@p0security/cli 0.13.5 → 0.13.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/dist/commands/__tests__/login.test.js +3 -1
- package/dist/commands/__tests__/login.test.js.map +1 -1
- package/dist/commands/__tests__/ssh.test.js.map +1 -1
- package/dist/commands/index.js +4 -0
- package/dist/commands/index.js.map +1 -1
- package/dist/commands/login.d.ts +5 -3
- package/dist/commands/login.js +32 -57
- package/dist/commands/login.js.map +1 -1
- package/dist/commands/shared/request.d.ts +1 -1
- package/dist/commands/shared/request.js +4 -4
- package/dist/commands/shared/request.js.map +1 -1
- package/dist/commands/shared/ssh.d.ts +15 -2
- package/dist/commands/shared/ssh.js +13 -12
- package/dist/commands/shared/ssh.js.map +1 -1
- package/dist/commands/ssh-proxy.d.ts +3 -0
- package/dist/commands/ssh-proxy.js +124 -0
- package/dist/commands/ssh-proxy.js.map +1 -0
- package/dist/commands/ssh-resolve.d.ts +3 -0
- package/dist/commands/ssh-resolve.js +118 -0
- package/dist/commands/ssh-resolve.js.map +1 -0
- package/dist/drivers/api.d.ts +4 -0
- package/dist/drivers/api.js +9 -1
- package/dist/drivers/api.js.map +1 -1
- package/dist/drivers/{__mocks__/auth.js → auth/__mocks__/index.js} +1 -1
- package/dist/drivers/auth/__mocks__/index.js.map +1 -0
- package/dist/drivers/auth/index.d.ts +11 -0
- package/dist/drivers/{auth.js → auth/index.js} +52 -11
- package/dist/drivers/auth/index.js.map +1 -0
- package/dist/drivers/auth/path.d.ts +2 -0
- package/dist/drivers/auth/path.js +47 -0
- package/dist/drivers/auth/path.js.map +1 -0
- package/dist/drivers/config.d.ts +0 -1
- package/dist/drivers/config.js +10 -6
- package/dist/drivers/config.js.map +1 -1
- package/dist/drivers/env.d.ts +1 -0
- package/dist/drivers/env.js +3 -2
- package/dist/drivers/env.js.map +1 -1
- package/dist/plugins/aws/ssh.d.ts +0 -10
- package/dist/plugins/aws/ssh.js +32 -4
- package/dist/plugins/aws/ssh.js.map +1 -1
- package/dist/plugins/aws/types.d.ts +1 -0
- package/dist/plugins/azure/auth.d.ts +14 -3
- package/dist/plugins/azure/auth.js +72 -46
- package/dist/plugins/azure/auth.js.map +1 -1
- package/dist/plugins/azure/ssh.js +28 -12
- package/dist/plugins/azure/ssh.js.map +1 -1
- package/dist/plugins/azure/tunnel.d.ts +3 -4
- package/dist/plugins/azure/tunnel.js +16 -5
- package/dist/plugins/azure/tunnel.js.map +1 -1
- package/dist/plugins/azure/types.d.ts +2 -4
- package/dist/plugins/google/ssh.js +9 -3
- package/dist/plugins/google/ssh.js.map +1 -1
- package/dist/plugins/okta/aws.js +1 -1
- package/dist/plugins/okta/aws.js.map +1 -1
- package/dist/plugins/ssh/index.d.ts +17 -1
- package/dist/plugins/ssh/index.js +58 -10
- package/dist/plugins/ssh/index.js.map +1 -1
- package/dist/public/p0.jpg +0 -0
- package/dist/types/ssh.d.ts +17 -4
- package/dist/util.d.ts +1 -0
- package/dist/util.js +10 -1
- package/dist/util.js.map +1 -1
- package/package.json +1 -1
- package/dist/drivers/__mocks__/auth.js.map +0 -1
- package/dist/drivers/auth.d.ts +0 -9
- package/dist/drivers/auth.js.map +0 -1
- /package/dist/drivers/{__mocks__/auth.d.ts → auth/__mocks__/index.d.ts} +0 -0
package/README.md
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
<div align="center">
|
|
2
2
|
<a href="https://github.com/p0-security/p0cli">
|
|
3
|
-
<img width="200" height="200" src="
|
|
3
|
+
<img width="200" height="200" src="./public/p0.jpg" alt="P0 Security logo">
|
|
4
4
|
</a>
|
|
5
5
|
</div>
|
|
6
6
|
|
|
7
7
|
# P0 Security CLI
|
|
8
8
|
|
|
9
|
-
The
|
|
9
|
+
The official Command-Line Interface (CLI) for P0.
|
|
10
10
|
|
|
11
11
|
Supports creating access requests for cloud resources, assuming AWS roles, and connecting to AWS instances.
|
|
12
12
|
|
|
@@ -27,7 +27,9 @@ const auth_1 = require("firebase/auth");
|
|
|
27
27
|
const promises_1 = require("fs/promises");
|
|
28
28
|
jest.spyOn(Date, "now").mockReturnValue(1.6e12);
|
|
29
29
|
jest.mock("fs/promises");
|
|
30
|
-
jest.mock("../../drivers/auth", () => (
|
|
30
|
+
jest.mock("../../drivers/auth/path", () => ({
|
|
31
|
+
getIdentityFilePath: jest.fn(() => "/dummy/identity/file/path"),
|
|
32
|
+
}));
|
|
31
33
|
jest.mock("../../drivers/config", () => (Object.assign(Object.assign({}, jest.requireActual("../../drivers/config")), { saveConfig: jest.fn(), loadConfig: jest.fn(() => env_1.bootstrapConfig) })));
|
|
32
34
|
jest.mock("../../drivers/stdio");
|
|
33
35
|
jest.mock("../../plugins/login");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.test.js","sourceRoot":"","sources":["../../../src/commands/__tests__/login.test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAAoD;AACpD,+CAAqD;AACrD,uDAAqD;AACrD,oCAAiC;AACjC,wCAAqD;AACrD,0CAAkD;AAElD,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;AAChD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;AACzB,IAAI,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"login.test.js","sourceRoot":"","sources":["../../../src/commands/__tests__/login.test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAAoD;AACpD,+CAAqD;AACrD,uDAAqD;AACrD,oCAAiC;AACjC,wCAAqD;AACrD,0CAAkD;AAElD,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;AAChD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;AACzB,IAAI,CAAC,IAAI,CAAC,yBAAyB,EAAE,GAAG,EAAE,CAAC,CAAC;IAC1C,mBAAmB,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,2BAA2B,CAAC;CAChE,CAAC,CAAC,CAAC;AACJ,IAAI,CAAC,IAAI,CAAC,sBAAsB,EAAE,GAAG,EAAE,CAAC,iCACnC,IAAI,CAAC,aAAa,CAAC,sBAAsB,CAAC,KAC7C,UAAU,EAAE,IAAI,CAAC,EAAE,EAAE,EACrB,UAAU,EAAE,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,qBAAe,CAAC,IAC1C,CAAC,CAAC;AACJ,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;AACjC,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;AAEjC,MAAM,wBAAwB,GAAG,2BAAiC,CAAC;AACnE,MAAM,YAAY,GAAG,mBAAqB,CAAC;AAC3C,MAAM,aAAa,GAAG,oBAAsB,CAAC;AAE7C,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE;IACrB,EAAE,CAAC,iDAAiD,EAAE,GAAS,EAAE;QAC/D,IAAA,sBAAU,EAAC,SAAS,CAAC,CAAC;QACtB,MAAM,MAAM,CAAC,IAAA,aAAK,EAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,qBAAqB,CACpE,+BAA+B,CAChC,CAAC;IACJ,CAAC,CAAA,CAAC,CAAC;IAEH,EAAE,CAAC,oDAAoD,EAAE,GAAS,EAAE;QAClE,IAAA,sBAAU,EAAC;YACT,IAAI,EAAE,UAAU;YAChB,QAAQ,EAAE,aAAa;YACvB,WAAW,EAAE,WAAW;SACzB,CAAC,CAAC;QACH,MAAM,MAAM,CAAC,IAAA,aAAK,EAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,qBAAqB,CACpE,2CAA2C,CAC5C,CAAC;IACJ,CAAC,CAAA,CAAC,CAAC;IAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;QACnC,IAAI,cAAc,GAAW,EAAE,CAAC;QAEhC,UAAU,CAAC,GAAG,EAAE;YACd,cAAc,GAAG,EAAE,CAAC;YACpB,IAAI,CAAC,aAAa,EAAE,CAAC;YAErB,YAAY,CAAC,kBAAkB,CAAC,GAAS,EAAE,kDACzC,OAAA,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE,OAAO,CAAC,CAAA,GAAA,CACrC,CAAC;YACF,aAAa,CAAC,kBAAkB,CAAC,CAAO,KAAK,EAAE,IAAI,EAAE,EAAE;gBACrD,cAAc,GAAG,IAAI,CAAC;YACxB,CAAC,CAAA,CAAC,CAAC;YACH,wBAAwB,CAAC,kBAAkB,CACzC,CAAO,KAAK,EAAE,mBAAmB,EAAE,EAAE;gBACnC,OAAA,OAAO,CAAC,OAAO,CAAC;oBACd,IAAI,EAAE;wBACJ,KAAK,EAAE,aAAa;qBACrB;iBACF,CAAC,CAAA;cAAA,CACL,CAAC;YAEF,IAAA,sBAAU,EAAC;gBACT,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,QAAQ;aACtB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAS,EAAE;YACzD,MAAM,IAAA,aAAK,EAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC;YACjC,MAAM,CAAC,sBAAc,CAAC,MAAM,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACnD,CAAC,CAAA,CAAC,CAAC;QAEH,EAAE,CAAC,8DAA8D,EAAE,GAAS,EAAE;YAC5E,MAAM,IAAA,aAAK,EAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC;YACjC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,eAAe,EAAE,CAAC;QACrD,CAAC,CAAA,CAAC,CAAC;QAEH,EAAE,CAAC,0BAA0B,EAAE,GAAS,EAAE;YACxC,MAAM,IAAA,aAAK,EAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC;YACjC,MAAM,CAAE,2BAAkC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,eAAe,EAAE,CAAC;QAC3E,CAAC,CAAA,CAAC,CAAC;QAEH,EAAE,CAAC,wEAAwE,EAAE,GAAS,EAAE;YACtF,wBAAwB,CAAC,qBAAqB,CAAC;gBAC7C,IAAI,EAAE,EAAE;aACT,CAAC,CAAC;YACH,MAAM,MAAM,CAAC,IAAA,aAAK,EAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,qBAAqB,CAAC;;;CAG5E,CAAC,CAAC;QACC,CAAC,CAAA,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;QAC5C,UAAU,CAAC,GAAG,EAAE;YACd,IAAI,CAAC,aAAa,EAAE,CAAC;YAErB,6CAA6C;YAC7C,YAAY,CAAC,kBAAkB,CAAC,GAAG,EAAE;gBACnC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;gBACzC,KAAa,CAAC,IAAI,GAAG,QAAQ,CAAC;gBAC/B,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC/B,CAAC,CAAC,CAAC;YAEH,IAAA,sBAAU,EAAC;gBACT,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,QAAQ;aACtB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,GAAS,EAAE;YAC5C,MAAM,MAAM,CAAC,IAAA,aAAK,EAAC,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,qBAAqB,CACpE,6DAA6D,CAC9D,CAAC;QACJ,CAAC,CAAA,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ssh.test.js","sourceRoot":"","sources":["../../../src/commands/__tests__/ssh.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,sDAA8D;AAC9D,2CAAiD;AACjD,+CAAqD;AAErD,2CAA6C;AAC7C,uDAAqD;AACrD,qCAAmC;AACnC,gCAAoC;AACpC,kDAAgD;AAChD,mCAAoC;AACpC,kDAA0B;AAE1B,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;AAC/B,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;AAChC,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;AACjC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;AAC/B,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;AAE/B,MAAM,gBAAgB,GAAG,kBAAyB,CAAC;AACnD,MAAM,YAAY,GAAG,cAAqB,CAAC;AAC3C,MAAM,UAAU,GAAG,cAAmB,CAAC;AACvC,MAAM,UAAU,GAAG,cAAmB,CAAC;AAEvC,MAAM,eAAe,GAAqB;IACxC,QAAQ,EAAE,KAAK;IACf,SAAS,EAAE,sBAAe;IAC1B,MAAM,EAAE,QAAQ;IAChB,KAAK,EAAE,OAAO;IACd,QAAQ,EAAE;QACR,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE,WAAW;QACtB,GAAG,EAAE,KAAK;QACV,SAAS,EAAE,WAAW;QACtB,KAAK,EAAE,OAAO;QACd,IAAI,EAAE,MAAM;QACZ,QAAQ,EAAE,UAAU;QACpB,UAAU,EAAE,YAAY;KACzB;CACF,CAAC;AAEF,MAAM,cAAc,
|
|
1
|
+
{"version":3,"file":"ssh.test.js","sourceRoot":"","sources":["../../../src/commands/__tests__/ssh.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,sDAA8D;AAC9D,2CAAiD;AACjD,+CAAqD;AAErD,2CAA6C;AAC7C,uDAAqD;AACrD,qCAAmC;AACnC,gCAAoC;AACpC,kDAAgD;AAChD,mCAAoC;AACpC,kDAA0B;AAE1B,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;AAC/B,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;AAChC,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;AACjC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;AAC/B,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;AAE/B,MAAM,gBAAgB,GAAG,kBAAyB,CAAC;AACnD,MAAM,YAAY,GAAG,cAAqB,CAAC;AAC3C,MAAM,UAAU,GAAG,cAAmB,CAAC;AACvC,MAAM,UAAU,GAAG,cAAmB,CAAC;AAEvC,MAAM,eAAe,GAAqB;IACxC,QAAQ,EAAE,KAAK;IACf,SAAS,EAAE,sBAAe;IAC1B,MAAM,EAAE,QAAQ;IAChB,KAAK,EAAE,OAAO;IACd,QAAQ,EAAE;QACR,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE,WAAW;QACtB,GAAG,EAAE,KAAK;QACV,SAAS,EAAE,WAAW;QACtB,KAAK,EAAE,OAAO;QACd,IAAI,EAAE,MAAM;QACZ,QAAQ,EAAE,UAAU;QACpB,UAAU,EAAE,YAAY;KACzB;CACF,CAAC;AAEF,MAAM,cAAc,GAAG;IACrB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM;KACb;IACD,aAAa,EAAE,eAAe;CACZ,CAAC;AAErB,MAAM,YAAY,GAAG;IACnB,MAAM,EAAE,MAAM;IACd,SAAS,EAAE,cAAc;IACzB,UAAU,EAAE,eAAe;CAC5B,CAAC;AAEF,IAAA,sBAAU,EAAC;IACT,WAAW,EAAE;QACX,CAAC,kBAAkB,CAAC,EAAE;YACpB,KAAK,EAAE,WAAW;SACnB;KACF;CACF,CAAC,CAAC;AAEH,QAAQ,CAAC,KAAK,EAAE,GAAG,EAAE;IACnB,QAAQ,CAAC,IAAI,CAAC;QACZ,CAAC,YAAY,EAAE,IAAI,CAAC;QACpB,CAAC,WAAW,EAAE,KAAK,CAAC;KACrB,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,YAAY,EAAE,EAAE;QAClC,UAAU,CAAC,GAAG,EAAE;YACd,IAAI,CAAC,aAAa,EAAE,CAAC;YACrB,gBAAgB,CAAC,iBAAiB,CAAC;gBACjC,EAAE,EAAE,IAAI;gBACR,OAAO,EAAE,WAAW;gBACpB,EAAE,EAAE,QAAQ;gBACZ,aAAa,EAAE,KAAK;gBACpB,YAAY;gBACZ,KAAK,EAAE;oBACL,UAAU,EAAE;wBACV,IAAI,EAAE,SAAS;wBACf,IAAI,EAAE;4BACJ,QAAQ,EAAE;gCACR,GAAG,EAAE,iEAAiE;6BACvE;yBACF;qBACF;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wCAAwC,EAAE,GAAS,EAAE;YACtD,KAAK,IAAA,gBAAU,EAAC,IAAA,eAAK,GAAE,CAAC;iBACrB,IAAI,CAAC,aAAI,CAAC;iBACV,KAAK,CAAC,kDAAkD,CAAC,CAAC;YAC7D,MAAM,IAAA,YAAK,EAAC,GAAG,CAAC,CAAC;YACjB,MAAM,yBAAyB,GAAG,IAAA,aAAI,EACpC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EACjC,IAAI,CACL,CAAC;YACF,MAAM,CAAC,yBAAyB,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QAC5D,CAAC,CAAA,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,GAAS,EAAE;YAC5C,MAAM,OAAO,GAAG,IAAA,gBAAU,EAAC,IAAA,eAAK,GAAE,CAAC,CAAC,IAAI,CAAC,aAAI,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC1E,MAAM,IAAI,GAAG,IAAA,YAAK,EAAC,GAAG,CAAC,CAAC;YACxB,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;YACpC,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;QAC9C,CAAC,CAAA,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,GAAS,EAAE;YAC5C,MAAM,OAAO,GAAG,IAAA,gBAAU,EAAC,IAAA,eAAK,GAAE,CAAC,CAAC,IAAI,CAAC,aAAI,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC1E,MAAM,IAAA,YAAK,EAAC,GAAG,CAAC,CAAC,CAAC,kDAAkD;YACnE,sBAAkB,CAAC,OAAO,CAAC;gBAC1B,MAAM,EAAE,UAAU;aACnB,CAAC,CAAC;YACH,MAAM,IAAI,GAAG,IAAA,YAAK,EAAC,GAAG,CAAC,CAAC;YACxB,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;YACpC,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;QAC9C,CAAC,CAAA,CAAC,CAAC;QAEH,EAAE,CAAC,mDAAmD,EAAE,GAAS,EAAE;YACjE,MAAM,OAAO,GAAG,IAAA,gBAAU,EAAC,IAAA,eAAK,GAAE,CAAC;iBAChC,IAAI,CAAC,aAAI,CAAC;iBACV,KAAK,CAAC,gCAAgC,CAAC,CAAC;YAC3C,MAAM,IAAA,YAAK,EAAC,GAAG,CAAC,CAAC,CAAC,kDAAkD;YACnE,sBAAkB,CAAC,OAAO,CAAC;gBAC1B,MAAM,EAAE,UAAU;aACnB,CAAC,CAAC;YACH,MAAM,IAAA,YAAK,EAAC,GAAG,CAAC,CAAC,CAAC,kDAAkD;YACnE,sBAAkB,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;YAC1C,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;YAC7C,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YACxD,MAAM,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;YAC1C,MAAM,CAAC,YAAY,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC1C,CAAC,CAAA,CAAC,CAAC;QAEH,EAAE,CAAC,+CAA+C,EAAE,GAAS,EAAE;YAC7D,MAAM,OAAO,GAAG,IAAA,gBAAU,EAAC,IAAA,eAAK,GAAE,CAAC,CAAC,IAAI,CAAC,aAAI,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC1E,MAAM,IAAA,YAAK,EAAC,GAAG,CAAC,CAAC,CAAC,kDAAkD;YACnE,sBAAkB,CAAC,OAAO,CAAC;gBAC1B,MAAM,EAAE,UAAU;aACnB,CAAC,CAAC;YACH,MAAM,IAAA,YAAK,EAAC,GAAG,CAAC,CAAC,CAAC,kDAAkD;YACnE,sBAAkB,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;YAC1C,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;YAC7C,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YACxD,MAAM,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;YAC1C,MAAM,CAAC,YAAY,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC1C,CAAC,CAAA,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/commands/index.js
CHANGED
|
@@ -26,6 +26,8 @@ const request_1 = require("./request");
|
|
|
26
26
|
const scp_1 = require("./scp");
|
|
27
27
|
const ssh_1 = require("./ssh");
|
|
28
28
|
const ssh_keygen_1 = require("./ssh-keygen");
|
|
29
|
+
const ssh_proxy_1 = require("./ssh-proxy");
|
|
30
|
+
const ssh_resolve_1 = require("./ssh-resolve");
|
|
29
31
|
const typescript_1 = require("typescript");
|
|
30
32
|
const yargs_1 = __importDefault(require("yargs"));
|
|
31
33
|
const helpers_1 = require("yargs/helpers");
|
|
@@ -37,6 +39,8 @@ const commands = [
|
|
|
37
39
|
request_1.requestCommand,
|
|
38
40
|
allow_1.allowCommand,
|
|
39
41
|
ssh_1.sshCommand,
|
|
42
|
+
ssh_proxy_1.sshProxyCommand,
|
|
43
|
+
ssh_resolve_1.sshResolveCommand,
|
|
40
44
|
scp_1.scpCommand,
|
|
41
45
|
ssh_keygen_1.sshKeyGenCommand,
|
|
42
46
|
kubeconfig_1.kubeconfigCommand,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/commands/index.ts"],"names":[],"mappings":";;;;;;AAAA;;;;;;;;;GASG;AACH,4CAA0C;AAC1C,oDAAsD;AACtD,mCAAuC;AACvC,+BAAmC;AACnC,mCAAuC;AACvC,6CAAiD;AACjD,mCAAuC;AACvC,6BAAiC;AACjC,uCAA2C;AAC3C,+BAAmC;AACnC,+BAAmC;AACnC,6CAAgD;AAChD,2CAAiC;AACjC,kDAA0B;AAC1B,2CAAwC;AAExC,MAAM,QAAQ,GAAG;IACf,gBAAU;IACV,oBAAY;IACZ,oBAAY;IACZ,cAAS;IACT,wBAAc;IACd,oBAAY;IACZ,gBAAU;IACV,gBAAU;IACV,6BAAgB;IAChB,8BAAiB;CAClB,CAAC;AAEW,QAAA,GAAG,GAAG,QAAQ;KACxB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAA,eAAK,EAAC,IAAA,iBAAO,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;KACpD,UAAU,CAAC,sBAAY,CAAC;KACxB,MAAM,EAAE;KACR,aAAa,CAAC,CAAC,CAAC;KAChB,IAAI,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;IAC9B,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;KACf;SAAM;QACL,IAAA,cAAM,EAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QACrB,IAAA,cAAM,EAAC,KAAK,OAAO,EAAE,CAAC,CAAC;KACxB;IACD,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACd,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/commands/index.ts"],"names":[],"mappings":";;;;;;AAAA;;;;;;;;;GASG;AACH,4CAA0C;AAC1C,oDAAsD;AACtD,mCAAuC;AACvC,+BAAmC;AACnC,mCAAuC;AACvC,6CAAiD;AACjD,mCAAuC;AACvC,6BAAiC;AACjC,uCAA2C;AAC3C,+BAAmC;AACnC,+BAAmC;AACnC,6CAAgD;AAChD,2CAA8C;AAC9C,+CAAkD;AAClD,2CAAiC;AACjC,kDAA0B;AAC1B,2CAAwC;AAExC,MAAM,QAAQ,GAAG;IACf,gBAAU;IACV,oBAAY;IACZ,oBAAY;IACZ,cAAS;IACT,wBAAc;IACd,oBAAY;IACZ,gBAAU;IACV,2BAAe;IACf,+BAAiB;IACjB,gBAAU;IACV,6BAAgB;IAChB,8BAAiB;CAClB,CAAC;AAEW,QAAA,GAAG,GAAG,QAAQ;KACxB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAA,eAAK,EAAC,IAAA,iBAAO,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;KACpD,UAAU,CAAC,sBAAY,CAAC;KACxB,MAAM,EAAE;KACR,aAAa,CAAC,CAAC,CAAC;KAChB,IAAI,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;IAC9B,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;KACf;SAAM;QACL,IAAA,cAAM,EAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QACrB,IAAA,cAAM,EAAC,KAAK,OAAO,EAAE,CAAC,CAAC;KACxB;IACD,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACd,CAAC,CAAC,CAAC"}
|
package/dist/commands/login.d.ts
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
import yargs from "yargs";
|
|
2
|
-
/** Logs in the user
|
|
2
|
+
/** Logs in the user.
|
|
3
3
|
*
|
|
4
|
-
*
|
|
5
|
-
*
|
|
4
|
+
* If the P0_ORG environment variable is set, it is used as the organization name,
|
|
5
|
+
* and the identity file is written to the system temp directory.
|
|
6
|
+
*
|
|
7
|
+
* Otherwise, the identity file is written to the ~/.p0 directory.
|
|
6
8
|
*/
|
|
7
9
|
export declare const login: (args: {
|
|
8
10
|
org: string;
|
package/dist/commands/login.js
CHANGED
|
@@ -1,27 +1,4 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
-
if (mod && mod.__esModule) return mod;
|
|
20
|
-
var result = {};
|
|
21
|
-
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
-
__setModuleDefault(result, mod);
|
|
23
|
-
return result;
|
|
24
|
-
};
|
|
25
2
|
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
26
3
|
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
27
4
|
return new (P || (P = Promise))(function (resolve, reject) {
|
|
@@ -50,61 +27,59 @@ const firestore_2 = require("../drivers/firestore");
|
|
|
50
27
|
const stdio_1 = require("../drivers/stdio");
|
|
51
28
|
const login_1 = require("../plugins/login");
|
|
52
29
|
const firestore_3 = require("firebase/firestore");
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
30
|
+
/** Logs in the user.
|
|
31
|
+
*
|
|
32
|
+
* If the P0_ORG environment variable is set, it is used as the organization name,
|
|
33
|
+
* and the identity file is written to the system temp directory.
|
|
56
34
|
*
|
|
57
|
-
*
|
|
58
|
-
* with organization details, are saved to {@link IDENTITY_FILE_PATH}.
|
|
35
|
+
* Otherwise, the identity file is written to the ~/.p0 directory.
|
|
59
36
|
*/
|
|
60
37
|
const login = (args, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
61
|
-
|
|
38
|
+
const org = args.org || process.env.P0_ORG;
|
|
39
|
+
if (!org) {
|
|
40
|
+
throw new Error("The P0 organization ID is required. Please provide it as an argument or set the P0_ORG environment variable.");
|
|
41
|
+
}
|
|
42
|
+
yield (0, config_1.saveConfig)(org);
|
|
62
43
|
yield (0, firestore_1.initializeFirebase)();
|
|
63
|
-
const orgDoc = yield (0, firestore_3.getDoc)((0, firestore_2.doc)(`orgs/${
|
|
44
|
+
const orgDoc = yield (0, firestore_3.getDoc)((0, firestore_2.doc)(`orgs/${org}`));
|
|
64
45
|
const orgData = orgDoc.data();
|
|
65
46
|
if (!orgData)
|
|
66
47
|
throw "Could not find organization";
|
|
67
|
-
const orgWithSlug = Object.assign(Object.assign({}, orgData), { slug:
|
|
48
|
+
const orgWithSlug = Object.assign(Object.assign({}, orgData), { slug: org });
|
|
68
49
|
const plugin = orgWithSlug === null || orgWithSlug === void 0 ? void 0 : orgWithSlug.ssoProvider;
|
|
69
50
|
const loginFn = login_1.pluginLoginMap[plugin];
|
|
70
51
|
if (!loginFn)
|
|
71
52
|
throw "Unsupported login for your organization";
|
|
72
53
|
const tokenResponse = yield loginFn(orgWithSlug);
|
|
73
|
-
yield
|
|
74
|
-
yield writeIdentity(orgWithSlug, tokenResponse);
|
|
54
|
+
yield (0, auth_1.writeIdentity)(orgWithSlug, tokenResponse);
|
|
75
55
|
// validate auth
|
|
76
56
|
if (!(options === null || options === void 0 ? void 0 : options.skipAuthenticate)) {
|
|
77
57
|
yield (0, auth_1.authenticate)();
|
|
58
|
+
yield validateTenantAccess(orgData);
|
|
78
59
|
}
|
|
79
60
|
(0, stdio_1.print2)(`You are now logged in, and can use the p0 CLI.`);
|
|
80
61
|
});
|
|
81
62
|
exports.login = login;
|
|
82
|
-
const
|
|
83
|
-
|
|
84
|
-
(0, stdio_1.print2)(`Saving authorization to ${auth_1.IDENTITY_FILE_PATH}.`);
|
|
85
|
-
const dir = path.dirname(auth_1.IDENTITY_FILE_PATH);
|
|
86
|
-
yield fs.mkdir(dir, { recursive: true });
|
|
87
|
-
yield fs.writeFile(auth_1.IDENTITY_FILE_PATH, JSON.stringify({
|
|
88
|
-
credential: Object.assign(Object.assign({}, credential), { expires_at }),
|
|
89
|
-
org,
|
|
90
|
-
}, null, 2), {
|
|
91
|
-
mode: "600",
|
|
92
|
-
});
|
|
93
|
-
});
|
|
94
|
-
const clearIdentityCache = () => __awaiter(void 0, void 0, void 0, function* () {
|
|
95
|
-
try {
|
|
96
|
-
// check to see if the directory exists before trying to remove it
|
|
97
|
-
yield fs.access(auth_1.IDENTITY_CACHE_PATH);
|
|
98
|
-
yield fs.rm(auth_1.IDENTITY_CACHE_PATH, { recursive: true });
|
|
99
|
-
}
|
|
100
|
-
catch (_a) {
|
|
101
|
-
return;
|
|
102
|
-
}
|
|
103
|
-
});
|
|
104
|
-
const loginCommand = (yargs) => yargs.command("login <org>", "Log in to p0 using a web browser", (yargs) => yargs.positional("org", {
|
|
105
|
-
demandOption: true,
|
|
63
|
+
const loginCommand = (yargs) => yargs.command("login [org]", "Log in to p0 using a web browser", (yargs) => yargs
|
|
64
|
+
.positional("org", {
|
|
106
65
|
type: "string",
|
|
107
66
|
describe: "Your P0 organization ID",
|
|
67
|
+
})
|
|
68
|
+
.check((argv) => {
|
|
69
|
+
if (!argv.org && !process.env.P0_ORG) {
|
|
70
|
+
throw "The 'org' argument is required if the P0_ORG environment variable is not set.";
|
|
71
|
+
}
|
|
72
|
+
return true;
|
|
108
73
|
}), (0, firestore_1.fsShutdownGuard)(exports.login));
|
|
109
74
|
exports.loginCommand = loginCommand;
|
|
75
|
+
const validateTenantAccess = (org) => __awaiter(void 0, void 0, void 0, function* () {
|
|
76
|
+
try {
|
|
77
|
+
yield (0, firestore_3.getDoc)((0, firestore_2.doc)(`o/${org.tenantId}/auth/valid`));
|
|
78
|
+
return true;
|
|
79
|
+
}
|
|
80
|
+
catch (e) {
|
|
81
|
+
yield (0, auth_1.deleteIdentity)();
|
|
82
|
+
throw "Could not find organization, logging out.";
|
|
83
|
+
}
|
|
84
|
+
});
|
|
110
85
|
//# sourceMappingURL=login.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA8E;AAC9E,8CAA+C;AAC/C,oDAA2E;AAC3E,oDAA2C;AAC3C,4CAA0C;AAC1C,4CAAkD;AAElD,kDAA4C;AAG5C;;;;;;GAMG;AACI,MAAM,KAAK,GAAG,CACnB,IAAqB,EACrB,OAAwC,EACxC,EAAE;IACF,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC;IAE3C,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CACb,8GAA8G,CAC/G,CAAC;KACH;IAED,MAAM,IAAA,mBAAU,EAAC,GAAG,CAAC,CAAC;IACtB,MAAM,IAAA,8BAAkB,GAAE,CAAC;IAE3B,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAM,EAAqB,IAAA,eAAG,EAAC,QAAQ,GAAG,EAAE,CAAC,CAAC,CAAC;IACpE,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;IAE9B,IAAI,CAAC,OAAO;QAAE,MAAM,6BAA6B,CAAC;IAElD,MAAM,WAAW,mCAAiB,OAAO,KAAE,IAAI,EAAE,GAAG,GAAE,CAAC;IAEvD,MAAM,MAAM,GAAG,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,WAAW,CAAC;IACxC,MAAM,OAAO,GAAG,sBAAc,CAAC,MAAM,CAAC,CAAC;IAEvC,IAAI,CAAC,OAAO;QAAE,MAAM,yCAAyC,CAAC;IAE9D,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAC;IAEjD,MAAM,IAAA,oBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAEhD,gBAAgB;IAChB,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gBAAgB,CAAA,EAAE;QAC9B,MAAM,IAAA,mBAAY,GAAE,CAAC;QACrB,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAC;KACrC;IAED,IAAA,cAAM,EAAC,gDAAgD,CAAC,CAAC;AAC3D,CAAC,CAAA,CAAC;AAtCW,QAAA,KAAK,SAsChB;AAEK,MAAM,YAAY,GAAG,CAAC,KAAiB,EAAE,EAAE,CAChD,KAAK,CAAC,OAAO,CACX,aAAa,EACb,kCAAkC,EAClC,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,KAAK,EAAE;IACjB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,yBAAyB;CACpC,CAAC;KACD,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE;IACd,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE;QACpC,MAAM,+EAA+E,CAAC;KACvF;IACD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC,EACN,IAAA,2BAAe,EAAC,aAAK,CAAC,CACvB,CAAC;AAjBS,QAAA,YAAY,gBAiBrB;AAEJ,MAAM,oBAAoB,GAAG,CAAO,GAAe,EAAE,EAAE;IACrD,IAAI;QACF,MAAM,IAAA,kBAAM,EAAC,IAAA,eAAG,EAAC,KAAK,GAAG,CAAC,QAAQ,aAAa,CAAC,CAAC,CAAC;QAClD,OAAO,IAAI,CAAC;KACb;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAA,qBAAc,GAAE,CAAC;QACvB,MAAM,2CAA2C,CAAC;KACnD;AACH,CAAC,CAAA,CAAC"}
|
|
@@ -11,5 +11,5 @@ export declare const request: (command: "grant" | "request") => <T>(args: yargs.
|
|
|
11
11
|
wait?: boolean;
|
|
12
12
|
}>, authn?: Authn, options?: {
|
|
13
13
|
accessMessage?: string;
|
|
14
|
-
message?: "all" | "approval-required" | "none";
|
|
14
|
+
message?: "all" | "approval-required" | "none" | "quiet";
|
|
15
15
|
}) => Promise<RequestResponse<T> | undefined>;
|
|
@@ -92,10 +92,10 @@ const request = (command) => (args, authn, options) => __awaiter(void 0, void 0,
|
|
|
92
92
|
return "Requesting access";
|
|
93
93
|
}
|
|
94
94
|
};
|
|
95
|
-
const
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
95
|
+
const fetchCommandPromise = (0, api_1.fetchCommand)(resolvedAuthn, args, [command, ...args.arguments]);
|
|
96
|
+
const data = (options === null || options === void 0 ? void 0 : options.message) != "quiet"
|
|
97
|
+
? yield (0, stdio_1.spinUntil)(accessMessage(options === null || options === void 0 ? void 0 : options.message), fetchCommandPromise)
|
|
98
|
+
: yield fetchCommandPromise;
|
|
99
99
|
if (data && "ok" in data && "message" in data && data.ok) {
|
|
100
100
|
const logMessage = !(options === null || options === void 0 ? void 0 : options.message) ||
|
|
101
101
|
(options === null || options === void 0 ? void 0 : options.message) === "all" ||
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../src/commands/shared/request.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAAiD;AACjD,6CAAkD;AAClD,uDAA8C;AAC9C,+CAAwD;AAGxD,kDAAgD;AAChD,2CAAiC;AAGjC,MAAM,YAAY,GAAG,KAAK,CAAC;AAE3B,MAAM,QAAQ,GAAG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACnE,MAAM,MAAM,GAAG,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAC/D,MAAM,OAAO,GAAG,EAAE,OAAO,EAAE,mCAAmC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAE1E,MAAM,0BAA0B,GAAG;IACjC,QAAQ;IACR,iBAAiB,EAAE,QAAQ;IAC3B,IAAI,EAAE,QAAQ;IACd,aAAa,EAAE,QAAQ;IACvB,MAAM;IACN,OAAO;CACR,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,MAAW,EACwC,EAAE,CACrD,MAAM,IAAI,0BAA0B,CAAC;AAEhC,MAAM,WAAW,GAAG,CAAI,KAAoB,EAAE,EAAE,CACrD,KAAK;KACF,mBAAmB,CAAC,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC;KACxD,IAAI,CAAC,KAAK,CAAC,CAAC,4HAA4H;KACxI,MAAM,CAAC,MAAM,EAAE;IACd,KAAK,EAAE,GAAG;IACV,OAAO,EAAE,IAAI;IACb,OAAO,EAAE,KAAK;IACd,QAAQ,EAAE,sCAAsC;CACjD,CAAC;KACD,MAAM,CAAC,WAAW,EAAE;IACnB,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC,CAAC;AAdM,QAAA,WAAW,eAcjB;AAEP,MAAM,cAAc,GAAG,CACrB,QAAgB,EAChB,SAAiB,EACjB,UAAmB,EACnB,EAAE;IACF,OAAA,MAAM,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,EAAE;QACpC,IAAI,UAAU;YACZ,IAAA,cAAM,EAAC,2DAA2D,CAAC,CAAC;QACtE,IAAI,MAAM,GAA+B,SAAS,CAAC;QACnD,MAAM,WAAW,GAAG,IAAA,sBAAU,EAC5B,IAAA,eAAG,EAAC,KAAK,QAAQ,wBAAwB,SAAS,EAAE,CAAC,EACrD,CAAC,IAAI,EAAE,EAAE;YACP,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,IAAI;gBAAE,OAAO;YAClB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;YACxB,IAAI,iBAAiB,CAAC,MAAM,CAAC,EAAE;gBAC7B,IAAI,MAAM;oBAAE,YAAY,CAAC,MAAM,CAAC,CAAC;gBACjC,WAAW,aAAX,WAAW,uBAAX,WAAW,EAAI,CAAC;gBAChB,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,0BAA0B,CAAC,MAAM,CAAC,CAAC;gBAC7D,IAAI,IAAI,KAAK,CAAC,IAAI,UAAU;oBAAE,IAAA,cAAM,EAAC,OAAO,CAAC,CAAC;gBAC9C,OAAO,CAAC,IAAI,CAAC,CAAC;aACf;QACH,CAAC,CACF,CAAC;QACF,MAAM,GAAG,UAAU,CAAC,GAAG,EAAE;YACvB,WAAW,aAAX,WAAW,uBAAX,WAAW,EAAI,CAAC;YAChB,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;YAC1D,OAAO,CAAC,CAAC,CAAC,CAAC;QACb,CAAC,EAAE,YAAY,CAAC,CAAC;IACnB,CAAC,CAAC,CAAA;EAAA,CAAC;AAEE,MAAM,OAAO,GAClB,CAAC,OAA4B,EAAE,EAAE,CACjC,CACE,IAGE,EACF,KAAa,EACb,OAGC,EACwC,EAAE;IAC3C,MAAM,aAAa,GAAG,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,CAAC,MAAM,IAAA,mBAAY,GAAE,CAAC,CAAC;IACtD,MAAM,EAAE,cAAc,EAAE,GAAG,aAAa,CAAC;IACzC,MAAM,aAAa,GAAG,CAAC,OAAgB,EAAE,EAAE;QACzC,QAAQ,OAAO,EAAE;YACf,KAAK,mBAAmB;gBACtB,OAAO,2BAA2B,CAAC;YACrC;gBACE,OAAO,mBAAmB,CAAC;SAC9B;IACH,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../src/commands/shared/request.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAAiD;AACjD,6CAAkD;AAClD,uDAA8C;AAC9C,+CAAwD;AAGxD,kDAAgD;AAChD,2CAAiC;AAGjC,MAAM,YAAY,GAAG,KAAK,CAAC;AAE3B,MAAM,QAAQ,GAAG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACnE,MAAM,MAAM,GAAG,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAC/D,MAAM,OAAO,GAAG,EAAE,OAAO,EAAE,mCAAmC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAE1E,MAAM,0BAA0B,GAAG;IACjC,QAAQ;IACR,iBAAiB,EAAE,QAAQ;IAC3B,IAAI,EAAE,QAAQ;IACd,aAAa,EAAE,QAAQ;IACvB,MAAM;IACN,OAAO;CACR,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,MAAW,EACwC,EAAE,CACrD,MAAM,IAAI,0BAA0B,CAAC;AAEhC,MAAM,WAAW,GAAG,CAAI,KAAoB,EAAE,EAAE,CACrD,KAAK;KACF,mBAAmB,CAAC,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC;KACxD,IAAI,CAAC,KAAK,CAAC,CAAC,4HAA4H;KACxI,MAAM,CAAC,MAAM,EAAE;IACd,KAAK,EAAE,GAAG;IACV,OAAO,EAAE,IAAI;IACb,OAAO,EAAE,KAAK;IACd,QAAQ,EAAE,sCAAsC;CACjD,CAAC;KACD,MAAM,CAAC,WAAW,EAAE;IACnB,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC,CAAC;AAdM,QAAA,WAAW,eAcjB;AAEP,MAAM,cAAc,GAAG,CACrB,QAAgB,EAChB,SAAiB,EACjB,UAAmB,EACnB,EAAE;IACF,OAAA,MAAM,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,EAAE;QACpC,IAAI,UAAU;YACZ,IAAA,cAAM,EAAC,2DAA2D,CAAC,CAAC;QACtE,IAAI,MAAM,GAA+B,SAAS,CAAC;QACnD,MAAM,WAAW,GAAG,IAAA,sBAAU,EAC5B,IAAA,eAAG,EAAC,KAAK,QAAQ,wBAAwB,SAAS,EAAE,CAAC,EACrD,CAAC,IAAI,EAAE,EAAE;YACP,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,IAAI;gBAAE,OAAO;YAClB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;YACxB,IAAI,iBAAiB,CAAC,MAAM,CAAC,EAAE;gBAC7B,IAAI,MAAM;oBAAE,YAAY,CAAC,MAAM,CAAC,CAAC;gBACjC,WAAW,aAAX,WAAW,uBAAX,WAAW,EAAI,CAAC;gBAChB,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,0BAA0B,CAAC,MAAM,CAAC,CAAC;gBAC7D,IAAI,IAAI,KAAK,CAAC,IAAI,UAAU;oBAAE,IAAA,cAAM,EAAC,OAAO,CAAC,CAAC;gBAC9C,OAAO,CAAC,IAAI,CAAC,CAAC;aACf;QACH,CAAC,CACF,CAAC;QACF,MAAM,GAAG,UAAU,CAAC,GAAG,EAAE;YACvB,WAAW,aAAX,WAAW,uBAAX,WAAW,EAAI,CAAC;YAChB,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;YAC1D,OAAO,CAAC,CAAC,CAAC,CAAC;QACb,CAAC,EAAE,YAAY,CAAC,CAAC;IACnB,CAAC,CAAC,CAAA;EAAA,CAAC;AAEE,MAAM,OAAO,GAClB,CAAC,OAA4B,EAAE,EAAE,CACjC,CACE,IAGE,EACF,KAAa,EACb,OAGC,EACwC,EAAE;IAC3C,MAAM,aAAa,GAAG,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,CAAC,MAAM,IAAA,mBAAY,GAAE,CAAC,CAAC;IACtD,MAAM,EAAE,cAAc,EAAE,GAAG,aAAa,CAAC;IACzC,MAAM,aAAa,GAAG,CAAC,OAAgB,EAAE,EAAE;QACzC,QAAQ,OAAO,EAAE;YACf,KAAK,mBAAmB;gBACtB,OAAO,2BAA2B,CAAC;YACrC;gBACE,OAAO,mBAAmB,CAAC;SAC9B;IACH,CAAC,CAAC;IAEF,MAAM,mBAAmB,GAAG,IAAA,kBAAY,EACtC,aAAa,EACb,IAAI,EACJ,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAC7B,CAAC;IAEF,MAAM,IAAI,GACR,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,KAAI,OAAO;QACzB,CAAC,CAAC,MAAM,IAAA,iBAAS,EAAC,aAAa,CAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAC,EAAE,mBAAmB,CAAC;QACvE,CAAC,CAAC,MAAM,mBAAmB,CAAC;IAEhC,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,SAAS,IAAI,IAAI,IAAI,IAAI,CAAC,EAAE,EAAE;QACxD,MAAM,UAAU,GACd,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAA;YACjB,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,MAAK,KAAK;YAC1B,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,MAAK,mBAAmB;gBACvC,CAAC,IAAI,CAAC,aAAa;gBACnB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACxB,IAAI,UAAU;YAAE,IAAA,cAAM,EAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;QACpB,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,IAAI,cAAc,CAAC,IAAI,CAAC,QAAQ,EAAE;YACnD,MAAM,IAAI,GAAG,MAAM,cAAc,CAC/B,cAAc,CAAC,IAAI,CAAC,QAAQ,EAC5B,EAAE,EACF,UAAU,CACX,CAAC;YACF,IAAI,IAAI,EAAE;gBACR,gBAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACf,OAAO,SAAS,CAAC;aAClB;YACD,OAAO,IAAI,CAAC;SACb;;YAAM,OAAO,SAAS,CAAC;KACzB;SAAM;QACL,MAAM,IAAI,CAAC;KACZ;AACH,CAAC,CAAA,CAAC;AA3DS,QAAA,OAAO,WA2DhB"}
|
|
@@ -21,6 +21,17 @@ export type SshCommandArgs = BaseSshCommandArgs & {
|
|
|
21
21
|
arguments: string[];
|
|
22
22
|
command?: string;
|
|
23
23
|
};
|
|
24
|
+
export type SshResolveCommandArgs = SshCommandArgs & {
|
|
25
|
+
quiet?: boolean;
|
|
26
|
+
};
|
|
27
|
+
export type SshProxyCommandArgs = {
|
|
28
|
+
destination: string;
|
|
29
|
+
port: string;
|
|
30
|
+
provider: "aws" | "azure" | "gcloud";
|
|
31
|
+
requestJson: string;
|
|
32
|
+
debug?: boolean;
|
|
33
|
+
identityFile: string;
|
|
34
|
+
};
|
|
24
35
|
export type CommandArgs = ScpCommandArgs | SshCommandArgs;
|
|
25
36
|
export type SshAdditionalSetup = {
|
|
26
37
|
/** A list of SSH configuration options, as would be used after '-o' in an SSH command */
|
|
@@ -37,15 +48,17 @@ export declare const isSudoCommand: (args: {
|
|
|
37
48
|
sudo?: boolean;
|
|
38
49
|
command?: string;
|
|
39
50
|
}) => boolean;
|
|
40
|
-
export declare const provisionRequest: (authn: Authn, args: yargs.ArgumentsCamelCase<BaseSshCommandArgs>, destination: string) => Promise<{
|
|
51
|
+
export declare const provisionRequest: (authn: Authn, args: yargs.ArgumentsCamelCase<BaseSshCommandArgs>, destination: string, approvedOnly?: boolean, quiet?: boolean) => Promise<{
|
|
52
|
+
requestId: string;
|
|
41
53
|
provisionedRequest: Request<PluginSshRequest>;
|
|
42
54
|
publicKey: string;
|
|
43
55
|
privateKey: string;
|
|
44
56
|
} | undefined>;
|
|
45
|
-
export declare const prepareRequest: (authn: Authn, args: yargs.ArgumentsCamelCase<BaseSshCommandArgs>, destination: string) => Promise<{
|
|
57
|
+
export declare const prepareRequest: (authn: Authn, args: yargs.ArgumentsCamelCase<BaseSshCommandArgs>, destination: string, approvedOnly?: boolean, quiet?: boolean) => Promise<{
|
|
46
58
|
request: any;
|
|
47
59
|
sshProvider: SshProvider<any, any, any, any>;
|
|
48
60
|
provisionedRequest: Request<PluginSshRequest>;
|
|
61
|
+
requestId: string;
|
|
49
62
|
publicKey: string;
|
|
50
63
|
privateKey: string;
|
|
51
64
|
}>;
|
|
@@ -54,7 +54,7 @@ const pluginToCliRequest = (request, options) => __awaiter(void 0, void 0, void
|
|
|
54
54
|
});
|
|
55
55
|
const isSudoCommand = (args) => args.sudo || args.command === "sudo";
|
|
56
56
|
exports.isSudoCommand = isSudoCommand;
|
|
57
|
-
const provisionRequest = (authn, args, destination) => __awaiter(void 0, void 0, void 0, function* () {
|
|
57
|
+
const provisionRequest = (authn, args, destination, approvedOnly, quiet) => __awaiter(void 0, void 0, void 0, function* () {
|
|
58
58
|
yield validateSshInstall(authn, args);
|
|
59
59
|
const { publicKey, privateKey } = yield (0, keys_1.createKeyPair)();
|
|
60
60
|
const response = yield (0, request_1.request)("request")(Object.assign(Object.assign({}, (0, lodash_1.pick)(args, "$0", "_")), { arguments: [
|
|
@@ -63,13 +63,16 @@ const provisionRequest = (authn, args, destination) => __awaiter(void 0, void 0,
|
|
|
63
63
|
destination,
|
|
64
64
|
"--public-key",
|
|
65
65
|
publicKey,
|
|
66
|
+
...(approvedOnly ? ["--approved-only"] : []),
|
|
66
67
|
...(args.provider ? ["--provider", args.provider] : []),
|
|
67
68
|
...((0, exports.isSudoCommand)(args) ? ["--sudo"] : []),
|
|
68
69
|
...(args.reason ? ["--reason", args.reason] : []),
|
|
69
70
|
...(args.parent ? ["--parent", args.parent] : []),
|
|
70
|
-
], wait: true }), authn, { message: "approval-required" });
|
|
71
|
+
], wait: true }), authn, { message: quiet ? "quiet" : "approval-required" });
|
|
71
72
|
if (!response) {
|
|
72
|
-
(
|
|
73
|
+
if (!quiet) {
|
|
74
|
+
(0, stdio_1.print2)("Did not receive access ID from server");
|
|
75
|
+
}
|
|
73
76
|
return;
|
|
74
77
|
}
|
|
75
78
|
const { id, isPreexisting } = response;
|
|
@@ -78,26 +81,24 @@ const provisionRequest = (authn, args, destination) => __awaiter(void 0, void 0,
|
|
|
78
81
|
else
|
|
79
82
|
(0, stdio_1.print2)("Existing access found. Connecting to instance.");
|
|
80
83
|
const provisionedRequest = yield (0, _1.waitForProvisioning)(authn, id);
|
|
81
|
-
return { provisionedRequest, publicKey, privateKey };
|
|
84
|
+
return { requestId: id, provisionedRequest, publicKey, privateKey };
|
|
82
85
|
});
|
|
83
86
|
exports.provisionRequest = provisionRequest;
|
|
84
|
-
const prepareRequest = (authn, args, destination) => __awaiter(void 0, void 0, void 0, function* () {
|
|
85
|
-
|
|
87
|
+
const prepareRequest = (authn, args, destination, approvedOnly, quiet) => __awaiter(void 0, void 0, void 0, function* () {
|
|
88
|
+
var _b;
|
|
89
|
+
const result = yield (0, exports.provisionRequest)(authn, args, destination, approvedOnly, quiet);
|
|
86
90
|
if (!result) {
|
|
87
91
|
throw "Server did not return a request id. Please contact support@p0.dev for assistance.";
|
|
88
92
|
}
|
|
89
|
-
const {
|
|
93
|
+
const { requestId, publicKey, provisionedRequest } = result;
|
|
90
94
|
const sshProvider = exports.SSH_PROVIDERS[provisionedRequest.permission.provider];
|
|
91
|
-
|
|
92
|
-
!sshProvider.validateSshKey(provisionedRequest, publicKey)) {
|
|
93
|
-
throw "Public key mismatch. Please revoke the request and try again.";
|
|
94
|
-
}
|
|
95
|
+
yield ((_b = sshProvider.submitPublicKey) === null || _b === void 0 ? void 0 : _b.call(sshProvider, authn, provisionedRequest, requestId, publicKey));
|
|
95
96
|
yield sshProvider.ensureInstall();
|
|
96
97
|
const cliRequest = yield pluginToCliRequest(provisionedRequest, {
|
|
97
98
|
debug: args.debug,
|
|
98
99
|
});
|
|
99
100
|
const request = sshProvider.requestToSsh(cliRequest);
|
|
100
|
-
return Object.assign(Object.assign({}, result), { request, sshProvider });
|
|
101
|
+
return Object.assign(Object.assign({}, result), { request, sshProvider, provisionedRequest });
|
|
101
102
|
});
|
|
102
103
|
exports.prepareRequest = prepareRequest;
|
|
103
104
|
//# sourceMappingURL=ssh.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/commands/shared/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wBAAwC;AACxC,4CAAkD;AAClD,uDAA8C;AAC9C,+CAA6C;AAC7C,+CAAuD;AACvD,iDAA2D;AAC3D,kDAA0D;AAI1D,yCAMyB;AACzB,uCAAoC;AACpC,kDAA4C;AAC5C,mCAA8B;
|
|
1
|
+
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../src/commands/shared/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wBAAwC;AACxC,4CAAkD;AAClD,uDAA8C;AAC9C,+CAA6C;AAC7C,+CAAuD;AACvD,iDAA2D;AAC3D,kDAA0D;AAI1D,yCAMyB;AACzB,uCAAoC;AACpC,kDAA4C;AAC5C,mCAA8B;AAsDjB,QAAA,aAAa,GAGtB;IACF,GAAG,EAAE,oBAAc;IACnB,KAAK,EAAE,sBAAgB;IACvB,MAAM,EAAE,oBAAc;CACvB,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,KAAY,EACZ,IAAkD,EAClD,EAAE;;IACF,MAAM,SAAS,GAAG,MAAM,IAAA,kBAAM,EAC5B,IAAA,eAAG,EAAC,KAAK,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,mBAAmB,CAAC,CACzD,CAAC;IACF,MAAM,WAAW,GAAG,MAAA,SAAS,CAAC,IAAI,EAAE,0CAAG,WAAW,CAAC,CAAC;IAEpD,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ;QACpC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;QACjB,CAAC,CAAC,2BAAqB,CAAC;IAE1B,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,EAAE,CAAC,CAAC,MAAM,CACpD,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CACf,KAAK,CAAC,KAAK,IAAI,WAAW;QAC1B,gBAAgB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAC5D,CAAC;IAEF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QACtB,MAAM,mEAAmE,CAAC;KAC3E;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,OAAkC,EAClC,OAA6B,EACI,EAAE;IACnC,OAAA,MAAM,qBAAa,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,YAAY,CAC3D,OAAc,EACd,OAAO,CACR,CAAA;EAAA,CAAC;AAEG,MAAM,aAAa,GAAG,CAAC,IAA0C,EAAE,EAAE,CAC1E,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,CAAC;AAD1B,QAAA,aAAa,iBACa;AAEhC,MAAM,gBAAgB,GAAG,CAC9B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,YAAsB,EACtB,KAAe,EACf,EAAE;IACF,MAAM,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAA,oBAAa,GAAE,CAAC;IAExD,MAAM,QAAQ,GAAG,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAElC,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;YACT,KAAK;YACL,SAAS;YACT,WAAW;YACX,cAAc;YACd,SAAS;YACT,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5C,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,GAAG,CAAC,IAAA,qBAAa,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1C,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;SAClD,EACD,IAAI,EAAE,IAAI,KAEZ,KAAK,EACL,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB,EAAE,CACnD,CAAC;IAEF,IAAI,CAAC,QAAQ,EAAE;QACb,IAAI,CAAC,KAAK,EAAE;YACV,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;SACjD;QACD,OAAO;KACR;IACD,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IACvC,IAAI,CAAC,aAAa;QAAE,IAAA,cAAM,EAAC,sCAAsC,CAAC,CAAC;;QAC9D,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;IAE/D,MAAM,kBAAkB,GAAG,MAAM,IAAA,sBAAmB,EAClD,KAAK,EACL,EAAE,CACH,CAAC;IAEF,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE,kBAAkB,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC;AACtE,CAAC,CAAA,CAAC;AAhDW,QAAA,gBAAgB,oBAgD3B;AAEK,MAAM,cAAc,GAAG,CAC5B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,YAAsB,EACtB,KAAe,EACf,EAAE;;IACF,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAgB,EACnC,KAAK,EACL,IAAI,EACJ,WAAW,EACX,YAAY,EACZ,KAAK,CACN,CAAC;IACF,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,mFAAmF,CAAC;KAC3F;IAED,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,MAAM,CAAC;IAE5D,MAAM,WAAW,GAAG,qBAAa,CAAC,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE1E,MAAM,CAAA,MAAA,WAAW,CAAC,eAAe,4DAC/B,KAAK,EACL,kBAAkB,EAClB,SAAS,EACT,SAAS,CACV,CAAA,CAAC;IAEF,MAAM,WAAW,CAAC,aAAa,EAAE,CAAC;IAElC,MAAM,UAAU,GAAG,MAAM,kBAAkB,CAAC,kBAAkB,EAAE;QAC9D,KAAK,EAAE,IAAI,CAAC,KAAK;KAClB,CAAC,CAAC;IACH,MAAM,OAAO,GAAG,WAAW,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;IAErD,uCAAY,MAAM,KAAE,OAAO,EAAE,WAAW,EAAE,kBAAkB,IAAG;AACjE,CAAC,CAAA,CAAC;AArCW,QAAA,cAAc,kBAqCzB"}
|
|
@@ -0,0 +1,124 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
24
|
+
};
|
|
25
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
26
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
27
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
28
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
29
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
30
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
31
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
32
|
+
});
|
|
33
|
+
};
|
|
34
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
35
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
36
|
+
};
|
|
37
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
38
|
+
exports.sshProxyCommand = void 0;
|
|
39
|
+
/** Copyright © 2024-present P0 Security
|
|
40
|
+
|
|
41
|
+
This file is part of @p0security/cli
|
|
42
|
+
|
|
43
|
+
@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
|
|
44
|
+
|
|
45
|
+
@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
46
|
+
|
|
47
|
+
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
48
|
+
**/
|
|
49
|
+
const auth_1 = require("../drivers/auth");
|
|
50
|
+
const firestore_1 = require("../drivers/firestore");
|
|
51
|
+
const ssh_1 = require("../plugins/ssh");
|
|
52
|
+
const util_1 = require("../util");
|
|
53
|
+
const ssh_2 = require("./shared/ssh");
|
|
54
|
+
const fs = __importStar(require("fs/promises"));
|
|
55
|
+
const path_1 = __importDefault(require("path"));
|
|
56
|
+
const sshProxyCommand = (yargs) => yargs.command("ssh-proxy <destination>", "SSH into a virtual machine", (yargs) => yargs
|
|
57
|
+
.positional("destination", {
|
|
58
|
+
type: "string",
|
|
59
|
+
demandOption: true,
|
|
60
|
+
})
|
|
61
|
+
.option("port", {
|
|
62
|
+
type: "string",
|
|
63
|
+
demandOption: true,
|
|
64
|
+
})
|
|
65
|
+
.option("provider", {
|
|
66
|
+
requiresArg: true,
|
|
67
|
+
type: "string",
|
|
68
|
+
describe: "The cloud provider where the instance is hosted",
|
|
69
|
+
choices: ["aws", "azure", "gcloud"],
|
|
70
|
+
demandOption: true,
|
|
71
|
+
})
|
|
72
|
+
.option("identityFile", {
|
|
73
|
+
alias: "i",
|
|
74
|
+
requiresArg: true,
|
|
75
|
+
type: "string",
|
|
76
|
+
describe: "Path to the private key file to use for the SSH connection",
|
|
77
|
+
demandOption: true,
|
|
78
|
+
})
|
|
79
|
+
.option("requestJson", {
|
|
80
|
+
requiresArg: true,
|
|
81
|
+
type: "string",
|
|
82
|
+
describe: "JSON string of the SSH request",
|
|
83
|
+
demandOption: true,
|
|
84
|
+
})
|
|
85
|
+
.option("debug", {
|
|
86
|
+
type: "boolean",
|
|
87
|
+
describe: "Print debug information.",
|
|
88
|
+
})
|
|
89
|
+
.usage("$0 ssh-proxy <destination>"), (0, firestore_1.fsShutdownGuard)(sshProxyAction));
|
|
90
|
+
exports.sshProxyCommand = sshProxyCommand;
|
|
91
|
+
const sshProxyAction = (args) => __awaiter(void 0, void 0, void 0, function* () {
|
|
92
|
+
var _a;
|
|
93
|
+
// Prefix is required because the backend uses it to determine that this is an AWS request
|
|
94
|
+
const authn = yield (0, auth_1.authenticate)();
|
|
95
|
+
// TODO(ENG-3142): Azure SSH currently doesn't support specifying a port; throw an error if one is set.
|
|
96
|
+
if (args.provider === "azure" && args.port != "22") {
|
|
97
|
+
throw "Azure SSH does not currently support specifying a port. SSH on the target VM must be listening on the default port 22.";
|
|
98
|
+
}
|
|
99
|
+
const sshProvider = ssh_2.SSH_PROVIDERS[args.provider];
|
|
100
|
+
const requestJson = yield fs.readFile(args.requestJson, "utf8");
|
|
101
|
+
const request = JSON.parse(requestJson);
|
|
102
|
+
const privateKey = yield fs.readFile(args.identityFile, "utf8");
|
|
103
|
+
const destination = (0, ssh_1.verifyDestinationString)(args.destination);
|
|
104
|
+
const configLocation = path_1.default.join(util_1.P0_PATH, "ssh", "configs", `${destination}.config` // nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal
|
|
105
|
+
);
|
|
106
|
+
if (args.debug) {
|
|
107
|
+
("Deleting request JSON file");
|
|
108
|
+
}
|
|
109
|
+
yield fs.rm(args.requestJson);
|
|
110
|
+
if (args.debug) {
|
|
111
|
+
("Deleting ssh Config file");
|
|
112
|
+
}
|
|
113
|
+
yield fs.rm(configLocation);
|
|
114
|
+
yield (0, ssh_1.sshProxy)({
|
|
115
|
+
authn,
|
|
116
|
+
cmdArgs: args,
|
|
117
|
+
request,
|
|
118
|
+
privateKey,
|
|
119
|
+
debug: (_a = args.debug) !== null && _a !== void 0 ? _a : false,
|
|
120
|
+
sshProvider,
|
|
121
|
+
port: args.port,
|
|
122
|
+
});
|
|
123
|
+
});
|
|
124
|
+
//# sourceMappingURL=ssh-proxy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ssh-proxy.js","sourceRoot":"","sources":["../../src/commands/ssh-proxy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,oDAAuD;AACvD,wCAAmE;AACnE,kCAAkC;AAClC,sCAAkE;AAClE,gDAAkC;AAClC,gDAAwB;AAGjB,MAAM,eAAe,GAAG,CAAC,KAAiB,EAAE,EAAE,CACnD,KAAK,CAAC,OAAO,CACX,yBAAyB,EACzB,4BAA4B,EAC5B,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,MAAM,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,MAAM,CAAC,UAAU,EAAE;IAClB,WAAW,EAAE,IAAI;IACjB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,iDAAiD;IAC3D,OAAO,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC;IACnC,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,MAAM,CAAC,cAAc,EAAE;IACtB,KAAK,EAAE,GAAG;IACV,WAAW,EAAE,IAAI;IACjB,IAAI,EAAE,QAAQ;IACd,QAAQ,EACN,4DAA4D;IAC9D,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,MAAM,CAAC,aAAa,EAAE;IACrB,WAAW,EAAE,IAAI;IACjB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,gCAAgC;IAC1C,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC;KACD,KAAK,CAAC,4BAA4B,CAAC,EAExC,IAAA,2BAAe,EAAC,cAAc,CAAC,CAChC,CAAC;AA1CS,QAAA,eAAe,mBA0CxB;AAEJ,MAAM,cAAc,GAAG,CACrB,IAAmD,EACnD,EAAE;;IACF,0FAA0F;IAC1F,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,GAAE,CAAC;IAEnC,uGAAuG;IACvG,IAAI,IAAI,CAAC,QAAQ,KAAK,OAAO,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE;QAClD,MAAM,wHAAwH,CAAC;KAChI;IAED,MAAM,WAAW,GAAG,mBAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAEjD,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IAChE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAExC,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAEhE,MAAM,WAAW,GAAG,IAAA,6BAAuB,EAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAE9D,MAAM,cAAc,GAAG,cAAI,CAAC,IAAI,CAC9B,cAAO,EACP,KAAK,EACL,SAAS,EACT,GAAG,WAAW,SAAS,CAAC,mHAAmH;KAC5I,CAAC;IAEF,IAAI,IAAI,CAAC,KAAK,EAAE;QACd,CAAC,4BAA4B,CAAC,CAAC;KAChC;IACD,MAAM,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAE9B,IAAI,IAAI,CAAC,KAAK,EAAE;QACd,CAAC,0BAA0B,CAAC,CAAC;KAC9B;IACD,MAAM,EAAE,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC;IAE5B,MAAM,IAAA,cAAQ,EAAC;QACb,KAAK;QACL,OAAO,EAAE,IAAI;QACb,OAAO;QACP,UAAU;QACV,KAAK,EAAE,MAAA,IAAI,CAAC,KAAK,mCAAI,KAAK;QAC1B,WAAW;QACX,IAAI,EAAE,IAAI,CAAC,IAAI;KAChB,CAAC,CAAC;AACL,CAAC,CAAA,CAAC"}
|