@mcp-abap-adt/auth-providers 1.0.2 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +15 -0
- package/README.md +0 -13
- package/dist/auth/browserAuth.js +3 -3
- package/dist/auth/oidcToken.d.ts.map +1 -1
- package/dist/auth/oidcToken.js +17 -8
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -2
- package/dist/providers/index.d.ts +0 -2
- package/dist/providers/index.d.ts.map +1 -1
- package/dist/providers/index.js +1 -3
- package/package.json +1 -1
- package/dist/providers/CfPasscodeProvider.d.ts +0 -27
- package/dist/providers/CfPasscodeProvider.d.ts.map +0 -1
- package/dist/providers/CfPasscodeProvider.js +0 -72
package/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,21 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [1.0.4] - 2026-02-11
|
|
11
|
+
|
|
12
|
+
### Changed
|
|
13
|
+
- Remove Cloud Foundry passcode provider and related docs/tests.
|
|
14
|
+
|
|
15
|
+
### Fixed
|
|
16
|
+
- Always send Basic auth header for OIDC password grant, even with empty client secret.
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
## [1.0.3] - 2026-02-11
|
|
20
|
+
|
|
21
|
+
### Fixed
|
|
22
|
+
- Always send Basic auth header for OIDC password grant, even with empty client secret.
|
|
23
|
+
|
|
24
|
+
|
|
10
25
|
## [1.0.2] - 2026-02-11
|
|
11
26
|
|
|
12
27
|
### Added
|
package/README.md
CHANGED
|
@@ -108,7 +108,6 @@ Available providers:
|
|
|
108
108
|
- `OidcDeviceFlowProvider`
|
|
109
109
|
- `OidcPasswordProvider`
|
|
110
110
|
- `OidcTokenExchangeProvider`
|
|
111
|
-
- `CfPasscodeProvider` (Cloud Foundry SSO passcode)
|
|
112
111
|
- `Saml2BearerProvider` (SAML assertion exchange)
|
|
113
112
|
- `Saml2PureProvider` (returns SAMLResponse as token)
|
|
114
113
|
|
|
@@ -147,18 +146,6 @@ const provider = new OidcBrowserProvider({
|
|
|
147
146
|
});
|
|
148
147
|
```
|
|
149
148
|
|
|
150
|
-
Cloud Foundry passcode example:
|
|
151
|
-
|
|
152
|
-
```typescript
|
|
153
|
-
import { CfPasscodeProvider } from '@mcp-abap-adt/auth-providers';
|
|
154
|
-
|
|
155
|
-
const provider = new CfPasscodeProvider({
|
|
156
|
-
uaaUrl: 'https://uaa.cf.example.com',
|
|
157
|
-
clientId: 'cf',
|
|
158
|
-
passcode: '<paste-passcode-here>',
|
|
159
|
-
});
|
|
160
|
-
```
|
|
161
|
-
|
|
162
149
|
SAML bearer example (manual flow):
|
|
163
150
|
|
|
164
151
|
```typescript
|
package/dist/auth/browserAuth.js
CHANGED
|
@@ -51,7 +51,7 @@ const BROWSER_MAP = {
|
|
|
51
51
|
edge: 'msedge',
|
|
52
52
|
firefox: 'firefox',
|
|
53
53
|
system: undefined, // system default
|
|
54
|
-
auto: undefined, // try to open browser, fallback to showing URL
|
|
54
|
+
auto: undefined, // try to open browser, fallback to showing URL
|
|
55
55
|
headless: null, // no browser, log URL and wait for callback (SSH/remote)
|
|
56
56
|
none: null, // no browser, log URL and wait for callback (same as headless)
|
|
57
57
|
};
|
|
@@ -481,7 +481,7 @@ async function startBrowserAuth(authConfig, browser = 'system', logger, port = 3
|
|
|
481
481
|
// Don't open browser, don't reject - just wait for the callback
|
|
482
482
|
return;
|
|
483
483
|
}
|
|
484
|
-
// Handle 'auto' mode - try to open browser, fallback to showing URL
|
|
484
|
+
// Handle 'auto' mode - try to open browser, fallback to showing URL
|
|
485
485
|
if (browser === 'auto') {
|
|
486
486
|
log?.info('🌐 Attempting to open browser for authentication...');
|
|
487
487
|
try {
|
|
@@ -492,7 +492,7 @@ async function startBrowserAuth(authConfig, browser = 'system', logger, port = 3
|
|
|
492
492
|
return;
|
|
493
493
|
}
|
|
494
494
|
catch (error) {
|
|
495
|
-
// If browser cannot be opened, show URL and wait
|
|
495
|
+
// If browser cannot be opened, show URL and wait
|
|
496
496
|
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
497
497
|
log?.warn(`⚠️ Could not open browser automatically: ${errorMessage}`);
|
|
498
498
|
log?.info(`🔗 Please open this URL in your browser to authenticate:`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidcToken.d.ts","sourceRoot":"","sources":["../../src/auth/oidcToken.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAGxD,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AA6BD,wBAAsB,yBAAyB,CAC7C,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,CAoB5B;AAED,wBAAsB,gBAAgB,CACpC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,YAAY,EAAE,MAAM,EACpB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,CAgB5B;AAED,MAAM,WAAW,0BAA0B;IACzC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,wBAAsB,2BAA2B,CAC/C,cAAc,EAAE,MAAM,EACtB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,GAAG,SAAS,EACzB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,0BAA0B,CAAC,CA0BrC;AAED,wBAAsB,gBAAgB,CACpC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,UAAU,EAAE,MAAM,EAClB,QAAQ,GAAE,MAAU,EACpB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,CA8B5B;AAED,wBAAsB,aAAa,CACjC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,GAAG,SAAS,EACzB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,
|
|
1
|
+
{"version":3,"file":"oidcToken.d.ts","sourceRoot":"","sources":["../../src/auth/oidcToken.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAGxD,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AA6BD,wBAAsB,yBAAyB,CAC7C,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,CAoB5B;AAED,wBAAsB,gBAAgB,CACpC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,YAAY,EAAE,MAAM,EACpB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,CAgB5B;AAED,MAAM,WAAW,0BAA0B;IACzC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,wBAAsB,2BAA2B,CAC/C,cAAc,EAAE,MAAM,EACtB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,GAAG,SAAS,EACzB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,0BAA0B,CAAC,CA0BrC;AAED,wBAAsB,gBAAgB,CACpC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,UAAU,EAAE,MAAM,EAClB,QAAQ,GAAE,MAAU,EACpB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,CA8B5B;AAED,wBAAsB,aAAa,CACjC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,GAAG,SAAS,EACzB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,CA6B5B;AAED,wBAAsB,aAAa,CACjC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GAAG,SAAS,EAChC,YAAY,EAAE,MAAM,EACpB,gBAAgB,EAAE,MAAM,EACxB,KAAK,EAAE,MAAM,GAAG,SAAS,EACzB,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,UAAU,CAAC,EAAE,MAAM,EACnB,cAAc,CAAC,EAAE,MAAM,EACvB,MAAM,CAAC,EAAE,OAAO,GACf,OAAO,CAAC,iBAAiB,CAAC,CAgC5B"}
|
package/dist/auth/oidcToken.js
CHANGED
|
@@ -17,7 +17,7 @@ function toBasicAuth(clientId, clientSecret) {
|
|
|
17
17
|
return Buffer.from(`${clientId}:${clientSecret}`).toString('base64');
|
|
18
18
|
}
|
|
19
19
|
function buildAuthHeaders(clientId, clientSecret) {
|
|
20
|
-
if (clientSecret) {
|
|
20
|
+
if (clientSecret !== undefined) {
|
|
21
21
|
return { Authorization: `Basic ${toBasicAuth(clientId, clientSecret)}` };
|
|
22
22
|
}
|
|
23
23
|
return {};
|
|
@@ -128,13 +128,22 @@ async function passwordGrant(tokenEndpoint, clientId, clientSecret, username, pa
|
|
|
128
128
|
params.append('scope', scope);
|
|
129
129
|
}
|
|
130
130
|
logger?.info('[OIDC] Performing password grant', { tokenEndpoint });
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
131
|
+
try {
|
|
132
|
+
const response = await axios_1.default.post(tokenEndpoint, params.toString(), {
|
|
133
|
+
headers: {
|
|
134
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
135
|
+
...buildAuthHeaders(clientId, clientSecret),
|
|
136
|
+
},
|
|
137
|
+
});
|
|
138
|
+
return mapTokenResponse(response.data);
|
|
139
|
+
}
|
|
140
|
+
catch (error) {
|
|
141
|
+
const status = error?.response?.status;
|
|
142
|
+
const data = error?.response?.data;
|
|
143
|
+
const errorCode = data?.error;
|
|
144
|
+
const errorDesc = data?.error_description;
|
|
145
|
+
throw new Error(`OIDC password grant failed (${status || 'unknown'}): ${errorCode || 'unknown'}${errorDesc ? ` - ${errorDesc}` : ''}`);
|
|
146
|
+
}
|
|
138
147
|
}
|
|
139
148
|
async function tokenExchange(tokenEndpoint, clientId, clientSecret, subjectToken, subjectTokenType, scope, audience, actorToken, actorTokenType, logger) {
|
|
140
149
|
const params = new URLSearchParams();
|
package/dist/index.d.ts
CHANGED
|
@@ -5,8 +5,8 @@
|
|
|
5
5
|
* Provides token providers
|
|
6
6
|
*/
|
|
7
7
|
export { BrowserAuthError, RefreshError, ServiceKeyError, SessionDataError, TokenProviderError, ValidationError, } from './errors/TokenProviderErrors';
|
|
8
|
-
export type { AuthorizationCodeProviderConfig,
|
|
9
|
-
export { AuthorizationCodeProvider, BaseTokenProvider,
|
|
8
|
+
export type { AuthorizationCodeProviderConfig, ClientCredentialsProviderConfig, DeviceFlowProviderConfig, OidcBrowserProviderConfig, OidcDeviceFlowProviderConfig, OidcPasswordProviderConfig, OidcTokenExchangeProviderConfig, Saml2BearerProviderConfig, Saml2PureProviderConfig, } from './providers';
|
|
9
|
+
export { AuthorizationCodeProvider, BaseTokenProvider, ClientCredentialsProvider, DeviceFlowProvider, OidcBrowserProvider, OidcDeviceFlowProvider, OidcPasswordProvider, OidcTokenExchangeProvider, Saml2BearerProvider, Saml2PureProvider, } from './providers';
|
|
10
10
|
export { SsoProviderFactory } from './sso/SsoProviderFactory';
|
|
11
11
|
export type { SsoProviderConfig, SsoProviderInstance } from './sso/types';
|
|
12
12
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,eAAe,GAChB,MAAM,8BAA8B,CAAC;AACtC,YAAY,EACV,+BAA+B,EAC/B
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,eAAe,EACf,gBAAgB,EAChB,kBAAkB,EAClB,eAAe,GAChB,MAAM,8BAA8B,CAAC;AACtC,YAAY,EACV,+BAA+B,EAC/B,+BAA+B,EAC/B,wBAAwB,EACxB,yBAAyB,EACzB,4BAA4B,EAC5B,0BAA0B,EAC1B,+BAA+B,EAC/B,yBAAyB,EACzB,uBAAuB,GACxB,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,yBAAyB,EACzB,iBAAiB,EACjB,yBAAyB,EACzB,kBAAkB,EAClB,mBAAmB,EACnB,sBAAsB,EACtB,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,EACnB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAGrB,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,YAAY,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
* Provides token providers
|
|
7
7
|
*/
|
|
8
8
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
-
exports.SsoProviderFactory = exports.Saml2PureProvider = exports.Saml2BearerProvider = exports.OidcTokenExchangeProvider = exports.OidcPasswordProvider = exports.OidcDeviceFlowProvider = exports.OidcBrowserProvider = exports.DeviceFlowProvider = exports.ClientCredentialsProvider = exports.
|
|
9
|
+
exports.SsoProviderFactory = exports.Saml2PureProvider = exports.Saml2BearerProvider = exports.OidcTokenExchangeProvider = exports.OidcPasswordProvider = exports.OidcDeviceFlowProvider = exports.OidcBrowserProvider = exports.DeviceFlowProvider = exports.ClientCredentialsProvider = exports.BaseTokenProvider = exports.AuthorizationCodeProvider = exports.ValidationError = exports.TokenProviderError = exports.SessionDataError = exports.ServiceKeyError = exports.RefreshError = exports.BrowserAuthError = void 0;
|
|
10
10
|
// Errors
|
|
11
11
|
var TokenProviderErrors_1 = require("./errors/TokenProviderErrors");
|
|
12
12
|
Object.defineProperty(exports, "BrowserAuthError", { enumerable: true, get: function () { return TokenProviderErrors_1.BrowserAuthError; } });
|
|
@@ -19,7 +19,6 @@ Object.defineProperty(exports, "ValidationError", { enumerable: true, get: funct
|
|
|
19
19
|
var providers_1 = require("./providers");
|
|
20
20
|
Object.defineProperty(exports, "AuthorizationCodeProvider", { enumerable: true, get: function () { return providers_1.AuthorizationCodeProvider; } });
|
|
21
21
|
Object.defineProperty(exports, "BaseTokenProvider", { enumerable: true, get: function () { return providers_1.BaseTokenProvider; } });
|
|
22
|
-
Object.defineProperty(exports, "CfPasscodeProvider", { enumerable: true, get: function () { return providers_1.CfPasscodeProvider; } });
|
|
23
22
|
Object.defineProperty(exports, "ClientCredentialsProvider", { enumerable: true, get: function () { return providers_1.ClientCredentialsProvider; } });
|
|
24
23
|
Object.defineProperty(exports, "DeviceFlowProvider", { enumerable: true, get: function () { return providers_1.DeviceFlowProvider; } });
|
|
25
24
|
Object.defineProperty(exports, "OidcBrowserProvider", { enumerable: true, get: function () { return providers_1.OidcBrowserProvider; } });
|
|
@@ -7,8 +7,6 @@
|
|
|
7
7
|
export type { AuthorizationCodeProviderConfig } from './AuthorizationCodeProvider';
|
|
8
8
|
export { AuthorizationCodeProvider } from './AuthorizationCodeProvider';
|
|
9
9
|
export { BaseTokenProvider } from './BaseTokenProvider';
|
|
10
|
-
export type { CfPasscodeProviderConfig } from './CfPasscodeProvider';
|
|
11
|
-
export { CfPasscodeProvider } from './CfPasscodeProvider';
|
|
12
10
|
export type { ClientCredentialsProviderConfig } from './ClientCredentialsProvider';
|
|
13
11
|
export { ClientCredentialsProvider } from './ClientCredentialsProvider';
|
|
14
12
|
export type { DeviceFlowProviderConfig } from './DeviceFlowProvider';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/providers/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,YAAY,EAAE,+BAA+B,EAAE,MAAM,6BAA6B,CAAC;AACnF,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,YAAY,EAAE
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/providers/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,YAAY,EAAE,+BAA+B,EAAE,MAAM,6BAA6B,CAAC;AACnF,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,YAAY,EAAE,+BAA+B,EAAE,MAAM,6BAA6B,CAAC;AACnF,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AACxE,YAAY,EAAE,wBAAwB,EAAE,MAAM,sBAAsB,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,YAAY,EAAE,yBAAyB,EAAE,MAAM,uBAAuB,CAAC;AACvE,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,YAAY,EAAE,4BAA4B,EAAE,MAAM,0BAA0B,CAAC;AAC7E,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,YAAY,EAAE,0BAA0B,EAAE,MAAM,wBAAwB,CAAC;AACzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAC9D,YAAY,EAAE,+BAA+B,EAAE,MAAM,6BAA6B,CAAC;AACnF,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AACxE,YAAY,EAAE,yBAAyB,EAAE,MAAM,uBAAuB,CAAC;AACvE,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,YAAY,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AACnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC"}
|
package/dist/providers/index.js
CHANGED
|
@@ -6,13 +6,11 @@
|
|
|
6
6
|
* All providers extend BaseTokenProvider and implement ITokenProvider.
|
|
7
7
|
*/
|
|
8
8
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
-
exports.Saml2PureProvider = exports.Saml2BearerProvider = exports.OidcTokenExchangeProvider = exports.OidcPasswordProvider = exports.OidcDeviceFlowProvider = exports.OidcBrowserProvider = exports.DeviceFlowProvider = exports.ClientCredentialsProvider = exports.
|
|
9
|
+
exports.Saml2PureProvider = exports.Saml2BearerProvider = exports.OidcTokenExchangeProvider = exports.OidcPasswordProvider = exports.OidcDeviceFlowProvider = exports.OidcBrowserProvider = exports.DeviceFlowProvider = exports.ClientCredentialsProvider = exports.BaseTokenProvider = exports.AuthorizationCodeProvider = void 0;
|
|
10
10
|
var AuthorizationCodeProvider_1 = require("./AuthorizationCodeProvider");
|
|
11
11
|
Object.defineProperty(exports, "AuthorizationCodeProvider", { enumerable: true, get: function () { return AuthorizationCodeProvider_1.AuthorizationCodeProvider; } });
|
|
12
12
|
var BaseTokenProvider_1 = require("./BaseTokenProvider");
|
|
13
13
|
Object.defineProperty(exports, "BaseTokenProvider", { enumerable: true, get: function () { return BaseTokenProvider_1.BaseTokenProvider; } });
|
|
14
|
-
var CfPasscodeProvider_1 = require("./CfPasscodeProvider");
|
|
15
|
-
Object.defineProperty(exports, "CfPasscodeProvider", { enumerable: true, get: function () { return CfPasscodeProvider_1.CfPasscodeProvider; } });
|
|
16
14
|
var ClientCredentialsProvider_1 = require("./ClientCredentialsProvider");
|
|
17
15
|
Object.defineProperty(exports, "ClientCredentialsProvider", { enumerable: true, get: function () { return ClientCredentialsProvider_1.ClientCredentialsProvider; } });
|
|
18
16
|
var DeviceFlowProvider_1 = require("./DeviceFlowProvider");
|
package/package.json
CHANGED
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* CF Passcode (SSO) Provider
|
|
3
|
-
*/
|
|
4
|
-
import type { ILogger, ITokenResult, OAuth2GrantType } from '@mcp-abap-adt/interfaces';
|
|
5
|
-
import { BaseTokenProvider } from './BaseTokenProvider';
|
|
6
|
-
export interface CfPasscodeProviderConfig {
|
|
7
|
-
uaaUrl: string;
|
|
8
|
-
clientId: string;
|
|
9
|
-
clientSecret?: string;
|
|
10
|
-
passcode?: string;
|
|
11
|
-
passcodeProvider?: () => Promise<string>;
|
|
12
|
-
username?: string;
|
|
13
|
-
scope?: string;
|
|
14
|
-
accessToken?: string;
|
|
15
|
-
refreshToken?: string;
|
|
16
|
-
logger?: ILogger;
|
|
17
|
-
}
|
|
18
|
-
export declare class CfPasscodeProvider extends BaseTokenProvider {
|
|
19
|
-
private config;
|
|
20
|
-
constructor(config: CfPasscodeProviderConfig);
|
|
21
|
-
protected getAuthType(): OAuth2GrantType;
|
|
22
|
-
protected performLogin(): Promise<ITokenResult>;
|
|
23
|
-
protected performRefresh(): Promise<ITokenResult>;
|
|
24
|
-
private buildTokenEndpoint;
|
|
25
|
-
private resolvePasscode;
|
|
26
|
-
}
|
|
27
|
-
//# sourceMappingURL=CfPasscodeProvider.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"CfPasscodeProvider.d.ts","sourceRoot":"","sources":["../../src/providers/CfPasscodeProvider.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EACV,OAAO,EACP,YAAY,EACZ,eAAe,EAChB,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAExD,MAAM,WAAW,wBAAwB;IACvC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gBAAgB,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;IACzC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,qBAAa,kBAAmB,SAAQ,iBAAiB;IACvD,OAAO,CAAC,MAAM,CAA2B;gBAE7B,MAAM,EAAE,wBAAwB;IAc5C,SAAS,CAAC,WAAW,IAAI,eAAe;cAIxB,YAAY,IAAI,OAAO,CAAC,YAAY,CAAC;cAwBrC,cAAc,IAAI,OAAO,CAAC,YAAY,CAAC;IAuBvD,OAAO,CAAC,kBAAkB;YAKZ,eAAe;CAa9B"}
|
|
@@ -1,72 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
/**
|
|
3
|
-
* CF Passcode (SSO) Provider
|
|
4
|
-
*/
|
|
5
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.CfPasscodeProvider = void 0;
|
|
7
|
-
const interfaces_1 = require("@mcp-abap-adt/interfaces");
|
|
8
|
-
const oidcToken_1 = require("../auth/oidcToken");
|
|
9
|
-
const BaseTokenProvider_1 = require("./BaseTokenProvider");
|
|
10
|
-
class CfPasscodeProvider extends BaseTokenProvider_1.BaseTokenProvider {
|
|
11
|
-
config;
|
|
12
|
-
constructor(config) {
|
|
13
|
-
super();
|
|
14
|
-
this.config = config;
|
|
15
|
-
this.logger = config.logger;
|
|
16
|
-
if (config.accessToken) {
|
|
17
|
-
this.authorizationToken = config.accessToken;
|
|
18
|
-
this.expiresAt = this.parseExpirationFromJWT(config.accessToken);
|
|
19
|
-
}
|
|
20
|
-
if (config.refreshToken) {
|
|
21
|
-
this.refreshToken = config.refreshToken;
|
|
22
|
-
}
|
|
23
|
-
}
|
|
24
|
-
getAuthType() {
|
|
25
|
-
return interfaces_1.AUTH_TYPE_PASSWORD;
|
|
26
|
-
}
|
|
27
|
-
async performLogin() {
|
|
28
|
-
const passcode = await this.resolvePasscode();
|
|
29
|
-
const tokenEndpoint = this.buildTokenEndpoint();
|
|
30
|
-
const username = this.config.username || 'passcode';
|
|
31
|
-
const tokens = await (0, oidcToken_1.passwordGrant)(tokenEndpoint, this.config.clientId, this.config.clientSecret, username, passcode, this.config.scope, this.logger);
|
|
32
|
-
return {
|
|
33
|
-
authorizationToken: tokens.accessToken,
|
|
34
|
-
refreshToken: tokens.refreshToken,
|
|
35
|
-
authType: interfaces_1.AUTH_TYPE_PASSWORD,
|
|
36
|
-
expiresIn: tokens.expiresIn,
|
|
37
|
-
tokenType: 'jwt',
|
|
38
|
-
};
|
|
39
|
-
}
|
|
40
|
-
async performRefresh() {
|
|
41
|
-
if (!this.refreshToken) {
|
|
42
|
-
return this.performLogin();
|
|
43
|
-
}
|
|
44
|
-
const tokenEndpoint = this.buildTokenEndpoint();
|
|
45
|
-
const tokens = await (0, oidcToken_1.refreshOidcToken)(tokenEndpoint, this.config.clientId, this.config.clientSecret, this.refreshToken, this.logger);
|
|
46
|
-
return {
|
|
47
|
-
authorizationToken: tokens.accessToken,
|
|
48
|
-
refreshToken: tokens.refreshToken || this.refreshToken,
|
|
49
|
-
authType: interfaces_1.AUTH_TYPE_PASSWORD,
|
|
50
|
-
expiresIn: tokens.expiresIn,
|
|
51
|
-
tokenType: 'jwt',
|
|
52
|
-
};
|
|
53
|
-
}
|
|
54
|
-
buildTokenEndpoint() {
|
|
55
|
-
const base = this.config.uaaUrl.replace(/\/$/, '');
|
|
56
|
-
return `${base}/oauth/token`;
|
|
57
|
-
}
|
|
58
|
-
async resolvePasscode() {
|
|
59
|
-
if (this.config.passcode) {
|
|
60
|
-
return this.config.passcode;
|
|
61
|
-
}
|
|
62
|
-
if (this.config.passcodeProvider) {
|
|
63
|
-
const code = await this.config.passcodeProvider();
|
|
64
|
-
if (!code) {
|
|
65
|
-
throw new Error('Passcode provider returned empty value');
|
|
66
|
-
}
|
|
67
|
-
return code;
|
|
68
|
-
}
|
|
69
|
-
throw new Error('Passcode is required for CF SSO flow');
|
|
70
|
-
}
|
|
71
|
-
}
|
|
72
|
-
exports.CfPasscodeProvider = CfPasscodeProvider;
|