@nuvlore/extension-access-pagerduty 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. package/package.json +4 -19
  2. package/vendor/extension-sso/LICENSE +0 -202
  3. package/vendor/extension-sso/README.md +0 -35
  4. package/vendor/extension-sso/commands/okta-login.md +0 -10
  5. package/vendor/extension-sso/package.json +0 -51
  6. package/vendor/extension-sso/skills/workday-okta-auth/SKILL.md +0 -20
  7. package/vendor/extension-sso/src/autoAuth.mjs +0 -25
  8. package/vendor/extension-sso/src/browserLogin.mjs +0 -1
  9. package/vendor/extension-sso/src/chromeCookies.mjs +0 -1
  10. package/vendor/extension-sso/src/cookieJar.mjs +0 -1
  11. package/vendor/extension-sso/src/extensionAccess.mjs +0 -173
  12. package/vendor/extension-sso/src/htmlSessionExtract.mjs +0 -1
  13. package/vendor/extension-sso/src/oktaAppAccess.mjs +0 -133
  14. package/vendor/extension-sso/src/oktaAppCatalog.mjs +0 -118
  15. package/vendor/extension-sso/src/oktaAppRead.mjs +0 -119
  16. package/vendor/extension-sso/src/oktaConfig.mjs +0 -12
  17. package/vendor/extension-sso/src/oktaSession.mjs +0 -32
  18. package/vendor/extension-sso/src/serviceOperations.mjs +0 -407
  19. package/vendor/extension-sso/src/serviceReadSearch.mjs +0 -395
  20. package/vendor/extension-sso/src/serviceReads.mjs +0 -109
  21. package/vendor/extension-sso/src/serviceRegistry.mjs +0 -497
  22. package/vendor/extension-sso/src/sessionAuth.mjs +0 -339
  23. package/vendor/extension-sso/src/sessionManager.mjs +0 -212
  24. package/vendor/extension-sso/src/sessionValidate.mjs +0 -74
  25. package/vendor/extension-sso/src/ssoConfig.mjs +0 -31
  26. package/vendor/extension-sso/src/ssoHttpRead.mjs +0 -292
  27. package/vendor/extension-sso/tools/extension-access-tools.shared.mjs +0 -16
  28. package/vendor/extension-sso/tools/okta-app-tools.shared.mjs +0 -5
  29. package/vendor/extension-sso/tools/okta-tools.shared.mjs +0 -18
  30. package/vendor/extension-sso/tools/workday_extension_read.mjs +0 -51
  31. package/vendor/extension-sso/tools/workday_extension_read_access.mjs +0 -65
  32. package/vendor/extension-sso/tools/workday_list_extension_access.mjs +0 -39
  33. package/vendor/extension-sso/tools/workday_list_okta_apps.mjs +0 -18
  34. package/vendor/extension-sso/tools/workday_list_service_operations.mjs +0 -41
  35. package/vendor/extension-sso/tools/workday_list_service_read_search_capabilities.mjs +0 -34
  36. package/vendor/extension-sso/tools/workday_list_services.mjs +0 -31
  37. package/vendor/extension-sso/tools/workday_okta_app_probe_all.mjs +0 -24
  38. package/vendor/extension-sso/tools/workday_okta_app_read.mjs +0 -30
  39. package/vendor/extension-sso/tools/workday_okta_app_read_access.mjs +0 -25
  40. package/vendor/extension-sso/tools/workday_okta_auth_header.mjs +0 -58
  41. package/vendor/extension-sso/tools/workday_okta_login.mjs +0 -65
  42. package/vendor/extension-sso/tools/workday_okta_open_app.mjs +0 -63
  43. package/vendor/extension-sso/tools/workday_okta_open_service.mjs +0 -63
  44. package/vendor/extension-sso/tools/workday_okta_status.mjs +0 -35
  45. package/vendor/extension-sso/tools/workday_service_auth.mjs +0 -65
  46. package/vendor/extension-sso/tools/workday_service_operation_read.mjs +0 -51
  47. package/vendor/extension-sso/tools/workday_service_read.mjs +0 -56
  48. package/vendor/extension-sso/tools/workday_service_search.mjs +0 -62
  49. package/vendor/extension-sso/tools/workday_sso_cookie_header.mjs +0 -59
  50. package/vendor/extension-sso/vendor/extension-browser-sso/LICENSE +0 -202
  51. package/vendor/extension-sso/vendor/extension-browser-sso/README.md +0 -16
  52. package/vendor/extension-sso/vendor/extension-browser-sso/package.json +0 -47
  53. package/vendor/extension-sso/vendor/extension-browser-sso/src/autoAuth.mjs +0 -47
  54. package/vendor/extension-sso/vendor/extension-browser-sso/src/browserHttpRead.mjs +0 -76
  55. package/vendor/extension-sso/vendor/extension-browser-sso/src/browserLogin.mjs +0 -24
  56. package/vendor/extension-sso/vendor/extension-browser-sso/src/chromeCookies.mjs +0 -192
  57. package/vendor/extension-sso/vendor/extension-browser-sso/src/cookieJar.mjs +0 -132
  58. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/devops-data-paths.mjs +0 -222
  59. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/devops-diagnostics.mjs +0 -440
  60. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/enterprise-api-read.mjs +0 -180
  61. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/read-only-command-pack.mjs +0 -1
  62. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/read-only-plan.mjs +0 -45
  63. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/read-only-shell-policy.d.mts +0 -26
  64. package/vendor/extension-sso/vendor/extension-browser-sso/src/extensions/toolkit/read-only-shell-policy.mjs +0 -170
  65. package/vendor/extension-sso/vendor/extension-browser-sso/src/htmlSessionExtract.mjs +0 -64
  66. package/vendor/extension-sso/vendor/extension-read-only-toolkit/LICENSE +0 -202
  67. package/vendor/extension-sso/vendor/extension-read-only-toolkit/README.md +0 -29
  68. package/vendor/extension-sso/vendor/extension-read-only-toolkit/package.json +0 -43
  69. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/devops-data-paths.mjs +0 -222
  70. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/devops-diagnostics.mjs +0 -440
  71. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/enterprise-api-read.mjs +0 -180
  72. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/read-only-command-pack.mjs +0 -1
  73. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/read-only-plan.mjs +0 -45
  74. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/read-only-shell-policy.d.mts +0 -26
  75. package/vendor/extension-sso/vendor/extension-read-only-toolkit/src/read-only-shell-policy.mjs +0 -170
@@ -1,497 +0,0 @@
1
- import { OKTA_USER_HOME_APPS } from "./oktaAppCatalog.mjs";
2
-
3
- function slugify(value) {
4
- return String(value)
5
- .toLowerCase()
6
- .replace(/[^a-z0-9]+/g, "-")
7
- .replace(/^-|-$/g, "");
8
- }
9
-
10
- const OKTA_APP_SERVICE_ID_OVERRIDES = {
11
- Slack: "slack",
12
- Sana: "sana",
13
- "Workday - Google Apps Drive": "google-drive",
14
- "Workday Service Hub": "service-hub",
15
- Snyk: "snyk",
16
- "Collibra Data Intelligence Platform": "collibra",
17
- Mixpanel: "mixpanel"
18
- };
19
-
20
- function oktaServiceId(appName) {
21
- return OKTA_APP_SERVICE_ID_OVERRIDES[appName] ?? `okta-${slugify(appName)}`;
22
- }
23
-
24
- function oktaAppExtensionName(appName) {
25
- return `@nuvlore/extension-access-okta-${slugify(appName)}`;
26
- }
27
-
28
- function oktaAppServiceEntry(appName, app) {
29
- return {
30
- extension: oktaAppExtensionName(appName),
31
- label: appName,
32
- auth: "okta-sso",
33
- domains: app.domains ?? [],
34
- oktaAppName: appName,
35
- readAccess: {
36
- readOnly: true,
37
- methods: ["GET"],
38
- mode: "cookie-http",
39
- defaultBaseUrl: app.defaultBaseUrl,
40
- restPathPrefix: app.probePath ?? "/",
41
- oktaAppName: appName,
42
- oktaAppMode: app.mode ?? "cookie-http",
43
- probePath: app.probePath ?? "/"
44
- }
45
- };
46
- }
47
-
48
- const OKTA_APP_SERVICES = Object.fromEntries(
49
- Object.entries(OKTA_USER_HOME_APPS)
50
- .filter(([, app]) => !app.serviceId)
51
- .map(([appName, app]) => [oktaServiceId(appName), oktaAppServiceEntry(appName, app)])
52
- );
53
-
54
- /**
55
- * Strict 1:1 registry: each `id` is one Nuvlore extension package.
56
- * `id` matches agentRuntimeTools.service on that extension.
57
- */
58
- const CORE_WORKDAY_SERVICES = {
59
- sso: {
60
- extension: "@nuvlore/extension-sso",
61
- label: "Okta",
62
- auth: "okta-hub",
63
- domains: ["workday.okta.com", "workdaytech.okta.com"],
64
- readAccess: { readOnly: true, methods: ["GET"], mode: "cookie-http" }
65
- },
66
- bamboo: {
67
- extension: "@nuvlore/extension-bamboo",
68
- ssoAccessExtension: "@nuvlore/extension-access-bamboo",
69
- label: "Bamboo CI",
70
- auth: "okta-sso",
71
- domains: ["bamboo11.workday.com", "bamboo16.workday.com", "bamboo20.workday.com", "bamboo.workday.com"],
72
- readAccess: {
73
- readOnly: true,
74
- methods: ["GET"],
75
- mode: "cookie-http",
76
- defaultBaseUrl: "https://bamboo11.workday.com",
77
- restPathPrefix: "/rest/api/latest"
78
- }
79
- },
80
- bitbucket: {
81
- extension: "@nuvlore/extension-bitbucket",
82
- ssoAccessExtension: "@nuvlore/extension-access-bitbucket",
83
- label: "Bitbucket",
84
- auth: "okta-sso",
85
- domains: ["bitbucket.workday.com"],
86
- readAccess: {
87
- readOnly: true,
88
- methods: ["GET"],
89
- mode: "cookie-http",
90
- defaultBaseUrl: "https://bitbucket.workday.com",
91
- authUrl: "https://bitbucket.workday.com/plugins/servlet/external-login/1?authDest=%2Fdashboard",
92
- restPathPrefix: "/rest/api/latest"
93
- }
94
- },
95
- confluence: {
96
- extension: "@nuvlore/extension-confluence",
97
- ssoAccessExtension: "@nuvlore/extension-access-confluence",
98
- label: "Confluence",
99
- auth: "okta-sso",
100
- domains: ["confluence.workday.com"],
101
- readAccess: {
102
- readOnly: true,
103
- methods: ["GET"],
104
- mode: "cookie-http",
105
- defaultBaseUrl: "https://confluence.workday.com",
106
- restPathPrefix: "/rest/api"
107
- }
108
- },
109
- jira: {
110
- extension: "@nuvlore/extension-jira",
111
- ssoAccessExtension: "@nuvlore/extension-access-jira",
112
- label: "Jira",
113
- auth: "okta-sso",
114
- domains: ["jira2.workday.com"],
115
- readAccess: {
116
- readOnly: true,
117
- methods: ["GET"],
118
- mode: "cookie-http",
119
- defaultBaseUrl: "https://jira2.workday.com",
120
- restPathPrefix: "/rest/api/latest"
121
- }
122
- },
123
- pharos: {
124
- extension: "@nuvlore/extension-pharos",
125
- ssoAccessExtension: "@nuvlore/extension-access-pharos",
126
- label: "Pharos",
127
- auth: "okta-sso",
128
- domains: [
129
- "prod-us.auth.wdpharos.io",
130
- "dev-us.auth.wdpharos.io",
131
- "grafana.produs.us.wdpharos.io",
132
- "grafana.dev.wdpharos.io",
133
- "metrics.produs.us.wdpharos.io",
134
- "metrics-apis.produs.us.wdpharos.io",
135
- "metrics.dev.wdpharos.io",
136
- "metrics-apis.dev.wdpharos.io"
137
- ],
138
- readAccess: {
139
- readOnly: true,
140
- methods: ["GET"],
141
- mode: "cookie-http",
142
- defaultBaseUrl: "https://grafana.produs.us.wdpharos.io",
143
- restPathPrefix: "/api"
144
- }
145
- },
146
- dashboard: {
147
- extension: "@nuvlore/extension-dashboard",
148
- ssoAccessExtension: "@nuvlore/extension-access-dashboard",
149
- label: "Grafana / Solas Dashboards",
150
- auth: "okta-sso",
151
- domains: ["grafana.produs.us.wdpharos.io", "grafana.dev.wdpharos.io", "solas.workday.com"],
152
- readAccess: {
153
- readOnly: true,
154
- methods: ["GET"],
155
- mode: "cookie-http",
156
- defaultBaseUrl: "https://solas.workday.com",
157
- restPathPrefix: "/s/readonly"
158
- }
159
- },
160
- github: {
161
- extension: "@nuvlore/extension-github-enterprise",
162
- ssoAccessExtension: "@nuvlore/extension-access-github",
163
- label: "GitHub Enterprise",
164
- auth: "okta-sso",
165
- domains: ["ghe.megaleo.com", "wd5-master.megaleo.com"],
166
- readAccess: {
167
- readOnly: true,
168
- methods: ["GET"],
169
- mode: "cookie-http",
170
- defaultBaseUrl: "https://ghe.megaleo.com",
171
- restPathPrefix: "/api/v3"
172
- }
173
- },
174
- teamcity: {
175
- extension: "@nuvlore/extension-teamcity",
176
- ssoAccessExtension: "@nuvlore/extension-access-teamcity",
177
- label: "TeamCity",
178
- auth: "okta-sso",
179
- domains: ["toolcity.megaleo.com"],
180
- readAccess: {
181
- readOnly: true,
182
- methods: ["GET"],
183
- mode: "cookie-http",
184
- defaultBaseUrl: "https://toolcity.megaleo.com",
185
- restPathPrefix: "/app/rest"
186
- }
187
- },
188
- pagerduty: {
189
- extension: "@nuvlore/extension-pagerduty",
190
- ssoAccessExtension: "@nuvlore/extension-access-pagerduty",
191
- label: "PagerDuty",
192
- auth: "okta-sso",
193
- domains: ["workday.pagerduty.com", "identity.pagerduty.com", "tickets.pagerduty.com"],
194
- readAccess: {
195
- readOnly: true,
196
- methods: ["GET"],
197
- mode: "cookie-http",
198
- defaultBaseUrl: "https://workday.pagerduty.com",
199
- restPathPrefix: "/api/v2"
200
- }
201
- },
202
- slack: {
203
- extension: "@nuvlore/extension-access-okta-slack",
204
- label: "Slack",
205
- auth: "okta-sso",
206
- domains: ["workday.enterprise.slack.com", "workday.slack.com", "workday-dev.slack.com", "slack.com", "app.slack.com"],
207
- readAccess: {
208
- readOnly: true,
209
- methods: ["GET"],
210
- mode: "cookie-http",
211
- defaultBaseUrl: "https://workday.enterprise.slack.com",
212
- restPathPrefix: "/"
213
- }
214
- },
215
- sana: {
216
- extension: "@nuvlore/extension-access-okta-sana",
217
- label: "Sana",
218
- auth: "okta-sso",
219
- domains: ["workday.sana.ai", "sana.ai", "sanalabs.com"],
220
- readAccess: {
221
- readOnly: true,
222
- methods: ["GET"],
223
- mode: "cookie-http",
224
- defaultBaseUrl: "https://workday.sana.ai",
225
- restPathPrefix: "/"
226
- }
227
- },
228
- "google-drive": {
229
- extension: "@nuvlore/extension-access-okta-workday-google-apps-drive",
230
- label: "Workday Google Drive",
231
- auth: "okta-sso",
232
- domains: ["drive.google.com", "accounts.google.com", "google.com"],
233
- readAccess: {
234
- readOnly: true,
235
- methods: ["GET"],
236
- mode: "cookie-http",
237
- defaultBaseUrl: "https://drive.google.com",
238
- restPathPrefix: "/drive"
239
- }
240
- },
241
- "service-hub": {
242
- extension: "@nuvlore/extension-access-okta-workday-service-hub",
243
- label: "Workday Service Hub",
244
- auth: "okta-sso",
245
- domains: ["workday.service-now.com"],
246
- readAccess: {
247
- readOnly: true,
248
- methods: ["GET"],
249
- mode: "cookie-http",
250
- defaultBaseUrl: "https://workday.service-now.com",
251
- restPathPrefix: "/"
252
- }
253
- },
254
- snyk: {
255
- extension: "@nuvlore/extension-access-okta-snyk",
256
- label: "Snyk",
257
- auth: "okta-sso",
258
- domains: ["app.snyk.io"],
259
- readAccess: {
260
- readOnly: true,
261
- methods: ["GET"],
262
- mode: "cookie-http",
263
- defaultBaseUrl: "https://app.snyk.io",
264
- restPathPrefix: "/"
265
- }
266
- },
267
- collibra: {
268
- extension: "@nuvlore/extension-access-okta-collibra-data-intelligence-platform",
269
- label: "Collibra Data Intelligence Platform",
270
- auth: "okta-sso",
271
- domains: ["workday.collibra.com"],
272
- readAccess: {
273
- readOnly: true,
274
- methods: ["GET"],
275
- mode: "cookie-http",
276
- defaultBaseUrl: "https://workday.collibra.com",
277
- restPathPrefix: "/"
278
- }
279
- },
280
- mixpanel: {
281
- extension: "@nuvlore/extension-access-okta-mixpanel",
282
- label: "Mixpanel",
283
- auth: "okta-sso",
284
- domains: ["mixpanel.com"],
285
- readAccess: {
286
- readOnly: true,
287
- methods: ["GET"],
288
- mode: "cookie-http",
289
- defaultBaseUrl: "https://mixpanel.com",
290
- restPathPrefix: "/"
291
- }
292
- },
293
- kubernetes: {
294
- extension: "@nuvlore/extension-kubernetes",
295
- label: "Kubernetes",
296
- auth: "okta-sso+boundary",
297
- domains: ["boundary.workday.com", "horizon.workdayinternal.com"],
298
- readAccess: {
299
- readOnly: true,
300
- methods: ["get", "describe", "logs"],
301
- mode: "cli-readonly",
302
- note: "Use kubernetes_status_snapshot — kubectl get/describe/logs only."
303
- }
304
- },
305
- "apache-projects": {
306
- extension: "@nuvlore/extension-apache-projects",
307
- label: "Apache Projects",
308
- auth: "public",
309
- domains: ["downloads.apache.org", "archive.apache.org"],
310
- readAccess: {
311
- readOnly: true,
312
- methods: ["GET"],
313
- mode: "public-http",
314
- defaultBaseUrl: "https://downloads.apache.org"
315
- }
316
- },
317
- workflow: {
318
- extension: "@nuvlore/extension-claude-code-client",
319
- label: "Claude Code Workflows",
320
- auth: "local",
321
- domains: [],
322
- readAccess: { readOnly: true, methods: [], mode: "local" }
323
- },
324
- local: {
325
- extension: "@nuvlore/extension-local-diagnostics",
326
- label: "Local Diagnostics",
327
- auth: "local",
328
- domains: [],
329
- readAccess: { readOnly: true, methods: [], mode: "local" }
330
- },
331
- "log-analysis": {
332
- extension: "@nuvlore/extension-log-analysis",
333
- label: "Log Analysis",
334
- auth: "local",
335
- domains: [],
336
- readAccess: { readOnly: true, methods: [], mode: "local" }
337
- },
338
- remote: {
339
- extension: "@nuvlore/extension-remote-readonly",
340
- label: "Remote SSH Read-only",
341
- auth: "ssh",
342
- domains: [],
343
- readAccess: {
344
- readOnly: true,
345
- methods: ["read"],
346
- mode: "ssh-readonly",
347
- note: "Use remote_readonly_command — read-only shell policy."
348
- }
349
- },
350
- repository: {
351
- extension: "@nuvlore/extension-repository",
352
- ssoAccessExtension: "@nuvlore/extension-access-repository",
353
- label: "Repository / Artifactory",
354
- auth: "okta-sso",
355
- domains: ["artifactory.workday.com"],
356
- readAccess: {
357
- readOnly: true,
358
- methods: ["GET"],
359
- mode: "cookie-http",
360
- defaultBaseUrl: "https://artifactory.workday.com",
361
- restPathPrefix: "/artifactory/api"
362
- }
363
- },
364
- review: {
365
- extension: "@nuvlore/extension-review",
366
- label: "Code Review",
367
- auth: "workflow",
368
- domains: [],
369
- requires: ["bitbucket", "github", "jira"],
370
- readAccess: { readOnly: true, methods: ["GET"], mode: "workflow" }
371
- },
372
- "runtime-governance": {
373
- extension: "@nuvlore/extension-runtime-governance",
374
- label: "Runtime Governance",
375
- auth: "local",
376
- domains: [],
377
- readAccess: { readOnly: true, methods: [], mode: "local" }
378
- },
379
- pensiv: {
380
- extension: "@nuvlore/extension-pensiv",
381
- label: "Pensiv Memory",
382
- auth: "mcp",
383
- domains: [],
384
- readAccess: { readOnly: true, methods: ["GET"], mode: "mcp" }
385
- },
386
- "workday-toolkit": {
387
- extension: "@nuvlore/extension-read-only-toolkit",
388
- label: "Workday Toolkit (library)",
389
- auth: "library",
390
- domains: [],
391
- readAccess: { readOnly: true, methods: [], mode: "library" }
392
- },
393
- bds: {
394
- extension: "@nuvlore/extension-bds",
395
- label: "BDS Workflows",
396
- auth: "workflow",
397
- domains: [],
398
- requires: ["jira", "bitbucket", "confluence", "pharos", "dashboard", "kubernetes", "repository"],
399
- readAccess: { readOnly: true, methods: ["GET"], mode: "workflow" }
400
- },
401
- "workday-ci": {
402
- extension: "@nuvlore/extension-workday-ci",
403
- label: "Workday CI Workflows",
404
- auth: "workflow",
405
- domains: [],
406
- requires: ["bamboo", "bitbucket", "github", "jira", "kubernetes", "log-analysis"],
407
- readAccess: { readOnly: true, methods: ["GET"], mode: "workflow" }
408
- },
409
- "workday-enterprise-workflows": {
410
- extension: "@nuvlore/extension-workday-enterprise-workflows",
411
- label: "Workday Enterprise Workflows",
412
- auth: "workflow",
413
- domains: [],
414
- requires: ["bamboo", "bitbucket", "confluence", "github", "jira", "pagerduty", "teamcity", "repository", "review"],
415
- readAccess: { readOnly: true, methods: ["GET"], mode: "workflow" }
416
- },
417
- "workday-infra-access": {
418
- extension: "@nuvlore/extension-workday-infra-access",
419
- label: "Workday Infra Access",
420
- auth: "okta-sso",
421
- domains: [
422
- "signin.aws.amazon.com",
423
- "console.cloud.google.com",
424
- "boundary.workday.com",
425
- "signin.resourcecenter.workday.com",
426
- "dcselfservice.myworkday.com"
427
- ],
428
- readAccess: {
429
- readOnly: true,
430
- methods: ["describe", "list", "get", "logs"],
431
- mode: "cli-readonly",
432
- platforms: {
433
- aws: { domains: ["signin.aws.amazon.com"], tool: "aws_cust_federated_readonly_command_pack" },
434
- gcp: { domains: ["console.cloud.google.com"], tool: "gcp_readonly_command_pack" },
435
- boundary: { domains: ["boundary.workday.com"], tool: "workday_boundary_login", action: "status" }
436
- }
437
- }
438
- },
439
- "workday-sre-workflows": {
440
- extension: "@nuvlore/extension-workday-sre-workflows",
441
- label: "Workday SRE Workflows",
442
- auth: "workflow",
443
- domains: [],
444
- requires: ["pharos", "dashboard", "pagerduty", "kubernetes", "workday-infra-access"],
445
- readAccess: { readOnly: true, methods: ["GET"], mode: "workflow" }
446
- }
447
- };
448
-
449
- export const WORKDAY_SERVICES = {
450
- ...CORE_WORKDAY_SERVICES,
451
- ...OKTA_APP_SERVICES
452
- };
453
-
454
- function assertUniqueExtensions() {
455
- const seen = new Map();
456
- for (const [id, service] of Object.entries(WORKDAY_SERVICES)) {
457
- const pkg = service.extension;
458
- if (seen.has(pkg)) {
459
- throw new Error(`Duplicate extension ${pkg} on services ${seen.get(pkg)} and ${id}`);
460
- }
461
- seen.set(pkg, id);
462
- }
463
- }
464
- assertUniqueExtensions();
465
-
466
- export function listWorkdayServices() {
467
- return Object.entries(WORKDAY_SERVICES).map(([id, service]) => ({ id, ...service }));
468
- }
469
-
470
- export function listWorkdayExtensions() {
471
- return listWorkdayServices();
472
- }
473
-
474
- export function getWorkdayService(id) {
475
- const service = WORKDAY_SERVICES[id];
476
- if (!service) {
477
- throw new Error(`Unknown Workday service: ${id}`);
478
- }
479
- return { id, ...service };
480
- }
481
-
482
- export function getServiceDomains(id) {
483
- return [...(getWorkdayService(id).domains ?? [])];
484
- }
485
-
486
- export function getServiceByExtension(packageName) {
487
- const match = listWorkdayServices().find((service) => service.extension === packageName);
488
- if (!match) {
489
- throw new Error(`No SSO registry entry for extension: ${packageName}`);
490
- }
491
- return match;
492
- }
493
-
494
- export function getRequiredServices(id) {
495
- const service = getWorkdayService(id);
496
- return (service.requires ?? []).map((depId) => getWorkdayService(depId));
497
- }