@p0security/cli 0.13.3 → 0.13.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/drivers/config.d.ts +5 -3
  2. package/dist/drivers/config.js +27 -25
  3. package/dist/drivers/config.js.map +1 -1
  4. package/dist/drivers/env.d.ts +1 -1
  5. package/dist/drivers/env.js +7 -1
  6. package/dist/drivers/env.js.map +1 -1
  7. package/dist/plugins/azure/auth.js +6 -3
  8. package/dist/plugins/azure/auth.js.map +1 -1
  9. package/dist/plugins/google/login.js +3 -3
  10. package/dist/plugins/google/login.js.map +1 -1
  11. package/dist/types/org.d.ts +19 -2
  12. package/package.json +1 -1
package/dist/drivers/config.d.ts CHANGED
@@ -10,6 +10,8 @@ You should have received a copy of the GNU General Public License along with @p0
10
10
  **/
11
11
  import { Config } from "../types/org";
12
12
  export declare const CONFIG_FILE_PATH: string;
13
- export declare function getTenantConfig(): Config;
14
- export declare function saveConfig(orgId: string): Promise<void>;
15
- export declare function loadConfig(): Promise<Config>;
13
+ export declare const getTenantConfig: () => Config;
14
+ /** Use only if the organization is configured with Google login to P0 */
15
+ export declare const getGoogleTenantConfig: () => import("../types/org").GoogleApplicationConfig;
16
+ export declare const saveConfig: (orgId: string) => Promise<void>;
17
+ export declare const loadConfig: () => Promise<Config>;
package/dist/drivers/config.js CHANGED
@@ -12,7 +12,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
12
12
  return (mod && mod.__esModule) ? mod : { "default": mod };
13
13
  };
14
14
  Object.defineProperty(exports, "__esModule", { value: true });
15
- exports.loadConfig = exports.saveConfig = exports.getTenantConfig = exports.CONFIG_FILE_PATH = void 0;
15
+ exports.loadConfig = exports.saveConfig = exports.getGoogleTenantConfig = exports.getTenantConfig = exports.CONFIG_FILE_PATH = void 0;
16
16
  const util_1 = require("../util");
17
17
  const env_1 = require("./env");
18
18
  const firestore_1 = require("./firestore");
@@ -22,32 +22,34 @@ const promises_1 = __importDefault(require("fs/promises"));
22
22
  const path_1 = __importDefault(require("path"));
23
23
  exports.CONFIG_FILE_PATH = path_1.default.join(util_1.P0_PATH, "config.json");
24
24
  let tenantConfig;
25
- function getTenantConfig() {
26
- return tenantConfig;
27
- }
25
+ const getTenantConfig = () => tenantConfig;
28
26
  exports.getTenantConfig = getTenantConfig;
29
- function saveConfig(orgId) {
27
+ /** Use only if the organization is configured with Google login to P0 */
28
+ const getGoogleTenantConfig = () => {
29
+ if ("google" in tenantConfig) {
30
+ return tenantConfig;
31
+ }
32
+ throw "Login failed!\nThis organization is configured to use Google login but the required OAuth client parameters are missing.\nPlease contact support@p0.dev to properly configure your organization login.";
33
+ };
34
+ exports.getGoogleTenantConfig = getGoogleTenantConfig;
35
+ const saveConfig = (orgId) => __awaiter(void 0, void 0, void 0, function* () {
30
36
  var _a;
31
- return __awaiter(this, void 0, void 0, function* () {
32
- const orgDoc = yield (0, firestore_2.getDoc)((0, firestore_1.bootstrapDoc)(`orgs/${orgId}`));
33
- const orgData = orgDoc.data();
34
- if (!orgData)
35
- throw "Could not find organization";
36
- const config = (_a = orgData.config) !== null && _a !== void 0 ? _a : env_1.bootstrapConfig;
37
- (0, stdio_1.print2)(`Saving config to ${exports.CONFIG_FILE_PATH}.`);
38
- const dir = path_1.default.dirname(exports.CONFIG_FILE_PATH);
39
- yield promises_1.default.mkdir(dir, { recursive: true });
40
- yield promises_1.default.writeFile(exports.CONFIG_FILE_PATH, JSON.stringify(config), { mode: "600" });
41
- tenantConfig = config;
42
- });
43
- }
37
+ const orgDoc = yield (0, firestore_2.getDoc)((0, firestore_1.bootstrapDoc)(`orgs/${orgId}`));
38
+ const orgData = orgDoc.data();
39
+ if (!orgData)
40
+ throw "Could not find organization";
41
+ const config = (_a = orgData.config) !== null && _a !== void 0 ? _a : env_1.bootstrapConfig;
42
+ (0, stdio_1.print2)(`Saving config to ${exports.CONFIG_FILE_PATH}.`);
43
+ const dir = path_1.default.dirname(exports.CONFIG_FILE_PATH);
44
+ yield promises_1.default.mkdir(dir, { recursive: true });
45
+ yield promises_1.default.writeFile(exports.CONFIG_FILE_PATH, JSON.stringify(config), { mode: "600" });
46
+ tenantConfig = config;
47
+ });
44
48
  exports.saveConfig = saveConfig;
45
- function loadConfig() {
46
- return __awaiter(this, void 0, void 0, function* () {
47
- const buffer = yield promises_1.default.readFile(exports.CONFIG_FILE_PATH);
48
- tenantConfig = JSON.parse(buffer.toString());
49
- return tenantConfig;
50
- });
51
- }
49
+ const loadConfig = () => __awaiter(void 0, void 0, void 0, function* () {
50
+ const buffer = yield promises_1.default.readFile(exports.CONFIG_FILE_PATH);
51
+ tenantConfig = JSON.parse(buffer.toString());
52
+ return tenantConfig;
53
+ });
52
54
  exports.loadConfig = loadConfig;
53
55
  //# sourceMappingURL=config.js.map
package/dist/drivers/config.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/drivers/config.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAWA,kCAAkC;AAClC,+BAAwC;AACxC,2CAA2C;AAC3C,mCAAiC;AACjC,kDAA4C;AAC5C,2DAA6B;AAC7B,gDAAwB;AAEX,QAAA,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,cAAO,EAAE,aAAa,CAAC,CAAC;AAElE,IAAI,YAAoB,CAAC;AAEzB,SAAgB,eAAe;IAC7B,OAAO,YAAY,CAAC;AACtB,CAAC;AAFD,0CAEC;AAED,SAAsB,UAAU,CAAC,KAAa;;;QAC5C,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAM,EACzB,IAAA,wBAAY,EAAC,QAAQ,KAAK,EAAE,CAAC,CAC9B,CAAC;QACF,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;QAE9B,IAAI,CAAC,OAAO;YAAE,MAAM,6BAA6B,CAAC;QAElD,MAAM,MAAM,GAAG,MAAA,OAAO,CAAC,MAAM,mCAAI,qBAAe,CAAC;QAEjD,IAAA,cAAM,EAAC,oBAAoB,wBAAgB,GAAG,CAAC,CAAC;QAEhD,MAAM,GAAG,GAAG,cAAI,CAAC,OAAO,CAAC,wBAAgB,CAAC,CAAC;QAC3C,MAAM,kBAAE,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzC,MAAM,kBAAE,CAAC,SAAS,CAAC,wBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAE9E,YAAY,GAAG,MAAM,CAAC;;CACvB;AAjBD,gCAiBC;AAED,SAAsB,UAAU;;QAC9B,MAAM,MAAM,GAAG,MAAM,kBAAE,CAAC,QAAQ,CAAC,wBAAgB,CAAC,CAAC;QACnD,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC7C,OAAO,YAAY,CAAC;IACtB,CAAC;CAAA;AAJD,gCAIC"}
1
+ {"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/drivers/config.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAWA,kCAAkC;AAClC,+BAAwC;AACxC,2CAA2C;AAC3C,mCAAiC;AACjC,kDAA4C;AAC5C,2DAA6B;AAC7B,gDAAwB;AAEX,QAAA,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,cAAO,EAAE,aAAa,CAAC,CAAC;AAElE,IAAI,YAAoB,CAAC;AAElB,MAAM,eAAe,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC;AAArC,QAAA,eAAe,mBAAsB;AAElD,yEAAyE;AAClE,MAAM,qBAAqB,GAAG,GAAG,EAAE;IACxC,IAAI,QAAQ,IAAI,YAAY,EAAE;QAC5B,OAAO,YAAY,CAAC;KACrB;IACD,MAAM,wMAAwM,CAAC;AACjN,CAAC,CAAC;AALW,QAAA,qBAAqB,yBAKhC;AAEK,MAAM,UAAU,GAAG,CAAO,KAAa,EAAE,EAAE;;IAChD,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAM,EACzB,IAAA,wBAAY,EAAC,QAAQ,KAAK,EAAE,CAAC,CAC9B,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;IAE9B,IAAI,CAAC,OAAO;QAAE,MAAM,6BAA6B,CAAC;IAElD,MAAM,MAAM,GAAG,MAAA,OAAO,CAAC,MAAM,mCAAI,qBAAe,CAAC;IAEjD,IAAA,cAAM,EAAC,oBAAoB,wBAAgB,GAAG,CAAC,CAAC;IAEhD,MAAM,GAAG,GAAG,cAAI,CAAC,OAAO,CAAC,wBAAgB,CAAC,CAAC;IAC3C,MAAM,kBAAE,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,MAAM,kBAAE,CAAC,SAAS,CAAC,wBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAE9E,YAAY,GAAG,MAAM,CAAC;AACxB,CAAC,CAAA,CAAC;AAjBW,QAAA,UAAU,cAiBrB;AAEK,MAAM,UAAU,GAAG,GAAS,EAAE;IACnC,MAAM,MAAM,GAAG,MAAM,kBAAE,CAAC,QAAQ,CAAC,wBAAgB,CAAC,CAAC;IACnD,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC7C,OAAO,YAAY,CAAC;AACtB,CAAC,CAAA,CAAC;AAJW,QAAA,UAAU,cAIrB"}
package/dist/drivers/env.d.ts CHANGED
@@ -9,7 +9,7 @@ export declare const bootstrapConfig: {
9
9
  };
10
10
  google: {
11
11
  clientId: string;
12
- clientSecret: string;
12
+ publicClientSecretForPkce: string;
13
13
  };
14
14
  appUrl: string;
15
15
  environment: string;
package/dist/drivers/env.js CHANGED
@@ -32,7 +32,13 @@ exports.bootstrapConfig = {
32
32
  clientId: (_g = env.P0_GOOGLE_OIDC_CLIENT_ID) !== null && _g !== void 0 ? _g : "228132571547-kilcq1er15hlbl6mitghttnacp7u58l8.apps.googleusercontent.com",
33
33
  // Despite the name, this is not actually "secret" in any sense of the word.
34
34
  // Instead, the client is protected by requiring PKCE and defining the redirect URIs.
35
- clientSecret: (_h = env.P0_GOOGLE_OIDC_CLIENT_SECRET) !== null && _h !== void 0 ? _h : "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",
35
+ // PKCE achieves similar security guarantees for public clients with an on-the-fly
36
+ // generated secret (the code verifier) as the static secret does for confidential clients.
37
+ // See also: https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow-with-pkce
38
+ // In the PKCE flow the client secret is an optional parameter, however, Google's
39
+ // implementation requires it. That's why the "secret" is present here.
40
+ // This "secret" is only used if the organization uses Google Workspace to log in to P0.
41
+ publicClientSecretForPkce: (_h = env.P0_GOOGLE_OIDC_CLIENT_SECRET) !== null && _h !== void 0 ? _h : "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",
36
42
  },
37
43
  appUrl: (_j = env.P0_APP_URL) !== null && _j !== void 0 ? _j : "https://api.p0.app",
38
44
  environment: (_k = env.P0_ENV) !== null && _k !== void 0 ? _k : "production",
package/dist/drivers/env.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"env.js","sourceRoot":"","sources":["../../src/drivers/env.ts"],"names":[],"mappings":";;;;;;;AAAA;;;;;;;;;GASG;AACH,oDAA4B;AAE5B,gBAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;AAEX,QAAA,eAAe,GAAG;IAC7B,EAAE,EAAE;QACF,wDAAwD;QACxD,MAAM,EAAE,MAAA,GAAG,CAAC,aAAa,mCAAI,yCAAyC;QACtE,UAAU,EAAE,MAAA,GAAG,CAAC,iBAAiB,mCAAI,yBAAyB;QAC9D,SAAS,EAAE,MAAA,GAAG,CAAC,gBAAgB,mCAAI,SAAS;QAC5C,aAAa,EAAE,MAAA,GAAG,CAAC,oBAAoB,mCAAI,qBAAqB;QAChE,iBAAiB,EAAE,MAAA,GAAG,CAAC,yBAAyB,mCAAI,cAAc;QAClE,KAAK,EAAE,MAAA,GAAG,CAAC,YAAY,mCAAI,2CAA2C;KACvE;IACD,MAAM,EAAE;QACN,QAAQ,EACN,MAAA,GAAG,CAAC,wBAAwB,mCAC5B,0EAA0E;QAC5E,4EAA4E;QAC5E,qFAAqF;QACrF,YAAY,EACV,MAAA,GAAG,CAAC,4BAA4B,mCAAI,qCAAqC;KAC5E;IACD,MAAM,EAAE,MAAA,GAAG,CAAC,UAAU,mCAAI,oBAAoB;IAC9C,WAAW,EAAE,MAAA,GAAG,CAAC,MAAM,mCAAI,YAAY;CACxC,CAAC"}
1
+ {"version":3,"file":"env.js","sourceRoot":"","sources":["../../src/drivers/env.ts"],"names":[],"mappings":";;;;;;;AAAA;;;;;;;;;GASG;AACH,oDAA4B;AAE5B,gBAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;AAEX,QAAA,eAAe,GAAG;IAC7B,EAAE,EAAE;QACF,wDAAwD;QACxD,MAAM,EAAE,MAAA,GAAG,CAAC,aAAa,mCAAI,yCAAyC;QACtE,UAAU,EAAE,MAAA,GAAG,CAAC,iBAAiB,mCAAI,yBAAyB;QAC9D,SAAS,EAAE,MAAA,GAAG,CAAC,gBAAgB,mCAAI,SAAS;QAC5C,aAAa,EAAE,MAAA,GAAG,CAAC,oBAAoB,mCAAI,qBAAqB;QAChE,iBAAiB,EAAE,MAAA,GAAG,CAAC,yBAAyB,mCAAI,cAAc;QAClE,KAAK,EAAE,MAAA,GAAG,CAAC,YAAY,mCAAI,2CAA2C;KACvE;IACD,MAAM,EAAE;QACN,QAAQ,EACN,MAAA,GAAG,CAAC,wBAAwB,mCAC5B,0EAA0E;QAC5E,4EAA4E;QAC5E,qFAAqF;QACrF,kFAAkF;QAClF,2FAA2F;QAC3F,uHAAuH;QACvH,iFAAiF;QACjF,uEAAuE;QACvE,wFAAwF;QACxF,yBAAyB,EACvB,MAAA,GAAG,CAAC,4BAA4B,mCAAI,qCAAqC;KAC5E;IACD,MAAM,EAAE,MAAA,GAAG,CAAC,UAAU,mCAAI,oBAAoB;IAC9C,WAAW,EAAE,MAAA,GAAG,CAAC,MAAM,mCAAI,YAAY;CACxC,CAAC"}
package/dist/plugins/azure/auth.js CHANGED
@@ -34,7 +34,10 @@ const knownAccountSetErrors = [
34
34
  message: "Failed to set the active Azure subscription. Please try again.",
35
35
  },
36
36
  ];
37
- const normalizeAzureCliError = (error, normalizedErrors) => {
37
+ const normalizeAzureCliError = (error, normalizedErrors, options) => {
38
+ if (options.debug) {
39
+ (0, stdio_1.print2)(error);
40
+ }
38
41
  for (const { pattern, message } of normalizedErrors) {
39
42
  if (pattern.test(error.stderr)) {
40
43
  throw message;
@@ -89,7 +92,7 @@ const performLogin = (subscriptionId, { debug }) => __awaiter(void 0, void 0, vo
89
92
  }
90
93
  }
91
94
  catch (error) {
92
- throw normalizeAzureCliError(error, knownLoginErrors);
95
+ throw normalizeAzureCliError(error, knownLoginErrors, { debug });
93
96
  }
94
97
  });
95
98
  const performSetAccount = (subscriptionId, { debug }) => __awaiter(void 0, void 0, void 0, function* () {
@@ -104,7 +107,7 @@ const performSetAccount = (subscriptionId, { debug }) => __awaiter(void 0, void
104
107
  }
105
108
  }
106
109
  catch (error) {
107
- throw normalizeAzureCliError(error, knownAccountSetErrors);
110
+ throw normalizeAzureCliError(error, knownAccountSetErrors, { debug });
108
111
  }
109
112
  });
110
113
  const getUserPrincipalName = ({ debug }) => __awaiter(void 0, void 0, void 0, function* () {
package/dist/plugins/azure/auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/plugins/azure/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,+CAA6C;AAC7C,qCAAkC;AAGlC,MAAM,gBAAgB,GAAiB;IACrC;QACE,OAAO,EACL,6FAA6F;QAC/F,OAAO,EAAE,gDAAgD;KAC1D;CACF,CAAC;AAEF,MAAM,qBAAqB,GAAiB;IAC1C;QACE,OAAO,EAAE,+DAA+D;QACxE,OAAO,EAAE,gEAAgE;KAC1E;CACF,CAAC;AAEF,MAAM,sBAAsB,GAAG,CAAC,KAAU,EAAE,gBAA8B,EAAE,EAAE;IAC5E,KAAK,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,gBAAgB,EAAE;QACnD,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YAC9B,MAAM,OAAO,CAAC;SACf;KACF;IACD,MAAM,KAAK,CAAC;AACd,CAAC,CAAC;AAEK,MAAM,cAAc,GAAG,GAAG,EAAE,CAAC,CAAC;IACnC,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,OAAO,CAAC;CAChB,CAAC,CAAC;AAHU,QAAA,cAAc,kBAGxB;AAEI,MAAM,eAAe,GAAG,GAAG,EAAE,CAAC,CAAC;IACpC,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,QAAQ,CAAC;CACjB,CAAC,CAAC;AAHU,QAAA,eAAe,mBAGzB;AAEI,MAAM,mBAAmB,GAAG,CAAC,cAAsB,EAAE,EAAE,CAAC,CAAC;IAC9D,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,cAAc,CAAC;CAC3D,CAAC,CAAC;AAHU,QAAA,mBAAmB,uBAG7B;AAEI,MAAM,8BAA8B,GAAG,GAAG,EAAE,CAAC,CAAC;IACnD,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,KAAK,CAAC;CAC/D,CAAC,CAAC;AAHU,QAAA,8BAA8B,kCAGxC;AAEH,MAAM,aAAa,GAAG,CAAO,EAAE,KAAK,EAAuB,EAAE,EAAE;IAC7D,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,IAAA,uBAAe,GAAE,CAAC;QACvE,MAAM,YAAY,GAAG,MAAM,IAAA,WAAI,EAAC,WAAW,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAE5E,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAC5B,IAAA,cAAM,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC;SAC7B;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,EAAE;YACT,iDAAiD;YACjD,IAAA,cAAM,EAAC,oBAAoB,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;SAC5C;KACF;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,YAAY,GAAG,CACnB,cAAsB,EACtB,EAAE,KAAK,EAAuB,EAC9B,EAAE;IACF,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAA,sBAAc,GAAE,CAAC;QACpE,MAAM,WAAW,GAAG,MAAM,IAAA,WAAI,EAAC,UAAU,EAAE,WAAW,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEzE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YAC3B,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YAC3B,IAAA,cAAM,EAAC,wCAAwC,cAAc,KAAK,CAAC,CAAC;SACrE;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,MAAM,sBAAsB,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;KACvD;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,cAAsB,EACtB,EAAE,KAAK,EAAuB,EAC9B,EAAE;IACF,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,gBAAgB,EAAE,GACxD,IAAA,2BAAmB,EAAC,cAAc,CAAC,CAAC;QACtC,MAAM,gBAAgB,GAAG,MAAM,IAAA,WAAI,EAAC,eAAe,EAAE,gBAAgB,EAAE;YACrE,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QAEH,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAChC,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;SACjC;KACF;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,sBAAsB,CAAC,KAAK,EAAE,qBAAqB,CAAC,CAAC;KAC5D;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,oBAAoB,GAAG,CAAO,EAAE,KAAK,EAAuB,EAAE,EAAE;IACpE,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAA,sCAA8B,GAAE,CAAC;QAC3D,MAAM,iBAAiB,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACrE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,8BAA8B,CAAC,CAAC;YACvC,IAAA,cAAM,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACjC,IAAA,cAAM,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;SAClC;QACD,OAAO,iBAAiB,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;KACxC;IAAC,OAAO,KAAU,EAAE;QACnB,MAAM,wCAAwC,KAAK,GAAG,CAAC;KACxD;AACH,CAAC,CAAA,CAAC;AAEK,MAAM,OAAO,GAAG,CACrB,cAAsB,EACtB,UAA+B,EAAE,EACjC,EAAE;IACF,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;IAC1B,IAAI,KAAK;QAAE,IAAA,cAAM,EAAC,wBAAwB,CAAC,CAAC;IAE5C,qEAAqE;IACrE,kDAAkD;IAClD,MAAM,aAAa,CAAC,OAAO,CAAC,CAAC;IAE7B,MAAM,YAAY,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;IAE5C,MAAM,iBAAiB,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;IAEjD,OAAO,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC7C,CAAC,CAAA,CAAC;AAhBW,QAAA,OAAO,WAgBlB"}
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/plugins/azure/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,+CAA6C;AAC7C,qCAAkC;AAGlC,MAAM,gBAAgB,GAAiB;IACrC;QACE,OAAO,EACL,6FAA6F;QAC/F,OAAO,EAAE,gDAAgD;KAC1D;CACF,CAAC;AAEF,MAAM,qBAAqB,GAAiB;IAC1C;QACE,OAAO,EAAE,+DAA+D;QACxE,OAAO,EAAE,gEAAgE;KAC1E;CACF,CAAC;AAEF,MAAM,sBAAsB,GAAG,CAC7B,KAAU,EACV,gBAA8B,EAC9B,OAA4B,EAC5B,EAAE;IACF,IAAI,OAAO,CAAC,KAAK,EAAE;QACjB,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;KACf;IACD,KAAK,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,gBAAgB,EAAE;QACnD,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YAC9B,MAAM,OAAO,CAAC;SACf;KACF;IACD,MAAM,KAAK,CAAC;AACd,CAAC,CAAC;AAEK,MAAM,cAAc,GAAG,GAAG,EAAE,CAAC,CAAC;IACnC,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,OAAO,CAAC;CAChB,CAAC,CAAC;AAHU,QAAA,cAAc,kBAGxB;AAEI,MAAM,eAAe,GAAG,GAAG,EAAE,CAAC,CAAC;IACpC,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,QAAQ,CAAC;CACjB,CAAC,CAAC;AAHU,QAAA,eAAe,mBAGzB;AAEI,MAAM,mBAAmB,GAAG,CAAC,cAAsB,EAAE,EAAE,CAAC,CAAC;IAC9D,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,cAAc,CAAC;CAC3D,CAAC,CAAC;AAHU,QAAA,mBAAmB,uBAG7B;AAEI,MAAM,8BAA8B,GAAG,GAAG,EAAE,CAAC,CAAC;IACnD,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,KAAK,CAAC;CAC/D,CAAC,CAAC;AAHU,QAAA,8BAA8B,kCAGxC;AAEH,MAAM,aAAa,GAAG,CAAO,EAAE,KAAK,EAAuB,EAAE,EAAE;IAC7D,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,IAAA,uBAAe,GAAE,CAAC;QACvE,MAAM,YAAY,GAAG,MAAM,IAAA,WAAI,EAAC,WAAW,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAE5E,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAC5B,IAAA,cAAM,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC;SAC7B;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,EAAE;YACT,iDAAiD;YACjD,IAAA,cAAM,EAAC,oBAAoB,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;SAC5C;KACF;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,YAAY,GAAG,CACnB,cAAsB,EACtB,EAAE,KAAK,EAAuB,EAC9B,EAAE;IACF,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAA,sBAAc,GAAE,CAAC;QACpE,MAAM,WAAW,GAAG,MAAM,IAAA,WAAI,EAAC,UAAU,EAAE,WAAW,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEzE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YAC3B,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YAC3B,IAAA,cAAM,EAAC,wCAAwC,cAAc,KAAK,CAAC,CAAC;SACrE;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,MAAM,sBAAsB,CAAC,KAAK,EAAE,gBAAgB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;KAClE;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,cAAsB,EACtB,EAAE,KAAK,EAAuB,EAC9B,EAAE;IACF,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,gBAAgB,EAAE,GACxD,IAAA,2BAAmB,EAAC,cAAc,CAAC,CAAC;QACtC,MAAM,gBAAgB,GAAG,MAAM,IAAA,WAAI,EAAC,eAAe,EAAE,gBAAgB,EAAE;YACrE,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QAEH,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAChC,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;SACjC;KACF;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,sBAAsB,CAAC,KAAK,EAAE,qBAAqB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;KACvE;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,oBAAoB,GAAG,CAAO,EAAE,KAAK,EAAuB,EAAE,EAAE;IACpE,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAA,sCAA8B,GAAE,CAAC;QAC3D,MAAM,iBAAiB,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACrE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,8BAA8B,CAAC,CAAC;YACvC,IAAA,cAAM,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACjC,IAAA,cAAM,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;SAClC;QACD,OAAO,iBAAiB,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;KACxC;IAAC,OAAO,KAAU,EAAE;QACnB,MAAM,wCAAwC,KAAK,GAAG,CAAC;KACxD;AACH,CAAC,CAAA,CAAC;AAEK,MAAM,OAAO,GAAG,CACrB,cAAsB,EACtB,UAA+B,EAAE,EACjC,EAAE;IACF,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;IAC1B,IAAI,KAAK;QAAE,IAAA,cAAM,EAAC,wBAAwB,CAAC,CAAC;IAE5C,qEAAqE;IACrE,kDAAkD;IAClD,MAAM,aAAa,CAAC,OAAO,CAAC,CAAC;IAE7B,MAAM,YAAY,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;IAE5C,MAAM,iBAAiB,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;IAEjD,OAAO,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC7C,CAAC,CAAA,CAAC;AAhBW,QAAA,OAAO,WAgBlB"}
package/dist/plugins/google/login.js CHANGED
@@ -35,7 +35,7 @@ const GOOGLE_OIDC_REDIRECT_PORT = 52700;
35
35
  const GOOGLE_OIDC_REDIRECT_URL = `http://127.0.0.1:${GOOGLE_OIDC_REDIRECT_PORT}`;
36
36
  const PKCE_LENGTH = 128;
37
37
  const requestAuth = () => __awaiter(void 0, void 0, void 0, function* () {
38
- const tenantConfig = (0, config_1.getTenantConfig)();
38
+ const tenantConfig = (0, config_1.getGoogleTenantConfig)();
39
39
  const pkceChallenge = (yield import("pkce-challenge")).default;
40
40
  const pkce = yield pkceChallenge(PKCE_LENGTH);
41
41
  const authBody = {
@@ -55,10 +55,10 @@ ${url}`);
55
55
  return pkce;
56
56
  });
57
57
  const requestToken = (code, pkce) => __awaiter(void 0, void 0, void 0, function* () {
58
- const tenantConfig = (0, config_1.getTenantConfig)();
58
+ const tenantConfig = (0, config_1.getGoogleTenantConfig)();
59
59
  const body = {
60
60
  client_id: tenantConfig.google.clientId,
61
- client_secret: tenantConfig.google.clientSecret,
61
+ client_secret: tenantConfig.google.publicClientSecretForPkce,
62
62
  code,
63
63
  code_verifier: pkce.code_verifier,
64
64
  grant_type: "authorization_code",
package/dist/plugins/google/login.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/plugins/google/login.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,qDAA8D;AAC9D,8CAAiE;AACjE,iDAAuD;AACvD,+CAA6C;AAE7C,gDAAwB;AAOxB,MAAM,eAAe,GAAG,8CAA8C,CAAC;AACvE,MAAM,wBAAwB,GAAG,qCAAqC,CAAC;AACvE,MAAM,yBAAyB,GAAG,KAAK,CAAC;AACxC,MAAM,wBAAwB,GAAG,oBAAoB,yBAAyB,EAAE,CAAC;AACjF,MAAM,WAAW,GAAG,GAAG,CAAC;AAExB,MAAM,WAAW,GAAG,GAAS,EAAE;IAC7B,MAAM,YAAY,GAAG,IAAA,wBAAe,GAAE,CAAC;IACvC,MAAM,aAAa,GAAG,CAAC,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,OAAc,CAAC;IACtE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,WAAW,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAqB;QACjC,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,QAAQ;QACvC,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,qBAAqB,EAAE,MAAM;QAC7B,YAAY,EAAE,wBAAwB;QACtC,aAAa,EAAE,MAAM;QACrB,KAAK,EAAE,QAAQ;KAChB,CAAC;IACF,MAAM,GAAG,GAAG,GAAG,eAAe,IAAI,IAAA,iBAAS,EAAC,QAAQ,CAAC,EAAE,CAAC;IACxD,IAAA,cAAI,EAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;QACnB,IAAA,cAAM,EAAC;;EAET,GAAG,EAAE,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IACH,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEF,MAAM,YAAY,GAAG,CACnB,IAAY,EACZ,IAAuD,EACvD,EAAE;IACF,MAAM,YAAY,GAAG,IAAA,wBAAe,GAAE,CAAC;IACvC,MAAM,IAAI,GAAG;QACX,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,QAAQ;QACvC,aAAa,EAAE,YAAY,CAAC,MAAM,CAAC,YAAY;QAC/C,IAAI;QACJ,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,UAAU,EAAE,oBAAoB;QAChC,YAAY,EAAE,wBAAwB;KACvC,CAAC;IACF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,wBAAwB,EAAE;QACrD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,mBAAY;QACrB,IAAI,EAAE,IAAA,iBAAS,EAAC,IAAI,CAAC;KACtB,CAAC,CAAC;IACH,MAAM,KAAK,GAAG,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;IAC/C,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,EAAE,CAAkB,CAAC;AAC/C,CAAC,CAAA,CAAC;AAEK,MAAM,WAAW,GAAG,GAAS,EAAE;IACpC,OAAO,MAAM,IAAA,2BAAkB,EAC7B,GAAS,EAAE,kDAAC,OAAA,MAAM,WAAW,EAAE,CAAA,GAAA,EAC/B,CAAO,IAAI,EAAE,KAAK,EAAE,EAAE,kDAAC,OAAA,MAAM,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA,GAAA,EAC3D,EAAE,IAAI,EAAE,yBAAyB,EAAE,CACpC,CAAC;AACJ,CAAC,CAAA,CAAC;AANW,QAAA,WAAW,eAMtB"}
1
+ {"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/plugins/google/login.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,qDAA8D;AAC9D,8CAAiE;AACjE,iDAA6D;AAC7D,+CAA6C;AAE7C,gDAAwB;AAOxB,MAAM,eAAe,GAAG,8CAA8C,CAAC;AACvE,MAAM,wBAAwB,GAAG,qCAAqC,CAAC;AACvE,MAAM,yBAAyB,GAAG,KAAK,CAAC;AACxC,MAAM,wBAAwB,GAAG,oBAAoB,yBAAyB,EAAE,CAAC;AACjF,MAAM,WAAW,GAAG,GAAG,CAAC;AAExB,MAAM,WAAW,GAAG,GAAS,EAAE;IAC7B,MAAM,YAAY,GAAG,IAAA,8BAAqB,GAAE,CAAC;IAC7C,MAAM,aAAa,GAAG,CAAC,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,OAAc,CAAC;IACtE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,WAAW,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAqB;QACjC,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,QAAQ;QACvC,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,qBAAqB,EAAE,MAAM;QAC7B,YAAY,EAAE,wBAAwB;QACtC,aAAa,EAAE,MAAM;QACrB,KAAK,EAAE,QAAQ;KAChB,CAAC;IACF,MAAM,GAAG,GAAG,GAAG,eAAe,IAAI,IAAA,iBAAS,EAAC,QAAQ,CAAC,EAAE,CAAC;IACxD,IAAA,cAAI,EAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;QACnB,IAAA,cAAM,EAAC;;EAET,GAAG,EAAE,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IACH,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEF,MAAM,YAAY,GAAG,CACnB,IAAY,EACZ,IAAuD,EACvD,EAAE;IACF,MAAM,YAAY,GAAG,IAAA,8BAAqB,GAAE,CAAC;IAC7C,MAAM,IAAI,GAAG;QACX,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,QAAQ;QACvC,aAAa,EAAE,YAAY,CAAC,MAAM,CAAC,yBAAyB;QAC5D,IAAI;QACJ,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,UAAU,EAAE,oBAAoB;QAChC,YAAY,EAAE,wBAAwB;KACvC,CAAC;IACF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,wBAAwB,EAAE;QACrD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,mBAAY;QACrB,IAAI,EAAE,IAAA,iBAAS,EAAC,IAAI,CAAC;KACtB,CAAC,CAAC;IACH,MAAM,KAAK,GAAG,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;IAC/C,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,EAAE,CAAkB,CAAC;AAC/C,CAAC,CAAA,CAAC;AAEK,MAAM,WAAW,GAAG,GAAS,EAAE;IACpC,OAAO,MAAM,IAAA,2BAAkB,EAC7B,GAAS,EAAE,kDAAC,OAAA,MAAM,WAAW,EAAE,CAAA,GAAA,EAC/B,CAAO,IAAI,EAAE,KAAK,EAAE,EAAE,kDAAC,OAAA,MAAM,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA,GAAA,EAC3D,EAAE,IAAI,EAAE,yBAAyB,EAAE,CACpC,CAAC;AACJ,CAAC,CAAA,CAAC;AANW,QAAA,WAAW,eAMtB"}
package/dist/types/org.d.ts CHANGED
@@ -8,8 +8,25 @@ This file is part of @p0security/cli
8
8
 
9
9
  You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
10
10
  **/
11
- import { bootstrapConfig } from "../drivers/env";
12
- export type Config = typeof bootstrapConfig;
11
+ type ApplicationConfig = {
12
+ fs: {
13
+ apiKey: string;
14
+ authDomain: string;
15
+ projectId: string;
16
+ storageBucket: string;
17
+ messagingSenderId: string;
18
+ appId: string;
19
+ };
20
+ appUrl: string;
21
+ environment: string;
22
+ };
23
+ export type GoogleApplicationConfig = ApplicationConfig & {
24
+ google: {
25
+ clientId: string;
26
+ publicClientSecretForPkce: string;
27
+ };
28
+ };
29
+ export type Config = ApplicationConfig | GoogleApplicationConfig;
13
30
  type BaseOrgData = {
14
31
  clientId: string;
15
32
  providerId: string;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@p0security/cli",
3
- "version": "0.13.3",
3
+ "version": "0.13.4",
4
4
  "description": "Execute infra CLI commands with P0 grants",
5
5
  "main": "index.ts",
6
6
  "repository": {