrationConfig, appIds: number[] = []) {\n this.apps =\n config.apps\n ?.filter(app => (appIds.length ? appIds.includes(app.appId) : true))\n .map(ac => new GithubAppManager(ac, config.apiBaseUrl)) ?? [];\n }\n\n async getAllInstallations(): Promise<\n RestEndpointMethodTypes['apps']['listInstallations']['response']['data']\n > {\n if (!this.apps.length) {\n return [];\n }\n\n const installs = await Promise.all(\n this.apps.map(app => app.getInstallations()),\n );\n\n return installs.flat();\n }\n\n async getAppToken(owner: string, repo?: string): Promise<string \| undefined> {\n if (this.apps.length === 0) {\n return undefined;\n }\n\n const results = await Promise.all(\n this.apps.map(app =>\n app.getInstallationCredentials(owner, repo).then(\n credentials => ({ credentials, error: undefined }),\n error => ({ credentials: undefined, error }),\n ),\n ),\n );\n\n const result = results.find(\n resultItem => resultItem.credentials?.accessToken,\n );\n\n if (result) {\n return result.credentials!.accessToken;\n }\n\n // If there was no token returned, then let's find a public access app and use an installation to get a token.\n const publicAccessApp = this.apps.find(app => app.publicAccess);\n if (publicAccessApp) {\n const publicResult = await publicAccessApp\n .getPublicInstallationToken()\n .then(\n credentials => ({ credentials, error: undefined }),\n error => ({ credentials: undefined, error }),\n );\n\n if (publicResult.credentials?.accessToken) {\n return publicResult.credentials.accessToken;\n }\n }\n\n const errors = results.map(r => r.error);\n const notNotFoundError = errors.find(err => err?.name !== 'NotFoundError');\n if (notNotFoundError) {\n throw notNotFoundError;\n }\n\n return undefined;\n }\n}\n\n/\n Handles the creation and caching of credentials for GitHub integrations.\n \n @public\n * @remarks\n \n TODO: Possibly move this to a backend only package so that it's not used in the frontend by mistake\n /\nexport class SingleInstanceGithubCredentialsProvider\n implements GithubCredentialsProvider\n{\n static create: (\n config: GithubIntegrationConfig,\n ) => GithubCredentialsProvider = config => {\n return new SingleInstanceGithubCredentialsProvider(\n new GithubAppCredentialsMux(config),\n config.token,\n );\n };\n\n private readonly githubAppCredentialsMux: GithubAppCredentialsMux;\n private readonly token?: string;\n\n private constructor(\n githubAppCredentialsMux: GithubAppCredentialsMux,\n token?: string,\n ) {\n this.githubAppCredentialsMux = githubAppCredentialsMux;\n this.token = token;\n }\n\n /\n Returns {@link GithubCredentials} for a given URL.\n \n @remarks\n \n Consecutive calls to this method with the same URL will return cached\n * credentials.\n \n The shortest lifetime for a token returned is 10 minutes.\n \n @example\n * ```ts\n * const { token, headers } = await getCredentials({\n * url: 'github.com/backstage/foobar'\n * })\n * ```\n \n @param opts - The organization or repository URL\n * @returns A promise of {@link GithubCredentials}.\n */\n async getCredentials(opts: { url: string }): Promise<GithubCredentials> {\n const parsed = parseGitUrl(opts.url);\n\n const owner = parsed.owner \|\| parsed.name;\n const repo = parsed.owner ? parsed.name : undefined;\n\n let type: GithubCredentialType = 'app';\n let token = await this.githubAppCredentialsMux.getAppToken(owner, repo);\n if (!token) {\n type = 'token';\n token = this.token;\n }\n\n return {\n headers: token ? { Authorization: `Bearer ${token}` } : undefined,\n token,\n type,\n };\n }\n}\n"],"names":[],"mappings":";;;;;AAsCA,MAAM,KAAA,CAAM;AAAA,EACO,UAAA,uBAAiB,GAAA,EAAmC;AAAA,EAErE,MAAM,gBAAA,CACJ,KAAA,EACA,IAAA,EACA,QAAA,EACkC;AAClC,IAAA,IAAI,wBAAA,GAA2B,IAAA,CAAK,UAAA,CAAW,GAAA,CAAI,KAAK,CAAA;AAExD,IAAA,IACE,CAAC,wBAAA,IACD,IAAA,CAAK,SAAA,CAAU,wBAAA,CAAyB,SAAS,CAAA,EACjD;AACA,MAAA,wBAAA,GAA2B,MAAM,QAAA,EAAS;AAE1C,MAAA,wBAAA,CAAyB,YACvB,wBAAA,CAAyB,SAAA,CAAU,MAAM,EAAE,OAAA,EAAS,IAAI,CAAA;AAC1D,MAAA,IAAA,CAAK,UAAA,CAAW,GAAA,CAAI,KAAA,EAAO,wBAAwB,CAAA;AAAA,IACrD;AAEA,IAAA,IAAI,CAAC,IAAA,CAAK,aAAA,CAAc,wBAAA,EAA0B,IAAI,CAAA,EAAG;AACvD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,6CAAA,EAAgD,KAAK,CAAA,iEAAA,EAAoE,IAAI,CAAA;AAAA,OAC/H;AAAA,IACF;AAEA,IAAA,OAAO,EAAE,WAAA,EAAa,wBAAA,CAAyB,KAAA,EAAM;AAAA,EACvD;AAAA,EAEQ,SAAA,GAAY,CAAC,IAAA,KAAmB,QAAA,CAAS,OAAM,GAAI,IAAA;AAAA,EAEnD,aAAA,CAAc,WAAkC,IAAA,EAAe;AAErE,IAAA,IAAI,SAAS,MAAA,EAAW;AACtB,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,SAAA,CAAU,iBAAiB,MAAA,EAAW;AACxC,MAAA,OAAO,SAAA,CAAU,YAAA,CAAa,QAAA,CAAS,IAAI,CAAA;AAAA,IAC7C;AAEA,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAOA,MAAM,OAAA,GAAU;AAAA,EACd,MAAA,EAAQ;AACV,CAAA;AAKA,MAAM,gBAAA,CAAiB;AAAA,EACJ,SAAA;AAAA,EACA,OAAA;AAAA,EACA,cAAA;AAAA,EACA,KAAA,GAAQ,IAAI,KAAA,EAAM;AAAA,EAClB,yBAAA;AAAA;AAAA,EACD,YAAA;AAAA,EAEhB,WAAA,CAAY,QAAyB,OAAA,EAAkB;AACrD,IAAA,IAAA,CAAK,yBAAA,GAA4B,OAAO,yBAAA,EAA2B,GAAA;AAAA,MACjE,CAAA,KAAA,KAAS,KAAA,CAAM,iBAAA,CAAkB,OAAO;AAAA,KAC1C;AACA,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AACf,IAAA,IAAA,CAAK,cAAA,GAAiB;AAAA,MACpB,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,UAAA,EAAY,MAAA,CAAO,UAAA,CAAW,OAAA,CAAQ,SAAS,IAAI;AAAA,KACrD;AACA,IAAA,IAAA,CAAK,SAAA,GAAY,IAAI,OAAA,CAAQ;AAAA,MAC3B,OAAA;AAAA,MACA,OAAA,EAAS,OAAA;AAAA,MACT,YAAA,EAAc,aAAA;AAAA,MACd,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AACD,IAAA,IAAA,CAAK,YAAA,GAAe,OAAO,YAAA,IAAgB,KAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,0BAAA,CACJ,KAAA,EACA,IAAA,EAC8C;AAC9C,IAAA,IAAI,KAAK,yBAAA,EAA2B;AAClC,MAAA,IACE,CAAC,KAAK,yBAAA,EAA2B,QAAA;AAAA,QAC/B,KAAA,CAAM,kBAAkB,OAAO;AAAA,OACjC,EACA;AACA,QAAA,OAAO,EAAE,aAAa,MAAA,EAAU;AAAA,MAClC;AAAA,IACF;AAGA,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,gBAAA,CAAiB,KAAA,EAAO,MAAM,YAAY;AAC1D,MAAA,MAAM,EAAE,cAAA,EAAgB,SAAA,EAAU,GAAI,MAAM,IAAA,CAAK,mBAAA;AAAA,QAC/C;AAAA,OACF;AACA,MAAA,IAAI,SAAA,EAAW;AACb,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,KAAK,CAAA,aAAA,CAAe,CAAA;AAAA,MACpE;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,KAAK,6BAAA,CAA8B;AAAA,QACrE,eAAA,EAAiB,cAAA;AAAA,QACjB,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,IAAI,eAAA;AAEJ,MAAA,IAAI,MAAA,CAAO,IAAA,CAAK,oBAAA,KAAyB,UAAA,EAAY;AACnD,QAAA,MAAM,kBAAA,GAAqB,IAAI,OAAA,CAAQ;AAAA,UACrC,SAAS,IAAA,CAAK,OAAA;AAAA,UACd,IAAA,EAAM,OAAO,IAAA,CAAK;AAAA,SACnB,CAAA;AACD,QAAA,MAAM,KAAA,GAAQ,MAAM,kBAAA,CAAmB,QAAA;AAAA,UACrC,mBAAmB,IAAA,CAAK;AAAA,SAC1B;AAEA,QAAA,MAAM,YAAA,GACJ,MAAM,YAAA,IAAgB,KAAA;AAExB,QAAA,eAAA,GAAkB,YAAA,CAAa,GAAA,CAAI,CAAA,UAAA,KAAc,UAAA,CAAW,IAAI,CAAA;AAAA,MAClE;AACA,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,QACnB,SAAA,EAAW,QAAA,CAAS,OAAA,CAAQ,MAAA,CAAO,KAAK,UAAU,CAAA;AAAA,QAClD,YAAA,EAAc;AAAA,OAChB;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,0BAAA,GAA+D;AACnE,IAAA,MAAM,CAAC,YAAY,CAAA,GAAI,MAAM,KAAK,gBAAA,EAAiB;AAEnD,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,MAAM,CAAA,oCAAA,CAAsC,CAAA;AAAA,IACxD;AAEA,IAAA,OAAO,KAAK,KAAA,CAAM,gBAAA;AAAA,MAChB,CAAA,OAAA,EAAU,aAAa,EAAE,CAAA,CAAA;AAAA,MACzB,MAAA;AAAA,MACA,YAAY;AACV,QAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,KAAK,6BAAA,CAA8B;AAAA,UACrE,iBAAiB,YAAA,CAAa,EAAA;AAAA,UAC9B,OAAA,EAAS;AAAA,SACV,CAAA;AAED,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,UACnB,SAAA,EAAW,QAAA,CAAS,OAAA,CAAQ,MAAA,CAAO,KAAK,UAAU;AAAA,SACpD;AAAA,MACF;AAAA,KACF;AAAA,EACF;AAAA,EAEA,gBAAA,GAEE;AACA,IAAA,OAAO,KAAK,SAAA,CAAU,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,KAAK,iBAAiB,CAAA;AAAA,EACtE;AAAA,EAEA,MAAc,oBAAoB,KAAA,EAA0C;AAC1E,IAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,gBAAA,EAAiB;AACrD,IAAA,MAAM,eAAe,gBAAA,CAAiB,IAAA;AAAA,MACpC,CAAA,IAAA,KACE,IAAA,CAAK,OAAA,IACL,OAAA,IAAW,KAAK,OAAA,IAChB,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,iBAAA,CAAkB,OAAO,CAAA,KAC3C,KAAA,CAAM,kBAAkB,OAAO;AAAA,KACrC;AAEA,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,OAAO;AAAA,QACL,gBAAgB,YAAA,CAAa,EAAA;AAAA,QAC7B,SAAA,EAAW,OAAA,CAAQ,YAAA,CAAa,YAAY;AAAA,OAC9C;AAAA,IACF;AAEA,IAAA,MAAM,gBAAgB,IAAI,KAAA;AAAA,MACxB,CAAA,8BAAA,EAAiC,KAAK,CAAA,IAAA,EAAO,IAAA,CAAK,eAAe,KAAK,CAAA;AAAA,KACxE;AACA,IAAA,aAAA,CAAc,IAAA,GAAO,eAAA;AACrB,IAAA,MAAM,aAAA;AAAA,EACR;AACF;AAOO,MAAM,uBAAA,CAAwB;AAAA,EAClB,IAAA;AAAA,EAEjB,WAAA,CAAY,MAAA,EAAiC,MAAA,GAAmB,EAAC,EAAG;AAClE,IAAA,IAAA,CAAK,IAAA,GACH,OAAO,IAAA,EACH,MAAA,CAAO,SAAQ,MAAA,CAAO,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,GAAA,CAAI,KAAK,IAAI,IAAK,CAAA,CAClE,GAAA,CAAI,CAAA,EAAA,KAAM,IAAI,gBAAA,CAAiB,IAAI,MAAA,CAAO,UAAU,CAAC,CAAA,IAAK,EAAC;AAAA,EAClE;AAAA,EAEA,MAAM,mBAAA,GAEJ;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,IAAA,CAAK,MAAA,EAAQ;AACrB,MAAA,OAAO,EAAC;AAAA,IACV;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,OAAA,CAAQ,GAAA;AAAA,MAC7B,KAAK,IAAA,CAAK,GAAA,CAAI,CAAA,GAAA,KAAO,GAAA,CAAI,kBAAkB;AAAA,KAC7C;AAEA,IAAA,OAAO,SAAS,IAAA,EAAK;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,CAAY,KAAA,EAAe,IAAA,EAA4C;AAC3E,IAAA,IAAI,IAAA,CAAK,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AAC1B,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,GAAA;AAAA,MAC5B,KAAK,IAAA,CAAK,GAAA;AAAA,QAAI,CAAA,GAAA,KACZ,GAAA,CAAI,0BAAA,CAA2B,KAAA,EAAO,IAAI,CAAA,CAAE,IAAA;AAAA,UAC1C,CAAA,WAAA,MAAgB,EAAE,WAAA,EAAa,KAAA,EAAO,MAAA,EAAU,CAAA;AAAA,UAChD,CAAA,KAAA,MAAU,EAAE,WAAA,EAAa,MAAA,EAAW,KAAA,EAAM;AAAA;AAC5C;AACF,KACF;AAEA,IAAA,MAAM,SAAS,OAAA,CAAQ,IAAA;AAAA,MACrB,CAAA,UAAA,KAAc,WAAW,WAAA,EAAa;AAAA,KACxC;AAEA,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,OAAO,OAAO,WAAA,CAAa,WAAA;AAAA,IAC7B;AAGA,IAAA,MAAM,kBAAkB,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,CAAA,GAAA,KAAO,IAAI,YAAY,CAAA;AAC9D,IAAA,IAAI,eAAA,EAAiB;AACnB,MAAA,MAAM,YAAA,GAAe,MAAM,eAAA,CACxB,0BAAA,EAA2B,CAC3B,IAAA;AAAA,QACC,CAAA,WAAA,MAAgB,EAAE,WAAA,EAAa,KAAA,EAAO,MAAA,EAAU,CAAA;AAAA,QAChD,CAAA,KAAA,MAAU,EAAE,WAAA,EAAa,MAAA,EAAW,KAAA,EAAM;AAAA,OAC5C;AAEF,MAAA,IAAI,YAAA,CAAa,aAAa,WAAA,EAAa;AACzC,QAAA,OAAO,aAAa,WAAA,CAAY,WAAA;AAAA,MAClC;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,KAAK,CAAA;AACvC,IAAA,MAAM,mBAAmB,MAAA,CAAO,IAAA,CAAK,CAAA,GAAA,KAAO,GAAA,EAAK,SAAS,eAAe,CAAA;AACzE,IAAA,IAAI,gBAAA,EAAkB;AACpB,MAAA,MAAM,gBAAA;AAAA,IACR;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AACF;AAUO,MAAM,uCAAA,CAEb;AAAA,EACE,OAAO,SAE0B,CAAA,MAAA,KAAU;AACzC,IAAA,OAAO,IAAI,uCAAA;AAAA,MACT,IAAI,wBAAwB,MAAM,CAAA;AAAA,MAClC,MAAA,CAAO;AAAA,KACT;AAAA,EACF,CAAA;AAAA,EAEiB,uBAAA;AAAA,EACA,KAAA;AAAA,EAET,WAAA,CACN,yBACA,KAAA,EACA;AACA,IAAA,IAAA,CAAK,uBAAA,GAA0B,uBAAA;AAC/B,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBA,MAAM,eAAe,IAAA,EAAmD;AACtE,IAAA,MAAM,MAAA,GAAS,WAAA,CAAY,IAAA,CAAK,GAAG,CAAA;AAEnC,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,IAAA;AACrC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,KAAA,GAAQ,MAAA,CAAO,IAAA,GAAO,MAAA;AAE1C,IAAA,IAAI,IAAA,GAA6B,KAAA;AACjC,IAAA,IAAI,QAAQ,MAAM,IAAA,CAAK,uBAAA,CAAwB,WAAA,CAAY,OAAO,IAAI,CAAA;AACtE,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,IAAA,GAAO,OAAA;AACP,MAAA,KAAA,GAAQ,IAAA,CAAK,KAAA;AAAA,IACf;AAEA,IAAA,OAAO;AAAA,MACL,SAAS,KAAA,GAAQ,EAAE,eAAe,CAAA,OAAA,EAAU,KAAK,IAAG,GAAI,MAAA;AAAA,MACxD,KAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACF;;;;"}
1	+ {"version":3,"file":"SingleInstanceGithubCredentialsProvider.esm.js","sources":["../../src/github/SingleInstanceGithubCredentialsProvider.ts"],"sourcesContent":["/\n Copyright 2021 The Backstage Authors\n \n Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n \n http://www.apache.org/licenses/LICENSE-2.0\n \n Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n /\n\nimport parseGitUrl from 'git-url-parse';\nimport { GithubAppConfig, GithubIntegrationConfig } from './config';\nimport { createAppAuth } from '@octokit/auth-app';\nimport { Octokit, RestEndpointMethodTypes } from '@octokit/rest';\nimport { DateTime } from 'luxon';\nimport {\n GithubCredentials,\n GithubCredentialsProvider,\n GithubCredentialType,\n} from './types';\n\ntype InstallationData = {\n installationId: number;\n suspended: boolean;\n};\n\ntype InstallationTokenData = {\n token: string;\n expiresAt: DateTime;\n repositories?: String[];\n};\n\nclass Cache {\n private readonly tokenCache = new Map<string, InstallationTokenData>();\n\n async getOrCreateToken(\n owner: string,\n repo: string \| undefined,\n supplier: () => Promise<InstallationTokenData>,\n ): Promise<{ accessToken: string }> {\n let existingInstallationData = this.tokenCache.get(owner);\n\n if (\n !existingInstallationData \|\|\n this.isExpired(existingInstallationData.expiresAt)\n ) {\n existingInstallationData = await supplier();\n // Allow 10 minutes grace to account for clock skew\n existingInstallationData.expiresAt =\n existingInstallationData.expiresAt.minus({ minutes: 10 });\n this.tokenCache.set(owner, existingInstallationData);\n }\n\n if (!this.appliesToRepo(existingInstallationData, repo)) {\n throw new Error(\n `The Backstage GitHub application used in the ${owner} organization does not have access to a repository with the name ${repo}`,\n );\n }\n\n return { accessToken: existingInstallationData.token };\n }\n\n private isExpired = (date: DateTime) => DateTime.local() > date;\n\n private appliesToRepo(tokenData: InstallationTokenData, repo?: string) {\n // If no specific repo has been requested the token is applicable\n if (repo === undefined) {\n return true;\n }\n // If the token is restricted to repositories, the token only applies if the repo is in the allow list\n if (tokenData.repositories !== undefined) {\n return tokenData.repositories.includes(repo);\n }\n // Otherwise the token is applicable\n return true;\n }\n}\n\n/\n This accept header is required when calling App APIs in GitHub Enterprise.\n * It has no effect on calls to github.com and can probably be removed entirely\n * once GitHub Apps is out of preview.\n /\nconst HEADERS = {\n Accept: 'application/vnd.github.machine-man-preview+json',\n};\n\n/\n GithubAppManager issues and caches tokens for a specific GitHub App.\n /\nclass GithubAppManager {\n private readonly appClient: Octokit;\n private readonly baseUrl?: string;\n private readonly baseAuthConfig: { appId: number; privateKey: string };\n private readonly cache = new Cache();\n private readonly allowedInstallationOwners: string[] \| undefined; // undefined allows all installations\n public readonly publicAccess: boolean;\n\n constructor(config: GithubAppConfig, baseUrl?: string) {\n this.allowedInstallationOwners = config.allowedInstallationOwners?.map(\n owner => owner.toLocaleLowerCase('en-US'),\n );\n this.baseUrl = baseUrl;\n this.baseAuthConfig = {\n appId: config.appId,\n privateKey: config.privateKey.replace(/\\\\n/gm, '\\n'),\n };\n this.appClient = new Octokit({\n baseUrl,\n headers: HEADERS,\n authStrategy: createAppAuth,\n auth: this.baseAuthConfig,\n });\n this.publicAccess = config.publicAccess ?? false;\n }\n\n async getInstallationCredentials(\n owner?: string,\n repo?: string,\n ): Promise<{ accessToken: string \| undefined }> {\n // No owner means a bare host URL (e.g. https://github.com) — return an\n // app-level JWT rather than an installation token.\n if (!owner) {\n const auth = createAppAuth({\n appId: this.baseAuthConfig.appId,\n privateKey: this.baseAuthConfig.privateKey,\n });\n const { token } = await auth({ type: 'app' });\n return { accessToken: token };\n }\n\n if (this.allowedInstallationOwners) {\n if (\n !this.allowedInstallationOwners?.includes(\n owner.toLocaleLowerCase('en-US'),\n )\n ) {\n return { accessToken: undefined }; // An empty token allows anonymous access to public repos\n }\n }\n\n // Go and grab an access token for the app scoped to a repository if provided, if not use the organisation installation.\n return this.cache.getOrCreateToken(owner, repo, async () => {\n const { installationId, suspended } = await this.getInstallationData(\n owner,\n );\n if (suspended) {\n throw new Error(`The GitHub application for ${owner} is suspended`);\n }\n\n const result = await this.appClient.apps.createInstallationAccessToken({\n installation_id: installationId,\n headers: HEADERS,\n });\n\n let repositoryNames;\n\n if (result.data.repository_selection === 'selected') {\n const installationClient = new Octokit({\n baseUrl: this.baseUrl,\n auth: result.data.token,\n });\n const repos = await installationClient.paginate(\n installationClient.apps.listReposAccessibleToInstallation,\n );\n // The return type of the paginate method is incorrect.\n const repositories: RestEndpointMethodTypes['apps']['listReposAccessibleToInstallation']['response']['data']['repositories'] =\n repos.repositories ?? repos;\n\n repositoryNames = repositories.map(repository => repository.name);\n }\n return {\n token: result.data.token,\n expiresAt: DateTime.fromISO(result.data.expires_at),\n repositories: repositoryNames,\n };\n });\n }\n\n async getPublicInstallationToken(): Promise<{ accessToken: string }> {\n const [installation] = await this.getInstallations();\n\n if (!installation) {\n throw new Error(`No installation found for public app`);\n }\n\n return this.cache.getOrCreateToken(\n `public:${installation.id}`,\n undefined,\n async () => {\n const result = await this.appClient.apps.createInstallationAccessToken({\n installation_id: installation.id,\n headers: HEADERS,\n });\n\n return {\n token: result.data.token,\n expiresAt: DateTime.fromISO(result.data.expires_at),\n };\n },\n );\n }\n\n getInstallations(): Promise<\n RestEndpointMethodTypes['apps']['listInstallations']['response']['data']\n > {\n return this.appClient.paginate(this.appClient.apps.listInstallations);\n }\n\n private async getInstallationData(owner: string): Promise<InstallationData> {\n const allInstallations = await this.getInstallations();\n const installation = allInstallations.find(\n inst =>\n inst.account &&\n 'login' in inst.account &&\n inst.account.login?.toLocaleLowerCase('en-US') ===\n owner.toLocaleLowerCase('en-US'),\n );\n\n if (installation) {\n return {\n installationId: installation.id,\n suspended: Boolean(installation.suspended_by),\n };\n }\n\n const notFoundError = new Error(\n `No app installation found for ${owner} in ${this.baseAuthConfig.appId}`,\n );\n notFoundError.name = 'NotFoundError';\n throw notFoundError;\n }\n}\n\n/\n Corresponds to a Github installation which internally could hold several GitHub Apps.\n \n @public\n /\nexport class GithubAppCredentialsMux {\n private readonly apps: GithubAppManager[];\n\n constructor(config: GithubIntegrationConfig, appIds: number[] = []) {\n this.apps =\n config.apps\n ?.filter(app => (appIds.length ? appIds.includes(app.appId) : true))\n .map(ac => new GithubAppManager(ac, config.apiBaseUrl)) ?? [];\n }\n\n async getAllInstallations(): Promise<\n RestEndpointMethodTypes['apps']['listInstallations']['response']['data']\n > {\n if (!this.apps.length) {\n return [];\n }\n\n const installs = await Promise.all(\n this.apps.map(app => app.getInstallations()),\n );\n\n return installs.flat();\n }\n\n async getAppToken(\n owner?: string,\n repo?: string,\n ): Promise<string \| undefined> {\n if (this.apps.length === 0) {\n return undefined;\n }\n\n const results = await Promise.all(\n this.apps.map(app =>\n app.getInstallationCredentials(owner, repo).then(\n credentials => ({ credentials, error: undefined }),\n error => ({ credentials: undefined, error }),\n ),\n ),\n );\n\n const result = results.find(\n resultItem => resultItem.credentials?.accessToken,\n );\n\n if (result) {\n return result.credentials!.accessToken;\n }\n\n // If there was no token returned, then let's find a public access app and use an installation to get a token.\n const publicAccessApp = this.apps.find(app => app.publicAccess);\n if (publicAccessApp) {\n const publicResult = await publicAccessApp\n .getPublicInstallationToken()\n .then(\n credentials => ({ credentials, error: undefined }),\n error => ({ credentials: undefined, error }),\n );\n\n if (publicResult.credentials?.accessToken) {\n return publicResult.credentials.accessToken;\n }\n }\n\n const errors = results.map(r => r.error);\n const notNotFoundError = errors.find(err => err?.name !== 'NotFoundError');\n if (notNotFoundError) {\n throw notNotFoundError;\n }\n\n return undefined;\n }\n}\n\n/\n Handles the creation and caching of credentials for GitHub integrations.\n \n @public\n * @remarks\n \n TODO: Possibly move this to a backend only package so that it's not used in the frontend by mistake\n /\nexport class SingleInstanceGithubCredentialsProvider\n implements GithubCredentialsProvider\n{\n static create: (\n config: GithubIntegrationConfig,\n ) => GithubCredentialsProvider = config => {\n return new SingleInstanceGithubCredentialsProvider(\n new GithubAppCredentialsMux(config),\n config.token,\n );\n };\n\n private readonly githubAppCredentialsMux: GithubAppCredentialsMux;\n private readonly token?: string;\n\n private constructor(\n githubAppCredentialsMux: GithubAppCredentialsMux,\n token?: string,\n ) {\n this.githubAppCredentialsMux = githubAppCredentialsMux;\n this.token = token;\n }\n\n /\n Returns {@link GithubCredentials} for a given URL.\n \n @remarks\n \n Consecutive calls to this method with the same URL will return cached\n * credentials.\n \n The shortest lifetime for a token returned is 10 minutes.\n \n @example\n * ```ts\n * const { token, headers } = await getCredentials({\n * url: 'github.com/backstage/foobar'\n * })\n * ```\n \n @param opts - The organization or repository URL\n * @returns A promise of {@link GithubCredentials}.\n */\n async getCredentials(opts: { url: string }): Promise<GithubCredentials> {\n const parsed = parseGitUrl(opts.url);\n\n const owner = parsed.owner \|\| parsed.name;\n const repo = parsed.owner ? parsed.name : undefined;\n\n let type: GithubCredentialType = 'app';\n let token = await this.githubAppCredentialsMux.getAppToken(owner, repo);\n if (!token) {\n type = 'token';\n token = this.token;\n }\n\n return {\n headers: token ? { Authorization: `Bearer ${token}` } : undefined,\n token,\n type,\n };\n }\n}\n"],"names":[],"mappings":";;;;;AAsCA,MAAM,KAAA,CAAM;AAAA,EACO,UAAA,uBAAiB,GAAA,EAAmC;AAAA,EAErE,MAAM,gBAAA,CACJ,KAAA,EACA,IAAA,EACA,QAAA,EACkC;AAClC,IAAA,IAAI,wBAAA,GAA2B,IAAA,CAAK,UAAA,CAAW,GAAA,CAAI,KAAK,CAAA;AAExD,IAAA,IACE,CAAC,wBAAA,IACD,IAAA,CAAK,SAAA,CAAU,wBAAA,CAAyB,SAAS,CAAA,EACjD;AACA,MAAA,wBAAA,GAA2B,MAAM,QAAA,EAAS;AAE1C,MAAA,wBAAA,CAAyB,YACvB,wBAAA,CAAyB,SAAA,CAAU,MAAM,EAAE,OAAA,EAAS,IAAI,CAAA;AAC1D,MAAA,IAAA,CAAK,UAAA,CAAW,GAAA,CAAI,KAAA,EAAO,wBAAwB,CAAA;AAAA,IACrD;AAEA,IAAA,IAAI,CAAC,IAAA,CAAK,aAAA,CAAc,wBAAA,EAA0B,IAAI,CAAA,EAAG;AACvD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,6CAAA,EAAgD,KAAK,CAAA,iEAAA,EAAoE,IAAI,CAAA;AAAA,OAC/H;AAAA,IACF;AAEA,IAAA,OAAO,EAAE,WAAA,EAAa,wBAAA,CAAyB,KAAA,EAAM;AAAA,EACvD;AAAA,EAEQ,SAAA,GAAY,CAAC,IAAA,KAAmB,QAAA,CAAS,OAAM,GAAI,IAAA;AAAA,EAEnD,aAAA,CAAc,WAAkC,IAAA,EAAe;AAErE,IAAA,IAAI,SAAS,MAAA,EAAW;AACtB,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,SAAA,CAAU,iBAAiB,MAAA,EAAW;AACxC,MAAA,OAAO,SAAA,CAAU,YAAA,CAAa,QAAA,CAAS,IAAI,CAAA;AAAA,IAC7C;AAEA,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAOA,MAAM,OAAA,GAAU;AAAA,EACd,MAAA,EAAQ;AACV,CAAA;AAKA,MAAM,gBAAA,CAAiB;AAAA,EACJ,SAAA;AAAA,EACA,OAAA;AAAA,EACA,cAAA;AAAA,EACA,KAAA,GAAQ,IAAI,KAAA,EAAM;AAAA,EAClB,yBAAA;AAAA;AAAA,EACD,YAAA;AAAA,EAEhB,WAAA,CAAY,QAAyB,OAAA,EAAkB;AACrD,IAAA,IAAA,CAAK,yBAAA,GAA4B,OAAO,yBAAA,EAA2B,GAAA;AAAA,MACjE,CAAA,KAAA,KAAS,KAAA,CAAM,iBAAA,CAAkB,OAAO;AAAA,KAC1C;AACA,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AACf,IAAA,IAAA,CAAK,cAAA,GAAiB;AAAA,MACpB,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,UAAA,EAAY,MAAA,CAAO,UAAA,CAAW,OAAA,CAAQ,SAAS,IAAI;AAAA,KACrD;AACA,IAAA,IAAA,CAAK,SAAA,GAAY,IAAI,OAAA,CAAQ;AAAA,MAC3B,OAAA;AAAA,MACA,OAAA,EAAS,OAAA;AAAA,MACT,YAAA,EAAc,aAAA;AAAA,MACd,MAAM,IAAA,CAAK;AAAA,KACZ,CAAA;AACD,IAAA,IAAA,CAAK,YAAA,GAAe,OAAO,YAAA,IAAgB,KAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,0BAAA,CACJ,KAAA,EACA,IAAA,EAC8C;AAG9C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,OAAO,aAAA,CAAc;AAAA,QACzB,KAAA,EAAO,KAAK,cAAA,CAAe,KAAA;AAAA,QAC3B,UAAA,EAAY,KAAK,cAAA,CAAe;AAAA,OACjC,CAAA;AACD,MAAA,MAAM,EAAE,OAAM,GAAI,MAAM,KAAK,EAAE,IAAA,EAAM,OAAO,CAAA;AAC5C,MAAA,OAAO,EAAE,aAAa,KAAA,EAAM;AAAA,IAC9B;AAEA,IAAA,IAAI,KAAK,yBAAA,EAA2B;AAClC,MAAA,IACE,CAAC,KAAK,yBAAA,EAA2B,QAAA;AAAA,QAC/B,KAAA,CAAM,kBAAkB,OAAO;AAAA,OACjC,EACA;AACA,QAAA,OAAO,EAAE,aAAa,MAAA,EAAU;AAAA,MAClC;AAAA,IACF;AAGA,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,gBAAA,CAAiB,KAAA,EAAO,MAAM,YAAY;AAC1D,MAAA,MAAM,EAAE,cAAA,EAAgB,SAAA,EAAU,GAAI,MAAM,IAAA,CAAK,mBAAA;AAAA,QAC/C;AAAA,OACF;AACA,MAAA,IAAI,SAAA,EAAW;AACb,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,KAAK,CAAA,aAAA,CAAe,CAAA;AAAA,MACpE;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,KAAK,6BAAA,CAA8B;AAAA,QACrE,eAAA,EAAiB,cAAA;AAAA,QACjB,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,IAAI,eAAA;AAEJ,MAAA,IAAI,MAAA,CAAO,IAAA,CAAK,oBAAA,KAAyB,UAAA,EAAY;AACnD,QAAA,MAAM,kBAAA,GAAqB,IAAI,OAAA,CAAQ;AAAA,UACrC,SAAS,IAAA,CAAK,OAAA;AAAA,UACd,IAAA,EAAM,OAAO,IAAA,CAAK;AAAA,SACnB,CAAA;AACD,QAAA,MAAM,KAAA,GAAQ,MAAM,kBAAA,CAAmB,QAAA;AAAA,UACrC,mBAAmB,IAAA,CAAK;AAAA,SAC1B;AAEA,QAAA,MAAM,YAAA,GACJ,MAAM,YAAA,IAAgB,KAAA;AAExB,QAAA,eAAA,GAAkB,YAAA,CAAa,GAAA,CAAI,CAAA,UAAA,KAAc,UAAA,CAAW,IAAI,CAAA;AAAA,MAClE;AACA,MAAA,OAAO;AAAA,QACL,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,QACnB,SAAA,EAAW,QAAA,CAAS,OAAA,CAAQ,MAAA,CAAO,KAAK,UAAU,CAAA;AAAA,QAClD,YAAA,EAAc;AAAA,OAChB;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,0BAAA,GAA+D;AACnE,IAAA,MAAM,CAAC,YAAY,CAAA,GAAI,MAAM,KAAK,gBAAA,EAAiB;AAEnD,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,MAAM,CAAA,oCAAA,CAAsC,CAAA;AAAA,IACxD;AAEA,IAAA,OAAO,KAAK,KAAA,CAAM,gBAAA;AAAA,MAChB,CAAA,OAAA,EAAU,aAAa,EAAE,CAAA,CAAA;AAAA,MACzB,MAAA;AAAA,MACA,YAAY;AACV,QAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,KAAK,6BAAA,CAA8B;AAAA,UACrE,iBAAiB,YAAA,CAAa,EAAA;AAAA,UAC9B,OAAA,EAAS;AAAA,SACV,CAAA;AAED,QAAA,OAAO;AAAA,UACL,KAAA,EAAO,OAAO,IAAA,CAAK,KAAA;AAAA,UACnB,SAAA,EAAW,QAAA,CAAS,OAAA,CAAQ,MAAA,CAAO,KAAK,UAAU;AAAA,SACpD;AAAA,MACF;AAAA,KACF;AAAA,EACF;AAAA,EAEA,gBAAA,GAEE;AACA,IAAA,OAAO,KAAK,SAAA,CAAU,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,KAAK,iBAAiB,CAAA;AAAA,EACtE;AAAA,EAEA,MAAc,oBAAoB,KAAA,EAA0C;AAC1E,IAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,gBAAA,EAAiB;AACrD,IAAA,MAAM,eAAe,gBAAA,CAAiB,IAAA;AAAA,MACpC,CAAA,IAAA,KACE,IAAA,CAAK,OAAA,IACL,OAAA,IAAW,KAAK,OAAA,IAChB,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,iBAAA,CAAkB,OAAO,CAAA,KAC3C,KAAA,CAAM,kBAAkB,OAAO;AAAA,KACrC;AAEA,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,OAAO;AAAA,QACL,gBAAgB,YAAA,CAAa,EAAA;AAAA,QAC7B,SAAA,EAAW,OAAA,CAAQ,YAAA,CAAa,YAAY;AAAA,OAC9C;AAAA,IACF;AAEA,IAAA,MAAM,gBAAgB,IAAI,KAAA;AAAA,MACxB,CAAA,8BAAA,EAAiC,KAAK,CAAA,IAAA,EAAO,IAAA,CAAK,eAAe,KAAK,CAAA;AAAA,KACxE;AACA,IAAA,aAAA,CAAc,IAAA,GAAO,eAAA;AACrB,IAAA,MAAM,aAAA;AAAA,EACR;AACF;AAOO,MAAM,uBAAA,CAAwB;AAAA,EAClB,IAAA;AAAA,EAEjB,WAAA,CAAY,MAAA,EAAiC,MAAA,GAAmB,EAAC,EAAG;AAClE,IAAA,IAAA,CAAK,IAAA,GACH,OAAO,IAAA,EACH,MAAA,CAAO,SAAQ,MAAA,CAAO,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,GAAA,CAAI,KAAK,IAAI,IAAK,CAAA,CAClE,GAAA,CAAI,CAAA,EAAA,KAAM,IAAI,gBAAA,CAAiB,IAAI,MAAA,CAAO,UAAU,CAAC,CAAA,IAAK,EAAC;AAAA,EAClE;AAAA,EAEA,MAAM,mBAAA,GAEJ;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,IAAA,CAAK,MAAA,EAAQ;AACrB,MAAA,OAAO,EAAC;AAAA,IACV;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,OAAA,CAAQ,GAAA;AAAA,MAC7B,KAAK,IAAA,CAAK,GAAA,CAAI,CAAA,GAAA,KAAO,GAAA,CAAI,kBAAkB;AAAA,KAC7C;AAEA,IAAA,OAAO,SAAS,IAAA,EAAK;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,CACJ,KAAA,EACA,IAAA,EAC6B;AAC7B,IAAA,IAAI,IAAA,CAAK,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AAC1B,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,GAAA;AAAA,MAC5B,KAAK,IAAA,CAAK,GAAA;AAAA,QAAI,CAAA,GAAA,KACZ,GAAA,CAAI,0BAAA,CAA2B,KAAA,EAAO,IAAI,CAAA,CAAE,IAAA;AAAA,UAC1C,CAAA,WAAA,MAAgB,EAAE,WAAA,EAAa,KAAA,EAAO,MAAA,EAAU,CAAA;AAAA,UAChD,CAAA,KAAA,MAAU,EAAE,WAAA,EAAa,MAAA,EAAW,KAAA,EAAM;AAAA;AAC5C;AACF,KACF;AAEA,IAAA,MAAM,SAAS,OAAA,CAAQ,IAAA;AAAA,MACrB,CAAA,UAAA,KAAc,WAAW,WAAA,EAAa;AAAA,KACxC;AAEA,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,OAAO,OAAO,WAAA,CAAa,WAAA;AAAA,IAC7B;AAGA,IAAA,MAAM,kBAAkB,IAAA,CAAK,IAAA,CAAK,IAAA,CAAK,CAAA,GAAA,KAAO,IAAI,YAAY,CAAA;AAC9D,IAAA,IAAI,eAAA,EAAiB;AACnB,MAAA,MAAM,YAAA,GAAe,MAAM,eAAA,CACxB,0BAAA,EAA2B,CAC3B,IAAA;AAAA,QACC,CAAA,WAAA,MAAgB,EAAE,WAAA,EAAa,KAAA,EAAO,MAAA,EAAU,CAAA;AAAA,QAChD,CAAA,KAAA,MAAU,EAAE,WAAA,EAAa,MAAA,EAAW,KAAA,EAAM;AAAA,OAC5C;AAEF,MAAA,IAAI,YAAA,CAAa,aAAa,WAAA,EAAa;AACzC,QAAA,OAAO,aAAa,WAAA,CAAY,WAAA;AAAA,MAClC;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,KAAK,CAAA;AACvC,IAAA,MAAM,mBAAmB,MAAA,CAAO,IAAA,CAAK,CAAA,GAAA,KAAO,GAAA,EAAK,SAAS,eAAe,CAAA;AACzE,IAAA,IAAI,gBAAA,EAAkB;AACpB,MAAA,MAAM,gBAAA;AAAA,IACR;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AACF;AAUO,MAAM,uCAAA,CAEb;AAAA,EACE,OAAO,SAE0B,CAAA,MAAA,KAAU;AACzC,IAAA,OAAO,IAAI,uCAAA;AAAA,MACT,IAAI,wBAAwB,MAAM,CAAA;AAAA,MAClC,MAAA,CAAO;AAAA,KACT;AAAA,EACF,CAAA;AAAA,EAEiB,uBAAA;AAAA,EACA,KAAA;AAAA,EAET,WAAA,CACN,yBACA,KAAA,EACA;AACA,IAAA,IAAA,CAAK,uBAAA,GAA0B,uBAAA;AAC/B,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBA,MAAM,eAAe,IAAA,EAAmD;AACtE,IAAA,MAAM,MAAA,GAAS,WAAA,CAAY,IAAA,CAAK,GAAG,CAAA;AAEnC,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,IAAS,MAAA,CAAO,IAAA;AACrC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,KAAA,GAAQ,MAAA,CAAO,IAAA,GAAO,MAAA;AAE1C,IAAA,IAAI,IAAA,GAA6B,KAAA;AACjC,IAAA,IAAI,QAAQ,MAAM,IAAA,CAAK,uBAAA,CAAwB,WAAA,CAAY,OAAO,IAAI,CAAA;AACtE,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,IAAA,GAAO,OAAA;AACP,MAAA,KAAA,GAAQ,IAAA,CAAK,KAAA;AAAA,IACf;AAEA,IAAA,OAAO;AAAA,MACL,SAAS,KAAA,GAAQ,EAAE,eAAe,CAAA,OAAA,EAAU,KAAK,IAAG,GAAI,MAAA;AAAA,MACxD,KAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACF;;;;"}

package/dist/index.cjs.js CHANGED Viewed

@@ -1,35 +1,35 @@
 'use strict';
 var AwsS3Integration = require('./awsS3/AwsS3Integration.cjs.js');
-var config = require('./awsS3/config.cjs.js');
+var config$2 = require('./awsS3/config.cjs.js');
 var AwsCodeCommitIntegration = require('./awsCodeCommit/AwsCodeCommitIntegration.cjs.js');
 var config$1 = require('./awsCodeCommit/config.cjs.js');
 var AzureBlobStorageIntegration = require('./azureBlobStorage/AzureBlobStorageIntegration.cjs.js');
-var config$2 = require('./azureBlobStorage/config.cjs.js');
+var config$3 = require('./azureBlobStorage/config.cjs.js');
 var DefaultAzureCredentialsProvider = require('./azureBlobStorage/DefaultAzureCredentialsProvider.cjs.js');
 var AzureIntegration = require('./azure/AzureIntegration.cjs.js');
-var config$3 = require('./azure/config.cjs.js');
-var core = require('./azure/core.cjs.js');
+var config$4 = require('./azure/config.cjs.js');
+var core$1 = require('./azure/core.cjs.js');
 var DefaultAzureDevOpsCredentialsProvider = require('./azure/DefaultAzureDevOpsCredentialsProvider.cjs.js');
 var BitbucketCloudIntegration = require('./bitbucketCloud/BitbucketCloudIntegration.cjs.js');
-var config$4 = require('./bitbucketCloud/config.cjs.js');
-var core$1 = require('./bitbucketCloud/core.cjs.js');
+var config$5 = require('./bitbucketCloud/config.cjs.js');
+var core$2 = require('./bitbucketCloud/core.cjs.js');
 var BitbucketServerIntegration = require('./bitbucketServer/BitbucketServerIntegration.cjs.js');
-var config$5 = require('./bitbucketServer/config.cjs.js');
-var core$2 = require('./bitbucketServer/core.cjs.js');
+var config$6 = require('./bitbucketServer/config.cjs.js');
+var core$3 = require('./bitbucketServer/core.cjs.js');
 var GerritIntegration = require('./gerrit/GerritIntegration.cjs.js');
-var config$6 = require('./gerrit/config.cjs.js');
-var core$3 = require('./gerrit/core.cjs.js');
+var config$7 = require('./gerrit/config.cjs.js');
+var core = require('./gerrit/core.cjs.js');
 var GiteaIntegration = require('./gitea/GiteaIntegration.cjs.js');
-var core$4 = require('./gitea/core.cjs.js');
-var config$7 = require('./gitea/config.cjs.js');
-var config$8 = require('./github/config.cjs.js');
-var core$5 = require('./github/core.cjs.js');
+var core$5 = require('./gitea/core.cjs.js');
+var config$8 = require('./gitea/config.cjs.js');
+var config$9 = require('./github/config.cjs.js');
+var core$6 = require('./github/core.cjs.js');
 var DefaultGithubCredentialsProvider = require('./github/DefaultGithubCredentialsProvider.cjs.js');
 var SingleInstanceGithubCredentialsProvider = require('./github/SingleInstanceGithubCredentialsProvider.cjs.js');
 var GithubIntegration = require('./github/GithubIntegration.cjs.js');
-var config$9 = require('./gitlab/config.cjs.js');
-var core$6 = require('./gitlab/core.cjs.js');
+var config = require('./gitlab/config.cjs.js');
+var core$4 = require('./gitlab/core.cjs.js');
 var GitLabIntegration = require('./gitlab/GitLabIntegration.cjs.js');
 var DefaultGitlabCredentialsProvider = require('./gitlab/DefaultGitlabCredentialsProvider.cjs.js');
 var config$a = require('./googleGcs/config.cjs.js');
@@ -43,70 +43,70 @@ var ScmIntegrations = require('./ScmIntegrations.cjs.js');
 exports.AwsS3Integration = AwsS3Integration.AwsS3Integration;
-exports.readAwsS3IntegrationConfig = config.readAwsS3IntegrationConfig;
-exports.readAwsS3IntegrationConfigs = config.readAwsS3IntegrationConfigs;
+exports.readAwsS3IntegrationConfig = config$2.readAwsS3IntegrationConfig;
+exports.readAwsS3IntegrationConfigs = config$2.readAwsS3IntegrationConfigs;
 exports.AwsCodeCommitIntegration = AwsCodeCommitIntegration.AwsCodeCommitIntegration;
 exports.readAwsCodeCommitIntegrationConfig = config$1.readAwsCodeCommitIntegrationConfig;
 exports.readAwsCodeCommitIntegrationConfigs = config$1.readAwsCodeCommitIntegrationConfigs;
 exports.AzureBlobStorageIntergation = AzureBlobStorageIntegration.AzureBlobStorageIntergation;
-exports.readAzureBlobStorageIntegrationConfig = config$2.readAzureBlobStorageIntegrationConfig;
-exports.readAzureBlobStorageIntegrationConfigs = config$2.readAzureBlobStorageIntegrationConfigs;
+exports.readAzureBlobStorageIntegrationConfig = config$3.readAzureBlobStorageIntegrationConfig;
+exports.readAzureBlobStorageIntegrationConfigs = config$3.readAzureBlobStorageIntegrationConfigs;
 exports.DefaultAzureCredentialsManager = DefaultAzureCredentialsProvider.DefaultAzureCredentialsManager;
 exports.AzureIntegration = AzureIntegration.AzureIntegration;
-exports.readAzureIntegrationConfig = config$3.readAzureIntegrationConfig;
-exports.readAzureIntegrationConfigs = config$3.readAzureIntegrationConfigs;
-exports.getAzureCommitsUrl = core.getAzureCommitsUrl;
-exports.getAzureDownloadUrl = core.getAzureDownloadUrl;
-exports.getAzureFileFetchUrl = core.getAzureFileFetchUrl;
+exports.readAzureIntegrationConfig = config$4.readAzureIntegrationConfig;
+exports.readAzureIntegrationConfigs = config$4.readAzureIntegrationConfigs;
+exports.getAzureCommitsUrl = core$1.getAzureCommitsUrl;
+exports.getAzureDownloadUrl = core$1.getAzureDownloadUrl;
+exports.getAzureFileFetchUrl = core$1.getAzureFileFetchUrl;
 exports.DefaultAzureDevOpsCredentialsProvider = DefaultAzureDevOpsCredentialsProvider.DefaultAzureDevOpsCredentialsProvider;
 exports.BitbucketCloudIntegration = BitbucketCloudIntegration.BitbucketCloudIntegration;
-exports.readBitbucketCloudIntegrationConfig = config$4.readBitbucketCloudIntegrationConfig;
-exports.readBitbucketCloudIntegrationConfigs = config$4.readBitbucketCloudIntegrationConfigs;
-exports.getBitbucketCloudDefaultBranch = core$1.getBitbucketCloudDefaultBranch;
-exports.getBitbucketCloudDownloadUrl = core$1.getBitbucketCloudDownloadUrl;
-exports.getBitbucketCloudFileFetchUrl = core$1.getBitbucketCloudFileFetchUrl;
-exports.getBitbucketCloudOAuthToken = core$1.getBitbucketCloudOAuthToken;
-exports.getBitbucketCloudRequestOptions = core$1.getBitbucketCloudRequestOptions;
+exports.readBitbucketCloudIntegrationConfig = config$5.readBitbucketCloudIntegrationConfig;
+exports.readBitbucketCloudIntegrationConfigs = config$5.readBitbucketCloudIntegrationConfigs;
+exports.getBitbucketCloudDefaultBranch = core$2.getBitbucketCloudDefaultBranch;
+exports.getBitbucketCloudDownloadUrl = core$2.getBitbucketCloudDownloadUrl;
+exports.getBitbucketCloudFileFetchUrl = core$2.getBitbucketCloudFileFetchUrl;
+exports.getBitbucketCloudOAuthToken = core$2.getBitbucketCloudOAuthToken;
+exports.getBitbucketCloudRequestOptions = core$2.getBitbucketCloudRequestOptions;
 exports.BitbucketServerIntegration = BitbucketServerIntegration.BitbucketServerIntegration;
-exports.readBitbucketServerIntegrationConfig = config$5.readBitbucketServerIntegrationConfig;
-exports.readBitbucketServerIntegrationConfigs = config$5.readBitbucketServerIntegrationConfigs;
-exports.getBitbucketServerDefaultBranch = core$2.getBitbucketServerDefaultBranch;
-exports.getBitbucketServerDownloadUrl = core$2.getBitbucketServerDownloadUrl;
-exports.getBitbucketServerFileFetchUrl = core$2.getBitbucketServerFileFetchUrl;
-exports.getBitbucketServerRequestOptions = core$2.getBitbucketServerRequestOptions;
+exports.readBitbucketServerIntegrationConfig = config$6.readBitbucketServerIntegrationConfig;
+exports.readBitbucketServerIntegrationConfigs = config$6.readBitbucketServerIntegrationConfigs;
+exports.getBitbucketServerDefaultBranch = core$3.getBitbucketServerDefaultBranch;
+exports.getBitbucketServerDownloadUrl = core$3.getBitbucketServerDownloadUrl;
+exports.getBitbucketServerFileFetchUrl = core$3.getBitbucketServerFileFetchUrl;
+exports.getBitbucketServerRequestOptions = core$3.getBitbucketServerRequestOptions;
 exports.GerritIntegration = GerritIntegration.GerritIntegration;
-exports.readGerritIntegrationConfig = config$6.readGerritIntegrationConfig;
-exports.readGerritIntegrationConfigs = config$6.readGerritIntegrationConfigs;
-exports.buildGerritGitilesArchiveUrlFromLocation = core$3.buildGerritGitilesArchiveUrlFromLocation;
-exports.getGerritBranchApiUrl = core$3.getGerritBranchApiUrl;
-exports.getGerritCloneRepoUrl = core$3.getGerritCloneRepoUrl;
-exports.getGerritFileContentsApiUrl = core$3.getGerritFileContentsApiUrl;
-exports.getGerritProjectsApiUrl = core$3.getGerritProjectsApiUrl;
-exports.getGerritRequestOptions = core$3.getGerritRequestOptions;
-exports.getGitilesAuthenticationUrl = core$3.getGitilesAuthenticationUrl;
-exports.parseGerritJsonResponse = core$3.parseGerritJsonResponse;
-exports.parseGitilesUrlRef = core$3.parseGitilesUrlRef;
+exports.readGerritIntegrationConfig = config$7.readGerritIntegrationConfig;
+exports.readGerritIntegrationConfigs = config$7.readGerritIntegrationConfigs;
+exports.buildGerritGitilesArchiveUrlFromLocation = core.buildGerritGitilesArchiveUrlFromLocation;
+exports.getGerritBranchApiUrl = core.getGerritBranchApiUrl;
+exports.getGerritCloneRepoUrl = core.getGerritCloneRepoUrl;
+exports.getGerritFileContentsApiUrl = core.getGerritFileContentsApiUrl;
+exports.getGerritProjectsApiUrl = core.getGerritProjectsApiUrl;
+exports.getGerritRequestOptions = core.getGerritRequestOptions;
+exports.getGitilesAuthenticationUrl = core.getGitilesAuthenticationUrl;
+exports.parseGerritJsonResponse = core.parseGerritJsonResponse;
+exports.parseGitilesUrlRef = core.parseGitilesUrlRef;
 exports.GiteaIntegration = GiteaIntegration.GiteaIntegration;
-exports.getGiteaArchiveUrl = core$4.getGiteaArchiveUrl;
-exports.getGiteaEditContentsUrl = core$4.getGiteaEditContentsUrl;
-exports.getGiteaFileContentsUrl = core$4.getGiteaFileContentsUrl;
-exports.getGiteaLatestCommitUrl = core$4.getGiteaLatestCommitUrl;
-exports.getGiteaRequestOptions = core$4.getGiteaRequestOptions;
-exports.parseGiteaUrl = core$4.parseGiteaUrl;
-exports.readGiteaConfig = config$7.readGiteaConfig;
-exports.readGithubIntegrationConfig = config$8.readGithubIntegrationConfig;
-exports.readGithubIntegrationConfigs = config$8.readGithubIntegrationConfigs;
-exports.getGithubFileFetchUrl = core$5.getGithubFileFetchUrl;
+exports.getGiteaArchiveUrl = core$5.getGiteaArchiveUrl;
+exports.getGiteaEditContentsUrl = core$5.getGiteaEditContentsUrl;
+exports.getGiteaFileContentsUrl = core$5.getGiteaFileContentsUrl;
+exports.getGiteaLatestCommitUrl = core$5.getGiteaLatestCommitUrl;
+exports.getGiteaRequestOptions = core$5.getGiteaRequestOptions;
+exports.parseGiteaUrl = core$5.parseGiteaUrl;
+exports.readGiteaConfig = config$8.readGiteaConfig;
+exports.readGithubIntegrationConfig = config$9.readGithubIntegrationConfig;
+exports.readGithubIntegrationConfigs = config$9.readGithubIntegrationConfigs;
+exports.getGithubFileFetchUrl = core$6.getGithubFileFetchUrl;
 exports.DefaultGithubCredentialsProvider = DefaultGithubCredentialsProvider.DefaultGithubCredentialsProvider;
 exports.GithubAppCredentialsMux = SingleInstanceGithubCredentialsProvider.GithubAppCredentialsMux;
 exports.SingleInstanceGithubCredentialsProvider = SingleInstanceGithubCredentialsProvider.SingleInstanceGithubCredentialsProvider;
 exports.GithubIntegration = GithubIntegration.GithubIntegration;
 exports.replaceGithubUrlType = GithubIntegration.replaceGithubUrlType;
-exports.getGitLabIntegrationRelativePath = config$9.getGitLabIntegrationRelativePath;
-exports.readGitLabIntegrationConfig = config$9.readGitLabIntegrationConfig;
-exports.readGitLabIntegrationConfigs = config$9.readGitLabIntegrationConfigs;
-exports.getGitLabFileFetchUrl = core$6.getGitLabFileFetchUrl;
-exports.getGitLabRequestOptions = core$6.getGitLabRequestOptions;
+exports.getGitLabIntegrationRelativePath = config.getGitLabIntegrationRelativePath;
+exports.readGitLabIntegrationConfig = config.readGitLabIntegrationConfig;
+exports.readGitLabIntegrationConfigs = config.readGitLabIntegrationConfigs;
+exports.getGitLabFileFetchUrl = core$4.getGitLabFileFetchUrl;
+exports.getGitLabRequestOptions = core$4.getGitLabRequestOptions;
 exports.GitLabIntegration = GitLabIntegration.GitLabIntegration;
 exports.replaceGitLabUrlType = GitLabIntegration.replaceGitLabUrlType;
 exports.DefaultGitlabCredentialsProvider = DefaultGitlabCredentialsProvider.DefaultGitlabCredentialsProvider;

package/dist/index.d.ts CHANGED Viewed

@@ -1604,7 +1604,7 @@ declare class GithubAppCredentialsMux {
     private readonly apps;
     constructor(config: GithubIntegrationConfig, appIds?: number[]);
     getAllInstallations(): Promise<RestEndpointMethodTypes['apps']['listInstallations']['response']['data']>;
-    getAppToken(owner: string, repo?: string): Promise<string | undefined>;
+    getAppToken(owner?: string, repo?: string): Promise<string | undefined>;
 }
 /**
  * Handles the creation and caching of credentials for GitHub integrations.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@backstage/integration",
-  "version": "2.0.0",
+  "version": "2.0.1-next.0",
   "description": "Helpers for managing integrations towards external systems",
   "backstage": {
     "role": "common-library"
@@ -39,8 +39,8 @@
   "dependencies": {
     "@azure/identity": "^4.0.0",
     "@azure/storage-blob": "^12.5.0",
-    "@backstage/config": "^1.3.6",
-    "@backstage/errors": "^1.2.7",
+    "@backstage/config": "1.3.7-next.0",
+    "@backstage/errors": "1.3.0-next.0",
     "@octokit/auth-app": "^4.0.0",
     "@octokit/rest": "^19.0.3",
     "cross-fetch": "^4.0.0",
@@ -50,8 +50,8 @@
     "p-throttle": "^4.1.1"
   },
   "devDependencies": {
-    "@backstage/cli": "^0.36.0",
-    "@backstage/config-loader": "^1.10.9",
+    "@backstage/cli": "0.36.1-next.2",
+    "@backstage/config-loader": "1.10.10-next.1",
     "msw": "^1.0.0"
   },
   "configSchema": "config.d.ts",