@drunk-pulumi/azure 1.0.32 → 1.0.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/Builder/ApimBuilder.js +13 -4
- package/Builder/ApimPolicyBuilder.d.ts +27 -43
- package/Builder/ApimPolicyBuilder.js +183 -218
- package/Builder/AzAppBuilder.d.ts +5 -0
- package/Builder/AzAppBuilder.js +57 -12
- package/Builder/ServiceBusBuilder.js +18 -6
- package/Builder/index.d.ts +1 -1
- package/Builder/index.js +3 -2
- package/Builder/types/apimBuilder.d.ts +3 -2
- package/Builder/types/apimPolicyBuilder.d.ts +43 -26
- package/Builder/types/apimPolicyBuilder.js +1 -1
- package/Builder/types/apimProductBuilder.d.ts +1 -1
- package/Builder/types/azAppBuilder.d.ts +11 -3
- package/Common/Naming.d.ts +3 -0
- package/Common/Naming.js +4 -1
- package/Logs/AppInsight.d.ts +1 -5
- package/Logs/AppInsight.js +14 -11
- package/Logs/Helpers.js +12 -5
- package/Storage/Helper.d.ts +2 -1
- package/Storage/Helper.js +8 -2
- package/package.json +3 -3
- package/types.d.ts +4 -2
|
@@ -26,63 +26,81 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
26
26
|
const apim = __importStar(require("@pulumi/azure-native/apimanagement"));
|
|
27
27
|
const Common_1 = require("../Common");
|
|
28
28
|
const Helper_1 = require("../VNet/Helper");
|
|
29
|
-
const
|
|
29
|
+
const types = __importStar(require("./types"));
|
|
30
30
|
class ApimPolicyBuilder {
|
|
31
|
-
|
|
32
|
-
_baseUrl = undefined;
|
|
33
|
-
_rewriteUri = undefined;
|
|
34
|
-
_rateLimit = undefined;
|
|
35
|
-
_cacheOptions = undefined;
|
|
36
|
-
_backendCert = undefined;
|
|
37
|
-
_verifyClientCert = undefined;
|
|
38
|
-
_cors = undefined;
|
|
39
|
-
_validateJwtWhitelistIp = undefined;
|
|
40
|
-
_mockResponses = [];
|
|
41
|
-
_headers = [];
|
|
42
|
-
_checkHeaders = [];
|
|
43
|
-
_whitelistIps = [];
|
|
44
|
-
_findAndReplaces = [];
|
|
45
|
-
//private _inboundCustomPolicies: ApimCustomPolicyType[] = [];
|
|
46
|
-
//private _outboundCustomPolicies: ApimCustomPolicyType[] = [];
|
|
31
|
+
args;
|
|
47
32
|
_inboundPolicies = [];
|
|
48
33
|
_outboundPolicies = [];
|
|
49
|
-
|
|
50
|
-
|
|
34
|
+
_certVerification = undefined;
|
|
35
|
+
_mockResponse = false;
|
|
36
|
+
_cors = undefined;
|
|
37
|
+
constructor(args) {
|
|
38
|
+
this.args = args;
|
|
39
|
+
}
|
|
40
|
+
authBasic(props) {
|
|
41
|
+
this._inboundPolicies.push(`\t<authentication-basic username="${props.userName}" password="${props.password}" />`);
|
|
42
|
+
return this;
|
|
43
|
+
}
|
|
44
|
+
authCert(props) {
|
|
45
|
+
this._inboundPolicies.push('thumbprint' in props
|
|
46
|
+
? `\t<authentication-certificate thumbprint="${props.thumbprint}" />`
|
|
47
|
+
: `\t<authentication-certificate certificate-id="${props.certId}" password="${props.password}" />`);
|
|
48
|
+
return this;
|
|
49
|
+
}
|
|
50
|
+
authIdentity(props) {
|
|
51
|
+
this._inboundPolicies.push('clientId' in props
|
|
52
|
+
? `\t<authentication-managed-identity resource="${props.resource}" client-id="${props.clientId}" output-token-variable-name="${props.variableName}" ignore-error="${props.ignoreError}"/>`
|
|
53
|
+
: `\t<authentication-managed-identity resource="${props.resource}" output-token-variable-name="${props.variableName}" ignore-error="${props.ignoreError}"/>`);
|
|
54
|
+
if (props.setHeaderKey)
|
|
55
|
+
this.setHeader({
|
|
56
|
+
name: props.setHeaderKey,
|
|
57
|
+
type: types.SetHeaderTypes.override,
|
|
58
|
+
value: `@((string) context.Variables["${props.variableName}"])`,
|
|
59
|
+
});
|
|
60
|
+
return this;
|
|
51
61
|
}
|
|
52
62
|
setBaseUrl(props) {
|
|
53
|
-
this.
|
|
63
|
+
this._inboundPolicies.push(`\t<set-backend-service base-url="${props.url}" />`);
|
|
54
64
|
return this;
|
|
55
65
|
}
|
|
56
66
|
setHeader(props) {
|
|
57
|
-
|
|
67
|
+
let rs = `\t<set-header name="${props.name}" exists-action="${props.type}">`;
|
|
68
|
+
if (props.value) {
|
|
69
|
+
rs += ` <value>${props.value}</value>`;
|
|
70
|
+
}
|
|
71
|
+
rs += '</set-header>';
|
|
72
|
+
this._inboundPolicies.push(rs);
|
|
58
73
|
return this;
|
|
59
74
|
}
|
|
60
75
|
checkHeader(props) {
|
|
61
|
-
|
|
76
|
+
const rs = `\t<check-header name="${props.name}" failed-check-httpcode="401" failed-check-error-message="The header ${props.name} is not found" ignore-case="true">
|
|
77
|
+
${props.value ? props.value.map((v) => `<value>${v}</value>`).join('\n') : ''}
|
|
78
|
+
\t</check-header>`;
|
|
79
|
+
this._inboundPolicies.push(rs);
|
|
62
80
|
return this;
|
|
63
81
|
}
|
|
64
82
|
mockResponse(props) {
|
|
65
|
-
this.
|
|
83
|
+
this._inboundPolicies.push(`<mock-response status-code="${props.code ?? 200}" content-type="${props.contentType ?? 'application/json'}" />`);
|
|
84
|
+
this._mockResponse = true;
|
|
66
85
|
return this;
|
|
67
86
|
}
|
|
68
87
|
rewriteUri(props) {
|
|
69
|
-
this.
|
|
88
|
+
this._inboundPolicies.push(`<rewrite-uri template="${props.template ?? '/'}" />`);
|
|
70
89
|
return this;
|
|
71
90
|
}
|
|
72
91
|
setRateLimit(props) {
|
|
73
|
-
this.
|
|
92
|
+
this._inboundPolicies.push(props.successConditionOnly
|
|
93
|
+
? `<rate-limit-by-key calls="${props.calls ?? 10}" renewal-period="${props.inSecond ?? 10}" counter-key="@(context.Request.IpAddress)" increment-condition="@(context.Response.StatusCode >= 200 && context.Response.StatusCode < 300)" />`
|
|
94
|
+
: `<rate-limit-by-key calls="${props.calls ?? 10}" renewal-period="${props.inSecond ?? 10}" counter-key="@(context.Request.IpAddress)" />`);
|
|
74
95
|
return this;
|
|
75
96
|
}
|
|
76
97
|
setCacheOptions(props) {
|
|
77
|
-
this.
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
}
|
|
84
|
-
verifyClientCert(props) {
|
|
85
|
-
this._verifyClientCert = props;
|
|
98
|
+
this._inboundPolicies.push(`<cache-lookup vary-by-developer="false"
|
|
99
|
+
vary-by-developer-groups="false"
|
|
100
|
+
allow-private-response-caching="true"
|
|
101
|
+
must-revalidate="true"
|
|
102
|
+
downstream-caching-type="public" />`);
|
|
103
|
+
this._outboundPolicies.push(`<cache-store duration="${props.duration ?? 60}" />`);
|
|
86
104
|
return this;
|
|
87
105
|
}
|
|
88
106
|
setCors(props) {
|
|
@@ -90,159 +108,45 @@ class ApimPolicyBuilder {
|
|
|
90
108
|
return this;
|
|
91
109
|
}
|
|
92
110
|
setClientIpHeader(props) {
|
|
93
|
-
this.
|
|
111
|
+
this.setHeader({
|
|
94
112
|
name: props.headerKey ?? `x-${Common_1.organization}-clientIp`,
|
|
95
113
|
value: '@(context.Request.IpAddress)',
|
|
96
|
-
type:
|
|
114
|
+
type: types.SetHeaderTypes.override,
|
|
97
115
|
});
|
|
98
116
|
return this;
|
|
99
117
|
}
|
|
100
118
|
/** Filter IP from Bearer Token */
|
|
101
119
|
validateJwtWhitelistIp(props) {
|
|
102
|
-
|
|
103
|
-
return this;
|
|
104
|
-
}
|
|
105
|
-
/** IP Address Whitelisting */
|
|
106
|
-
setWhitelistIPs(props) {
|
|
107
|
-
this._whitelistIps.push(props);
|
|
108
|
-
return this;
|
|
109
|
-
}
|
|
110
|
-
/**Replace outbound results */
|
|
111
|
-
setFindAndReplaces(props) {
|
|
112
|
-
this._findAndReplaces.push(props);
|
|
113
|
-
return this;
|
|
114
|
-
}
|
|
115
|
-
//Custom Policies
|
|
116
|
-
// public withInboundPolicy(props: ApimCustomPolicyType): IApimPolicyBuilder {
|
|
117
|
-
// this._inboundCustomPolicies.push(props);
|
|
118
|
-
// return this;
|
|
119
|
-
// }
|
|
120
|
-
// public withOutPolicy(props: ApimCustomPolicyType): IApimPolicyBuilder {
|
|
121
|
-
// this._outboundCustomPolicies.push(props);
|
|
122
|
-
// return this;
|
|
123
|
-
// }
|
|
124
|
-
buildBaseUrl() {
|
|
125
|
-
if (!this._baseUrl)
|
|
126
|
-
return;
|
|
127
|
-
this._inboundPolicies.push(`<set-backend-service base-url="${this._baseUrl.url}" />`);
|
|
128
|
-
}
|
|
129
|
-
buildHeaders() {
|
|
130
|
-
this._inboundPolicies.push(...this._headers.map((h) => {
|
|
131
|
-
let rs = `\t<set-header name="${h.name}" exists-action="${h.type}">`;
|
|
132
|
-
if (h.value) {
|
|
133
|
-
rs += ` <value>${h.value}</value>`;
|
|
134
|
-
}
|
|
135
|
-
rs += '</set-header>';
|
|
136
|
-
return rs;
|
|
137
|
-
}));
|
|
138
|
-
}
|
|
139
|
-
buildCheckHeaders() {
|
|
140
|
-
this._inboundPolicies.push(...this._checkHeaders.map((ch) => `\t<check-header name="${ch.name}" failed-check-httpcode="401" failed-check-error-message="The header ${ch.name} is not found" ignore-case="true">
|
|
141
|
-
${ch.value ? ch.value.map((v) => `<value>${v}</value>`).join('\n') : ''}
|
|
142
|
-
\t</check-header>`));
|
|
143
|
-
}
|
|
144
|
-
buildMockResponse() {
|
|
145
|
-
this._inboundPolicies.push(...this._mockResponses.map((m) => `<mock-response status-code="${m.code ?? 200}" content-type="${m.contentType ?? 'application/json'}" />`));
|
|
146
|
-
}
|
|
147
|
-
buildRewriteUri() {
|
|
148
|
-
if (!this._rewriteUri)
|
|
149
|
-
return;
|
|
150
|
-
this._inboundPolicies.push(`<rewrite-uri template="${this._rewriteUri.template ?? '/'}" />`);
|
|
151
|
-
}
|
|
152
|
-
buildRateLimit() {
|
|
153
|
-
if (!this._rateLimit)
|
|
154
|
-
return;
|
|
155
|
-
this._inboundPolicies.push(this._rateLimit.successConditionOnly
|
|
156
|
-
? `<rate-limit-by-key calls="${this._rateLimit.calls ?? 10}" renewal-period="${this._rateLimit.inSecond ?? 10}" counter-key="@(context.Request.IpAddress)" increment-condition="@(context.Response.StatusCode >= 200 && context.Response.StatusCode < 300)" />`
|
|
157
|
-
: `<rate-limit-by-key calls="${this._rateLimit.calls ?? 10}" renewal-period="${this._rateLimit.inSecond ?? 10}" counter-key="@(context.Request.IpAddress)" />`);
|
|
158
|
-
}
|
|
159
|
-
buildCacheOptions() {
|
|
160
|
-
if (!this._cacheOptions)
|
|
161
|
-
return;
|
|
162
|
-
this._inboundPolicies.push(`<cache-lookup vary-by-developer="false"
|
|
163
|
-
vary-by-developer-groups="false"
|
|
164
|
-
allow-private-response-caching="true"
|
|
165
|
-
must-revalidate="true"
|
|
166
|
-
downstream-caching-type="public" />`);
|
|
167
|
-
this._outboundPolicies.push(`<cache-store duration="${this._cacheOptions.duration ?? 60}" />`);
|
|
168
|
-
}
|
|
169
|
-
buildBackendCert() {
|
|
170
|
-
if (!this._backendCert)
|
|
171
|
-
return;
|
|
172
|
-
this._inboundPolicies.push(`<authentication-certificate thumbprint="${this._backendCert.thumbprint}" />`);
|
|
173
|
-
}
|
|
174
|
-
buildVerifyClientCert() {
|
|
175
|
-
if (!this._verifyClientCert)
|
|
176
|
-
return;
|
|
177
|
-
this._inboundPolicies.push(`<choose>
|
|
178
|
-
<when condition="@(context.Request.Certificate == null${this._verifyClientCert.verifyCert
|
|
179
|
-
? ' || !context.Request.Certificate.VerifyNoRevocation()'
|
|
180
|
-
: ''}${this._verifyClientCert.issuer
|
|
181
|
-
? ` || context.Request.Certificate.Issuer != "${this._verifyClientCert.issuer}"`
|
|
182
|
-
: ''}${this._verifyClientCert.subject
|
|
183
|
-
? ` || context.Request.Certificate.SubjectName.Name != "${this._verifyClientCert.subject}"`
|
|
184
|
-
: ''}${this._verifyClientCert.thumbprint
|
|
185
|
-
? ` || context.Request.Certificate.Thumbprint != "${this._verifyClientCert.thumbprint}"`
|
|
186
|
-
: ''})" >
|
|
187
|
-
<return-response>
|
|
188
|
-
<set-status code="403" reason="Invalid client certificate" />
|
|
189
|
-
</return-response>
|
|
190
|
-
</when>
|
|
191
|
-
</choose>`);
|
|
192
|
-
}
|
|
193
|
-
buildCors() {
|
|
194
|
-
if (!this._cors)
|
|
195
|
-
return;
|
|
196
|
-
const orgs = this._cors.origins
|
|
197
|
-
? this._cors.origins.map((o) => `<origin>${o}</origin>`)
|
|
198
|
-
: ['<origin>*</origin>'];
|
|
199
|
-
const cors = `<cors allow-credentials="${Array.isArray(this._cors.origins)}">
|
|
200
|
-
<allowed-origins>
|
|
201
|
-
${orgs.join('\n')}
|
|
202
|
-
</allowed-origins>
|
|
203
|
-
<allowed-methods preflight-result-max-age="300">
|
|
204
|
-
<method>*</method>
|
|
205
|
-
</allowed-methods>
|
|
206
|
-
<allowed-headers>
|
|
207
|
-
<header>*</header>
|
|
208
|
-
</allowed-headers>
|
|
209
|
-
</cors>`;
|
|
210
|
-
this._inboundPolicies.push(cors);
|
|
211
|
-
}
|
|
212
|
-
buildValidateJwtWhitelistIp() {
|
|
213
|
-
if (!this._validateJwtWhitelistIp)
|
|
214
|
-
return;
|
|
215
|
-
const claimKey = this._validateJwtWhitelistIp.claimKey ?? 'client_IpWhitelist';
|
|
120
|
+
const claimKey = props.claimKey ?? 'client_IpWhitelist';
|
|
216
121
|
const setHeader = `<set-header name="IpAddressValidation" exists-action="override">
|
|
217
122
|
<value>@{
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
{
|
|
225
|
-
if (authHeaderParts[1].TryParseJwt(out Jwt jwt))
|
|
226
|
-
{
|
|
227
|
-
var ipsWhitelist = jwt.Claims.GetValueOrDefault("${claimKey}", "");
|
|
228
|
-
IEnumerable<string> ips = ipsWhitelist
|
|
229
|
-
.Split(new char[] { ';', ',' }, StringSplitOptions.RemoveEmptyEntries)
|
|
230
|
-
.Select(p => p.Trim());
|
|
231
|
-
|
|
232
|
-
if(string.IsNullOrEmpty(ipsWhitelist) || ips.Contains(context.Request.IpAddress))
|
|
233
|
-
{
|
|
234
|
-
ipAddressValid = true;
|
|
235
|
-
}
|
|
236
|
-
}
|
|
237
|
-
}
|
|
238
|
-
}
|
|
239
|
-
else
|
|
123
|
+
Boolean ipAddressValid = false;
|
|
124
|
+
string authHeader = context.Request.Headers.GetValueOrDefault("Authorization", "");
|
|
125
|
+
if (authHeader?.Length > 0)
|
|
126
|
+
{
|
|
127
|
+
string[] authHeaderParts = authHeader.Split(' ');
|
|
128
|
+
if (authHeaderParts?.Length == 2 && authHeaderParts[0].Equals("Bearer", StringComparison.InvariantCultureIgnoreCase))
|
|
240
129
|
{
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
130
|
+
if (authHeaderParts[1].TryParseJwt(out Jwt jwt))
|
|
131
|
+
{
|
|
132
|
+
var ipsWhitelist = jwt.Claims.GetValueOrDefault("${claimKey}", "");
|
|
133
|
+
IEnumerable<string> ips = ipsWhitelist
|
|
134
|
+
.Split(new char[] { ';', ',' }, StringSplitOptions.RemoveEmptyEntries)
|
|
135
|
+
.Select(p => p.Trim());
|
|
136
|
+
|
|
137
|
+
if(string.IsNullOrEmpty(ipsWhitelist) || ips.Contains(context.Request.IpAddress))
|
|
138
|
+
{
|
|
139
|
+
ipAddressValid = true;
|
|
140
|
+
}
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
}
|
|
144
|
+
else
|
|
145
|
+
{
|
|
146
|
+
ipAddressValid = true;
|
|
147
|
+
}
|
|
148
|
+
return ipAddressValid.ToString();
|
|
149
|
+
}</value>
|
|
246
150
|
</set-header>`;
|
|
247
151
|
const checkHeader = `<choose>
|
|
248
152
|
<when condition="@(context.Request.Headers.GetValueOrDefault("IpAddressValidation", "").Equals(Boolean.FalseString))">
|
|
@@ -257,12 +161,12 @@ class ApimPolicyBuilder {
|
|
|
257
161
|
</when>
|
|
258
162
|
</choose>`;
|
|
259
163
|
//Create Policy Fragment
|
|
260
|
-
const pfName = `${this.
|
|
164
|
+
const pfName = `${this.args.apimServiceName}-validateJwtWhitelistIp-pf`;
|
|
261
165
|
new apim.PolicyFragment(pfName, {
|
|
262
166
|
id: pfName,
|
|
263
167
|
description: pfName,
|
|
264
|
-
serviceName: this.
|
|
265
|
-
resourceGroupName: this.
|
|
168
|
+
serviceName: this.args.apimServiceName,
|
|
169
|
+
resourceGroupName: this.args.group.resourceGroupName,
|
|
266
170
|
format: 'xml',
|
|
267
171
|
value: `
|
|
268
172
|
<fragment>
|
|
@@ -272,12 +176,12 @@ class ApimPolicyBuilder {
|
|
|
272
176
|
`,
|
|
273
177
|
});
|
|
274
178
|
this._inboundPolicies.push(`<include-fragment fragment-id="${pfName}" />`);
|
|
179
|
+
return this;
|
|
275
180
|
}
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
const
|
|
280
|
-
const policy = `<ip-filter action="allow">\r\n${ipAddresses
|
|
181
|
+
/** IP Address Whitelisting */
|
|
182
|
+
setWhitelistIPs(props) {
|
|
183
|
+
const ipAddresses = props.ipAddresses;
|
|
184
|
+
const policy = `\t<ip-filter action="allow">\r\n${ipAddresses
|
|
281
185
|
.map((ip) => {
|
|
282
186
|
if (ip.includes('/')) {
|
|
283
187
|
const range = (0, Helper_1.getIpsRange)(ip);
|
|
@@ -286,46 +190,107 @@ class ApimPolicyBuilder {
|
|
|
286
190
|
return `<address>${ip}</address>`;
|
|
287
191
|
})
|
|
288
192
|
.join('\r\n')}
|
|
289
|
-
|
|
193
|
+
\t</ip-filter>`;
|
|
290
194
|
this._inboundPolicies.push(policy);
|
|
195
|
+
return this;
|
|
196
|
+
}
|
|
197
|
+
verifyClientCert(props) {
|
|
198
|
+
this._certVerification = props;
|
|
199
|
+
return this;
|
|
200
|
+
}
|
|
201
|
+
forwardToServiceBus(props) {
|
|
202
|
+
this.authIdentity({
|
|
203
|
+
variableName: 'x-forward-to-bus',
|
|
204
|
+
setHeaderKey: 'Authorization',
|
|
205
|
+
resource: 'https://servicebus.azure.net',
|
|
206
|
+
ignoreError: false,
|
|
207
|
+
});
|
|
208
|
+
this.setBaseUrl({
|
|
209
|
+
url: `https://${props.serviceBusName}.servicebus.windows.net`,
|
|
210
|
+
});
|
|
211
|
+
this.rewriteUri({ template: `${props.topicOrQueueName}/messages` });
|
|
212
|
+
if (props.brokerProperties) {
|
|
213
|
+
Object.keys(props.brokerProperties).forEach((key) => this.setHeader({
|
|
214
|
+
name: key,
|
|
215
|
+
type: types.SetHeaderTypes.append,
|
|
216
|
+
value: props.brokerProperties[key],
|
|
217
|
+
}));
|
|
218
|
+
}
|
|
219
|
+
return this;
|
|
220
|
+
}
|
|
221
|
+
setResponseHeaders(props) {
|
|
222
|
+
let rs = `\t<set-header name="${props.name}" exists-action="${props.type}">`;
|
|
223
|
+
if (props.value) {
|
|
224
|
+
rs += ` <value>${props.value}</value>`;
|
|
225
|
+
}
|
|
226
|
+
rs += '</set-header>';
|
|
227
|
+
this._outboundPolicies.push(rs);
|
|
228
|
+
return this;
|
|
229
|
+
}
|
|
230
|
+
/**Replace outbound results */
|
|
231
|
+
findAndReplacesResponse(props) {
|
|
232
|
+
this._outboundPolicies.push(`<find-and-replace from="${props.from}" to="${props.to}" />`);
|
|
233
|
+
return this;
|
|
291
234
|
}
|
|
292
|
-
|
|
293
|
-
|
|
235
|
+
setResponse(...props) {
|
|
236
|
+
const options = props.map((c) => c.conditionStatusCode
|
|
237
|
+
? `\t<when condition="@(context.Response.StatusCode == ${c.conditionStatusCode})">
|
|
238
|
+
<set-status code="${c.responseStatusCode ?? 200}" />
|
|
239
|
+
<set-body>${c.responseBody}</set-body>
|
|
240
|
+
\t</when>`
|
|
241
|
+
: `\t<when condition="${c.condition}">
|
|
242
|
+
<set-status code="${c.responseStatusCode ?? 200}" />
|
|
243
|
+
<set-body>${c.responseBody}</set-body>
|
|
244
|
+
\t</when>`);
|
|
245
|
+
this._outboundPolicies.push(`\t<choose>
|
|
246
|
+
${options.join('\n')}
|
|
247
|
+
\t</choose>`);
|
|
248
|
+
return this;
|
|
249
|
+
}
|
|
250
|
+
buildCors() {
|
|
251
|
+
if (!this._cors)
|
|
294
252
|
return;
|
|
295
|
-
this.
|
|
296
|
-
.map((
|
|
297
|
-
|
|
253
|
+
const orgs = this._cors?.origins
|
|
254
|
+
? this._cors.origins.map((o) => `<origin>${o}</origin>`)
|
|
255
|
+
: ['<origin>*</origin>'];
|
|
256
|
+
const cors = `<cors allow-credentials="${Array.isArray(this._cors?.origins)}">
|
|
257
|
+
<allowed-origins>
|
|
258
|
+
${orgs.join('\n')}
|
|
259
|
+
</allowed-origins>
|
|
260
|
+
<allowed-methods preflight-result-max-age="300">
|
|
261
|
+
<method>*</method>
|
|
262
|
+
</allowed-methods>
|
|
263
|
+
<allowed-headers>
|
|
264
|
+
<header>*</header>
|
|
265
|
+
</allowed-headers>
|
|
266
|
+
</cors>`;
|
|
267
|
+
this._inboundPolicies.push(cors);
|
|
268
|
+
}
|
|
269
|
+
buildCertVerification() {
|
|
270
|
+
if (!this._certVerification)
|
|
271
|
+
return;
|
|
272
|
+
this._inboundPolicies.push(`<choose>
|
|
273
|
+
<when condition="@(context.Request.Certificate == null${this._certVerification.verifyCert
|
|
274
|
+
? ' || !context.Request.Certificate.VerifyNoRevocation()'
|
|
275
|
+
: ''}${this._certVerification.issuer
|
|
276
|
+
? ` || context.Request.Certificate.Issuer != "${this._certVerification.issuer}"`
|
|
277
|
+
: ''}${this._certVerification.subject
|
|
278
|
+
? ` || context.Request.Certificate.SubjectName.Name != "${this._certVerification.subject}"`
|
|
279
|
+
: ''}${this._certVerification.thumbprint
|
|
280
|
+
? ` || context.Request.Certificate.Thumbprint != "${this._certVerification.thumbprint}"`
|
|
281
|
+
: ''})" >
|
|
282
|
+
<return-response>
|
|
283
|
+
<set-status code="403" reason="Invalid client certificate" />
|
|
284
|
+
</return-response>
|
|
285
|
+
</when>
|
|
286
|
+
</choose>`);
|
|
298
287
|
}
|
|
299
|
-
// private buildCustomRules() {
|
|
300
|
-
// if (this._inboundCustomPolicies) {
|
|
301
|
-
// this._inboundPolicies.push(
|
|
302
|
-
// ...this._inboundCustomPolicies.map((i) => i.policy),
|
|
303
|
-
// );
|
|
304
|
-
// }
|
|
305
|
-
// if (this._outboundPolicies) {
|
|
306
|
-
// this._outboundPolicies.push(
|
|
307
|
-
// ...this._outboundCustomPolicies.map((i) => i.policy),
|
|
308
|
-
// );
|
|
309
|
-
// }
|
|
310
|
-
// }
|
|
311
288
|
build() {
|
|
312
|
-
this.buildHeaders();
|
|
313
|
-
this.buildCacheOptions();
|
|
314
|
-
this.buildMockResponse();
|
|
315
|
-
this.buildRateLimit();
|
|
316
|
-
this.buildBackendCert();
|
|
317
289
|
this.buildCors();
|
|
318
|
-
this.buildValidateJwtWhitelistIp();
|
|
319
|
-
this.buildWhiteListIps();
|
|
320
|
-
this.buildFindAndReplace();
|
|
321
|
-
this.buildRewriteUri();
|
|
322
|
-
this.buildCheckHeaders();
|
|
323
|
-
this.buildBaseUrl();
|
|
324
|
-
//this.buildCustomRules();
|
|
325
290
|
//This must be a last rule
|
|
326
|
-
this.
|
|
291
|
+
this.buildCertVerification();
|
|
327
292
|
let backend = '<base />';
|
|
328
|
-
if (!this.
|
|
293
|
+
if (!this._mockResponse) {
|
|
329
294
|
backend =
|
|
330
295
|
'<forward-request timeout="120" follow-redirects="true" buffer-request-body="true" fail-on-error-status-code="true"/>';
|
|
331
296
|
}
|
|
@@ -373,4 +338,4 @@ class ApimPolicyBuilder {
|
|
|
373
338
|
}
|
|
374
339
|
}
|
|
375
340
|
exports.default = ApimPolicyBuilder;
|
|
376
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXBpbVBvbGljeUJ1aWxkZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQnVpbGRlci9BcGltUG9saWN5QnVpbGRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEseUVBQTJEO0FBQzNELHNDQUF5QztBQUN6QywyQ0FBNkM7QUFDN0MsbUNBa0JpQjtBQUVqQixNQUFxQixpQkFBaUI7SUFxQlQ7SUFwQm5CLFFBQVEsR0FBZ0MsU0FBUyxDQUFDO0lBQ2xELFdBQVcsR0FBbUMsU0FBUyxDQUFDO0lBQ3hELFVBQVUsR0FBa0MsU0FBUyxDQUFDO0lBQ3RELGFBQWEsR0FBaUMsU0FBUyxDQUFDO0lBQ3hELFlBQVksR0FBaUMsU0FBUyxDQUFDO0lBQ3ZELGlCQUFpQixHQUFtQyxTQUFTLENBQUM7SUFDOUQsS0FBSyxHQUE2QixTQUFTLENBQUM7SUFDNUMsdUJBQXVCLEdBQzdCLFNBQVMsQ0FBQztJQUNKLGNBQWMsR0FBd0IsRUFBRSxDQUFDO0lBQ3pDLFFBQVEsR0FBd0IsRUFBRSxDQUFDO0lBQ25DLGFBQWEsR0FBMEIsRUFBRSxDQUFDO0lBQzFDLGFBQWEsR0FBMEIsRUFBRSxDQUFDO0lBQzFDLGdCQUFnQixHQUE2QixFQUFFLENBQUM7SUFDeEQsOERBQThEO0lBQzlELCtEQUErRDtJQUV2RCxnQkFBZ0IsR0FBYSxFQUFFLENBQUM7SUFDaEMsaUJBQWlCLEdBQWEsRUFBRSxDQUFDO0lBRXpDLFlBQTJCLEtBQTRCO1FBQTVCLFVBQUssR0FBTCxLQUFLLENBQXVCO0lBQUcsQ0FBQztJQUVwRCxVQUFVLENBQUMsS0FBc0I7UUFDdEMsSUFBSSxDQUFDLFFBQVEsR0FBRyxLQUFLLENBQUM7UUFDdEIsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBQ00sU0FBUyxDQUFDLEtBQXdCO1FBQ3ZDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQzFCLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUNNLFdBQVcsQ0FBQyxLQUEwQjtRQUMzQyxJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUMvQixPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFDTSxZQUFZLENBQUMsS0FBd0I7UUFDMUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDaEMsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBQ00sVUFBVSxDQUFDLEtBQXlCO1FBQ3pDLElBQUksQ0FBQyxXQUFXLEdBQUcsS0FBSyxDQUFDO1FBQ3pCLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUNNLFlBQVksQ0FBQyxLQUF3QjtRQUMxQyxJQUFJLENBQUMsVUFBVSxHQUFHLEtBQUssQ0FBQztRQUN4QixPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFDTSxlQUFlLENBQUMsS0FBdUI7UUFDNUMsSUFBSSxDQUFDLGFBQWEsR0FBRyxLQUFLLENBQUM7UUFDM0IsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBQ00sY0FBYyxDQUFDLEtBQXVCO1FBQzNDLElBQUksQ0FBQyxZQUFZLEdBQUcsS0FBSyxDQUFDO1FBQzFCLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUNNLGdCQUFnQixDQUFDLEtBQXlCO1FBQy9DLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxLQUFLLENBQUM7UUFDL0IsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBQ00sT0FBTyxDQUFDLEtBQW1CO1FBQ2hDLElBQUksQ0FBQyxLQUFLLEdBQUcsS0FBSyxDQUFDO1FBQ25CLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUNNLGlCQUFpQixDQUFDLEtBQTZCO1FBQ3BELElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDO1lBQ2pCLElBQUksRUFBRSxLQUFLLENBQUMsU0FBUyxJQUFJLEtBQUsscUJBQVksV0FBVztZQUNyRCxLQUFLLEVBQUUsOEJBQThCO1lBQ3JDLElBQUksRUFBRSxzQkFBYyxDQUFDLFFBQVE7U0FDOUIsQ0FBQyxDQUFDO1FBQ0gsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRUQsa0NBQWtDO0lBQzNCLHNCQUFzQixDQUMzQixLQUFxQztRQUVyQyxJQUFJLENBQUMsdUJBQXVCLEdBQUcsS0FBSyxDQUFDO1FBQ3JDLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVELDhCQUE4QjtJQUN2QixlQUFlLENBQUMsS0FBMEI7UUFDL0MsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDL0IsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRUQsOEJBQThCO0lBQ3ZCLGtCQUFrQixDQUFDLEtBQTZCO1FBQ3JELElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDbEMsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRUQsaUJBQWlCO0lBQ2pCLDhFQUE4RTtJQUM5RSw2Q0FBNkM7SUFDN0MsaUJBQWlCO0lBQ2pCLElBQUk7SUFDSiwwRUFBMEU7SUFDMUUsOENBQThDO0lBQzlDLGlCQUFpQjtJQUNqQixJQUFJO0lBRUksWUFBWTtRQUNsQixJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVE7WUFBRSxPQUFPO1FBQzNCLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQ3hCLGtDQUFrQyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsTUFBTSxDQUMxRCxDQUFDO0lBQ0osQ0FBQztJQUVPLFlBQVk7UUFDbEIsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FDeEIsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFO1lBQ3pCLElBQUksRUFBRSxHQUFHLHVCQUF1QixDQUFDLENBQUMsSUFBSSxvQkFBb0IsQ0FBQyxDQUFDLElBQUksSUFBSSxDQUFDO1lBQ3JFLElBQUksQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFDO2dCQUNaLEVBQUUsSUFBSSxXQUFXLENBQUMsQ0FBQyxLQUFLLFVBQVUsQ0FBQztZQUNyQyxDQUFDO1lBQ0QsRUFBRSxJQUFJLGVBQWUsQ0FBQztZQUN0QixPQUFPLEVBQUUsQ0FBQztRQUNaLENBQUMsQ0FBQyxDQUNILENBQUM7SUFDSixDQUFDO0lBRU8saUJBQWlCO1FBQ3ZCLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQ3hCLEdBQUcsSUFBSSxDQUFDLGFBQWEsQ0FBQyxHQUFHLENBQ3ZCLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyx5QkFDTixFQUFFLENBQUMsSUFDTCx3RUFDRSxFQUFFLENBQUMsSUFDTDtNQUNGLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxVQUFVLENBQUMsVUFBVSxDQUFDLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFO2tCQUN6RCxDQUNYLENBQ0YsQ0FBQztJQUNKLENBQUM7SUFFTyxpQkFBaUI7UUFDdkIsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FDeEIsR0FBRyxJQUFJLENBQUMsY0FBYyxDQUFDLEdBQUcsQ0FDeEIsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUNKLCtCQUErQixDQUFDLENBQUMsSUFBSSxJQUFJLEdBQUcsbUJBQW1CLENBQUMsQ0FBQyxXQUFXLElBQUksa0JBQWtCLE1BQU0sQ0FDM0csQ0FDRixDQUFDO0lBQ0osQ0FBQztJQUVPLGVBQWU7UUFDckIsSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXO1lBQUUsT0FBTztRQUU5QixJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUN4QiwwQkFBMEIsSUFBSSxDQUFDLFdBQVcsQ0FBQyxRQUFRLElBQUksR0FBRyxNQUFNLENBQ2pFLENBQUM7SUFDSixDQUFDO0lBRU8sY0FBYztRQUNwQixJQUFJLENBQUMsSUFBSSxDQUFDLFVBQVU7WUFBRSxPQUFPO1FBQzdCLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQ3hCLElBQUksQ0FBQyxVQUFVLENBQUMsb0JBQW9CO1lBQ2xDLENBQUMsQ0FBQyw2QkFBNkIsSUFBSSxDQUFDLFVBQVUsQ0FBQyxLQUFLLElBQUksRUFBRSxxQkFBcUIsSUFBSSxDQUFDLFVBQVUsQ0FBQyxRQUFRLElBQUksRUFBRSxnS0FBZ0s7WUFDN1EsQ0FBQyxDQUFDLDZCQUE2QixJQUFJLENBQUMsVUFBVSxDQUFDLEtBQUssSUFBSSxFQUFFLHFCQUFxQixJQUFJLENBQUMsVUFBVSxDQUFDLFFBQVEsSUFBSSxFQUFFLGlEQUFpRCxDQUNqSyxDQUFDO0lBQ0osQ0FBQztJQUVPLGlCQUFpQjtRQUN2QixJQUFJLENBQUMsSUFBSSxDQUFDLGFBQWE7WUFBRSxPQUFPO1FBQ2hDLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUM7Ozs7Z0RBSWlCLENBQUMsQ0FBQztRQUM5QyxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUN6QiwwQkFBMEIsSUFBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLElBQUksRUFBRSxNQUFNLENBQ2xFLENBQUM7SUFDSixDQUFDO0lBRU8sZ0JBQWdCO1FBQ3RCLElBQUksQ0FBQyxJQUFJLENBQUMsWUFBWTtZQUFFLE9BQU87UUFDL0IsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FDeEIsMkNBQTJDLElBQUksQ0FBQyxZQUFZLENBQUMsVUFBVSxNQUFNLENBQzlFLENBQUM7SUFDSixDQUFDO0lBRU8scUJBQXFCO1FBQzNCLElBQUksQ0FBQyxJQUFJLENBQUMsaUJBQWlCO1lBQUUsT0FBTztRQUNwQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDO2dFQUVyQixJQUFJLENBQUMsaUJBQWlCLENBQUMsVUFBVTtZQUMvQixDQUFDLENBQUMsdURBQXVEO1lBQ3pELENBQUMsQ0FBQyxFQUNOLEdBQ0UsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU07WUFDM0IsQ0FBQyxDQUFDLDhDQUE4QyxJQUFJLENBQUMsaUJBQWlCLENBQUMsTUFBTSxHQUFHO1lBQ2hGLENBQUMsQ0FBQyxFQUNOLEdBQ0UsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU87WUFDNUIsQ0FBQyxDQUFDLHdEQUF3RCxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxHQUFHO1lBQzNGLENBQUMsQ0FBQyxFQUNOLEdBQ0UsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFVBQVU7WUFDL0IsQ0FBQyxDQUFDLGtEQUFrRCxJQUFJLENBQUMsaUJBQWlCLENBQUMsVUFBVSxHQUFHO1lBQ3hGLENBQUMsQ0FBQyxFQUNOOzs7OztjQUtNLENBQUMsQ0FBQztJQUNkLENBQUM7SUFFTyxTQUFTO1FBQ2YsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLO1lBQUUsT0FBTztRQUN4QixNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU87WUFDN0IsQ0FBQyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQztZQUN4RCxDQUFDLENBQUMsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1FBRTNCLE1BQU0sSUFBSSxHQUFHLDRCQUE0QixLQUFLLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDOztVQUVwRSxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQzs7Ozs7Ozs7UUFRakIsQ0FBQztRQUNMLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDbkMsQ0FBQztJQUVPLDJCQUEyQjtRQUNqQyxJQUFJLENBQUMsSUFBSSxDQUFDLHVCQUF1QjtZQUFFLE9BQU87UUFDMUMsTUFBTSxRQUFRLEdBQ1osSUFBSSxDQUFDLHVCQUF1QixDQUFDLFFBQVEsSUFBSSxvQkFBb0IsQ0FBQztRQUNoRSxNQUFNLFNBQVMsR0FBRzs7Ozs7Ozs7Ozs7d0RBV2tDLFFBQVE7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Z0JBbUJoRCxDQUFDO1FBQ2IsTUFBTSxXQUFXLEdBQUc7Ozs7Ozs7Ozs7O1VBV2QsQ0FBQztRQUVQLHdCQUF3QjtRQUN4QixNQUFNLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxpQkFBaUIsQ0FBQztRQUNuRCxJQUFJLElBQUksQ0FBQyxjQUFjLENBQUMsTUFBTSxFQUFFO1lBQzlCLEVBQUUsRUFBRSxNQUFNO1lBQ1YsV0FBVyxFQUFFLE1BQU07WUFDbkIsV0FBVyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsZUFBZTtZQUN2QyxpQkFBaUIsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxpQkFBaUI7WUFDckQsTUFBTSxFQUFFLEtBQUs7WUFDYixLQUFLLEVBQUU7O2NBRUMsU0FBUztjQUNULFdBQVc7O09BRWxCO1NBQ0YsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxrQ0FBa0MsTUFBTSxNQUFNLENBQUMsQ0FBQztJQUM3RSxDQUFDO0lBRU8saUJBQWlCO1FBQ3ZCLElBQUksSUFBSSxDQUFDLGFBQWEsQ0FBQyxNQUFNLElBQUksQ0FBQztZQUFFLE9BQU87UUFFM0MsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLGFBQWEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRSxDQUFDLEVBQUUsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUN2RSxNQUFNLE1BQU0sR0FBRyxpQ0FBaUMsV0FBVzthQUN4RCxHQUFHLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRTtZQUNWLElBQUksRUFBRSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUNyQixNQUFNLEtBQUssR0FBRyxJQUFBLG9CQUFXLEVBQUMsRUFBRSxDQUFDLENBQUM7Z0JBQzlCLE9BQU8sd0JBQXdCLEtBQUssQ0FBQyxLQUFLLFNBQVMsS0FBSyxDQUFDLElBQUksTUFBTSxDQUFDO1lBQ3RFLENBQUM7WUFDRCxPQUFPLFlBQVksRUFBRSxZQUFZLENBQUM7UUFDcEMsQ0FBQyxDQUFDO2FBQ0QsSUFBSSxDQUFDLE1BQU0sQ0FBQztxQkFDRSxDQUFDO1FBRWxCLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVPLG1CQUFtQjtRQUN6QixJQUFJLENBQUMsSUFBSSxDQUFDLGdCQUFnQjtZQUFFLE9BQU87UUFDbkMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FDekIsR0FBRyxJQUFJLENBQUMsZ0JBQWdCO2FBQ3JCLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsMkJBQTJCLENBQUMsQ0FBQyxJQUFJLFNBQVMsQ0FBQyxDQUFDLEVBQUUsTUFBTSxDQUFDO2FBQ2hFLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FDZCxDQUFDO0lBQ0osQ0FBQztJQUVELCtCQUErQjtJQUMvQix1Q0FBdUM7SUFDdkMsa0NBQWtDO0lBQ2xDLDZEQUE2RDtJQUM3RCxTQUFTO0lBQ1QsTUFBTTtJQUNOLGtDQUFrQztJQUNsQyxtQ0FBbUM7SUFDbkMsOERBQThEO0lBQzlELFNBQVM7SUFDVCxNQUFNO0lBQ04sSUFBSTtJQUVHLEtBQUs7UUFDVixJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDcEIsSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7UUFDekIsSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7UUFDekIsSUFBSSxDQUFDLGNBQWMsRUFBRSxDQUFDO1FBQ3RCLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1FBQ3hCLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztRQUNqQixJQUFJLENBQUMsMkJBQTJCLEVBQUUsQ0FBQztRQUNuQyxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztRQUN6QixJQUFJLENBQUMsbUJBQW1CLEVBQUUsQ0FBQztRQUMzQixJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7UUFDdkIsSUFBSSxDQUFDLGlCQUFpQixFQUFFLENBQUM7UUFDekIsSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDO1FBQ3BCLDBCQUEwQjtRQUMxQiwwQkFBMEI7UUFDMUIsSUFBSSxDQUFDLHFCQUFxQixFQUFFLENBQUM7UUFFN0IsSUFBSSxPQUFPLEdBQUcsVUFBVSxDQUFDO1FBQ3pCLElBQUksQ0FBQyxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDekIsT0FBTztnQkFDTCxzSEFBc0gsQ0FBQztRQUMzSCxDQUFDO1FBRUQsTUFBTSxTQUFTLEdBQUc7OztRQUdkLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDOzs7UUFHaEMsT0FBTzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztRQTRCUCxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQzs7Ozs7WUFLN0IsQ0FBQztRQUVULE9BQU8sU0FBUyxDQUFDO0lBQ25CLENBQUM7Q0FDRjtBQWhaRCxvQ0FnWkMifQ==
|
|
341
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXBpbVBvbGljeUJ1aWxkZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvQnVpbGRlci9BcGltUG9saWN5QnVpbGRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEseUVBQTJEO0FBQzNELHNDQUF5QztBQUN6QywyQ0FBNkM7QUFDN0MsK0NBQWlDO0FBR2pDLE1BQXFCLGlCQUFpQjtJQU9UO0lBTm5CLGdCQUFnQixHQUFhLEVBQUUsQ0FBQztJQUNoQyxpQkFBaUIsR0FBYSxFQUFFLENBQUM7SUFDakMsaUJBQWlCLEdBQXlDLFNBQVMsQ0FBQztJQUNwRSxhQUFhLEdBQVksS0FBSyxDQUFDO0lBQy9CLEtBQUssR0FBbUMsU0FBUyxDQUFDO0lBRTFELFlBQTJCLElBQWlDO1FBQWpDLFNBQUksR0FBSixJQUFJLENBQTZCO0lBQUcsQ0FBQztJQUV6RCxTQUFTLENBQUMsS0FBOEI7UUFDN0MsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FDeEIscUNBQXFDLEtBQUssQ0FBQyxRQUFRLGVBQWUsS0FBSyxDQUFDLFFBQVEsTUFBTSxDQUN2RixDQUFDO1FBQ0YsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU0sUUFBUSxDQUFDLEtBQTZCO1FBQzNDLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQ3hCLFlBQVksSUFBSSxLQUFLO1lBQ25CLENBQUMsQ0FBQyw2Q0FBNkMsS0FBSyxDQUFDLFVBQVUsTUFBTTtZQUNyRSxDQUFDLENBQUMsaURBQWlELEtBQUssQ0FBQyxNQUFNLGVBQWUsS0FBSyxDQUFDLFFBQVEsTUFBTSxDQUNyRyxDQUFDO1FBQ0YsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU0sWUFBWSxDQUNqQixLQUFpQztRQUVqQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUN4QixVQUFVLElBQUksS0FBSztZQUNqQixDQUFDLENBQUMsZ0RBQWdELEtBQUssQ0FBQyxRQUFRLGdCQUFnQixLQUFLLENBQUMsUUFBUSxpQ0FBaUMsS0FBSyxDQUFDLFlBQVksbUJBQW1CLEtBQUssQ0FBQyxXQUFXLEtBQUs7WUFDMUwsQ0FBQyxDQUFDLGdEQUFnRCxLQUFLLENBQUMsUUFBUSxpQ0FBaUMsS0FBSyxDQUFDLFlBQVksbUJBQW1CLEtBQUssQ0FBQyxXQUFXLEtBQUssQ0FDL0osQ0FBQztRQUVGLElBQUksS0FBSyxDQUFDLFlBQVk7WUFDcEIsSUFBSSxDQUFDLFNBQVMsQ0FBQztnQkFDYixJQUFJLEVBQUUsS0FBSyxDQUFDLFlBQVk7Z0JBQ3hCLElBQUksRUFBRSxLQUFLLENBQUMsY0FBYyxDQUFDLFFBQVE7Z0JBQ25DLEtBQUssRUFBRSxzQ0FBc0MsS0FBSyxDQUFDLFlBQVksVUFBVTthQUMxRSxDQUFDLENBQUM7UUFFTCxPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFTSxVQUFVLENBQUMsS0FBNEI7UUFDNUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FDeEIsb0NBQW9DLEtBQUssQ0FBQyxHQUFHLE1BQU0sQ0FDcEQsQ0FBQztRQUNGLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVNLFNBQVMsQ0FBQyxLQUE4QjtRQUM3QyxJQUFJLEVBQUUsR0FBRyx1QkFBdUIsS0FBSyxDQUFDLElBQUksb0JBQW9CLEtBQUssQ0FBQyxJQUFJLElBQUksQ0FBQztRQUM3RSxJQUFJLEtBQUssQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNoQixFQUFFLElBQUksV0FBVyxLQUFLLENBQUMsS0FBSyxVQUFVLENBQUM7UUFDekMsQ0FBQztRQUNELEVBQUUsSUFBSSxlQUFlLENBQUM7UUFFdEIsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUMvQixPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFTSxXQUFXLENBQ2hCLEtBQWdDO1FBRWhDLE1BQU0sRUFBRSxHQUFHLHlCQUNULEtBQUssQ0FBQyxJQUNSLHdFQUNFLEtBQUssQ0FBQyxJQUNSO01BQ0UsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLFVBQVUsQ0FBQyxVQUFVLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUU7a0JBQy9ELENBQUM7UUFFZixJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQy9CLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVNLFlBQVksQ0FDakIsS0FBOEI7UUFFOUIsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FDeEIsK0JBQStCLEtBQUssQ0FBQyxJQUFJLElBQUksR0FBRyxtQkFBbUIsS0FBSyxDQUFDLFdBQVcsSUFBSSxrQkFBa0IsTUFBTSxDQUNqSCxDQUFDO1FBQ0YsSUFBSSxDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUM7UUFDMUIsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU0sVUFBVSxDQUFDLEtBQStCO1FBQy9DLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQ3hCLDBCQUEwQixLQUFLLENBQUMsUUFBUSxJQUFJLEdBQUcsTUFBTSxDQUN0RCxDQUFDO1FBQ0YsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU0sWUFBWSxDQUNqQixLQUE4QjtRQUU5QixJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUN4QixLQUFLLENBQUMsb0JBQW9CO1lBQ3hCLENBQUMsQ0FBQyw2QkFBNkIsS0FBSyxDQUFDLEtBQUssSUFBSSxFQUFFLHFCQUFxQixLQUFLLENBQUMsUUFBUSxJQUFJLEVBQUUsZ0tBQWdLO1lBQ3pQLENBQUMsQ0FBQyw2QkFBNkIsS0FBSyxDQUFDLEtBQUssSUFBSSxFQUFFLHFCQUFxQixLQUFLLENBQUMsUUFBUSxJQUFJLEVBQUUsaURBQWlELENBQzdJLENBQUM7UUFDRixPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFTSxlQUFlLENBQ3BCLEtBQTZCO1FBRTdCLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUM7Ozs7Z0RBSWlCLENBQUMsQ0FBQztRQUM5QyxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUN6QiwwQkFBMEIsS0FBSyxDQUFDLFFBQVEsSUFBSSxFQUFFLE1BQU0sQ0FDckQsQ0FBQztRQUNGLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVNLE9BQU8sQ0FBQyxLQUF5QjtRQUN0QyxJQUFJLENBQUMsS0FBSyxHQUFHLEtBQUssQ0FBQztRQUNuQixPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFTSxpQkFBaUIsQ0FDdEIsS0FBbUM7UUFFbkMsSUFBSSxDQUFDLFNBQVMsQ0FBQztZQUNiLElBQUksRUFBRSxLQUFLLENBQUMsU0FBUyxJQUFJLEtBQUsscUJBQVksV0FBVztZQUNyRCxLQUFLLEVBQUUsOEJBQThCO1lBQ3JDLElBQUksRUFBRSxLQUFLLENBQUMsY0FBYyxDQUFDLFFBQVE7U0FDcEMsQ0FBQyxDQUFDO1FBQ0gsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRUQsa0NBQWtDO0lBQzNCLHNCQUFzQixDQUMzQixLQUEyQztRQUUzQyxNQUFNLFFBQVEsR0FBRyxLQUFLLENBQUMsUUFBUSxJQUFJLG9CQUFvQixDQUFDO1FBQ3hELE1BQU0sU0FBUyxHQUFHOzs7Ozs7Ozs7OzttRUFXNkMsUUFBUTs7Ozs7Ozs7Ozs7Ozs7Ozs7O2dCQWtCM0QsQ0FBQztRQUNiLE1BQU0sV0FBVyxHQUFHOzs7Ozs7Ozs7OztVQVdkLENBQUM7UUFFUCx3QkFBd0I7UUFDeEIsTUFBTSxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWUsNEJBQTRCLENBQUM7UUFDeEUsSUFBSSxJQUFJLENBQUMsY0FBYyxDQUFDLE1BQU0sRUFBRTtZQUM5QixFQUFFLEVBQUUsTUFBTTtZQUNWLFdBQVcsRUFBRSxNQUFNO1lBQ25CLFdBQVcsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWU7WUFDdEMsaUJBQWlCLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsaUJBQWlCO1lBQ3BELE1BQU0sRUFBRSxLQUFLO1lBQ2IsS0FBSyxFQUFFOztjQUVDLFNBQVM7Y0FDVCxXQUFXOztPQUVsQjtTQUNGLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsa0NBQWtDLE1BQU0sTUFBTSxDQUFDLENBQUM7UUFDM0UsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRUQsOEJBQThCO0lBQ3ZCLGVBQWUsQ0FDcEIsS0FBZ0M7UUFFaEMsTUFBTSxXQUFXLEdBQUcsS0FBSyxDQUFDLFdBQVcsQ0FBQztRQUN0QyxNQUFNLE1BQU0sR0FBRyxtQ0FBbUMsV0FBVzthQUMxRCxHQUFHLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRTtZQUNWLElBQUksRUFBRSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUNyQixNQUFNLEtBQUssR0FBRyxJQUFBLG9CQUFXLEVBQUMsRUFBRSxDQUFDLENBQUM7Z0JBQzlCLE9BQU8sd0JBQXdCLEtBQUssQ0FBQyxLQUFLLFNBQVMsS0FBSyxDQUFDLElBQUksTUFBTSxDQUFDO1lBQ3RFLENBQUM7WUFDRCxPQUFPLFlBQVksRUFBRSxZQUFZLENBQUM7UUFDcEMsQ0FBQyxDQUFDO2FBQ0QsSUFBSSxDQUFDLE1BQU0sQ0FBQztlQUNKLENBQUM7UUFFWixJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ25DLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVNLGdCQUFnQixDQUNyQixLQUErQjtRQUUvQixJQUFJLENBQUMsaUJBQWlCLEdBQUcsS0FBSyxDQUFDO1FBQy9CLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVNLG1CQUFtQixDQUN4QixLQUF3QztRQUV4QyxJQUFJLENBQUMsWUFBWSxDQUFDO1lBQ2hCLFlBQVksRUFBRSxrQkFBa0I7WUFDaEMsWUFBWSxFQUFFLGVBQWU7WUFDN0IsUUFBUSxFQUFFLDhCQUE4QjtZQUN4QyxXQUFXLEVBQUUsS0FBSztTQUNuQixDQUFDLENBQUM7UUFDSCxJQUFJLENBQUMsVUFBVSxDQUFDO1lBQ2QsR0FBRyxFQUFFLFdBQVcsS0FBSyxDQUFDLGNBQWMseUJBQXlCO1NBQzlELENBQUMsQ0FBQztRQUNILElBQUksQ0FBQyxVQUFVLENBQUMsRUFBRSxRQUFRLEVBQUUsR0FBRyxLQUFLLENBQUMsZ0JBQWdCLFdBQVcsRUFBRSxDQUFDLENBQUM7UUFDcEUsSUFBSSxLQUFLLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUMzQixNQUFNLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLENBQ2xELElBQUksQ0FBQyxTQUFTLENBQUM7Z0JBQ2IsSUFBSSxFQUFFLEdBQUc7Z0JBQ1QsSUFBSSxFQUFFLEtBQUssQ0FBQyxjQUFjLENBQUMsTUFBTTtnQkFDakMsS0FBSyxFQUFFLEtBQUssQ0FBQyxnQkFBaUIsQ0FBQyxHQUFHLENBQUM7YUFDcEMsQ0FBQyxDQUNILENBQUM7UUFDSixDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU0sa0JBQWtCLENBQ3ZCLEtBQThCO1FBRTlCLElBQUksRUFBRSxHQUFHLHVCQUF1QixLQUFLLENBQUMsSUFBSSxvQkFBb0IsS0FBSyxDQUFDLElBQUksSUFBSSxDQUFDO1FBQzdFLElBQUksS0FBSyxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ2hCLEVBQUUsSUFBSSxXQUFXLEtBQUssQ0FBQyxLQUFLLFVBQVUsQ0FBQztRQUN6QyxDQUFDO1FBQ0QsRUFBRSxJQUFJLGVBQWUsQ0FBQztRQUV0QixJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ2hDLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVELDhCQUE4QjtJQUN2Qix1QkFBdUIsQ0FDNUIsS0FBbUM7UUFFbkMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FDekIsMkJBQTJCLEtBQUssQ0FBQyxJQUFJLFNBQVMsS0FBSyxDQUFDLEVBQUUsTUFBTSxDQUM3RCxDQUFDO1FBQ0YsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU0sV0FBVyxDQUNoQixHQUFHLEtBQXNDO1FBRXpDLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUM5QixDQUFDLENBQUMsbUJBQW1CO1lBQ25CLENBQUMsQ0FBQyx1REFBdUQsQ0FBQyxDQUFDLG1CQUFtQjs4QkFDeEQsQ0FBQyxDQUFDLGtCQUFrQixJQUFJLEdBQUc7c0JBQ25DLENBQUMsQ0FBQyxZQUFZO1VBQzFCO1lBQ0YsQ0FBQyxDQUFDLHNCQUFzQixDQUFDLENBQUMsU0FBUzs4QkFDYixDQUFDLENBQUMsa0JBQWtCLElBQUksR0FBRztzQkFDbkMsQ0FBQyxDQUFDLFlBQVk7VUFDMUIsQ0FDTCxDQUFDO1FBRUYsSUFBSSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQztJQUM1QixPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQztZQUNWLENBQUMsQ0FBQztRQUNWLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUVPLFNBQVM7UUFDZixJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUs7WUFBRSxPQUFPO1FBQ3hCLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxLQUFLLEVBQUUsT0FBTztZQUM5QixDQUFDLENBQUMsSUFBSSxDQUFDLEtBQU0sQ0FBQyxPQUFRLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDO1lBQzFELENBQUMsQ0FBQyxDQUFDLG9CQUFvQixDQUFDLENBQUM7UUFFM0IsTUFBTSxJQUFJLEdBQUcsNEJBQTRCLEtBQUssQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxPQUFPLENBQUM7O1VBRXJFLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDOzs7Ozs7OztRQVFqQixDQUFDO1FBQ0wsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBRU8scUJBQXFCO1FBQzNCLElBQUksQ0FBQyxJQUFJLENBQUMsaUJBQWlCO1lBQUUsT0FBTztRQUVwQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDO2dFQUVyQixJQUFJLENBQUMsaUJBQWlCLENBQUMsVUFBVTtZQUMvQixDQUFDLENBQUMsdURBQXVEO1lBQ3pELENBQUMsQ0FBQyxFQUNOLEdBQ0UsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU07WUFDM0IsQ0FBQyxDQUFDLDhDQUE4QyxJQUFJLENBQUMsaUJBQWlCLENBQUMsTUFBTSxHQUFHO1lBQ2hGLENBQUMsQ0FBQyxFQUNOLEdBQ0UsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE9BQU87WUFDNUIsQ0FBQyxDQUFDLHdEQUF3RCxJQUFJLENBQUMsaUJBQWlCLENBQUMsT0FBTyxHQUFHO1lBQzNGLENBQUMsQ0FBQyxFQUNOLEdBQ0UsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFVBQVU7WUFDL0IsQ0FBQyxDQUFDLGtEQUFrRCxJQUFJLENBQUMsaUJBQWlCLENBQUMsVUFBVSxHQUFHO1lBQ3hGLENBQUMsQ0FBQyxFQUNOOzs7OztjQUtNLENBQUMsQ0FBQztJQUNkLENBQUM7SUFFTSxLQUFLO1FBQ1YsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO1FBQ2pCLDBCQUEwQjtRQUMxQixJQUFJLENBQUMscUJBQXFCLEVBQUUsQ0FBQztRQUU3QixJQUFJLE9BQU8sR0FBRyxVQUFVLENBQUM7UUFDekIsSUFBSSxDQUFDLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUN4QixPQUFPO2dCQUNMLHNIQUFzSCxDQUFDO1FBQzNILENBQUM7UUFFRCxNQUFNLFNBQVMsR0FBRzs7O1FBR2QsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxJQUFJLENBQUM7OztRQUdoQyxPQUFPOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O1FBNEJQLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDOzs7OztZQUs3QixDQUFDO1FBRVQsT0FBTyxTQUFTLENBQUM7SUFDbkIsQ0FBQztDQUNGO0FBalpELG9DQWlaQyJ9
|
|
@@ -1,3 +1,8 @@
|
|
|
1
1
|
import { AzAppBuilderArgs, IAzAppPlanBuilder } from './types';
|
|
2
|
+
import { NamingType } from '../types';
|
|
3
|
+
export declare const getFuncHostInfo: (name: NamingType) => {
|
|
4
|
+
host: string;
|
|
5
|
+
scm: string;
|
|
6
|
+
};
|
|
2
7
|
declare const _default: (props: AzAppBuilderArgs) => IAzAppPlanBuilder;
|
|
3
8
|
export default _default;
|
package/Builder/AzAppBuilder.js
CHANGED
|
@@ -23,6 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
23
23
|
return result;
|
|
24
24
|
};
|
|
25
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
+
exports.getFuncHostInfo = void 0;
|
|
26
27
|
const azure = __importStar(require("@pulumi/azure-native"));
|
|
27
28
|
const types_1 = require("./types");
|
|
28
29
|
const Common_1 = require("../Common");
|
|
@@ -55,29 +56,65 @@ class AzAppBuilder extends types_1.Builder {
|
|
|
55
56
|
});
|
|
56
57
|
}
|
|
57
58
|
buildFuncApps() {
|
|
59
|
+
const { envUIDInfo, logInfo } = this.args;
|
|
58
60
|
this._funcs.map((f) => {
|
|
59
|
-
const
|
|
61
|
+
const fName = Common_1.naming.getFuncAppName(f.name);
|
|
62
|
+
const n = `${this._instanceName}-${fName}`;
|
|
63
|
+
const appSettings = f.appSettings ?? [];
|
|
64
|
+
if (logInfo?.appInsight) {
|
|
65
|
+
appSettings.push({
|
|
66
|
+
name: 'APPINSIGHTS_INSTRUMENTATIONKEY',
|
|
67
|
+
value: logInfo.appInsight.instrumentationKey,
|
|
68
|
+
});
|
|
69
|
+
appSettings.push({
|
|
70
|
+
name: 'APPLICATIONINSIGHTS_CONNECTION_STRING',
|
|
71
|
+
value: logInfo.appInsight.connectionString,
|
|
72
|
+
});
|
|
73
|
+
}
|
|
60
74
|
return new azure.web.WebApp(n, {
|
|
61
75
|
...this.args.group,
|
|
62
|
-
name:
|
|
76
|
+
name: fName,
|
|
63
77
|
enabled: true,
|
|
64
78
|
httpsOnly: true,
|
|
65
|
-
storageAccountRequired: true,
|
|
79
|
+
//storageAccountRequired: true,
|
|
66
80
|
serverFarmId: this._appPlanInstance.id,
|
|
67
81
|
kind: 'FunctionApp',
|
|
82
|
+
identity: {
|
|
83
|
+
type: envUIDInfo
|
|
84
|
+
? azure.web.ManagedServiceIdentityType.SystemAssigned_UserAssigned
|
|
85
|
+
: azure.web.ManagedServiceIdentityType.SystemAssigned,
|
|
86
|
+
userAssignedIdentities: envUIDInfo ? [envUIDInfo.id] : undefined,
|
|
87
|
+
},
|
|
68
88
|
siteConfig: {
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
name: 'AzureWebJobsStorage',
|
|
72
|
-
value: f.storageConnectionString,
|
|
73
|
-
},
|
|
74
|
-
{ name: 'WEBSITE_RUN_FROM_PACKAGE', value: '1' },
|
|
75
|
-
...(f.appSettings ?? []),
|
|
76
|
-
],
|
|
89
|
+
connectionStrings: f.connectionStrings,
|
|
90
|
+
appSettings: f.appSettings ?? [],
|
|
77
91
|
cors: {
|
|
78
92
|
allowedOrigins: ['*'],
|
|
79
93
|
},
|
|
94
|
+
http20Enabled: true,
|
|
95
|
+
use32BitWorkerProcess: false,
|
|
96
|
+
nodeVersion: f.nodeVersion,
|
|
97
|
+
netFrameworkVersion: f.netFrameworkVersion,
|
|
98
|
+
scmIpSecurityRestrictionsDefaultAction: f.network?.ipAddresses
|
|
99
|
+
? 'Deny'
|
|
100
|
+
: 'Allow',
|
|
101
|
+
ipSecurityRestrictionsDefaultAction: f.network?.ipAddresses
|
|
102
|
+
? 'Deny'
|
|
103
|
+
: 'Allow',
|
|
104
|
+
//scmIpSecurityRestrictions: [],
|
|
105
|
+
scmIpSecurityRestrictionsUseMain: Boolean(f.network?.ipAddresses),
|
|
106
|
+
ipSecurityRestrictions: f.network?.ipAddresses
|
|
107
|
+
? f.network?.ipAddresses.map((ip) => ({
|
|
108
|
+
action: 'Allow',
|
|
109
|
+
ipAddress: ip,
|
|
110
|
+
}))
|
|
111
|
+
: undefined,
|
|
80
112
|
},
|
|
113
|
+
publicNetworkAccess: f.network?.privateLink ? 'Disabled' : 'Enabled',
|
|
114
|
+
virtualNetworkSubnetId: f.network?.subnetId,
|
|
115
|
+
vnetContentShareEnabled: Boolean(f.network?.subnetId),
|
|
116
|
+
vnetImagePullEnabled: Boolean(f.network?.subnetId),
|
|
117
|
+
vnetRouteAllEnabled: Boolean(f.network?.subnetId),
|
|
81
118
|
});
|
|
82
119
|
});
|
|
83
120
|
}
|
|
@@ -91,5 +128,13 @@ class AzAppBuilder extends types_1.Builder {
|
|
|
91
128
|
};
|
|
92
129
|
}
|
|
93
130
|
}
|
|
131
|
+
const getFuncHostInfo = (name) => {
|
|
132
|
+
const funcName = Common_1.naming.getFuncAppName(name);
|
|
133
|
+
return {
|
|
134
|
+
host: `${funcName}.azurewebsites.net`,
|
|
135
|
+
scm: `${funcName}.scm.azurewebsites.net`,
|
|
136
|
+
};
|
|
137
|
+
};
|
|
138
|
+
exports.getFuncHostInfo = getFuncHostInfo;
|
|
94
139
|
exports.default = (props) => new AzAppBuilder(props);
|
|
95
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
140
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQXpBcHBCdWlsZGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL0J1aWxkZXIvQXpBcHBCdWlsZGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsNERBQThDO0FBQzlDLG1DQU9pQjtBQUVqQixzQ0FBNkQ7QUFHN0QsTUFBTSxZQUNKLFNBQVEsZUFBcUI7SUFTVDtJQU5ILGFBQWEsQ0FBUztJQUMvQixnQkFBZ0IsR0FBeUMsU0FBUyxDQUFDO0lBRW5FLFFBQVEsR0FBa0MsU0FBUyxDQUFDO0lBQ3BELE1BQU0sR0FBMkIsRUFBRSxDQUFDO0lBRTVDLFlBQW9CLElBQXNCO1FBQ3hDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztRQURNLFNBQUksR0FBSixJQUFJLENBQWtCO1FBRXhDLElBQUksQ0FBQyxhQUFhLEdBQUcsZUFBTSxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDeEQsQ0FBQztJQUVNLFFBQVEsQ0FBQyxLQUF3QjtRQUN0QyxJQUFJLENBQUMsUUFBUSxHQUFHLEtBQUssQ0FBQztRQUN0QixPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFTSxRQUFRLENBQUMsS0FBMkI7UUFDekMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDeEIsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU8sWUFBWTtRQUNsQixJQUFJLENBQUMsZ0JBQWdCLEdBQUcsSUFBSSxLQUFLLENBQUMsR0FBRyxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsYUFBYSxFQUFFO1lBQ3ZFLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLO1lBQ2xCLElBQUksRUFBRSxJQUFJLENBQUMsYUFBYTtZQUN4QixJQUFJLEVBQUUsSUFBSSxDQUFDLFFBQVMsQ0FBQyxJQUFJO1lBQ3pCLEdBQUcsRUFBRSxJQUFJLENBQUMsUUFBUyxDQUFDLEdBQUc7WUFDdkIsYUFBYSxFQUFFLGNBQUs7U0FDckIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVPLGFBQWE7UUFDbkIsTUFBTSxFQUFFLFVBQVUsRUFBRSxPQUFPLEVBQUUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDO1FBRTFDLElBQUksQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUU7WUFDcEIsTUFBTSxLQUFLLEdBQUcsZUFBTSxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDNUMsTUFBTSxDQUFDLEdBQUcsR0FBRyxJQUFJLENBQUMsYUFBYSxJQUFJLEtBQUssRUFBRSxDQUFDO1lBQzNDLE1BQU0sV0FBVyxHQUFHLENBQUMsQ0FBQyxXQUFXLElBQUksRUFBRSxDQUFDO1lBRXhDLElBQUksT0FBTyxFQUFFLFVBQVUsRUFBRSxDQUFDO2dCQUN4QixXQUFXLENBQUMsSUFBSSxDQUFDO29CQUNmLElBQUksRUFBRSxnQ0FBZ0M7b0JBQ3RDLEtBQUssRUFBRSxPQUFPLENBQUMsVUFBVSxDQUFDLGtCQUFrQjtpQkFDN0MsQ0FBQyxDQUFDO2dCQUNILFdBQVcsQ0FBQyxJQUFJLENBQUM7b0JBQ2YsSUFBSSxFQUFFLHVDQUF1QztvQkFDN0MsS0FBSyxFQUFFLE9BQU8sQ0FBQyxVQUFVLENBQUMsZ0JBQWdCO2lCQUMzQyxDQUFDLENBQUM7WUFDTCxDQUFDO1lBRUQsT0FBTyxJQUFJLEtBQUssQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLENBQUMsRUFBRTtnQkFDN0IsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUs7Z0JBQ2xCLElBQUksRUFBRSxLQUFLO2dCQUNYLE9BQU8sRUFBRSxJQUFJO2dCQUNiLFNBQVMsRUFBRSxJQUFJO2dCQUNmLCtCQUErQjtnQkFDL0IsWUFBWSxFQUFFLElBQUksQ0FBQyxnQkFBaUIsQ0FBQyxFQUFFO2dCQUN2QyxJQUFJLEVBQUUsYUFBYTtnQkFDbkIsUUFBUSxFQUFFO29CQUNSLElBQUksRUFBRSxVQUFVO3dCQUNkLENBQUMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLDBCQUEwQixDQUFDLDJCQUEyQjt3QkFDbEUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsMEJBQTBCLENBQUMsY0FBYztvQkFDdkQsc0JBQXNCLEVBQUUsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsU0FBUztpQkFDakU7Z0JBQ0QsVUFBVSxFQUFFO29CQUNWLGlCQUFpQixFQUFFLENBQUMsQ0FBQyxpQkFBaUI7b0JBQ3RDLFdBQVcsRUFBRSxDQUFDLENBQUMsV0FBVyxJQUFJLEVBQUU7b0JBQ2hDLElBQUksRUFBRTt3QkFDSixjQUFjLEVBQUUsQ0FBQyxHQUFHLENBQUM7cUJBQ3RCO29CQUNELGFBQWEsRUFBRSxJQUFJO29CQUNuQixxQkFBcUIsRUFBRSxLQUFLO29CQUM1QixXQUFXLEVBQUUsQ0FBQyxDQUFDLFdBQVc7b0JBQzFCLG1CQUFtQixFQUFFLENBQUMsQ0FBQyxtQkFBbUI7b0JBQzFDLHNDQUFzQyxFQUFFLENBQUMsQ0FBQyxPQUFPLEVBQUUsV0FBVzt3QkFDNUQsQ0FBQyxDQUFDLE1BQU07d0JBQ1IsQ0FBQyxDQUFDLE9BQU87b0JBQ1gsbUNBQW1DLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxXQUFXO3dCQUN6RCxDQUFDLENBQUMsTUFBTTt3QkFDUixDQUFDLENBQUMsT0FBTztvQkFDWCxnQ0FBZ0M7b0JBQ2hDLGdDQUFnQyxFQUFFLE9BQU8sQ0FBQyxDQUFDLENBQUMsT0FBTyxFQUFFLFdBQVcsQ0FBQztvQkFDakUsc0JBQXNCLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxXQUFXO3dCQUM1QyxDQUFDLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDOzRCQUNsQyxNQUFNLEVBQUUsT0FBTzs0QkFDZixTQUFTLEVBQUUsRUFBRTt5QkFDZCxDQUFDLENBQUM7d0JBQ0wsQ0FBQyxDQUFDLFNBQVM7aUJBQ2Q7Z0JBQ0QsbUJBQW1CLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxXQUFXLENBQUMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsU0FBUztnQkFDcEUsc0JBQXNCLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxRQUFRO2dCQUMzQyx1QkFBdUIsRUFBRSxPQUFPLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxRQUFRLENBQUM7Z0JBQ3JELG9CQUFvQixFQUFFLE9BQU8sQ0FBQyxDQUFDLENBQUMsT0FBTyxFQUFFLFFBQVEsQ0FBQztnQkFDbEQsbUJBQW1CLEVBQUUsT0FBTyxDQUFDLENBQUMsQ0FBQyxPQUFPLEVBQUUsUUFBUSxDQUFDO2FBQ2xELENBQUMsQ0FBQztRQUNMLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVNLEtBQUs7UUFDVixJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDcEIsSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO1FBRXJCLE9BQU87WUFDTCxJQUFJLEVBQUUsSUFBSSxDQUFDLGFBQWE7WUFDeEIsS0FBSyxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSztZQUN0QixFQUFFLEVBQUUsSUFBSSxDQUFDLGdCQUFpQixDQUFDLEVBQUU7U0FDOUIsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQUVNLE1BQU0sZUFBZSxHQUFHLENBQUMsSUFBZ0IsRUFBRSxFQUFFO0lBQ2xELE1BQU0sUUFBUSxHQUFHLGVBQU0sQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDN0MsT0FBTztRQUNMLElBQUksRUFBRSxHQUFHLFFBQVEsb0JBQW9CO1FBQ3JDLEdBQUcsRUFBRSxHQUFHLFFBQVEsd0JBQXdCO0tBQ3pDLENBQUM7QUFDSixDQUFDLENBQUM7QUFOVyxRQUFBLGVBQWUsbUJBTTFCO0FBRUYsa0JBQWUsQ0FBQyxLQUF1QixFQUFFLEVBQUUsQ0FDekMsSUFBSSxZQUFZLENBQUMsS0FBSyxDQUFzQixDQUFDIn0=
|