@continuoussecuritytooling/keycloak-reporter 0.8.7 → 0.8.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.ct.yaml +1 -1
- package/.github/workflows/pipeline.yml +9 -4
- package/CHANGELOG.md +19 -0
- package/Dockerfile +2 -2
- package/charts/keycloak-reporter/Chart.yaml +2 -2
- package/charts/keycloak-reporter/README.md +4 -3
- package/charts/keycloak-reporter/ci.values.yaml +5 -0
- package/charts/keycloak-reporter/templates/_helpers.tpl +13 -0
- package/charts/keycloak-reporter/templates/cronjob.yaml +8 -4
- package/charts/keycloak-reporter/templates/tests/test-connection.yaml +4 -0
- package/charts/keycloak-reporter/values.yaml +6 -2
- package/dist/lib/output.js +1 -2
- package/dist/lib/output.js.map +1 -1
- package/dist/lib/user.js +5 -5
- package/dist/lib/user.js.map +1 -1
- package/lib/output.ts +1 -2
- package/lib/user.ts +5 -5
- package/package.json +1 -1
package/.ct.yaml
CHANGED
|
@@ -123,10 +123,15 @@ jobs:
|
|
|
123
123
|
- name: Wait for Keycloak server
|
|
124
124
|
run: .bin/wait-for-server.sh
|
|
125
125
|
|
|
126
|
-
- name: Run
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
126
|
+
- name: Run End2End Tests
|
|
127
|
+
uses: nick-fields/retry@v3
|
|
128
|
+
with:
|
|
129
|
+
max_attempts: 3
|
|
130
|
+
retry_on: error
|
|
131
|
+
timeout_minutes: 10
|
|
132
|
+
command: |
|
|
133
|
+
env
|
|
134
|
+
npm run end2end:test
|
|
130
135
|
env:
|
|
131
136
|
WEBHOOK_TESTING_TEAMS: ${{ secrets.WEBHOOK_TESTING_TEAMS }}
|
|
132
137
|
WEBHOOK_TESTING_SLACK: ${{ secrets.WEBHOOK_TESTING_SLACK }}
|
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,22 @@
|
|
|
1
|
+
## [0.8.8](https://github.com/ContinuousSecurityTooling/keycloak-reporter/compare/v0.8.7...v0.8.8) (2024-02-05)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Bug Fixes
|
|
5
|
+
|
|
6
|
+
* **deps:** update dependency @keycloak/keycloak-admin-client to v23.0.5 ([d85eb6a](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/d85eb6a06607249c2f2cfa66268a19b9edc12d74))
|
|
7
|
+
* **deps:** update dependency @keycloak/keycloak-admin-client to v23.0.6 ([23b1248](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/23b1248d66272b53482ab228275c2b0c1f34f419))
|
|
8
|
+
* **deps:** update dependency npm to v10.4.0 ([1b6058d](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/1b6058ddcaba382ecd31bf470e1ee99f462ecd29))
|
|
9
|
+
* **Helm:** Correcting mapping issues for labels ([0fe2873](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/0fe2873594c91be59f435813174e4bacf7d1e59d))
|
|
10
|
+
* **Helm:** Correcting resource limits ([1cb51b9](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/1cb51b95f83aefd0fae2d9d6d02fb5a6d24a1a42))
|
|
11
|
+
* **Security:** Correcting chart security findings ([3a4bc67](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/3a4bc67bc8aaa0a1c2426a9baf58d32efca6937d))
|
|
12
|
+
|
|
13
|
+
|
|
14
|
+
### Features
|
|
15
|
+
|
|
16
|
+
* **Chart:** Allowing labels and annotations to be added ([f0f350b](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/f0f350bcc6deecc098743af09ab7e840179b4259))
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
|
|
1
20
|
## [0.8.7](https://github.com/ContinuousSecurityTooling/keycloak-reporter/compare/v0.8.6...v0.8.7) (2024-01-29)
|
|
2
21
|
|
|
3
22
|
|
package/Dockerfile
CHANGED
|
@@ -17,7 +17,7 @@ COPY dist/ docker_entrypoint.sh package.json /app
|
|
|
17
17
|
|
|
18
18
|
WORKDIR /app
|
|
19
19
|
|
|
20
|
-
RUN
|
|
20
|
+
RUN npm install --omit=dev &&\
|
|
21
21
|
chown -R 1000:2000 /app
|
|
22
22
|
|
|
23
23
|
# apt update
|
|
@@ -27,4 +27,4 @@ RUN apt-get update && apt-get -y upgrade &&\
|
|
|
27
27
|
|
|
28
28
|
USER 1000
|
|
29
29
|
|
|
30
|
-
ENTRYPOINT ["/app/docker_entrypoint.sh"]
|
|
30
|
+
ENTRYPOINT ["/app/docker_entrypoint.sh"]
|
|
@@ -15,14 +15,14 @@ type: application
|
|
|
15
15
|
# This is the chart version. This version number should be incremented each time you make changes
|
|
16
16
|
# to the chart and its templates, including the app version.
|
|
17
17
|
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
|
18
|
-
version: 1.
|
|
18
|
+
version: 1.3.1
|
|
19
19
|
|
|
20
20
|
# This is the version number of the application being deployed. This version number should be
|
|
21
21
|
# incremented each time you make changes to the application. Versions are not expected to
|
|
22
22
|
# follow Semantic Versioning. They should reflect the version the application is using.
|
|
23
23
|
# It is recommended to use it with quotes.
|
|
24
24
|
# renovate: datasource=docker depName=ContinuousSecurityTooling/keycloak-reporter
|
|
25
|
-
appVersion: '0.8.
|
|
25
|
+
appVersion: '0.8.8'
|
|
26
26
|
maintainers:
|
|
27
27
|
# Martin Reinhardt
|
|
28
28
|
- name: hypery2k
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# keycloak-reporter
|
|
2
2
|
|
|
3
|
-
  
|
|
4
4
|
|
|
5
5
|
Keycloak user and client reporting tool for automated regular access checks.
|
|
6
6
|
|
|
@@ -26,7 +26,8 @@ Keycloak user and client reporting tool for automated regular access checks.
|
|
|
26
26
|
| keycloak.config.webhookMessage | string | `""` | optional message for the webhook post |
|
|
27
27
|
| nameOverride | string | `""` | |
|
|
28
28
|
| nodeSelector | object | `{}` | |
|
|
29
|
-
| podAnnotations |
|
|
29
|
+
| podAnnotations | map | `{}` | labels to be added to job pod(s) |
|
|
30
|
+
| podLabels | map | `{}` | labels to be added to job pod(s) |
|
|
30
31
|
| replicaCount | int | `1` | |
|
|
31
32
|
| serviceAccount.annotations | object | `{}` | |
|
|
32
33
|
| serviceAccount.create | bool | `true` | |
|
|
@@ -34,4 +35,4 @@ Keycloak user and client reporting tool for automated regular access checks.
|
|
|
34
35
|
| tolerations | list | `[]` | |
|
|
35
36
|
|
|
36
37
|
----------------------------------------------
|
|
37
|
-
Autogenerated from chart metadata using [helm-docs v1.
|
|
38
|
+
Autogenerated from chart metadata using [helm-docs v1.12.0](https://github.com/norwoodj/helm-docs/releases/v1.12.0)
|
|
@@ -6,6 +6,11 @@ env:
|
|
|
6
6
|
secretKeyRef:
|
|
7
7
|
key: clientSecret
|
|
8
8
|
name: kc-reporter
|
|
9
|
+
podLabels:
|
|
10
|
+
a: "b"
|
|
11
|
+
podAnnotations:
|
|
12
|
+
# see https://www.elastic.co/guide/en/beats/filebeat/current/configuration-autodiscover-hints.html
|
|
13
|
+
co.elastic.logs/enabled: "true"
|
|
9
14
|
keycloak:
|
|
10
15
|
config:
|
|
11
16
|
url: http://localhost:8080
|
|
@@ -30,6 +30,16 @@ Create chart name and version as used by the chart label.
|
|
|
30
30
|
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
|
31
31
|
{{- end }}
|
|
32
32
|
|
|
33
|
+
{{/*
|
|
34
|
+
Common labels
|
|
35
|
+
*/}}
|
|
36
|
+
{{- define "keycloak-reporter.annotations" -}}
|
|
37
|
+
net.cst.kc-reporter/config-checksum: {{ include (print $.Template.BasePath "/secret.yaml") $ | sha256sum }}
|
|
38
|
+
{{- range $k, $v := .Values.podAnnotations }}
|
|
39
|
+
{{ $k }}: {{ $v | quote }}
|
|
40
|
+
{{- end }}
|
|
41
|
+
{{- end }}
|
|
42
|
+
|
|
33
43
|
{{/*
|
|
34
44
|
Common labels
|
|
35
45
|
*/}}
|
|
@@ -40,6 +50,9 @@ helm.sh/chart: {{ include "keycloak-reporter.chart" . }}
|
|
|
40
50
|
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
|
41
51
|
{{- end }}
|
|
42
52
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
53
|
+
{{- range $k, $v := .Values.podLabels }}
|
|
54
|
+
{{ $k }}: {{ $v | quote }}
|
|
55
|
+
{{- end }}
|
|
43
56
|
{{- end }}
|
|
44
57
|
|
|
45
58
|
{{/*
|
|
@@ -4,15 +4,19 @@ apiVersion: batch/v1
|
|
|
4
4
|
kind: CronJob
|
|
5
5
|
metadata:
|
|
6
6
|
name: {{ printf "%s-job-%s" $fullName $name }}
|
|
7
|
+
annotations:
|
|
8
|
+
{{- include "keycloak-reporter.annotations" $ | nindent 4 }}
|
|
9
|
+
labels:
|
|
10
|
+
{{- include "keycloak-reporter.labels" $ | nindent 4 }}
|
|
7
11
|
spec:
|
|
8
12
|
schedule: {{ $config.schedule }}
|
|
9
13
|
jobTemplate:
|
|
10
14
|
spec:
|
|
11
15
|
template:
|
|
12
|
-
{{- with $.Values.podAnnotations }}
|
|
13
16
|
annotations:
|
|
14
|
-
{{-
|
|
15
|
-
|
|
17
|
+
{{- include "keycloak-reporter.annotations" $ | nindent 8 }}
|
|
18
|
+
labels:
|
|
19
|
+
{{- include "keycloak-reporter.labels" $ | nindent 8 }}
|
|
16
20
|
spec:
|
|
17
21
|
{{- with $.Values.imagePullSecrets }}
|
|
18
22
|
imagePullSecrets:
|
|
@@ -69,4 +73,4 @@ spec:
|
|
|
69
73
|
claimName: {{ $fullName }}-reports
|
|
70
74
|
{{- end }}
|
|
71
75
|
---
|
|
72
|
-
{{- end -}}
|
|
76
|
+
{{- end -}}
|
|
@@ -7,7 +7,11 @@ metadata:
|
|
|
7
7
|
helm.sh/hook: test
|
|
8
8
|
helm.sh/hook-delete-policy: "hook-succeeded,before-hook-creation"
|
|
9
9
|
helm.sh/hook-weight: "5"
|
|
10
|
+
{{- include "keycloak-reporter.annotations" . | nindent 4 }}
|
|
11
|
+
labels:
|
|
12
|
+
{{- include "keycloak-reporter.labels" . | nindent 4 }}
|
|
10
13
|
spec:
|
|
14
|
+
automountServiceAccountToken: false
|
|
11
15
|
containers:
|
|
12
16
|
- name: config-test
|
|
13
17
|
image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag | default $.Chart.AppVersion }}"
|
|
@@ -8,7 +8,7 @@ image:
|
|
|
8
8
|
repository: continuoussecuritytooling/keycloak-reporting-cli
|
|
9
9
|
pullPolicy: IfNotPresent
|
|
10
10
|
# Overrides the image tag whose default is the chart appVersion.
|
|
11
|
-
tag:
|
|
11
|
+
tag: ''
|
|
12
12
|
|
|
13
13
|
imagePullSecrets: []
|
|
14
14
|
nameOverride: ''
|
|
@@ -22,7 +22,9 @@ serviceAccount:
|
|
|
22
22
|
# The name of the service account to use.
|
|
23
23
|
# If not set and create is true, a name is generated using the fullname template
|
|
24
24
|
name: ''
|
|
25
|
-
|
|
25
|
+
# -- (map) labels to be added to job pod(s)
|
|
26
|
+
podLabels: {}
|
|
27
|
+
# -- (map) labels to be added to job pod(s)
|
|
26
28
|
podAnnotations: {}
|
|
27
29
|
# @ignore, Configure pod security context
|
|
28
30
|
podSecurityContext:
|
|
@@ -67,9 +69,11 @@ resources:
|
|
|
67
69
|
limits:
|
|
68
70
|
cpu: 200m
|
|
69
71
|
memory: 256Mi
|
|
72
|
+
ephemeral-storage: 200Mi
|
|
70
73
|
requests:
|
|
71
74
|
cpu: 100m
|
|
72
75
|
memory: 128Mi
|
|
76
|
+
ephemeral-storage: 100Mi
|
|
73
77
|
|
|
74
78
|
nodeSelector: {}
|
|
75
79
|
|
package/dist/lib/output.js
CHANGED
|
@@ -6,7 +6,6 @@ var WebhookType;
|
|
|
6
6
|
WebhookType["TEAMS"] = "teams";
|
|
7
7
|
})(WebhookType || (WebhookType = {}));
|
|
8
8
|
export async function post2Webhook(type, url, title, reportContent, text) {
|
|
9
|
-
//const title= 'Keycloak Reporting';
|
|
10
9
|
const date = new Date();
|
|
11
10
|
switch (type) {
|
|
12
11
|
case WebhookType.TEAMS.toString():
|
|
@@ -35,7 +34,7 @@ export async function post2Webhook(type, url, title, reportContent, text) {
|
|
|
35
34
|
},
|
|
36
35
|
{
|
|
37
36
|
type: 'TextBlock',
|
|
38
|
-
text: text
|
|
37
|
+
text: text !== null && text !== void 0 ? text : '',
|
|
39
38
|
wrap: true
|
|
40
39
|
}
|
|
41
40
|
],
|
package/dist/lib/output.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"output.js","sourceRoot":"","sources":["../../lib/output.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,IAAI,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEnE,OAAO,EAAE,eAAe,IAAI,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAEjE,IAAK,WAGJ;AAHD,WAAK,WAAW;IACd,8BAAe,CAAA;IACf,8BAAe,CAAA;AACjB,CAAC,EAHI,WAAW,KAAX,WAAW,QAGf;AAOD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,IAAY,EACZ,GAAW,EACX,KAAa,EACb,aAAqB,EACrB,IAAa;IAEb,
|
|
1
|
+
{"version":3,"file":"output.js","sourceRoot":"","sources":["../../lib/output.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,IAAI,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEnE,OAAO,EAAE,eAAe,IAAI,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAEjE,IAAK,WAGJ;AAHD,WAAK,WAAW;IACd,8BAAe,CAAA;IACf,8BAAe,CAAA;AACjB,CAAC,EAHI,WAAW,KAAX,WAAW,QAGf;AAOD,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,IAAY,EACZ,GAAW,EACX,KAAa,EACb,aAAqB,EACrB,IAAa;IAEb,MAAM,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;IACxB,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,WAAW,CAAC,KAAK,CAAC,QAAQ,EAAE;YAC/B,OAAO,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAChC,IAAI,EAAE,SAAS;gBACf,WAAW,EAAE;oBACX;wBACE,WAAW,EAAE,yCAAyC;wBACtD,OAAO,EAAE;4BACP,OAAO,EAAE,qDAAqD;4BAC9D,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,KAAK;4BACd,IAAI,EAAE;gCACJ;oCACE,IAAI,EAAE,SAAS;oCACf,KAAK,EAAE;wCACL;4CACE,KAAK,EAAE,MAAM;4CACb,KAAK,EAAE,KAAK;yCACb;wCACD;4CACE,KAAK,EAAE,MAAM;4CACb,KAAK,EAAE,GAAG,IAAI,CAAC,OAAO,EAAE,IACtB,IAAI,CAAC,QAAQ,EAAE,GAAG,CACpB,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE;yCACzB;qCACF;iCACF;gCACD;oCACE,IAAI,EAAE,WAAW;oCACjB,IAAI,EAAE,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE;oCAChB,IAAI,EAAE,IAAI;iCACX;6BACF;4BACD,OAAO,EAAE;gCACP;oCACE,IAAI,EAAE,iBAAiB;oCACvB,KAAK,EAAE,sBAAsB;oCAC7B,IAAI,EAAE;wCACJ,IAAI,EAAE,cAAc;wCACpB,IAAI,EAAE;4CACJ;gDACE,IAAI,EAAE,WAAW;gDACjB,IAAI,EAAE,aAAa;gDACnB,IAAI,EAAE,IAAI;6CACX;yCACF;wCACD,OAAO,EACL,qDAAqD;qCACxD;iCACF;6BACF;yBACF;qBACF;iBACF;aACF,CAAC,CAAC;QACL,sBAAsB;QACtB;YACE,gDAAgD;YAChD,MAAM,YAAY,GAA+C;gBAC/D;oBACE,IAAI,EAAE,SAAS;oBACf,MAAM,EAAE;wBACN,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,KAAK,EAAE,EAAE;wBAC5C;4BACE,IAAI,EAAE,QAAQ;4BACd,IAAI,EAAE,WAAW,IAAI,CAAC,OAAO,EAAE,IAC7B,IAAI,CAAC,QAAQ,EAAE,GAAG,CACpB,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE;yBACzB;qBACF;iBACF;gBACD;oBACE,IAAI,EAAE,SAAS;iBAChB;aACF,CAAC;YACF,IAAI,IAAI,IAAI,IAAI,EAAE,CAAC;gBACjB,YAAY,CAAC,IAAI,CAAC;oBAChB,IAAI,EAAE,SAAS;oBACf,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;iBAC/C,CAAC,CAAC;gBACH,YAAY,CAAC,IAAI,CAAC;oBAChB,IAAI,EAAE,SAAS;iBAChB,CAAC,CAAC;YACL,CAAC;YACD,YAAY,CAAC,IAAI,CACf;gBACE,IAAI,EAAE,SAAS;gBACf,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE;;EAElB,aAAa;;CAEd;qBACY;iBACF;aACF,EACD;gBACE,IAAI,EAAE,SAAS;gBACf,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC;aAC5D,CACF,CAAC;YACF,OAAO,IAAI,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAChC,MAAM,EAAE,YAAY;aACrB,CAAC,CAAC;IACP,CAAC;AACH,CAAC;AAED;GACG"}
|
package/dist/lib/user.js
CHANGED
|
@@ -10,7 +10,7 @@ export async function clientListing(client) {
|
|
|
10
10
|
}
|
|
11
11
|
catch (e) {
|
|
12
12
|
console.error('Check Client role:', e.response.statusText);
|
|
13
|
-
return Promise.reject();
|
|
13
|
+
return Promise.reject(new Error('Client Role Error'));
|
|
14
14
|
}
|
|
15
15
|
for (const realm of realms) {
|
|
16
16
|
// switch realm
|
|
@@ -51,7 +51,7 @@ export async function clientListing(client) {
|
|
|
51
51
|
});
|
|
52
52
|
}
|
|
53
53
|
}
|
|
54
|
-
return
|
|
54
|
+
return Promise.resolve(allClients);
|
|
55
55
|
}
|
|
56
56
|
export async function userListing(client) {
|
|
57
57
|
let allUsers = new Array();
|
|
@@ -64,7 +64,7 @@ export async function userListing(client) {
|
|
|
64
64
|
}
|
|
65
65
|
catch (e) {
|
|
66
66
|
console.error('Check Client role:', e.response.statusText);
|
|
67
|
-
return Promise.reject();
|
|
67
|
+
return Promise.reject(new Error('Client Role Error'));
|
|
68
68
|
}
|
|
69
69
|
for (const realm of realms) {
|
|
70
70
|
// switch realm
|
|
@@ -93,7 +93,7 @@ export async function userListing(client) {
|
|
|
93
93
|
else {
|
|
94
94
|
const users = await client.userListing();
|
|
95
95
|
if ('error' in users) {
|
|
96
|
-
return
|
|
96
|
+
return Promise.reject(new Error('Auditing endpoint not reachable'));
|
|
97
97
|
}
|
|
98
98
|
for (const user of users) {
|
|
99
99
|
allUsers.push({
|
|
@@ -108,6 +108,6 @@ export async function userListing(client) {
|
|
|
108
108
|
});
|
|
109
109
|
}
|
|
110
110
|
}
|
|
111
|
-
return
|
|
111
|
+
return Promise.resolve(allUsers);
|
|
112
112
|
}
|
|
113
113
|
//# sourceMappingURL=user.js.map
|
package/dist/lib/user.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user.js","sourceRoot":"","sources":["../../lib/user.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,MAAM,iCAAiC,CAAC;AA2B5D,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAmC;IAEnC,IAAI,UAAU,GAAG,IAAI,KAAK,EAAwC,CAAC;IACnE,IAAI,MAAM,YAAY,aAAa,EAAE,CAAC;QACpC,MAAM,YAAY,GAAG,MAAM,CAAC,SAAS,CAAC;QACtC,IAAI,MAAM,CAAC;QACX,IAAI,CAAC;YACH,sBAAsB;YACtB,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACtC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC3D,OAAO,OAAO,CAAC,MAAM,
|
|
1
|
+
{"version":3,"file":"user.js","sourceRoot":"","sources":["../../lib/user.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,MAAM,iCAAiC,CAAC;AA2B5D,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAmC;IAEnC,IAAI,UAAU,GAAG,IAAI,KAAK,EAAwC,CAAC;IACnE,IAAI,MAAM,YAAY,aAAa,EAAE,CAAC;QACpC,MAAM,YAAY,GAAG,MAAM,CAAC,SAAS,CAAC;QACtC,IAAI,MAAM,CAAC;QACX,IAAI,CAAC;YACH,sBAAsB;YACtB,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACtC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC3D,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC;QACxD,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,eAAe;YACf,MAAM,CAAC,SAAS,CAAC;gBACf,SAAS,EAAE,KAAK,CAAC,KAAK;aACvB,CAAC,CAAC;YACH,MAAM,YAAY,GAAG,IAAI,KAAK,EAAU,CAAC;YACzC,KAAK,MAAM,IAAI,IAAI,MAAM,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;gBAC/C,YAAY,CAAC,IAAI,CAAC;oBAChB,MAAM,EAAE,IAAI,CAAC,QAAQ;oBACrB,EAAE,EAAE,IAAI,CAAC,EAAE;oBACX,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,MAAM,EAAE,IAAI,CAAC,YAAY;oBACzB,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC;iBAChD,CAAC,CAAC;YACL,CAAC;YACD,UAAU,GAAG,CAAC,GAAG,UAAU,EAAE,GAAG,YAAY,CAAC,CAAC;QAChD,CAAC;QACD,uBAAuB;QACvB,MAAM,CAAC,SAAS,CAAC;YACf,SAAS,EAAE,YAAY;SACxB,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,aAAa,EAAE,CAAC;QAC7C,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;YAC3B,UAAU,CAAC,IAAI,CAAC;gBACd,MAAM,EAAE,IAAI,CAAC,QAAQ;gBACrB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,IAAI,CAAC,YAAY;gBACzB,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC;aAChD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;AACrC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAAmC;IAEnC,IAAI,QAAQ,GAAG,IAAI,KAAK,EAAoC,CAAC;IAC7D,IAAI,MAAM,YAAY,aAAa,EAAE,CAAC;QACpC,MAAM,YAAY,GAAG,MAAM,CAAC,SAAS,CAAC;QACtC,IAAI,MAAM,CAAC;QACX,sBAAsB;QACtB,IAAI,CAAC;YACH,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACtC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC3D,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC;QACxD,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,eAAe;YACf,MAAM,CAAC,SAAS,CAAC;gBACf,SAAS,EAAE,KAAK,CAAC,KAAK;aACvB,CAAC,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,KAAK,EAAQ,CAAC;YACrC,KAAK,MAAM,IAAI,IAAI,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;gBAC7C,UAAU,CAAC,IAAI,CAAC;oBACd,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,EAAE,EAAE,IAAI,CAAC,EAAE;oBACX,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;oBACjB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;iBACtB,CAAC,CAAC;YACL,CAAC;YACD,QAAQ,GAAG,CAAC,GAAG,QAAQ,EAAE,GAAG,UAAU,CAAC,CAAC;QAC1C,CAAC;QACD,uBAAuB;QACvB,MAAM,CAAC,SAAS,CAAC;YACf,SAAS,EAAE,YAAY;SACxB,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,WAAW,EAAE,CAAC;QACzC,IAAI,OAAO,IAAI,KAAK,EAAE,CAAC;YACrB,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAC;QACtE,CAAC;QACD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,OAAO,EAAE,IAAI,CAAC,OAAO;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;AACnC,CAAC"}
|
package/lib/output.ts
CHANGED
|
@@ -19,7 +19,6 @@ export async function post2Webhook(
|
|
|
19
19
|
reportContent: string,
|
|
20
20
|
text?: string
|
|
21
21
|
): Promise<unknown> {
|
|
22
|
-
//const title= 'Keycloak Reporting';
|
|
23
22
|
const date = new Date();
|
|
24
23
|
switch (type) {
|
|
25
24
|
case WebhookType.TEAMS.toString():
|
|
@@ -50,7 +49,7 @@ export async function post2Webhook(
|
|
|
50
49
|
},
|
|
51
50
|
{
|
|
52
51
|
type: 'TextBlock',
|
|
53
|
-
text: text
|
|
52
|
+
text: text ?? '',
|
|
54
53
|
wrap: true
|
|
55
54
|
}
|
|
56
55
|
],
|
package/lib/user.ts
CHANGED
|
@@ -37,7 +37,7 @@ export async function clientListing(
|
|
|
37
37
|
realms = await client.realms.find();
|
|
38
38
|
} catch (e) {
|
|
39
39
|
console.error('Check Client role:', e.response.statusText);
|
|
40
|
-
return Promise.reject();
|
|
40
|
+
return Promise.reject(new Error('Client Role Error'));
|
|
41
41
|
}
|
|
42
42
|
for (const realm of realms) {
|
|
43
43
|
// switch realm
|
|
@@ -77,7 +77,7 @@ export async function clientListing(
|
|
|
77
77
|
});
|
|
78
78
|
}
|
|
79
79
|
}
|
|
80
|
-
return
|
|
80
|
+
return Promise.resolve(allClients);
|
|
81
81
|
}
|
|
82
82
|
|
|
83
83
|
export async function userListing(
|
|
@@ -92,7 +92,7 @@ export async function userListing(
|
|
|
92
92
|
realms = await client.realms.find();
|
|
93
93
|
} catch (e) {
|
|
94
94
|
console.error('Check Client role:', e.response.statusText);
|
|
95
|
-
return Promise.reject();
|
|
95
|
+
return Promise.reject(new Error('Client Role Error'));
|
|
96
96
|
}
|
|
97
97
|
for (const realm of realms) {
|
|
98
98
|
// switch realm
|
|
@@ -120,7 +120,7 @@ export async function userListing(
|
|
|
120
120
|
} else {
|
|
121
121
|
const users = await client.userListing();
|
|
122
122
|
if ('error' in users) {
|
|
123
|
-
return
|
|
123
|
+
return Promise.reject(new Error('Auditing endpoint not reachable'));
|
|
124
124
|
}
|
|
125
125
|
for (const user of users) {
|
|
126
126
|
allUsers.push({
|
|
@@ -135,5 +135,5 @@ export async function userListing(
|
|
|
135
135
|
});
|
|
136
136
|
}
|
|
137
137
|
}
|
|
138
|
-
return
|
|
138
|
+
return Promise.resolve(allUsers);
|
|
139
139
|
}
|