@continuoussecuritytooling/keycloak-reporter 0.6.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.docs/realm-config.json +0 -0
- package/.eslintrc.cjs +4 -3
- package/.github/FUNDING.yml +2 -1
- package/.github/workflows/pipeline.yml +61 -16
- package/.github/workflows/release.yml +6 -6
- package/.prettierrc +2 -2
- package/CHANGELOG.md +92 -11
- package/Dockerfile +16 -2
- package/README.md +8 -4
- package/artifacthub-repo.yml +6 -0
- package/charts/keycloak-reporter/Chart.yaml +10 -4
- package/charts/keycloak-reporter/README.md +7 -16
- package/charts/keycloak-reporter/ci.values.yaml +13 -0
- package/charts/keycloak-reporter/templates/cronjob.yaml +4 -5
- package/charts/keycloak-reporter/templates/tests/test-connection.yaml +57 -0
- package/charts/keycloak-reporter/values.yaml +2 -1
- package/cli.ts +59 -87
- package/config/schema.json +6 -1
- package/dist/cli.js +38 -37
- package/dist/cli.js.map +1 -1
- package/dist/config/schema.json +6 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/lib/client.js +7 -24
- package/dist/lib/client.js.map +1 -1
- package/dist/lib/convert.js +0 -0
- package/dist/lib/convert.js.map +0 -0
- package/dist/lib/output.js +2 -2
- package/dist/lib/output.js.map +1 -1
- package/dist/lib/user.js +79 -44
- package/dist/lib/user.js.map +1 -1
- package/dist/src/commands.js +30 -0
- package/dist/src/commands.js.map +1 -0
- package/dist/src/config.js +0 -9
- package/dist/src/config.js.map +1 -1
- package/e2e/spec/clients.js +1 -1
- package/e2e/spec/config.js +25 -1
- package/e2e/spec/users.js +1 -1
- package/index.ts +2 -2
- package/keycloak-reporter-1.2.1.tgz +0 -0
- package/lib/client.ts +10 -37
- package/lib/output.ts +2 -2
- package/lib/user.ts +86 -49
- package/package.json +5 -4
- package/renovate.json +12 -5
- package/src/commands.ts +37 -0
- package/src/config.ts +6 -17
- package/dist/src/cli.js +0 -19
- package/dist/src/cli.js.map +0 -1
- package/src/cli.ts +0 -26
package/cli.ts
CHANGED
|
@@ -4,15 +4,8 @@ import { writeFileSync } from 'node:fs';
|
|
|
4
4
|
import path from 'path';
|
|
5
5
|
import yargs from 'yargs/yargs';
|
|
6
6
|
import { hideBin } from 'yargs/helpers';
|
|
7
|
-
import {
|
|
8
|
-
listUsers,
|
|
9
|
-
listClients,
|
|
10
|
-
Options,
|
|
11
|
-
convertJSON2CSV,
|
|
12
|
-
post2Webhook
|
|
13
|
-
} from './index.js';
|
|
7
|
+
import { configTest, listUsers, listClients, Options, convertJSON2CSV, post2Webhook } from './index.js';
|
|
14
8
|
import config from './src/config.js';
|
|
15
|
-
|
|
16
9
|
class WebhookConfig {
|
|
17
10
|
type: string;
|
|
18
11
|
url: string;
|
|
@@ -31,13 +24,34 @@ class ReportConfig {
|
|
|
31
24
|
directory: string;
|
|
32
25
|
}
|
|
33
26
|
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
27
|
+
function getKeycloakConfig(config, argv): Options {
|
|
28
|
+
return {
|
|
29
|
+
clientId: config.clientId ? config.clientId : (argv.clientId as string),
|
|
30
|
+
clientSecret: config.clientSecret ? config.clientSecret : (argv.clientSecret as string),
|
|
31
|
+
rootUrl: config.url ? config.url : (argv.url as string),
|
|
32
|
+
useAuditingEndpoint: argv.useAuditingEndpoint == true || config.useAuditingEndpoint.toLowerCase() == 'true',
|
|
33
|
+
};
|
|
34
|
+
}
|
|
35
|
+
|
|
36
|
+
function convertData(config, argv, name: string, title: string, json: object) {
|
|
37
|
+
convert(
|
|
38
|
+
config.format ? config.format : (argv.format as string),
|
|
39
|
+
config.output ? config.output : (argv.output as string),
|
|
40
|
+
{
|
|
41
|
+
name,
|
|
42
|
+
directory: argv.reports ? (argv.reports as string) : config.reports,
|
|
43
|
+
},
|
|
44
|
+
new WebhookConfig(
|
|
45
|
+
config.webhookType ? config.webhookType : (argv.webhookType as string),
|
|
46
|
+
config.webhookUrl ? config.webhookUrl : (argv.webhookUrl as string),
|
|
47
|
+
title,
|
|
48
|
+
config.webhookMessage ? config.webhookMessage : (argv.webhookMessage as string)
|
|
49
|
+
),
|
|
50
|
+
json
|
|
51
|
+
);
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
async function convert(format: string, output: string, reports: ReportConfig, config: WebhookConfig, json: object) {
|
|
41
55
|
let outputContent: string;
|
|
42
56
|
switch (format) {
|
|
43
57
|
case 'csv':
|
|
@@ -52,24 +66,20 @@ async function convert(
|
|
|
52
66
|
writeFileSync(
|
|
53
67
|
path.join(
|
|
54
68
|
`${reports.directory}`,
|
|
55
|
-
`${reports.name}_${date.getFullYear()}-${
|
|
56
|
-
date.getMonth() + 1
|
|
57
|
-
}-${date.getDate()}.${format.toLowerCase()}`
|
|
69
|
+
`${reports.name}_${date.getFullYear()}-${date.getMonth() + 1}-${date.getDate()}.${format.toLowerCase()}`
|
|
58
70
|
),
|
|
59
71
|
outputContent
|
|
60
72
|
);
|
|
61
73
|
}
|
|
62
74
|
switch (output) {
|
|
63
75
|
case 'webhook':
|
|
76
|
+
if (!config.url) {
|
|
77
|
+
console.error('No valid Webhook URL given');
|
|
78
|
+
throw new Error('Please provide a valid --webhookUrl parameter');
|
|
79
|
+
}
|
|
64
80
|
try {
|
|
65
81
|
console.log(`Sending report via webhook to ${config.type} ....`);
|
|
66
|
-
await post2Webhook(
|
|
67
|
-
config.type,
|
|
68
|
-
config.url,
|
|
69
|
-
config.title,
|
|
70
|
-
outputContent,
|
|
71
|
-
config.message
|
|
72
|
-
);
|
|
82
|
+
await post2Webhook(config.type, config.url, config.title, outputContent, config.message);
|
|
73
83
|
console.log('Done sending.');
|
|
74
84
|
} catch (e) {
|
|
75
85
|
switch (e.code || e.message) {
|
|
@@ -80,10 +90,7 @@ async function convert(
|
|
|
80
90
|
console.error('Invalid Slack Webhook Payload. Check your params.');
|
|
81
91
|
throw new Error('Invalid Slack Payload');
|
|
82
92
|
default:
|
|
83
|
-
console.error(
|
|
84
|
-
`Error during sending webhook.(${e?.code})`,
|
|
85
|
-
e?.original
|
|
86
|
-
);
|
|
93
|
+
console.error(`Error during sending webhook.(${e?.code})`, e?.original);
|
|
87
94
|
throw e;
|
|
88
95
|
}
|
|
89
96
|
}
|
|
@@ -101,32 +108,8 @@ yargs(hideBin(process.argv))
|
|
|
101
108
|
// eslint-disable-next-line @typescript-eslint/no-empty-function
|
|
102
109
|
() => {},
|
|
103
110
|
async (argv) => {
|
|
104
|
-
const users = await listUsers(
|
|
105
|
-
|
|
106
|
-
clientSecret: config.clientSecret
|
|
107
|
-
? config.clientSecret
|
|
108
|
-
: (argv.clientSecret as string),
|
|
109
|
-
rootUrl: config.url ? config.url : (argv.url as string)
|
|
110
|
-
});
|
|
111
|
-
await convert(
|
|
112
|
-
config.format ? config.format : (argv.format as string),
|
|
113
|
-
config.output ? config.output : (argv.output as string),
|
|
114
|
-
{
|
|
115
|
-
name: 'user_listing',
|
|
116
|
-
directory: argv.reports ? (argv.reports as string) : config.reports
|
|
117
|
-
},
|
|
118
|
-
new WebhookConfig(
|
|
119
|
-
config.webhookType
|
|
120
|
-
? config.webhookType
|
|
121
|
-
: (argv.webhookType as string),
|
|
122
|
-
config.webhookUrl ? config.webhookUrl : (argv.webhookUrl as string),
|
|
123
|
-
'User Listing',
|
|
124
|
-
config.webhookMessage
|
|
125
|
-
? config.webhookMessage
|
|
126
|
-
: (argv.webhookMessage as string)
|
|
127
|
-
),
|
|
128
|
-
users
|
|
129
|
-
);
|
|
111
|
+
const users = await listUsers(getKeycloakConfig(config, argv));
|
|
112
|
+
convertData(config, argv, 'user_listing', 'User Listing', users);
|
|
130
113
|
}
|
|
131
114
|
)
|
|
132
115
|
.command(
|
|
@@ -135,65 +118,54 @@ yargs(hideBin(process.argv))
|
|
|
135
118
|
// eslint-disable-next-line @typescript-eslint/no-empty-function
|
|
136
119
|
() => {},
|
|
137
120
|
async (argv) => {
|
|
138
|
-
const clients = await listClients(
|
|
139
|
-
|
|
140
|
-
clientSecret: config.clientSecret
|
|
141
|
-
? config.clientSecret
|
|
142
|
-
: (argv.clientSecret as string),
|
|
143
|
-
rootUrl: config.url ? config.url : (argv.url as string)
|
|
144
|
-
});
|
|
145
|
-
await convert(
|
|
146
|
-
config.format ? config.format : (argv.format as string),
|
|
147
|
-
config.output ? config.output : (argv.output as string),
|
|
148
|
-
{
|
|
149
|
-
name: 'client_listing',
|
|
150
|
-
directory: argv.reports ? (argv.reports as string) : config.reports
|
|
151
|
-
},
|
|
152
|
-
new WebhookConfig(
|
|
153
|
-
config.webhookType
|
|
154
|
-
? config.webhookType
|
|
155
|
-
: (argv.webhookType as string),
|
|
156
|
-
config.webhookUrl ? config.webhookUrl : (argv.webhookUrl as string),
|
|
157
|
-
'Client Listing',
|
|
158
|
-
config.webhookMessage
|
|
159
|
-
? config.webhookMessage
|
|
160
|
-
: (argv.webhookMessage as string)
|
|
161
|
-
),
|
|
162
|
-
clients
|
|
163
|
-
);
|
|
121
|
+
const clients = await listClients(getKeycloakConfig(config, argv));
|
|
122
|
+
convertData(config, argv, 'client_listing', 'Client Listing', clients);
|
|
164
123
|
}
|
|
165
124
|
)
|
|
166
125
|
.option('format', {
|
|
167
126
|
alias: 'f',
|
|
168
127
|
type: 'string',
|
|
169
128
|
default: 'json',
|
|
170
|
-
description: 'output format, e.g. JSON|CSV'
|
|
129
|
+
description: 'output format, e.g. JSON|CSV',
|
|
171
130
|
})
|
|
172
131
|
.option('output', {
|
|
173
132
|
alias: 'o',
|
|
174
133
|
type: 'string',
|
|
175
134
|
default: 'stdout',
|
|
176
|
-
description: 'output channel'
|
|
135
|
+
description: 'output channel',
|
|
177
136
|
})
|
|
178
137
|
.option('webhookType', {
|
|
179
138
|
alias: 'w',
|
|
180
139
|
type: 'string',
|
|
181
140
|
default: 'slack',
|
|
182
|
-
description: 'Webhook Type'
|
|
141
|
+
description: 'Webhook Type',
|
|
183
142
|
})
|
|
184
143
|
.option('webhookMessage', {
|
|
185
144
|
alias: 'm',
|
|
186
145
|
type: 'string',
|
|
187
|
-
description: 'Webhook Message'
|
|
146
|
+
description: 'Webhook Message',
|
|
188
147
|
})
|
|
189
148
|
.option('webhookUrl', {
|
|
190
149
|
alias: 't',
|
|
191
150
|
type: 'string',
|
|
192
|
-
description: 'Webhook URL'
|
|
151
|
+
description: 'Webhook URL',
|
|
193
152
|
})
|
|
194
153
|
.option('reports', {
|
|
195
154
|
alias: 'r',
|
|
196
155
|
type: 'string',
|
|
197
|
-
description: 'Reports directory'
|
|
156
|
+
description: 'Reports directory',
|
|
198
157
|
})
|
|
158
|
+
.option('useAuditingEndpoint', {
|
|
159
|
+
alias: 'a',
|
|
160
|
+
type: 'boolean',
|
|
161
|
+
default: false,
|
|
162
|
+
description: 'use auditior rest endpoint',
|
|
163
|
+
})
|
|
164
|
+
.command(
|
|
165
|
+
'configTest [url] [clientId] [clientSecret]',
|
|
166
|
+
'validates keycloak configuration by reading data via REST API',
|
|
167
|
+
// eslint-disable-next-line @typescript-eslint/no-empty-function
|
|
168
|
+
() => {},
|
|
169
|
+
async (argv) => configTest(getKeycloakConfig(config, argv)),
|
|
170
|
+
)
|
|
199
171
|
.parse();
|
package/config/schema.json
CHANGED
package/dist/cli.js
CHANGED
|
@@ -3,7 +3,7 @@ import { writeFileSync } from 'node:fs';
|
|
|
3
3
|
import path from 'path';
|
|
4
4
|
import yargs from 'yargs/yargs';
|
|
5
5
|
import { hideBin } from 'yargs/helpers';
|
|
6
|
-
import { listUsers, listClients, convertJSON2CSV, post2Webhook } from './index.js';
|
|
6
|
+
import { configTest, listUsers, listClients, convertJSON2CSV, post2Webhook } from './index.js';
|
|
7
7
|
import config from './src/config.js';
|
|
8
8
|
class WebhookConfig {
|
|
9
9
|
constructor(type, url, title, message) {
|
|
@@ -15,6 +15,20 @@ class WebhookConfig {
|
|
|
15
15
|
}
|
|
16
16
|
class ReportConfig {
|
|
17
17
|
}
|
|
18
|
+
function getKeycloakConfig(config, argv) {
|
|
19
|
+
return {
|
|
20
|
+
clientId: config.clientId ? config.clientId : argv.clientId,
|
|
21
|
+
clientSecret: config.clientSecret ? config.clientSecret : argv.clientSecret,
|
|
22
|
+
rootUrl: config.url ? config.url : argv.url,
|
|
23
|
+
useAuditingEndpoint: argv.useAuditingEndpoint == true || config.useAuditingEndpoint.toLowerCase() == 'true',
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
function convertData(config, argv, name, title, json) {
|
|
27
|
+
convert(config.format ? config.format : argv.format, config.output ? config.output : argv.output, {
|
|
28
|
+
name,
|
|
29
|
+
directory: argv.reports ? argv.reports : config.reports,
|
|
30
|
+
}, new WebhookConfig(config.webhookType ? config.webhookType : argv.webhookType, config.webhookUrl ? config.webhookUrl : argv.webhookUrl, title, config.webhookMessage ? config.webhookMessage : argv.webhookMessage), json);
|
|
31
|
+
}
|
|
18
32
|
async function convert(format, output, reports, config, json) {
|
|
19
33
|
let outputContent;
|
|
20
34
|
switch (format) {
|
|
@@ -31,6 +45,10 @@ async function convert(format, output, reports, config, json) {
|
|
|
31
45
|
}
|
|
32
46
|
switch (output) {
|
|
33
47
|
case 'webhook':
|
|
48
|
+
if (!config.url) {
|
|
49
|
+
console.error('No valid Webhook URL given');
|
|
50
|
+
throw new Error('Please provide a valid --webhookUrl parameter');
|
|
51
|
+
}
|
|
34
52
|
try {
|
|
35
53
|
console.log(`Sending report via webhook to ${config.type} ....`);
|
|
36
54
|
await post2Webhook(config.type, config.url, config.title, outputContent, config.message);
|
|
@@ -59,73 +77,56 @@ yargs(hideBin(process.argv))
|
|
|
59
77
|
.command('listUsers [url] [clientId] [clientSecret]', 'fetches all users in the realms.',
|
|
60
78
|
// eslint-disable-next-line @typescript-eslint/no-empty-function
|
|
61
79
|
() => { }, async (argv) => {
|
|
62
|
-
const users = await listUsers(
|
|
63
|
-
|
|
64
|
-
clientSecret: config.clientSecret
|
|
65
|
-
? config.clientSecret
|
|
66
|
-
: argv.clientSecret,
|
|
67
|
-
rootUrl: config.url ? config.url : argv.url
|
|
68
|
-
});
|
|
69
|
-
await convert(config.format ? config.format : argv.format, config.output ? config.output : argv.output, {
|
|
70
|
-
name: 'user_listing',
|
|
71
|
-
directory: argv.reports ? argv.reports : config.reports
|
|
72
|
-
}, new WebhookConfig(config.webhookType
|
|
73
|
-
? config.webhookType
|
|
74
|
-
: argv.webhookType, config.webhookUrl ? config.webhookUrl : argv.webhookUrl, 'User Listing', config.webhookMessage
|
|
75
|
-
? config.webhookMessage
|
|
76
|
-
: argv.webhookMessage), users);
|
|
80
|
+
const users = await listUsers(getKeycloakConfig(config, argv));
|
|
81
|
+
convertData(config, argv, 'user_listing', 'User Listing', users);
|
|
77
82
|
})
|
|
78
83
|
.command('listClients [url] [clientId] [clientSecret]', 'fetches all clients in the realms.',
|
|
79
84
|
// eslint-disable-next-line @typescript-eslint/no-empty-function
|
|
80
85
|
() => { }, async (argv) => {
|
|
81
|
-
const clients = await listClients(
|
|
82
|
-
|
|
83
|
-
clientSecret: config.clientSecret
|
|
84
|
-
? config.clientSecret
|
|
85
|
-
: argv.clientSecret,
|
|
86
|
-
rootUrl: config.url ? config.url : argv.url
|
|
87
|
-
});
|
|
88
|
-
await convert(config.format ? config.format : argv.format, config.output ? config.output : argv.output, {
|
|
89
|
-
name: 'client_listing',
|
|
90
|
-
directory: argv.reports ? argv.reports : config.reports
|
|
91
|
-
}, new WebhookConfig(config.webhookType
|
|
92
|
-
? config.webhookType
|
|
93
|
-
: argv.webhookType, config.webhookUrl ? config.webhookUrl : argv.webhookUrl, 'Client Listing', config.webhookMessage
|
|
94
|
-
? config.webhookMessage
|
|
95
|
-
: argv.webhookMessage), clients);
|
|
86
|
+
const clients = await listClients(getKeycloakConfig(config, argv));
|
|
87
|
+
convertData(config, argv, 'client_listing', 'Client Listing', clients);
|
|
96
88
|
})
|
|
97
89
|
.option('format', {
|
|
98
90
|
alias: 'f',
|
|
99
91
|
type: 'string',
|
|
100
92
|
default: 'json',
|
|
101
|
-
description: 'output format, e.g. JSON|CSV'
|
|
93
|
+
description: 'output format, e.g. JSON|CSV',
|
|
102
94
|
})
|
|
103
95
|
.option('output', {
|
|
104
96
|
alias: 'o',
|
|
105
97
|
type: 'string',
|
|
106
98
|
default: 'stdout',
|
|
107
|
-
description: 'output channel'
|
|
99
|
+
description: 'output channel',
|
|
108
100
|
})
|
|
109
101
|
.option('webhookType', {
|
|
110
102
|
alias: 'w',
|
|
111
103
|
type: 'string',
|
|
112
104
|
default: 'slack',
|
|
113
|
-
description: 'Webhook Type'
|
|
105
|
+
description: 'Webhook Type',
|
|
114
106
|
})
|
|
115
107
|
.option('webhookMessage', {
|
|
116
108
|
alias: 'm',
|
|
117
109
|
type: 'string',
|
|
118
|
-
description: 'Webhook Message'
|
|
110
|
+
description: 'Webhook Message',
|
|
119
111
|
})
|
|
120
112
|
.option('webhookUrl', {
|
|
121
113
|
alias: 't',
|
|
122
114
|
type: 'string',
|
|
123
|
-
description: 'Webhook URL'
|
|
115
|
+
description: 'Webhook URL',
|
|
124
116
|
})
|
|
125
117
|
.option('reports', {
|
|
126
118
|
alias: 'r',
|
|
127
119
|
type: 'string',
|
|
128
|
-
description: 'Reports directory'
|
|
120
|
+
description: 'Reports directory',
|
|
129
121
|
})
|
|
122
|
+
.option('useAuditingEndpoint', {
|
|
123
|
+
alias: 'a',
|
|
124
|
+
type: 'boolean',
|
|
125
|
+
default: false,
|
|
126
|
+
description: 'use auditior rest endpoint',
|
|
127
|
+
})
|
|
128
|
+
.command('configTest [url] [clientId] [clientSecret]', 'validates keycloak configuration by reading data via REST API',
|
|
129
|
+
// eslint-disable-next-line @typescript-eslint/no-empty-function
|
|
130
|
+
() => { }, async (argv) => configTest(getKeycloakConfig(config, argv)))
|
|
130
131
|
.parse();
|
|
131
132
|
//# sourceMappingURL=cli.js.map
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAK,MAAM,aAAa,CAAC;AAChC,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAK,MAAM,aAAa,CAAC;AAChC,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAW,eAAe,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AACxG,OAAO,MAAM,MAAM,iBAAiB,CAAC;AACrC,MAAM,aAAa;IAKjB,YAAY,IAAY,EAAE,GAAW,EAAE,KAAa,EAAE,OAAgB;QACpE,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAED,MAAM,YAAY;CAGjB;AAED,SAAS,iBAAiB,CAAC,MAAM,EAAE,IAAI;IACrC,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAE,IAAI,CAAC,QAAmB;QACvE,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAE,IAAI,CAAC,YAAuB;QACvF,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAE,IAAI,CAAC,GAAc;QACvD,mBAAmB,EAAE,IAAI,CAAC,mBAAmB,IAAI,IAAI,IAAI,MAAM,CAAC,mBAAmB,CAAC,WAAW,EAAE,IAAI,MAAM;KAC5G,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,IAAY,EAAE,KAAa,EAAE,IAAY;IAC1E,OAAO,CACL,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAE,IAAI,CAAC,MAAiB,EACvD,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAE,IAAI,CAAC,MAAiB,EACvD;QACE,IAAI;QACJ,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAE,IAAI,CAAC,OAAkB,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO;KACpE,EACD,IAAI,aAAa,CACf,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAE,IAAI,CAAC,WAAsB,EACtE,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAE,IAAI,CAAC,UAAqB,EACnE,KAAK,EACL,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAE,IAAI,CAAC,cAAyB,CAChF,EACD,IAAI,CACL,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,MAAc,EAAE,MAAc,EAAE,OAAqB,EAAE,MAAqB,EAAE,IAAY;IAC/G,IAAI,aAAqB,CAAC;IAC1B,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,KAAK;YACR,aAAa,GAAG,CAAC,MAAM,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;YACzD,MAAM;QACR,qBAAqB;QACrB;YACE,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IACD,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;QACtB,MAAM,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QACxB,aAAa,CACX,IAAI,CAAC,IAAI,CACP,GAAG,OAAO,CAAC,SAAS,EAAE,EACtB,GAAG,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,IAAI,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,IAAI,MAAM,CAAC,WAAW,EAAE,EAAE,CACzG,EACD,aAAa,CACd,CAAC;IACJ,CAAC;IACD,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,SAAS;YACZ,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;gBAChB,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;gBAC5C,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,CAAC;gBACH,OAAO,CAAC,GAAG,CAAC,iCAAiC,MAAM,CAAC,IAAI,OAAO,CAAC,CAAC;gBACjE,MAAM,YAAY,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,EAAE,aAAa,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;gBACzF,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAC/B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,QAAQ,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;oBAC5B,KAAK,qCAAqC;wBACxC,OAAO,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;wBACnE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;oBAC3C,KAAK,0BAA0B;wBAC7B,OAAO,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;wBACnE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;oBAC3C;wBACE,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,GAAG,EAAE,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,CAAC,CAAC;wBACxE,MAAM,CAAC,CAAC;gBACZ,CAAC;YACH,CAAC;YACD,MAAM;QACR,6BAA6B;QAC7B;YACE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC/B,CAAC;AACH,CAAC;AAED,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;KACzB,OAAO,CACN,2CAA2C,EAC3C,kCAAkC;AAClC,gEAAgE;AAChE,GAAG,EAAE,GAAE,CAAC,EACR,KAAK,EAAE,IAAI,EAAE,EAAE;IACb,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,iBAAiB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;IAC/D,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,cAAc,EAAE,KAAK,CAAC,CAAC;AACnE,CAAC,CACF;KACA,OAAO,CACN,6CAA6C,EAC7C,oCAAoC;AACpC,gEAAgE;AAChE,GAAG,EAAE,GAAE,CAAC,EACR,KAAK,EAAE,IAAI,EAAE,EAAE;IACb,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,iBAAiB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;IACnE,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,OAAO,CAAC,CAAC;AACzE,CAAC,CACF;KACA,MAAM,CAAC,QAAQ,EAAE;IAChB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,MAAM;IACf,WAAW,EAAE,8BAA8B;CAC5C,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,QAAQ;IACjB,WAAW,EAAE,gBAAgB;CAC9B,CAAC;KACD,MAAM,CAAC,aAAa,EAAE;IACrB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,OAAO,EAAE,OAAO;IAChB,WAAW,EAAE,cAAc;CAC5B,CAAC;KACD,MAAM,CAAC,gBAAgB,EAAE;IACxB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,WAAW,EAAE,iBAAiB;CAC/B,CAAC;KACD,MAAM,CAAC,YAAY,EAAE;IACpB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,WAAW,EAAE,aAAa;CAC3B,CAAC;KACD,MAAM,CAAC,SAAS,EAAE;IACjB,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,QAAQ;IACd,WAAW,EAAE,mBAAmB;CACjC,CAAC;KACD,MAAM,CAAC,qBAAqB,EAAE;IAC7B,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,SAAS;IACf,OAAO,EAAE,KAAK;IACd,WAAW,EAAE,4BAA4B;CAC1C,CAAC;KACD,OAAO,CACN,4CAA4C,EAC5C,+DAA+D;AAC/D,gEAAgE;AAChE,GAAG,EAAE,GAAE,CAAC,EACR,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,UAAU,CAAC,iBAAiB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAC5D;KACA,KAAK,EAAE,CAAC"}
|
package/dist/config/schema.json
CHANGED
package/dist/index.js
CHANGED
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAEvE,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC"}
|
package/dist/lib/client.js
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
import { Issuer } from 'openid-client';
|
|
2
1
|
import KcAdminClient from '@keycloak/keycloak-admin-client';
|
|
3
|
-
|
|
4
|
-
const TOKEN_REFRESH = 60;
|
|
2
|
+
import { AuditClient } from '@continuoussecuritytooling/keycloak-auditor';
|
|
5
3
|
export async function createClient(options) {
|
|
6
|
-
const kcAdminClient =
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
4
|
+
const kcAdminClient = options.useAuditingEndpoint
|
|
5
|
+
? new AuditClient(options.rootUrl, 'master')
|
|
6
|
+
: new KcAdminClient({
|
|
7
|
+
baseUrl: options.rootUrl,
|
|
8
|
+
realmName: 'master',
|
|
9
|
+
});
|
|
10
10
|
try {
|
|
11
11
|
// client login
|
|
12
12
|
await kcAdminClient.auth({
|
|
@@ -19,23 +19,6 @@ export async function createClient(options) {
|
|
|
19
19
|
console.error('Check Client Config:', e.response ? e.response.data.error_description : e);
|
|
20
20
|
return Promise.reject();
|
|
21
21
|
}
|
|
22
|
-
const keycloakIssuer = await Issuer.discover(`${options.rootUrl}/realms/master`);
|
|
23
|
-
const client = new keycloakIssuer.Client({
|
|
24
|
-
client_id: options.clientId,
|
|
25
|
-
token_endpoint_auth_method: 'none', // to send only client_id in the header
|
|
26
|
-
});
|
|
27
|
-
// Use the grant type 'password'
|
|
28
|
-
const tokenSet = await client.grant({
|
|
29
|
-
client_id: options.clientId,
|
|
30
|
-
client_secret: options.clientSecret,
|
|
31
|
-
grant_type: 'client_credentials',
|
|
32
|
-
});
|
|
33
|
-
/*
|
|
34
|
-
// TODO: FIXME - Periodically using refresh_token grant flow to get new access token here
|
|
35
|
-
setInterval(async () => {
|
|
36
|
-
const refreshToken = tokenSet.refresh_token;
|
|
37
|
-
kcAdminClient.setAccessToken((await client.refresh(refreshToken)).access_token);
|
|
38
|
-
}, TOKEN_REFRESH * 1000); */
|
|
39
22
|
return new Promise((resolve) => resolve(kcAdminClient));
|
|
40
23
|
}
|
|
41
24
|
//# sourceMappingURL=client.js.map
|
package/dist/lib/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../lib/client.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../lib/client.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,MAAM,iCAAiC,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,MAAM,6CAA6C,CAAC;AAS1E,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAgB;IACjD,MAAM,aAAa,GAAG,OAAO,CAAC,mBAAmB;QAC/C,CAAC,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC5C,CAAC,CAAC,IAAI,aAAa,CAAC;YAChB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;IACP,IAAI,CAAC;QACH,eAAe;QACf,MAAM,aAAa,CAAC,IAAI,CAAC;YACvB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,SAAS,EAAE,oBAAoB;SAChC,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1F,OAAO,OAAO,CAAC,MAAM,EAAE,CAAC;IAC1B,CAAC;IAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;AAC1D,CAAC"}
|
package/dist/lib/convert.js
CHANGED
|
File without changes
|
package/dist/lib/convert.js.map
CHANGED
|
File without changes
|
package/dist/lib/output.js
CHANGED
|
@@ -16,7 +16,7 @@ export async function post2Webhook(type, url, title, reportContent, text) {
|
|
|
16
16
|
{
|
|
17
17
|
contentType: 'application/vnd.microsoft.card.adaptive',
|
|
18
18
|
content: {
|
|
19
|
-
$schema: '
|
|
19
|
+
$schema: 'https://adaptivecards.io/schemas/adaptive-card.json',
|
|
20
20
|
type: 'AdaptiveCard',
|
|
21
21
|
version: '1.2',
|
|
22
22
|
body: [
|
|
@@ -52,7 +52,7 @@ export async function post2Webhook(type, url, title, reportContent, text) {
|
|
|
52
52
|
wrap: true
|
|
53
53
|
}
|
|
54
54
|
],
|
|
55
|
-
$schema: '
|
|
55
|
+
$schema: 'https://adaptivecards.io/schemas/adaptive-card.json'
|
|
56
56
|
}
|
|
57
57
|
}
|
|
58
58
|
]
|
package/dist/lib/output.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"output.js","sourceRoot":"","sources":["../../lib/output.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,IAAI,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEnE,OAAO,EAAE,eAAe,IAAI,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAEjE,IAAK,WAGJ;AAHD,WAAK,WAAW;IACd,8BAAe,CAAA;IACf,8BAAe,CAAA;AACjB,CAAC,EAHI,WAAW,KAAX,WAAW,QAGf;AAOD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,IAAY,EACZ,GAAW,EACX,KAAa,EACb,aAAqB,EACrB,IAAa;IAEb,oCAAoC;IACpC,MAAM,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;IACxB,QAAQ,IAAI,EAAE;
|
|
1
|
+
{"version":3,"file":"output.js","sourceRoot":"","sources":["../../lib/output.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,IAAI,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEnE,OAAO,EAAE,eAAe,IAAI,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAEjE,IAAK,WAGJ;AAHD,WAAK,WAAW;IACd,8BAAe,CAAA;IACf,8BAAe,CAAA;AACjB,CAAC,EAHI,WAAW,KAAX,WAAW,QAGf;AAOD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,IAAY,EACZ,GAAW,EACX,KAAa,EACb,aAAqB,EACrB,IAAa;IAEb,oCAAoC;IACpC,MAAM,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;IACxB,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,WAAW,CAAC,KAAK,CAAC,QAAQ,EAAE;YAC/B,OAAO,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAChC,IAAI,EAAE,SAAS;gBACf,WAAW,EAAE;oBACX;wBACE,WAAW,EAAE,yCAAyC;wBACtD,OAAO,EAAE;4BACP,OAAO,EAAE,qDAAqD;4BAC9D,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,KAAK;4BACd,IAAI,EAAE;gCACJ;oCACE,IAAI,EAAE,SAAS;oCACf,KAAK,EAAE;wCACL;4CACE,KAAK,EAAE,MAAM;4CACb,KAAK,EAAE,KAAK;yCACb;wCACD;4CACE,KAAK,EAAE,MAAM;4CACb,KAAK,EAAE,GAAG,IAAI,CAAC,OAAO,EAAE,IACtB,IAAI,CAAC,QAAQ,EAAE,GAAG,CACpB,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE;yCACzB;qCACF;iCACF;gCACD;oCACE,IAAI,EAAE,WAAW;oCACjB,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;oCAC9B,IAAI,EAAE,IAAI;iCACX;6BACF;4BACD,OAAO,EAAE;gCACP;oCACE,IAAI,EAAE,iBAAiB;oCACvB,KAAK,EAAE,sBAAsB;oCAC7B,IAAI,EAAE;wCACJ,IAAI,EAAE,cAAc;wCACpB,IAAI,EAAE;4CACJ;gDACE,IAAI,EAAE,WAAW;gDACjB,IAAI,EAAE,aAAa;gDACnB,IAAI,EAAE,IAAI;6CACX;yCACF;wCACD,OAAO,EACL,qDAAqD;qCACxD;iCACF;6BACF;yBACF;qBACF;iBACF;aACF,CAAC,CAAC;QACL,sBAAsB;QACtB;YACE,gDAAgD;YAChD,MAAM,YAAY,GAA+C;gBAC/D;oBACE,IAAI,EAAE,SAAS;oBACf,MAAM,EAAE;wBACN,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,KAAK,EAAE,EAAE;wBAC5C;4BACE,IAAI,EAAE,QAAQ;4BACd,IAAI,EAAE,WAAW,IAAI,CAAC,OAAO,EAAE,IAC7B,IAAI,CAAC,QAAQ,EAAE,GAAG,CACpB,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE;yBACzB;qBACF;iBACF;gBACD;oBACE,IAAI,EAAE,SAAS;iBAChB;aACF,CAAC;YACF,IAAI,IAAI,IAAI,IAAI,EAAE,CAAC;gBACjB,YAAY,CAAC,IAAI,CAAC;oBAChB,IAAI,EAAE,SAAS;oBACf,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;iBAC/C,CAAC,CAAC;gBACH,YAAY,CAAC,IAAI,CAAC;oBAChB,IAAI,EAAE,SAAS;iBAChB,CAAC,CAAC;YACL,CAAC;YACD,YAAY,CAAC,IAAI,CACf;gBACE,IAAI,EAAE,SAAS;gBACf,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE;;EAElB,aAAa;;CAEd;qBACY;iBACF;aACF,EACD;gBACE,IAAI,EAAE,SAAS;gBACf,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC;aAC5D,CACF,CAAC;YACF,OAAO,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAChC,MAAM,EAAE,YAAY;aACrB,CAAC,CAAC;IACP,CAAC;AACH,CAAC;AAED;GACG"}
|