@p0security/cli 0.18.10 → 0.18.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +8 -0
- package/build/dist/commands/ls.js +21 -23
- package/build/dist/commands/ls.js.map +1 -1
- package/build/dist/commands/shared/ssh.d.ts +6 -2
- package/build/dist/commands/shared/ssh.js +5 -5
- package/build/dist/commands/shared/ssh.js.map +1 -1
- package/build/dist/commands/ssh-resolve.js +9 -3
- package/build/dist/commands/ssh-resolve.js.map +1 -1
- package/build/dist/common/__mocks__/keys.d.ts +2 -0
- package/build/dist/common/__mocks__/keys.js +5 -1
- package/build/dist/common/__mocks__/keys.js.map +1 -1
- package/build/dist/common/keys.d.ts +15 -0
- package/build/dist/common/keys.js +85 -8
- package/build/dist/common/keys.js.map +1 -1
- package/build/dist/drivers/api.d.ts +6 -6
- package/build/dist/drivers/api.js +53 -51
- package/build/dist/drivers/api.js.map +1 -1
- package/build/dist/opentelemetry/instrumentation.js +6 -14
- package/build/dist/opentelemetry/instrumentation.js.map +1 -1
- package/build/dist/plugins/aws/idc/index.js +5 -1
- package/build/dist/plugins/aws/idc/index.js.map +1 -1
- package/build/dist/plugins/aws/ssh.js +15 -4
- package/build/dist/plugins/aws/ssh.js.map +1 -1
- package/build/dist/plugins/aws/types.d.ts +2 -0
- package/build/dist/plugins/azure/keygen.d.ts +0 -4
- package/build/dist/plugins/azure/keygen.js +1 -13
- package/build/dist/plugins/azure/keygen.js.map +1 -1
- package/build/dist/plugins/azure/ssh.js +6 -5
- package/build/dist/plugins/azure/ssh.js.map +1 -1
- package/build/dist/plugins/google/ssh.js +1 -1
- package/build/dist/plugins/google/ssh.js.map +1 -1
- package/build/dist/plugins/self-hosted/keygen.d.ts +6 -0
- package/build/dist/plugins/self-hosted/keygen.js +39 -0
- package/build/dist/plugins/self-hosted/keygen.js.map +1 -0
- package/build/dist/plugins/self-hosted/ssh.d.ts +1 -0
- package/build/dist/plugins/self-hosted/ssh.js +55 -16
- package/build/dist/plugins/self-hosted/ssh.js.map +1 -1
- package/build/dist/plugins/ssh/index.js +11 -5
- package/build/dist/plugins/ssh/index.js.map +1 -1
- package/build/dist/plugins/ssh/shared.d.ts +4 -0
- package/build/dist/plugins/ssh/shared.js +38 -0
- package/build/dist/plugins/ssh/shared.js.map +1 -0
- package/build/dist/types/ssh.d.ts +11 -3
- package/build/tsconfig.tsbuildinfo +1 -1
- package/package.json +6 -4
|
@@ -56,7 +56,7 @@ var __asyncGenerator = (this && this.__asyncGenerator) || function (thisArg, _ar
|
|
|
56
56
|
function settle(f, v) { if (f(v), q.shift(), q.length) resume(q[0][0], q[0][1]); }
|
|
57
57
|
};
|
|
58
58
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
59
|
-
exports.
|
|
59
|
+
exports.auditSshSessionActivity = exports.fetchWithStreaming = exports.certificateSigningRequest = exports.submitPublicKey = exports.fetchAdminLsCommand = exports.fetchCommand = exports.fetchStreamingCommand = exports.fetchIntegrationConfig = exports.fetchPermissionRequestDetails = exports.fetchAccountInfo = exports.fetchOrgData = exports.tracesUrl = void 0;
|
|
60
60
|
const version_1 = require("../version");
|
|
61
61
|
const config_1 = require("./config");
|
|
62
62
|
const env_1 = require("./env");
|
|
@@ -66,22 +66,23 @@ const DEFAULT_PERMISSION_REQUEST_TIMEOUT = 300e3; // 5 minutes
|
|
|
66
66
|
const tenantOrgUrl = (tenant) => { var _a, _b; return `${(_b = (_a = (0, config_1.getTenantConfig)()) === null || _a === void 0 ? void 0 : _a.appUrl) !== null && _b !== void 0 ? _b : env_1.defaultConfig.appUrl}/orgs/${tenant}`; };
|
|
67
67
|
const tenantUrl = (tenant) => `${(0, config_1.getTenantConfig)().appUrl}/o/${tenant}`;
|
|
68
68
|
const publicKeysUrl = (tenant) => `${tenantUrl(tenant)}/integrations/ssh/public-keys`;
|
|
69
|
+
const certSignRequestUrl = (tenant) => `${tenantUrl(tenant)}/integrations/ssh/certificates`;
|
|
69
70
|
const sshAuditUrl = (tenant) => `${tenantUrl(tenant)}/integrations/ssh/audit`;
|
|
70
71
|
const commandUrl = (tenant) => `${tenantUrl(tenant)}/command/`;
|
|
71
72
|
const adminLsCommandUrl = (tenant) => `${tenantUrl(tenant)}/command/ls`;
|
|
72
73
|
const tracesUrl = (tenant) => `${tenantUrl(tenant)}/traces`;
|
|
73
74
|
exports.tracesUrl = tracesUrl;
|
|
74
|
-
const fetchOrgData = (orgId) => __awaiter(void 0, void 0, void 0, function* () { return
|
|
75
|
+
const fetchOrgData = (orgId) => __awaiter(void 0, void 0, void 0, function* () { return baseFetch({ url: tenantOrgUrl(orgId), method: "GET" }); });
|
|
75
76
|
exports.fetchOrgData = fetchOrgData;
|
|
76
77
|
const fetchAccountInfo = (authn) => __awaiter(void 0, void 0, void 0, function* () {
|
|
77
|
-
return (
|
|
78
|
+
return authFetch(authn, {
|
|
78
79
|
url: `${tenantUrl(authn.identity.org.slug)}/account`,
|
|
79
80
|
method: "GET",
|
|
80
81
|
});
|
|
81
82
|
});
|
|
82
83
|
exports.fetchAccountInfo = fetchAccountInfo;
|
|
83
84
|
const fetchPermissionRequestDetails = (authn, requestId) => __awaiter(void 0, void 0, void 0, function* () {
|
|
84
|
-
return (
|
|
85
|
+
return authFetch(authn, {
|
|
85
86
|
url: `${tenantUrl(authn.identity.org.slug)}/permission-requests/${requestId}`,
|
|
86
87
|
method: "GET",
|
|
87
88
|
maxTimeoutMs: DEFAULT_PERMISSION_REQUEST_TIMEOUT,
|
|
@@ -89,7 +90,7 @@ const fetchPermissionRequestDetails = (authn, requestId) => __awaiter(void 0, vo
|
|
|
89
90
|
});
|
|
90
91
|
exports.fetchPermissionRequestDetails = fetchPermissionRequestDetails;
|
|
91
92
|
const fetchIntegrationConfig = (authn, integration) => __awaiter(void 0, void 0, void 0, function* () {
|
|
92
|
-
return (
|
|
93
|
+
return authFetch(authn, {
|
|
93
94
|
url: `${tenantUrl(authn.identity.org.slug)}/integrations/${integration}/config`,
|
|
94
95
|
method: "GET",
|
|
95
96
|
});
|
|
@@ -110,7 +111,7 @@ const fetchStreamingCommand = function (authn, args, argv, debug) {
|
|
|
110
111
|
};
|
|
111
112
|
exports.fetchStreamingCommand = fetchStreamingCommand;
|
|
112
113
|
const fetchCommand = (authn, args, argv) => __awaiter(void 0, void 0, void 0, function* () {
|
|
113
|
-
return (
|
|
114
|
+
return authFetch(authn, {
|
|
114
115
|
url: commandUrl(authn.identity.org.slug),
|
|
115
116
|
method: "POST",
|
|
116
117
|
body: JSON.stringify({
|
|
@@ -122,7 +123,7 @@ const fetchCommand = (authn, args, argv) => __awaiter(void 0, void 0, void 0, fu
|
|
|
122
123
|
exports.fetchCommand = fetchCommand;
|
|
123
124
|
/** Special admin 'ls' command that can retrieve results for all users. Requires 'owner' permission. */
|
|
124
125
|
const fetchAdminLsCommand = (authn, args, argv) => __awaiter(void 0, void 0, void 0, function* () {
|
|
125
|
-
return (
|
|
126
|
+
return authFetch(authn, {
|
|
126
127
|
url: adminLsCommandUrl(authn.identity.org.slug),
|
|
127
128
|
method: "POST",
|
|
128
129
|
body: JSON.stringify({
|
|
@@ -133,7 +134,7 @@ const fetchAdminLsCommand = (authn, args, argv) => __awaiter(void 0, void 0, voi
|
|
|
133
134
|
});
|
|
134
135
|
exports.fetchAdminLsCommand = fetchAdminLsCommand;
|
|
135
136
|
const submitPublicKey = (authn, args) => __awaiter(void 0, void 0, void 0, function* () {
|
|
136
|
-
return (
|
|
137
|
+
return authFetch(authn, {
|
|
137
138
|
url: publicKeysUrl(authn.identity.org.slug),
|
|
138
139
|
method: "POST",
|
|
139
140
|
body: JSON.stringify({
|
|
@@ -143,6 +144,17 @@ const submitPublicKey = (authn, args) => __awaiter(void 0, void 0, void 0, funct
|
|
|
143
144
|
});
|
|
144
145
|
});
|
|
145
146
|
exports.submitPublicKey = submitPublicKey;
|
|
147
|
+
const certificateSigningRequest = (authn, args) => __awaiter(void 0, void 0, void 0, function* () {
|
|
148
|
+
return authFetch(authn, {
|
|
149
|
+
url: certSignRequestUrl(authn.identity.org.slug),
|
|
150
|
+
method: "POST",
|
|
151
|
+
body: JSON.stringify({
|
|
152
|
+
requestId: args.requestId,
|
|
153
|
+
publicKey: args.publicKey,
|
|
154
|
+
}),
|
|
155
|
+
});
|
|
156
|
+
});
|
|
157
|
+
exports.certificateSigningRequest = certificateSigningRequest;
|
|
146
158
|
const fetchWithStreaming = function (authn, args, debug) {
|
|
147
159
|
var _a;
|
|
148
160
|
return __asyncGenerator(this, arguments, function* () {
|
|
@@ -264,7 +276,7 @@ const auditSshSessionActivity = (args) => __awaiter(void 0, void 0, void 0, func
|
|
|
264
276
|
(0, stdio_1.print2)(`Submitting audit log for request: ${requestId}, action: ${action}, sshSessionId: ${sshSessionId}`);
|
|
265
277
|
}
|
|
266
278
|
try {
|
|
267
|
-
yield (
|
|
279
|
+
yield authFetch(authn, {
|
|
268
280
|
url: sshAuditUrl(authn.identity.org.slug),
|
|
269
281
|
method: "POST",
|
|
270
282
|
body: JSON.stringify({
|
|
@@ -285,52 +297,17 @@ const auditSshSessionActivity = (args) => __awaiter(void 0, void 0, void 0, func
|
|
|
285
297
|
}
|
|
286
298
|
});
|
|
287
299
|
exports.auditSshSessionActivity = auditSshSessionActivity;
|
|
288
|
-
const baseFetch = (
|
|
300
|
+
const baseFetch = (args) => __awaiter(void 0, void 0, void 0, function* () {
|
|
289
301
|
const { version } = version_1.p0VersionInfo;
|
|
290
|
-
const { url, method, body, maxTimeoutMs } = args;
|
|
291
|
-
const
|
|
292
|
-
const fetchOptions = {
|
|
293
|
-
method,
|
|
294
|
-
headers: {
|
|
295
|
-
authorization: `Bearer ${token}`,
|
|
296
|
-
"Content-Type": "application/json",
|
|
297
|
-
"User-Agent": `P0 CLI/${version}`,
|
|
298
|
-
},
|
|
299
|
-
body,
|
|
300
|
-
keepalive: true,
|
|
301
|
-
};
|
|
302
|
+
const { url, method, body, maxTimeoutMs, headers } = args;
|
|
303
|
+
const fetchOptions = Object.assign({ method, headers: Object.assign(Object.assign({}, (headers !== null && headers !== void 0 ? headers : {})), { "Content-Type": "application/json", "User-Agent": `P0 CLI/${version}` }), body, keepalive: true }, (maxTimeoutMs ? { signal: AbortSignal.timeout(maxTimeoutMs) } : {}));
|
|
302
304
|
try {
|
|
303
|
-
const response = yield fetch(url,
|
|
304
|
-
? Object.assign(Object.assign({}, fetchOptions), { signal: AbortSignal.timeout(maxTimeoutMs) }) : fetchOptions);
|
|
305
|
+
const response = yield fetch(url, fetchOptions);
|
|
305
306
|
const text = yield response.text();
|
|
306
|
-
const
|
|
307
|
-
if (
|
|
308
|
-
throw
|
|
307
|
+
const errorMessage = tryParseHtmlError(text);
|
|
308
|
+
if (errorMessage) {
|
|
309
|
+
throw errorMessage;
|
|
309
310
|
}
|
|
310
|
-
return data;
|
|
311
|
-
}
|
|
312
|
-
catch (error) {
|
|
313
|
-
if (error instanceof TypeError && error.message === "fetch failed") {
|
|
314
|
-
throw `Network error: Unable to reach the server at ${url}.`;
|
|
315
|
-
}
|
|
316
|
-
else {
|
|
317
|
-
throw error;
|
|
318
|
-
}
|
|
319
|
-
}
|
|
320
|
-
});
|
|
321
|
-
exports.baseFetch = baseFetch;
|
|
322
|
-
const unauthenticatedApiFetch = (url, method, body) => __awaiter(void 0, void 0, void 0, function* () {
|
|
323
|
-
const { version } = version_1.p0VersionInfo;
|
|
324
|
-
try {
|
|
325
|
-
const fetchConfig = {
|
|
326
|
-
method,
|
|
327
|
-
headers: {
|
|
328
|
-
"Content-Type": "application/json",
|
|
329
|
-
"User-Agent": `P0 CLI/${version}`,
|
|
330
|
-
},
|
|
331
|
-
};
|
|
332
|
-
const response = yield fetch(url, Object.assign(Object.assign({}, fetchConfig), { body }));
|
|
333
|
-
const text = yield response.text();
|
|
334
311
|
const data = JSON.parse(text);
|
|
335
312
|
if ("error" in data) {
|
|
336
313
|
throw data.error;
|
|
@@ -346,4 +323,29 @@ const unauthenticatedApiFetch = (url, method, body) => __awaiter(void 0, void 0,
|
|
|
346
323
|
}
|
|
347
324
|
}
|
|
348
325
|
});
|
|
326
|
+
const authFetch = (authn, args) => __awaiter(void 0, void 0, void 0, function* () {
|
|
327
|
+
const token = yield authn.getToken();
|
|
328
|
+
const headers = {
|
|
329
|
+
authorization: `Bearer ${token}`,
|
|
330
|
+
};
|
|
331
|
+
return baseFetch(Object.assign(Object.assign({}, args), { headers }));
|
|
332
|
+
});
|
|
333
|
+
/** Check if text contains an error code in the html title by looking for 3-digit http codes.
|
|
334
|
+
*
|
|
335
|
+
* Example text:
|
|
336
|
+
* <!doctype html><meta charset="utf-8"><meta name=viewport content="width=device-width, initial-scale=1"><title>429</title>429 Too Many Requests
|
|
337
|
+
*/
|
|
338
|
+
const tryParseHtmlError = (text) => {
|
|
339
|
+
const match = text.match(/<title>(\d{3})<\/title>/);
|
|
340
|
+
if (!match) {
|
|
341
|
+
return undefined;
|
|
342
|
+
}
|
|
343
|
+
const statusCode = match[1];
|
|
344
|
+
const statusText = text
|
|
345
|
+
// Remove the title tag
|
|
346
|
+
.replace(/<title>(\d{3})<\/title>/g, "")
|
|
347
|
+
// Remove meta HTML tags
|
|
348
|
+
.replace(/<[^>]+>/g, "");
|
|
349
|
+
return `${statusText}: (HTTP status ${statusCode})`;
|
|
350
|
+
};
|
|
349
351
|
//# sourceMappingURL=api.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api.js","sourceRoot":"","sources":["../../../src/drivers/api.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAWA,wCAA2C;AAC3C,qCAA2C;AAC3C,+BAAsC;AACtC,mCAAiC;AACjC,gDAAkC;AAGlC,MAAM,kCAAkC,GAAG,KAAK,CAAC,CAAC,YAAY;AAE9D,MAAM,YAAY,GAAG,CAAC,MAAc,EAAE,EAAE,eACtC,OAAA,GAAG,MAAA,MAAA,IAAA,wBAAe,GAAE,0CAAE,MAAM,mCAAI,mBAAa,CAAC,MAAM,SAAS,MAAM,EAAE,CAAA,EAAA,CAAC;AACxE,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,GAAG,IAAA,wBAAe,GAAE,CAAC,MAAM,MAAM,MAAM,EAAE,CAAC;AAChF,MAAM,aAAa,GAAG,CAAC,MAAc,EAAE,EAAE,CACvC,GAAG,SAAS,CAAC,MAAM,CAAC,+BAA+B,CAAC;AACtD,MAAM,WAAW,GAAG,CAAC,MAAc,EAAE,EAAE,CACrC,GAAG,SAAS,CAAC,MAAM,CAAC,yBAAyB,CAAC;AAEhD,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC;AACvE,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,aAAa,CAAC;AACzE,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC;AAA9D,QAAA,SAAS,aAAqD;AAEpE,MAAM,YAAY,GAAG,CAAU,KAAa,EAAE,EAAE,kDACrD,OAAA,
|
|
1
|
+
{"version":3,"file":"api.js","sourceRoot":"","sources":["../../../src/drivers/api.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAWA,wCAA2C;AAC3C,qCAA2C;AAC3C,+BAAsC;AACtC,mCAAiC;AACjC,gDAAkC;AAGlC,MAAM,kCAAkC,GAAG,KAAK,CAAC,CAAC,YAAY;AAE9D,MAAM,YAAY,GAAG,CAAC,MAAc,EAAE,EAAE,eACtC,OAAA,GAAG,MAAA,MAAA,IAAA,wBAAe,GAAE,0CAAE,MAAM,mCAAI,mBAAa,CAAC,MAAM,SAAS,MAAM,EAAE,CAAA,EAAA,CAAC;AACxE,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,GAAG,IAAA,wBAAe,GAAE,CAAC,MAAM,MAAM,MAAM,EAAE,CAAC;AAChF,MAAM,aAAa,GAAG,CAAC,MAAc,EAAE,EAAE,CACvC,GAAG,SAAS,CAAC,MAAM,CAAC,+BAA+B,CAAC;AACtD,MAAM,kBAAkB,GAAG,CAAC,MAAc,EAAE,EAAE,CAC5C,GAAG,SAAS,CAAC,MAAM,CAAC,gCAAgC,CAAC;AACvD,MAAM,WAAW,GAAG,CAAC,MAAc,EAAE,EAAE,CACrC,GAAG,SAAS,CAAC,MAAM,CAAC,yBAAyB,CAAC;AAEhD,MAAM,UAAU,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC;AACvE,MAAM,iBAAiB,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,aAAa,CAAC;AACzE,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC;AAA9D,QAAA,SAAS,aAAqD;AAEpE,MAAM,YAAY,GAAG,CAAU,KAAa,EAAE,EAAE,kDACrD,OAAA,SAAS,CAAI,EAAE,GAAG,EAAE,YAAY,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAA,GAAA,CAAC;AAD/C,QAAA,YAAY,gBACmC;AAErD,MAAM,gBAAgB,GAAG,CAAU,KAAY,EAAE,EAAE;IACxD,OAAA,SAAS,CAAI,KAAK,EAAE;QAClB,GAAG,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU;QACpD,MAAM,EAAE,KAAK;KACd,CAAC,CAAA;EAAA,CAAC;AAJQ,QAAA,gBAAgB,oBAIxB;AAEE,MAAM,6BAA6B,GAAG,CAC3C,KAAY,EACZ,SAAiB,EACjB,EAAE;IACF,OAAA,SAAS,CAAI,KAAK,EAAE;QAClB,GAAG,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,wBAAwB,SAAS,EAAE;QAC7E,MAAM,EAAE,KAAK;QACb,YAAY,EAAE,kCAAkC;KACjD,CAAC,CAAA;EAAA,CAAC;AARQ,QAAA,6BAA6B,iCAQrC;AAEE,MAAM,sBAAsB,GAAG,CACpC,KAAY,EACZ,WAAmB,EACnB,EAAE;IACF,OAAA,SAAS,CAAI,KAAK,EAAE;QAClB,GAAG,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAiB,WAAW,SAAS;QAC/E,MAAM,EAAE,KAAK;KACd,CAAC,CAAA;EAAA,CAAC;AAPQ,QAAA,sBAAsB,0BAO9B;AAEE,MAAM,qBAAqB,GAAG,UACnC,KAAY,EACZ,IAA8B,EAC9B,IAAc,EACd,KAAe;;QAEf,cAAA,KAAK,CAAC,CAAC,iBAAA,cAAA,IAAA,0BAAkB,EACvB,KAAK,EACL;YACE,GAAG,EAAE,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC;YACxC,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,IAAI;gBACJ,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClC,IAAI,EAAE,IAAI;aACX,CAAC;SACH,EACD,KAAK,CACN,CAAA,CAAA,CAAA,CAAC;IACJ,CAAC;CAAA,CAAC;AAnBW,QAAA,qBAAqB,yBAmBhC;AAEK,MAAM,YAAY,GAAG,CAC1B,KAAY,EACZ,IAA8B,EAC9B,IAAc,EACd,EAAE;IACF,OAAA,SAAS,CAAI,KAAK,EAAE;QAClB,GAAG,EAAE,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC;QACxC,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,IAAI;YACJ,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;SACnC,CAAC;KACH,CAAC,CAAA;EAAA,CAAC;AAZQ,QAAA,YAAY,gBAYpB;AAEL,uGAAuG;AAChG,MAAM,mBAAmB,GAAG,CACjC,KAAY,EACZ,IAA8B,EAC9B,IAAc,EACd,EAAE;IACF,OAAA,SAAS,CAAI,KAAK,EAAE;QAClB,GAAG,EAAE,iBAAiB,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC;QAC/C,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,IAAI;YACJ,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;SACnC,CAAC;KACH,CAAC,CAAA;EAAA,CAAC;AAZQ,QAAA,mBAAmB,uBAY3B;AAEE,MAAM,eAAe,GAAG,CAC7B,KAAY,EACZ,IAA8C,EAC9C,EAAE;IACF,OAAA,SAAS,CAAI,KAAK,EAAE;QAClB,GAAG,EAAE,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC;QAC3C,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC;KACH,CAAC,CAAA;EAAA,CAAC;AAXQ,QAAA,eAAe,mBAWvB;AAEE,MAAM,yBAAyB,GAAG,CACvC,KAAY,EACZ,IAA8C,EAC9C,EAAE;IACF,OAAA,SAAS,CAAgC,KAAK,EAAE;QAC9C,GAAG,EAAE,kBAAkB,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC;QAChD,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC;KACH,CAAC,CAAA;EAAA,CAAC;AAXQ,QAAA,yBAAyB,6BAWjC;AAEE,MAAM,kBAAkB,GAAG,UAChC,KAAY,EACZ,IAKC,EACD,KAAe;;;QAEf,MAAM,KAAK,GAAG,cAAM,KAAK,CAAC,QAAQ,EAAE,CAAA,CAAC;QACrC,MAAM,EAAE,OAAO,EAAE,GAAG,uBAAa,CAAC;QAClC,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;QACjD,MAAM,YAAY,GAAG;YACnB,MAAM;YACN,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,KAAK,EAAE;gBAChC,cAAc,EAAE,kBAAkB;gBAClC,YAAY,EAAE,UAAU,OAAO,EAAE;aAClC;YACD,IAAI;YACJ,SAAS,EAAE,IAAI;SAChB,CAAC;QACF,IAAI;YACF,MAAM,QAAQ,GAAG,cAAM,KAAK,CAC1B,GAAG,EACH,YAAY;gBACV,CAAC,iCAAM,YAAY,KAAE,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,YAAY,CAAC,IAC9D,CAAC,CAAC,YAAY,CACjB,CAAA,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI;gBAAE,MAAM,qBAAqB,CAAC;YAChD,MAAM,MAAM,GAAG,CAAC,IAAY,EAAE,EAAE;gBAC9B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACjC,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,EAAE;oBAC5B,MAAM,OAAO,CAAC,KAAK,CAAC;iBACrB;gBACD,IAAI,OAAO,CAAC,IAAI,KAAK,WAAW,EAAE;oBAChC,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,EAAE;wBACnD,MAAM,kCAAkC,CAAC;qBAC1C;oBACD,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;oBACzB,IAAI,OAAO,IAAI,IAAI,EAAE;wBACnB,MAAM,IAAI,CAAC,KAAK,CAAC;qBAClB;oBACD,OAAO,IAAS,CAAC;iBAClB;gBACD,OAAO,SAAS,CAAC,CAAC,4BAA4B;YAChD,CAAC,CAAC;YACF,mGAAmG;YACnG,2CAA2C;YAC3C,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACzC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC,CAAC,mBAAmB;YAEtD,oFAAoF;YACpF,uFAAuF;YACvF,+CAA+C;YAC/C,iDAAiD;YACjD,IAAI,MAAM,GAAG,EAAE,CAAC;YAEhB,OAAO,IAAI,EAAE;gBACX,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,cAAM,MAAM,CAAC,IAAI,EAAE,CAAA,CAAC;gBAC5C,IAAI,IAAI;oBAAE,MAAM;gBAEhB,kEAAkE;gBAClE,4DAA4D;gBAC5D,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;gBAClD,IAAI,KAAK;oBAAE,IAAA,cAAM,EAAC,oCAAoC,MAAM,EAAE,CAAC,CAAC;gBAChE,6FAA6F;gBAC7F,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBACpC,MAAM,GAAG,MAAA,KAAK,CAAC,GAAG,EAAE,mCAAI,EAAE,CAAC;gBAE3B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;oBACxB,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;oBAC9B,IAAI,QAAQ,EAAE;wBACZ,oBAAM,QAAQ,CAAA,CAAC;qBAChB;iBACF;aACF;YACD,qIAAqI;YACrI,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;gBACrB,yDAAyD;gBACzD,IAAI,KAAK,EAAE;oBACT,IAAA,cAAM,EACJ,qGAAqG;wBACnG,MAAM,CACT,CAAC;iBACH;gBACD,qFAAqF;gBACrF,6GAA6G;gBAC7G,IAAI;oBACF,IAAI,KAAK,EAAE;wBACT,IAAA,cAAM,EACJ,6DAA6D;4BAC3D,MAAM,CACT,CAAC;qBACH;oBACD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;oBACpC,IAAI,OAAO,IAAI,QAAQ,EAAE;wBACvB,MAAM,QAAQ,CAAC,KAAK,CAAC;qBACtB;iBACF;gBAAC,OAAO,GAAG,EAAE;oBACZ,yEAAyE;oBACzE,qEAAqE;oBACrE,yBAAyB;oBACzB,IAAI,GAAG,YAAY,WAAW,EAAE;wBAC9B,8BAA8B;wBAC9B,IAAI,KAAK,EAAE;4BACT,IAAA,cAAM,EACJ,yDAAyD;gCACvD,MAAM,CAAC,GAAG,CAAC,CACd,CAAC;yBACH;wBACD,MAAM,kCAAkC,CAAC;qBAC1C;yBAAM;wBACL,MAAM,GAAG,CAAC;qBACX;iBACF;aACF;SACF;QAAC,OAAO,KAAK,EAAE;YACd,IACE,KAAK,YAAY,SAAS;gBAC1B,CAAC,KAAK,CAAC,OAAO,KAAK,cAAc,IAAI,KAAK,CAAC,OAAO,KAAK,YAAY,CAAC,EACpE;gBACA,MAAM,4CAA4C,CAAC;aACpD;iBAAM;gBACL,MAAM,KAAK,CAAC;aACb;SACF;;CACF,CAAC;AAjIW,QAAA,kBAAkB,sBAiI7B;AAEK,MAAM,uBAAuB,GAAG,CAAO,IAM7C,EAAE,EAAE;IACH,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;IAE/D,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EACJ,qCAAqC,SAAS,aAAa,MAAM,mBAAmB,YAAY,EAAE,CACnG,CAAC;KACH;IAED,IAAI;QACF,MAAM,SAAS,CAAC,KAAK,EAAE;YACrB,GAAG,EAAE,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC;YACzC,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,SAAS;gBACT,MAAM;gBACN,YAAY;aACb,CAAC;SACH,CAAC,CAAC;QACH,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,oCAAoC,SAAS,EAAE,CAAC,CAAC;SACzD;KACF;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,2CAA2C,SAAS,EAAE,CAAC,CAAC;YAC/D,IAAA,cAAM,EAAC,UAAU,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;SAC3C;KACF;AACH,CAAC,CAAA,CAAC;AAlCW,QAAA,uBAAuB,2BAkClC;AAEF,MAAM,SAAS,GAAG,CAAU,IAM3B,EAAE,EAAE;IACH,MAAM,EAAE,OAAO,EAAE,GAAG,uBAAa,CAAC;IAClC,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;IAC1D,MAAM,YAAY,mBAChB,MAAM,EACN,OAAO,kCACF,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,KAClB,cAAc,EAAE,kBAAkB,EAClC,YAAY,EAAE,UAAU,OAAO,EAAE,KAEnC,IAAI,EACJ,SAAS,EAAE,IAAI,IACZ,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CACvE,CAAC;IAEF,IAAI;QACF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;QAChD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,YAAY,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAC7C,IAAI,YAAY,EAAE;YAChB,MAAM,YAAY,CAAC;SACpB;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC9B,IAAI,OAAO,IAAI,IAAI,EAAE;YACnB,MAAM,IAAI,CAAC,KAAK,CAAC;SAClB;QACD,OAAO,IAAS,CAAC;KAClB;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,KAAK,YAAY,SAAS,IAAI,KAAK,CAAC,OAAO,KAAK,cAAc,EAAE;YAClE,MAAM,gDAAgD,GAAG,GAAG,CAAC;SAC9D;aAAM;YACL,MAAM,KAAK,CAAC;SACb;KACF;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,SAAS,GAAG,CAChB,KAAY,EACZ,IAKC,EACD,EAAE;IACF,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE,CAAC;IACrC,MAAM,OAAO,GAAG;QACd,aAAa,EAAE,UAAU,KAAK,EAAE;KACjC,CAAC;IACF,OAAO,SAAS,iCACX,IAAI,KACP,OAAO,IACP,CAAC;AACL,CAAC,CAAA,CAAC;AAEF;;;;GAIG;AACH,MAAM,iBAAiB,GAAG,CAAC,IAAY,EAAE,EAAE;IACzC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACpD,IAAI,CAAC,KAAK,EAAE;QACV,OAAO,SAAS,CAAC;KAClB;IACD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IAC5B,MAAM,UAAU,GAAG,IAAI;QACrB,uBAAuB;SACtB,OAAO,CAAC,0BAA0B,EAAE,EAAE,CAAC;QACxC,wBAAwB;SACvB,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAC3B,OAAO,GAAG,UAAU,kBAAkB,UAAU,GAAG,CAAC;AACtD,CAAC,CAAC"}
|
|
@@ -22,8 +22,10 @@ You should have received a copy of the GNU General Public License along with @p0
|
|
|
22
22
|
**/
|
|
23
23
|
const version_1 = require("../version");
|
|
24
24
|
const buffered_exporter_1 = require("./buffered-exporter");
|
|
25
|
-
const auto_instrumentations_node_1 = require("@opentelemetry/auto-instrumentations-node");
|
|
26
25
|
const exporter_trace_otlp_http_1 = require("@opentelemetry/exporter-trace-otlp-http");
|
|
26
|
+
const instrumentation_dns_1 = require("@opentelemetry/instrumentation-dns");
|
|
27
|
+
const instrumentation_net_1 = require("@opentelemetry/instrumentation-net");
|
|
28
|
+
const instrumentation_undici_1 = require("@opentelemetry/instrumentation-undici");
|
|
27
29
|
const resources_1 = require("@opentelemetry/resources");
|
|
28
30
|
const sdk_node_1 = require("@opentelemetry/sdk-node");
|
|
29
31
|
const semantic_conventions_1 = require("@opentelemetry/semantic-conventions");
|
|
@@ -35,19 +37,9 @@ const sdk = new sdk_node_1.NodeSDK({
|
|
|
35
37
|
}),
|
|
36
38
|
traceExporter: exports.bufferedExporter,
|
|
37
39
|
instrumentations: [
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
enabled: false,
|
|
42
|
-
},
|
|
43
|
-
"@opentelemetry/instrumentation-dns": {
|
|
44
|
-
enabled: false,
|
|
45
|
-
},
|
|
46
|
-
// Spans such as `grpc.google.firestore.v1.Firestore/Listen` are part of long running background tasks
|
|
47
|
-
"@opentelemetry/instrumentation-grpc": {
|
|
48
|
-
ignoreGrpcMethods: ["Listen"],
|
|
49
|
-
},
|
|
50
|
-
}),
|
|
40
|
+
new instrumentation_dns_1.DnsInstrumentation(),
|
|
41
|
+
new instrumentation_net_1.NetInstrumentation(),
|
|
42
|
+
new instrumentation_undici_1.UndiciInstrumentation(),
|
|
51
43
|
],
|
|
52
44
|
});
|
|
53
45
|
const setExporterAfterLogin = (url, token) => __awaiter(void 0, void 0, void 0, function* () {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"instrumentation.js","sourceRoot":"","sources":["../../../src/opentelemetry/instrumentation.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wCAA2C;AAC3C,2DAA2D;AAC3D,
|
|
1
|
+
{"version":3,"file":"instrumentation.js","sourceRoot":"","sources":["../../../src/opentelemetry/instrumentation.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wCAA2C;AAC3C,2DAA2D;AAC3D,sFAA4E;AAC5E,4EAAwE;AACxE,4EAAwE;AACxE,kFAA8E;AAC9E,wDAAkE;AAClE,sDAAkD;AAClD,8EAG6C;AAEhC,QAAA,gBAAgB,GAAG,IAAI,wCAAoB,EAAE,CAAC;AAE3D,MAAM,GAAG,GAAG,IAAI,kBAAO,CAAC;IACtB,QAAQ,EAAE,IAAA,kCAAsB,EAAC;QAC/B,CAAC,wCAAiB,CAAC,EAAE,uBAAa,CAAC,IAAI;QACvC,CAAC,2CAAoB,CAAC,EAAE,uBAAa,CAAC,OAAO;KAC9C,CAAC;IACF,aAAa,EAAE,wBAAgB;IAC/B,gBAAgB,EAAE;QAChB,IAAI,wCAAkB,EAAE;QACxB,IAAI,wCAAkB,EAAE;QACxB,IAAI,8CAAqB,EAAE;KAC5B;CACF,CAAC,CAAC;AAEI,MAAM,qBAAqB,GAAG,CAAO,GAAW,EAAE,KAAa,EAAE,EAAE;IACxE,MAAM,YAAY,GAAG,IAAI,4CAAiB,CAAC;QACzC,GAAG;QACH,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,KAAK,EAAE;SACjC;KACF,CAAC,CAAC;IAEH,wBAAgB,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC;AACtD,CAAC,CAAA,CAAC;AATW,QAAA,qBAAqB,yBAShC;AAEK,MAAM,YAAY,GAAG,GAAG,EAAE;IAC/B,GAAG,CAAC,KAAK,EAAE,CAAC;AACd,CAAC,CAAC;AAFW,QAAA,YAAY,gBAEvB;AAEF,MAAM,WAAW,GAAG,GAAG,EAAE;IACvB,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE;QAC/B,OAAO,CAAC,IAAI,EAAE,CAAC;IACjB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,+EAA+E;AAC/E,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;AAClC,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;AACnC,OAAO,CAAC,EAAE,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;AACtC,OAAO,CAAC,EAAE,CAAC,mBAAmB,EAAE,WAAW,CAAC,CAAC"}
|
|
@@ -50,13 +50,17 @@ exports.registerClient = registerClient;
|
|
|
50
50
|
const awsIdcHelpers = (clientCredentials, idc) => {
|
|
51
51
|
const { clientId, clientSecret } = clientCredentials;
|
|
52
52
|
const { id, region } = idc;
|
|
53
|
+
// The start url can be customized with a subdomain. Here only the default is supported.
|
|
54
|
+
const buildStartUrl = () => region.includes("us-gov")
|
|
55
|
+
? `https://start.us-gov-home.awsapps.com/directory/${id}`
|
|
56
|
+
: `https://${id}.awsapps.com/start`;
|
|
53
57
|
const buildOidcAuthorizeRequest = () => ({
|
|
54
58
|
init: {
|
|
55
59
|
method: "POST",
|
|
56
60
|
body: JSON.stringify({
|
|
57
61
|
clientId,
|
|
58
62
|
clientSecret,
|
|
59
|
-
startUrl:
|
|
63
|
+
startUrl: buildStartUrl(),
|
|
60
64
|
}),
|
|
61
65
|
},
|
|
62
66
|
url: `https://oidc.${region}.amazonaws.com/device_authorization`,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/plugins/aws/idc/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAyD;AACzD,iDAAuD;AACvD,gDAA+C;AAO/C,4CAAgE;AAGhE,MAAM,KAAK,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAC7B,MAAM,IAAI,GAAG,EAAE,GAAG,KAAK,CAAC;AAExB,MAAM,gBAAgB,GAAG,CAAC,GAAG,KAAK,CAAC;AACnC,MAAM,uBAAuB,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,oCAAoC;AAC/E,MAAM,cAAc,GAAG,CAAC,oBAAoB,CAAC,CAAC;AAEvC,MAAM,cAAc,GAAG,CAC5B,MAAc,EACiB,EAAE;IACjC,OAAA,MAAM,IAAA,aAAM,EACV,gBAAgB,EAChB,GAAwC,EAAE;QACxC,MAAM,IAAI,GAAG;YACX,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,UAAU,EAAE,OAAO;gBACnB,UAAU,EAAE,QAAQ;gBACpB,UAAU,EAAE,CAAC,yBAAiB,CAAC;gBAC/B,MAAM,EAAE,cAAc;aACvB,CAAC;SACH,CAAC;QACF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAC1B,gBAAgB,MAAM,gCAAgC,EACtD,IAAI,CACL,CAAC;QACF,OAAO,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC/B,CAAC,CAAA,EACD,EAAE,QAAQ,EAAE,uBAAuB,EAAE,EACrC,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,CAAC,qBAAqB;QACxB,CAAC,CAAC,IAAI,CAAC,qBAAqB,GAAG,IAAI,CAAC,GAAG,EAAE;QACzC,CAAC,CAAC,IAAI,CACX,CAAA;EAAA,CAAC;AA1BS,QAAA,cAAc,kBA0BvB;AAEJ,MAAM,aAAa,GAAG,CACpB,iBAA6D,EAC7D,GAAmC,EACnC,EAAE;IACF,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,iBAAiB,CAAC;IACrD,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAE3B,MAAM,yBAAyB,GAAG,GAAG,EAAE,CAAC,CAAC;QACvC,IAAI,EAAE;YACJ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,QAAQ;gBACR,YAAY;gBACZ,QAAQ,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/plugins/aws/idc/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAyD;AACzD,iDAAuD;AACvD,gDAA+C;AAO/C,4CAAgE;AAGhE,MAAM,KAAK,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAC7B,MAAM,IAAI,GAAG,EAAE,GAAG,KAAK,CAAC;AAExB,MAAM,gBAAgB,GAAG,CAAC,GAAG,KAAK,CAAC;AACnC,MAAM,uBAAuB,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,oCAAoC;AAC/E,MAAM,cAAc,GAAG,CAAC,oBAAoB,CAAC,CAAC;AAEvC,MAAM,cAAc,GAAG,CAC5B,MAAc,EACiB,EAAE;IACjC,OAAA,MAAM,IAAA,aAAM,EACV,gBAAgB,EAChB,GAAwC,EAAE;QACxC,MAAM,IAAI,GAAG;YACX,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,UAAU,EAAE,OAAO;gBACnB,UAAU,EAAE,QAAQ;gBACpB,UAAU,EAAE,CAAC,yBAAiB,CAAC;gBAC/B,MAAM,EAAE,cAAc;aACvB,CAAC;SACH,CAAC;QACF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAC1B,gBAAgB,MAAM,gCAAgC,EACtD,IAAI,CACL,CAAC;QACF,OAAO,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC/B,CAAC,CAAA,EACD,EAAE,QAAQ,EAAE,uBAAuB,EAAE,EACrC,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,CAAC,qBAAqB;QACxB,CAAC,CAAC,IAAI,CAAC,qBAAqB,GAAG,IAAI,CAAC,GAAG,EAAE;QACzC,CAAC,CAAC,IAAI,CACX,CAAA;EAAA,CAAC;AA1BS,QAAA,cAAc,kBA0BvB;AAEJ,MAAM,aAAa,GAAG,CACpB,iBAA6D,EAC7D,GAAmC,EACnC,EAAE;IACF,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,iBAAiB,CAAC;IACrD,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IAE3B,wFAAwF;IACxF,MAAM,aAAa,GAAG,GAAG,EAAE,CACzB,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACvB,CAAC,CAAC,mDAAmD,EAAE,EAAE;QACzD,CAAC,CAAC,WAAW,EAAE,oBAAoB,CAAC;IAExC,MAAM,yBAAyB,GAAG,GAAG,EAAE,CAAC,CAAC;QACvC,IAAI,EAAE;YACJ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,QAAQ;gBACR,YAAY;gBACZ,QAAQ,EAAE,aAAa,EAAE;aAC1B,CAAC;SACH;QACD,GAAG,EAAE,gBAAgB,MAAM,qCAAqC;KACjE,CAAC,CAAC;IACH,MAAM,oBAAoB,GAAG,CAAC,iBAAuC,EAAE,EAAE,CAAC,CAAC;QACzE,GAAG,EAAE,gBAAgB,MAAM,sBAAsB;QACjD,IAAI,EAAE;YACJ,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,QAAQ;gBACR,YAAY;gBACZ,UAAU,EAAE,iBAAiB,CAAC,UAAU;gBACxC,SAAS,EAAE,yBAAiB;aAC7B,CAAC;SACH;KACF,CAAC,CAAC;IACH;;;;;OAKG;IACH,MAAM,yBAAyB,GAAG,CAChC,YAA8B,EAC9B,OAAsD,EACtD,EAAE;QACF,gHAAgH;QAChH,gGAAgG;QAEhG,OAAO,MAAM,IAAA,sBAAc,EACzB,GAAS,EAAE;YACT,MAAM,IAAI,GAAG;gBACX,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE;oBACP,wBAAwB,EAAE,YAAY,CAAC,WAAW;iBACnD;aACF,CAAC;YACF,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;YAC7C,IAAI,SAAS,KAAK,SAAS;gBACzB,MAAM,IAAI,KAAK,CACb,0DAA0D,CAC3D,CAAC;YAEJ,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;YACrC,MAAM,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;YACvC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;YAC1C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAC1B,sBAAsB,MAAM,yCAAyC,MAAM,CAAC,QAAQ,EAAE,EAAE,EACxF,IAAI,CACL,CAAC;YACF,IAAI,CAAC,QAAQ,CAAC,EAAE;gBACd,MAAM,IAAI,KAAK,CACb,oCAAoC,QAAQ,CAAC,UAAU,KAAK,MAAM,QAAQ,CAAC,IAAI,EAAE,EAAE,CACpF,CAAC;YACJ,OAAO,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC,CAAA,EACD,GAAG,EAAE,CAAC,IAAI,EACV,CAAC,CACF,CAAC;IACJ,CAAC,CAAA,CAAC;IAEF,OAAO;QACL,UAAU,EAAE;YACV,YAAY,EAAE,UAAU;YACxB,gBAAgB,EAAhB,wBAAgB;YAChB,qBAAqB,EAAE,yBAAyB;YAChD,iBAAiB,EAAE,oBAAoB;YACvC,kBAAkB,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;gBAClC,UAAU,EAAE,SAAS,CAAC,SAAS;gBAC/B,QAAQ,EAAE,SAAS,CAAC,QAAQ;aAC7B,CAAC;YACF,oBAAoB,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;gBACpC,SAAS,EAAE,SAAS,CAAC,QAAQ;gBAC7B,yBAAyB,EAAE,SAAS,CAAC,uBAAuB;aAC7D,CAAC;SACqC;QACzC,yBAAyB;KAC1B,CAAC;AACJ,CAAC,CAAC;AAEF;;;;GAIG;AACI,MAAM,iBAAiB,GAAG,CAAO,IAIvC,EAA2B,EAAE;IAC5B,OAAA,MAAM,IAAA,aAAM,EACV,WAAW,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,aAAa,EAAE,EACjD,GAAS,EAAE;QACT,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;QACvB,MAAM,aAAa,GAAG,MAAM,IAAA,sBAAc,EAAC,MAAM,CAAC,CAAC;QAEnD,MAAM,EAAE,UAAU,EAAE,yBAAyB,EAAE,GAAG,aAAa,CAC7D,aAAa,EACb,GAAG,CACJ,CAAC;QAEF,MAAM,YAAY,GAAG,MAAM,IAAA,aAAM,EAC/B,8BAA8B,EAC9B,GAAS,EAAE;YACT,MAAM,IAAI,GAAG,MAAM,IAAA,iBAAS,EAC1B,UAAU,CACX,CAAC;YACF,uCAAY,IAAI,KAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,GAAG,GAAG,IAAG;QACnE,CAAC,CAAA,EACD,EAAE,QAAQ,EAAE,gBAAgB,EAAE,EAC9B,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAChE,CAAC;QAEF,MAAM,WAAW,GAAG,MAAM,yBAAyB,CAAC,YAAY,EAAE;YAChE,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,aAAa,EAAE,IAAI,CAAC,aAAa;SAClC,CAAC,CAAC;QAEH,OAAO;YACL,iBAAiB,EAAE,WAAW,CAAC,eAAe,CAAC,WAAW;YAC1D,qBAAqB,EAAE,WAAW,CAAC,eAAe,CAAC,eAAe;YAClE,iBAAiB,EAAE,WAAW,CAAC,eAAe,CAAC,YAAY;YAC3D,kBAAkB,EAAE,WAAW,CAAC,eAAe,CAAC,YAAY;YAC5D,SAAS,EAAE,WAAW,CAAC,eAAe,CAAC,UAAU;SAClD,CAAC;IACJ,CAAC,CAAA,EACD,EAAE,QAAQ,EAAE,gBAAgB,EAAE,EAC9B,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAChE,CAAA;EAAA,CAAC;AA5CS,QAAA,iBAAiB,qBA4C1B"}
|
|
@@ -41,7 +41,7 @@ const unprovisionedAccessPatterns = [
|
|
|
41
41
|
/** Matches the error message that AWS SSM prints when access is not propagated */
|
|
42
42
|
// Note that the resource will randomly be either the SSM document or the EC2 instance
|
|
43
43
|
{
|
|
44
|
-
pattern: /An error occurred \(AccessDeniedException\) when calling the StartSession operation: User: arn
|
|
44
|
+
pattern: /An error occurred \(AccessDeniedException\) when calling the StartSession operation: User: arn:.*:sts::.*:assumed-role\/P0GrantsRole.* is not authorized to perform: ssm:StartSession on resource: arn:.*:.*:.*:.* because no identity-based policy allows the ssm:StartSession action/,
|
|
45
45
|
},
|
|
46
46
|
/**
|
|
47
47
|
* Matches the following error messages that AWS SSM pints when ssh authorized
|
|
@@ -111,18 +111,29 @@ exports.awsSshProvider = {
|
|
|
111
111
|
}
|
|
112
112
|
return undefined;
|
|
113
113
|
},
|
|
114
|
-
generateKeys: (
|
|
114
|
+
generateKeys: () => __awaiter(void 0, void 0, void 0, function* () {
|
|
115
115
|
return {
|
|
116
116
|
privateKeyPath: keys_1.PRIVATE_KEY_PATH,
|
|
117
117
|
};
|
|
118
118
|
}),
|
|
119
|
+
saveHostKeys: (request, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
120
|
+
const { hostKeys, id } = request;
|
|
121
|
+
const path = yield (0, keys_1.saveHostKeys)(id, hostKeys, Object.assign({}, options));
|
|
122
|
+
return path ? { alias: id, path } : undefined;
|
|
123
|
+
}),
|
|
119
124
|
requestToSsh: (request) => {
|
|
120
125
|
const { permission, generated } = request;
|
|
121
126
|
const { resource, region } = permission;
|
|
122
127
|
const { idcId, idcRegion, instanceId, accountId } = resource;
|
|
123
|
-
const { linuxUserName, resource: generatedResource } = generated;
|
|
128
|
+
const { linuxUserName, hostKeys, resource: generatedResource } = generated;
|
|
124
129
|
const { name } = generatedResource;
|
|
125
|
-
const common = {
|
|
130
|
+
const common = {
|
|
131
|
+
linuxUserName,
|
|
132
|
+
accountId,
|
|
133
|
+
region,
|
|
134
|
+
id: instanceId,
|
|
135
|
+
hostKeys,
|
|
136
|
+
};
|
|
126
137
|
return !idcId || !idcRegion
|
|
127
138
|
? Object.assign(Object.assign({}, common), { role: name, type: "aws", access: "role" }) : Object.assign(Object.assign({}, common), { idc: { id: idcId, region: idcRegion }, permissionSet: name, type: "aws", access: "idc" });
|
|
128
139
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/plugins/aws/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,
|
|
1
|
+
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/plugins/aws/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,4CAAmE;AACnE,2CAAoD;AAEpD,qCAA8C;AAC9C,qCAAqD;AACrD,qCAAwC;AACxC,+BAA0C;AAC1C,2CAAiD;AASjD,MAAM,4BAA4B,GAAG,EAAE,GAAG,IAAI,CAAC;AAE/C,iGAAiG;AACjG,MAAM,+BAA+B,GAAG,qBAAqB,CAAC;AAE9D;;;;;;GAMG;AACH,MAAM,2BAA2B,GAAG;IAClC,kFAAkF;IAClF,sFAAsF;IACtF;QACE,OAAO,EACL,wRAAwR;KAC3R;IACD;;;;;;OAMG;IACH;QACE,OAAO,EAAE,kEAAkE;KAC5E;CACO,CAAC;AAEE,QAAA,cAAc,GAKvB;IACF,kBAAkB,EAAE,CAAO,KAAK,EAAE,OAAO,EAAE,EAAE;;QAC3C,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,qBAAY,EAAC,KAAK,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;QAChE,IAAI,CAAC,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,CAAA,IAAI,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,MAAK,KAAK,EAAE;YACvD,MAAM,8DAA8D,CAAC;SACtE;QAED,OAAO,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,MAAK,KAAK;YACjC,CAAC,CAAC,MAAM,IAAA,uBAAiB,EAAC,OAA2B,CAAC;YACtD,CAAC,CAAC,CAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,IAAI,MAAK,WAAW;gBAClC,CAAC,CAAC,MAAM,IAAA,4BAAsB,EAAC,KAAK,EAAE,OAA4B,CAAC;gBACnE,CAAC,CAAC,IAAA,uBAAgB,EAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACvC,CAAC,CAAA;IAED,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,0BAAgB,GAAE,CAAC,EAAE;YAC/B,MAAM,8DAA8D,CAAC;SACtE;IACH,CAAC,CAAA;IAED,YAAY,EAAE,KAAK;IAEnB,oBAAoB,EAAE,4BAA4B;IAElD,4BAA4B,EAAE,GAAG,EAAE,CAAC,SAAS;IAEvC,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;;YACxD,IAAI,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE;gBAC/B,IAAI,OAAO,CAAC,SAAS,CAAC,SAAS,KAAK,SAAS,EAAE;oBAC7C,MAAM,+DAA+D,CAAC;iBACvE;aACF;iBAAM;gBACL,MAAM,IAAA,qBAAe,EAAC,KAAK,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;aACxD;QACH,CAAC;KAAA;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE;QAC9B,OAAO;YACL,KAAK;YACL,KAAK;YACL,eAAe;YACf,UAAU;YACV,OAAO,CAAC,MAAM;YACd,UAAU;YACV,OAAO,CAAC,EAAE;YACV,iBAAiB;YACjB,+BAA+B;YAC/B,cAAc;YACd,IAAI,CAAC,CAAC,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC,CAAC,eAAe;SAC9C,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,CAAC,OAAO,EAAE,EAAE;QACzB,0CAA0C;QAC1C,IAAI,OAAO,CAAC,MAAM,KAAK,KAAK,EAAE;YAC5B,OAAO;gBACL,6BAA6B,OAAO,CAAC,IAAI,cAAc,OAAO,CAAC,SAAS,GAAG;aAC5E,CAAC;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,YAAY,EAAE,GAAS,EAAE;QACvB,OAAO;YACL,cAAc,EAAE,uBAAgB;SACjC,CAAC;IACJ,CAAC,CAAA;IAED,YAAY,EAAE,CAAO,OAAO,EAAE,OAAO,EAAE,EAAE;QACvC,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC;QACjC,MAAM,IAAI,GAAG,MAAM,IAAA,mBAAY,EAAC,EAAE,EAAE,QAAQ,oBAAO,OAAO,EAAG,CAAC;QAC9D,OAAO,IAAI,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IAChD,CAAC,CAAA;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAC1C,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,UAAU,CAAC;QACxC,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,QAAQ,CAAC;QAC7D,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,QAAQ,EAAE,iBAAiB,EAAE,GAAG,SAAS,CAAC;QAC3E,MAAM,EAAE,IAAI,EAAE,GAAG,iBAAiB,CAAC;QACnC,MAAM,MAAM,GAAG;YACb,aAAa;YACb,SAAS;YACT,MAAM;YACN,EAAE,EAAE,UAAU;YACd,QAAQ;SACT,CAAC;QACF,OAAO,CAAC,KAAK,IAAI,CAAC,SAAS;YACzB,CAAC,iCAAM,MAAM,KAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,IACtD,CAAC,iCACM,MAAM,KACT,GAAG,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,EACrC,aAAa,EAAE,IAAI,EACnB,IAAI,EAAE,KAAK,EACX,MAAM,EAAE,KAAK,GACd,CAAC;IACR,CAAC;IAED,YAAY,EAAE,CAAO,OAAO,EAAE,EAAE,kDAAC,OAAA,iCAAM,OAAO,KAAE,YAAY,EAAE,SAAS,IAAG,CAAA,GAAA;IAE1E,2BAA2B;CAC5B,CAAC"}
|
|
@@ -75,6 +75,7 @@ export type AwsSshGenerated = {
|
|
|
75
75
|
resource: {
|
|
76
76
|
name: string;
|
|
77
77
|
};
|
|
78
|
+
hostKeys: string[];
|
|
78
79
|
linuxUserName: string;
|
|
79
80
|
publicKey: string;
|
|
80
81
|
};
|
|
@@ -83,6 +84,7 @@ export type AwsSsh = CliPermissionSpec<AwsSshPermissionSpec, undefined>;
|
|
|
83
84
|
export type BaseAwsSshRequest = {
|
|
84
85
|
linuxUserName: string;
|
|
85
86
|
accountId: string;
|
|
87
|
+
hostKeys: string[];
|
|
86
88
|
region: string;
|
|
87
89
|
id: string;
|
|
88
90
|
type: "aws";
|
|
@@ -4,10 +4,6 @@ export declare const azSshCertCommand: (keyPath: string) => {
|
|
|
4
4
|
command: string;
|
|
5
5
|
args: string[];
|
|
6
6
|
};
|
|
7
|
-
export declare const createTempDirectoryForKeys: () => Promise<{
|
|
8
|
-
path: string;
|
|
9
|
-
cleanup: () => Promise<void>;
|
|
10
|
-
}>;
|
|
11
7
|
export declare const generateSshKeyAndAzureAdCert: (keyPath: string, options?: {
|
|
12
8
|
debug?: boolean;
|
|
13
9
|
}) => Promise<void>;
|
|
@@ -12,7 +12,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
12
12
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
13
|
};
|
|
14
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
-
exports.generateSshKeyAndAzureAdCert = exports.
|
|
15
|
+
exports.generateSshKeyAndAzureAdCert = exports.azSshCertCommand = exports.AD_SSH_KEY_PRIVATE = exports.AD_CERT_FILENAME = void 0;
|
|
16
16
|
/** Copyright © 2024-present P0 Security
|
|
17
17
|
|
|
18
18
|
This file is part of @p0security/cli
|
|
@@ -26,7 +26,6 @@ You should have received a copy of the GNU General Public License along with @p0
|
|
|
26
26
|
const stdio_1 = require("../../drivers/stdio");
|
|
27
27
|
const util_1 = require("../../util");
|
|
28
28
|
const node_path_1 = __importDefault(require("node:path"));
|
|
29
|
-
const tmp_promise_1 = __importDefault(require("tmp-promise"));
|
|
30
29
|
// We pass in the name of the certificate file to generate
|
|
31
30
|
exports.AD_CERT_FILENAME = "p0cli-azure-ad-ssh-cert.pub";
|
|
32
31
|
// The `az ssh cert` command manages key generation, and generates SSH RSA keys with the standard names
|
|
@@ -36,17 +35,6 @@ const azSshCertCommand = (keyPath) => ({
|
|
|
36
35
|
args: ["ssh", "cert", "--file", node_path_1.default.join(keyPath, exports.AD_CERT_FILENAME)],
|
|
37
36
|
});
|
|
38
37
|
exports.azSshCertCommand = azSshCertCommand;
|
|
39
|
-
const createTempDirectoryForKeys = () => __awaiter(void 0, void 0, void 0, function* () {
|
|
40
|
-
// unsafeCleanup lets us delete the directory even if there are still files in it, which is fine since the
|
|
41
|
-
// files are no longer needed once we've authenticated to the remote system.
|
|
42
|
-
const { path, cleanup } = yield tmp_promise_1.default.dir({
|
|
43
|
-
mode: 0o700,
|
|
44
|
-
prefix: "p0cli-",
|
|
45
|
-
unsafeCleanup: true,
|
|
46
|
-
});
|
|
47
|
-
return { path, cleanup };
|
|
48
|
-
});
|
|
49
|
-
exports.createTempDirectoryForKeys = createTempDirectoryForKeys;
|
|
50
38
|
const generateSshKeyAndAzureAdCert = (keyPath, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
|
|
51
39
|
const { debug } = options;
|
|
52
40
|
if (debug)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"keygen.js","sourceRoot":"","sources":["../../../../src/plugins/azure/keygen.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,+CAA6C;AAC7C,qCAAkC;AAClC,0DAA6B;
|
|
1
|
+
{"version":3,"file":"keygen.js","sourceRoot":"","sources":["../../../../src/plugins/azure/keygen.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,+CAA6C;AAC7C,qCAAkC;AAClC,0DAA6B;AAE7B,0DAA0D;AAC7C,QAAA,gBAAgB,GAAG,6BAA6B,CAAC;AAE9D,uGAAuG;AAC1F,QAAA,kBAAkB,GAAG,QAAQ,CAAC;AAEpC,MAAM,gBAAgB,GAAG,CAAC,OAAe,EAAE,EAAE,CAAC,CAAC;IACpD,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,mBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,wBAAgB,CAAC,CAAC;CACtE,CAAC,CAAC;AAHU,QAAA,gBAAgB,oBAG1B;AAEI,MAAM,4BAA4B,GAAG,CAC1C,OAAe,EACf,UAA+B,EAAE,EACjC,EAAE;IACF,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;IAE1B,IAAI,KAAK;QAAE,IAAA,cAAM,EAAC,wCAAwC,CAAC,CAAC;IAE5D,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAA,wBAAgB,EAAC,OAAO,CAAC,CAAC;QACpD,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEtE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC;YACf,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC;SAChB;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,IAAA,cAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACrB,IAAA,cAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACrB,MAAM,gDAAgD,KAAK,EAAE,CAAC;KAC/D;AACH,CAAC,CAAA,CAAC;AArBW,QAAA,4BAA4B,gCAqBvC"}
|
|
@@ -24,6 +24,7 @@ This file is part of @p0security/cli
|
|
|
24
24
|
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
25
25
|
**/
|
|
26
26
|
const ssh_1 = require("../../commands/shared/ssh");
|
|
27
|
+
const shared_1 = require("../ssh/shared");
|
|
27
28
|
const auth_1 = require("./auth");
|
|
28
29
|
const install_1 = require("./install");
|
|
29
30
|
const keygen_1 = require("./keygen");
|
|
@@ -82,7 +83,7 @@ exports.azureSshProvider = {
|
|
|
82
83
|
// elsewhere. It'll be an annoying long temporary directory name, but it strictly will work for reproduction. If
|
|
83
84
|
// additionalData isn't present (which it always should be for the azureSshProvider), we'll use the user's home
|
|
84
85
|
// directory.
|
|
85
|
-
if (additionalData) {
|
|
86
|
+
if (additionalData === null || additionalData === void 0 ? void 0 : additionalData.identityFile) {
|
|
86
87
|
return node_path_1.default.dirname(additionalData.identityFile);
|
|
87
88
|
}
|
|
88
89
|
else {
|
|
@@ -104,9 +105,9 @@ exports.azureSshProvider = {
|
|
|
104
105
|
`${azTunnelExe} ${azTunnelArgs.join(" ")}`,
|
|
105
106
|
];
|
|
106
107
|
},
|
|
107
|
-
generateKeys: (request, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
|
|
108
|
+
generateKeys: (_authn, request, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
|
|
108
109
|
const { debug } = options;
|
|
109
|
-
const { path: keyPath } = yield (0,
|
|
110
|
+
const { path: keyPath } = yield (0, shared_1.createTempDirectoryForKeys)();
|
|
110
111
|
yield (0, auth_1.azSetSubscription)(request, options);
|
|
111
112
|
yield (0, keygen_1.generateSshKeyAndAzureAdCert)(keyPath, { debug });
|
|
112
113
|
const sshPrivateKeyPath = node_path_1.default.join(keyPath, keygen_1.AD_SSH_KEY_PRIVATE);
|
|
@@ -123,7 +124,7 @@ exports.azureSshProvider = {
|
|
|
123
124
|
port: tunnelLocalPort,
|
|
124
125
|
};
|
|
125
126
|
}),
|
|
126
|
-
setup: (request, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
127
|
+
setup: (_authn, request, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
127
128
|
// The subscription ID here is used to ensure that the user is logged in to the correct tenant/directory.
|
|
128
129
|
// As long as a subscription ID in the correct tenant is provided, this will work; it need not be the same
|
|
129
130
|
// subscription as which contains the Bastion host or the target VM.
|
|
@@ -131,7 +132,7 @@ exports.azureSshProvider = {
|
|
|
131
132
|
if (linuxUserName !== request.linuxUserName) {
|
|
132
133
|
throw `Azure CLI login returned a different user name than expected. Expected: ${request.linuxUserName}, Actual: ${linuxUserName}`;
|
|
133
134
|
}
|
|
134
|
-
const { path: keyPath, cleanup: sshKeyPathCleanup } = yield (0,
|
|
135
|
+
const { path: keyPath, cleanup: sshKeyPathCleanup } = yield (0, shared_1.createTempDirectoryForKeys)();
|
|
135
136
|
const wrappedCreateCertAndTunnel = () => __awaiter(void 0, void 0, void 0, function* () {
|
|
136
137
|
try {
|
|
137
138
|
yield (0, keygen_1.generateSshKeyAndAzureAdCert)(keyPath, options);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/plugins/azure/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAA0D;AAE1D,iCAKgB;AAChB,uCAA4C;AAC5C,
|
|
1
|
+
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/plugins/azure/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAA0D;AAE1D,0CAA2D;AAC3D,iCAKgB;AAChB,uCAA4C;AAC5C,qCAKkB;AAClB,qCAAyE;AAMzE,0DAA6B;AAE7B,MAAM,2BAA2B,GAAG;IAClC;QACE,mEAAmE;QACnE,OAAO,EAAE,uCAAuC;KACjD;CACO,CAAC;AAEX,MAAM,yBAAyB,GAAG;IAChC;QACE,OAAO,EAAE,8BAA8B;KACxC;CACO,CAAC;AAEX,qFAAqF;AACrF,kFAAkF;AAClF,iFAAiF;AACjF,kFAAkF;AAClF,yDAAyD;AACzD,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEtC,QAAA,gBAAgB,GAIzB;IACF,+CAA+C;IAC/C,kBAAkB,EAAE,GAAS,EAAE;QAC7B,4CAA4C;QAC5C,OAAO,SAAS,CAAC;IACnB,CAAC,CAAA;IAED,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,yBAAe,GAAE,CAAC,EAAE;YAC9B,MAAM,uDAAuD,CAAC;SAC/D;IACH,CAAC,CAAA;IAED,YAAY,EAAE,iBAAiB;IAE/B,oBAAoB,EAAE,qDAAqD;IAE3E,wBAAwB;IACxB,oBAAoB,EAAE,SAAS;IAE/B,oBAAoB,EAAE,4BAA4B;IAElD,4BAA4B,EAAE,CAAC,OAAO,EAAE,EAAE;QACxC,IAAI,IAAA,mBAAa,EAAC,OAAO,CAAC,EAAE;YAC1B,uCACK,OAAO;gBACV,6GAA6G;gBAC7G,mEAAmE;gBACnE,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,CAAC,KAAK,CAAC,IAClB;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,YAAY,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,IAAI,CAAC;IAE5D,aAAa,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,EAAE;;QACzC,MAAM,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,kBAAkB,EAAE,GAC5D,IAAA,4BAAqB,GAAE,CAAC;QAC1B,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,IAAA,qBAAc,EAC/D,OAAO,CAAC,WAAW,CACpB,CAAC;QACF,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,gBAAgB,EAAE,GACxD,IAAA,0BAAmB,EAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAE9C,MAAM,UAAU,GAAG,GAAG,EAAE;YACtB,wGAAwG;YACxG,gHAAgH;YAChH,+GAA+G;YAC/G,aAAa;YACb,IAAI,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,YAAY,EAAE;gBAChC,OAAO,mBAAI,CAAC,OAAO,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;aAClD;iBAAM;gBACL,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;gBACnE,OAAO,mBAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,sBAAsB,CAAC,CAAC;aACpD;QACH,CAAC,CAAC;QAEF,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAE7B,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,aAAa,EAAE,GAClD,IAAA,yBAAgB,EAAC,OAAO,CAAC,CAAC;QAE5B,iHAAiH;QACjH,6CAA6C;QAC7C,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,IAAA,+BAAsB,EACzE,OAAO,EACP,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,IAAI,mCAAI,OAAO,CAChC,CAAC;QAEF,OAAO;YACL,GAAG,iBAAiB,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YACtD,GAAG,UAAU,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YACxC,GAAG,eAAe,IAAI,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YAClD,SAAS,OAAO,EAAE;YAClB,GAAG,YAAY,IAAI,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YAC5C,GAAG,WAAW,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;SAC3C,CAAC;IACJ,CAAC;IAED,YAAY,EAAE,CAAO,MAAM,EAAE,OAAO,EAAE,UAA+B,EAAE,EAAE,EAAE;QACzE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;QAC1B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,mCAA0B,GAAE,CAAC;QAC7D,MAAM,IAAA,wBAAiB,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC1C,MAAM,IAAA,qCAA4B,EAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QACvD,MAAM,iBAAiB,GAAG,mBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,2BAAkB,CAAC,CAAC;QACjE,MAAM,qBAAqB,GAAG,mBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,yBAAgB,CAAC,CAAC;QAEnE,OAAO;YACL,cAAc,EAAE,iBAAiB;YACjC,eAAe,EAAE,qBAAqB;SACvC,CAAC;IACJ,CAAC,CAAA;IAED,UAAU,EAAE,CACV,OAAwB,EACxB,OAA8D,EAC9D,EAAE;QACF,MAAM,EAAE,UAAU,EAAE,eAAe,EAAE,GAAG,MAAM,IAAA,8BAAqB,EACjE,OAAO,EACP,OAAO,CACR,CAAC;QAEF,OAAO;YACL,QAAQ,EAAE,UAAU;YACpB,IAAI,EAAE,eAAe;SACtB,CAAC;IACJ,CAAC,CAAA;IAED,KAAK,EAAE,CAAO,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE;QACxC,yGAAyG;QACzG,0GAA0G;QAC1G,oEAAoE;QACpE,MAAM,aAAa,GAAG,MAAM,IAAA,wBAAiB,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAEhE,IAAI,aAAa,KAAK,OAAO,CAAC,aAAa,EAAE;YAC3C,MAAM,2EAA2E,OAAO,CAAC,aAAa,aAAa,aAAa,EAAE,CAAC;SACpI;QAED,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,GACjD,MAAM,IAAA,mCAA0B,GAAE,CAAC;QAErC,MAAM,0BAA0B,GAAG,GAAS,EAAE;YAC5C,IAAI;gBACF,MAAM,IAAA,qCAA4B,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBACrD,OAAO,MAAM,IAAA,8BAAqB,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;aACtD;YAAC,OAAO,KAAU,EAAE;gBACnB,MAAM,iBAAiB,EAAE,CAAC;gBAC1B,MAAM,KAAK,CAAC;aACb;QACH,CAAC,CAAA,CAAC;QAEF,MAAM,EAAE,UAAU,EAAE,eAAe,EAAE,GAAG,MAAM,0BAA0B,EAAE,CAAC;QAE3E,MAAM,iBAAiB,GAAG,mBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,2BAAkB,CAAC,CAAC;QACjE,MAAM,qBAAqB,GAAG,mBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,yBAAgB,CAAC,CAAC;QAEnE,MAAM,QAAQ,GAAG,GAAS,EAAE;YAC1B,MAAM,UAAU,EAAE,CAAC;YACnB,MAAM,iBAAiB,EAAE,CAAC;QAC5B,CAAC,CAAA,CAAC;QAEF,OAAO;YACL,UAAU,EAAE;gBACV,mBAAmB,qBAAqB,EAAE;gBAE1C,2GAA2G;gBAC3G,4GAA4G;gBAC5G,gHAAgH;gBAChH,6GAA6G;gBAC7G,+GAA+G;gBAC/G,2BAA2B;gBAC3B,0BAA0B;gBAC1B,8BAA8B;aAC/B;YACD,YAAY,EAAE,iBAAiB;YAC/B,IAAI,EAAE,eAAe;YACrB,QAAQ;SACT,CAAC;IACJ,CAAC,CAAA;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,+BACzB,IAAI,EAAE,OAAO,EACb,EAAE,EAAE,WAAW,IACZ,OAAO,CAAC,YAAY,KACvB,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU,EAClD,cAAc,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,cAAc,EAC1D,qBAAqB,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,eAAe,EAClE,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,aAAa,EAC3C,WAAW,EAAE,OAAO,CAAC,SAAS,CAAC,WAAW,IAC1C;IAEF,2BAA2B;IAC3B,yBAAyB;IAEzB,YAAY,EAAE,CAAO,OAAO,EAAE,EAAE;;QAC9B,uCACK,OAAO,KACV,YAAY,EAAE;gBACZ,aAAa,EAAE,MAAA,OAAO,CAAC,SAAS,CAAC,aAAa,mCAAI,OAAO,CAAC,SAAS;aACpE,IACD;IACJ,CAAC,CAAA;CACF,CAAC"}
|
|
@@ -79,7 +79,7 @@ exports.gcpSshProvider = {
|
|
|
79
79
|
}
|
|
80
80
|
return undefined;
|
|
81
81
|
},
|
|
82
|
-
generateKeys: (
|
|
82
|
+
generateKeys: (_authn, request) => __awaiter(void 0, void 0, void 0, function* () {
|
|
83
83
|
return {
|
|
84
84
|
username: request.linuxUserName,
|
|
85
85
|
privateKeyPath: keys_1.PRIVATE_KEY_PATH,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/plugins/google/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAA0D;AAC1D,4CAAqD;AAErD,uCAAgD;AAChD,uCAAyC;AAGzC,oGAAoG;AACpG,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEnD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,2BAA2B,GAAG;IAClC,EAAE,OAAO,EAAE,iCAAiC,EAAE;IAC9C;QACE,mEAAmE;QACnE,OAAO,EAAE,uCAAuC;KACjD;IACD,EAAE,OAAO,EAAE,mDAAmD,EAAE;IAChE;QACE,OAAO,EAAE,+CAA+C;QACxD,kBAAkB,EAAE,IAAI;KACzB;IACD,EAAE,OAAO,EAAE,4DAA4D,EAAE;CACjE,CAAC;AAEE,QAAA,cAAc,GAIvB;IACF,uCAAuC;IACvC,kBAAkB,EAAE,GAAS,EAAE,kDAAC,OAAA,SAAS,CAAA,GAAA;IAEzC,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,6BAAmB,GAAE,CAAC,EAAE;YAClC,MAAM,8DAA8D,CAAC;SACtE;IACH,CAAC,CAAA;IAED,YAAY,EAAE,cAAc;IAE5B,oBAAoB,EAClB,2DAA2D;IAE7D,oBAAoB,EAAE,sDAAsD;IAE5E,oBAAoB,EAAE,4BAA4B;IAElD,4BAA4B,EAAE,CAAC,OAAO,EAAE,EAAE;QACxC,IAAI,IAAA,mBAAa,EAAC,OAAO,CAAC,EAAE;YAC1B,uCACK,OAAO;gBACV,6GAA6G;gBAC7G,6HAA6H;gBAC7H,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,CAAC,IAAI,CAAC,IACjB;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,YAAY,EAAE,CAAO,
|
|
1
|
+
{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/plugins/google/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAA0D;AAC1D,4CAAqD;AAErD,uCAAgD;AAChD,uCAAyC;AAGzC,oGAAoG;AACpG,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEnD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,2BAA2B,GAAG;IAClC,EAAE,OAAO,EAAE,iCAAiC,EAAE;IAC9C;QACE,mEAAmE;QACnE,OAAO,EAAE,uCAAuC;KACjD;IACD,EAAE,OAAO,EAAE,mDAAmD,EAAE;IAChE;QACE,OAAO,EAAE,+CAA+C;QACxD,kBAAkB,EAAE,IAAI;KACzB;IACD,EAAE,OAAO,EAAE,4DAA4D,EAAE;CACjE,CAAC;AAEE,QAAA,cAAc,GAIvB;IACF,uCAAuC;IACvC,kBAAkB,EAAE,GAAS,EAAE,kDAAC,OAAA,SAAS,CAAA,GAAA;IAEzC,aAAa,EAAE,GAAS,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,IAAA,6BAAmB,GAAE,CAAC,EAAE;YAClC,MAAM,8DAA8D,CAAC;SACtE;IACH,CAAC,CAAA;IAED,YAAY,EAAE,cAAc;IAE5B,oBAAoB,EAClB,2DAA2D;IAE7D,oBAAoB,EAAE,sDAAsD;IAE5E,oBAAoB,EAAE,4BAA4B;IAElD,4BAA4B,EAAE,CAAC,OAAO,EAAE,EAAE;QACxC,IAAI,IAAA,mBAAa,EAAC,OAAO,CAAC,EAAE;YAC1B,uCACK,OAAO;gBACV,6GAA6G;gBAC7G,6HAA6H;gBAC7H,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,CAAC,IAAI,CAAC,IACjB;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,YAAY,EAAE,CAAO,MAAM,EAAE,OAAO,EAAE,EAAE;QACtC,OAAO;YACL,QAAQ,EAAE,OAAO,CAAC,aAAa;YAC/B,cAAc,EAAE,uBAAgB;SACjC,CAAC;IACJ,CAAC,CAAA;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE;QAC9B,OAAO;YACL,QAAQ;YACR,SAAS;YACT,kBAAkB;YAClB,OAAO,CAAC,EAAE;YACV,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;YAClB,kEAAkE;YAClE,oGAAoG;YACpG,oEAAoE;YACpE,kDAAkD;YAClD,mBAAmB;YACnB,UAAU,OAAO,CAAC,IAAI,EAAE;YACxB,aAAa,OAAO,CAAC,SAAS,EAAE;SACjC,CAAC;IACJ,CAAC;IAED,aAAa,EAAE,GAAG,EAAE,CAAC,SAAS;IAE9B,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,YAAY;YAC5C,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,SAAS;YAChD,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI;YAC7B,aAAa,EAAE,OAAO,CAAC,YAAY,CAAC,aAAa;YACjD,IAAI,EAAE,QAAQ;SACf,CAAC;IACJ,CAAC;IAED,2BAA2B;IAE3B,YAAY,EAAE,CAAO,OAAO,EAAE,OAAO,EAAE,EAAE;QAAC,OAAA,iCACrC,OAAO,KACV,YAAY,EAAE;gBACZ,aAAa,EAAE,MAAM,IAAA,sBAAY,EAAC,OAAO,CAAC,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC;aACzE,IACD,CAAA;MAAA;CACH,CAAC"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.generateSelfHostedCertificate = void 0;
|
|
13
|
+
/** Copyright © 2024-present P0 Security
|
|
14
|
+
|
|
15
|
+
This file is part of @p0security/cli
|
|
16
|
+
|
|
17
|
+
@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
|
|
18
|
+
|
|
19
|
+
@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
20
|
+
|
|
21
|
+
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
22
|
+
**/
|
|
23
|
+
const api_1 = require("../../drivers/api");
|
|
24
|
+
const stdio_1 = require("../../drivers/stdio");
|
|
25
|
+
const generateSelfHostedCertificate = (authn, { requestId, publicKey, debug, }) => __awaiter(void 0, void 0, void 0, function* () {
|
|
26
|
+
if (debug) {
|
|
27
|
+
(0, stdio_1.print2)(`Generating self-hosted SSH certificate for request ${requestId}`);
|
|
28
|
+
}
|
|
29
|
+
const { signedCertificate } = yield (0, api_1.certificateSigningRequest)(authn, {
|
|
30
|
+
publicKey,
|
|
31
|
+
requestId,
|
|
32
|
+
});
|
|
33
|
+
if (debug) {
|
|
34
|
+
(0, stdio_1.print2)(`Generated self-hosted SSH certificate for request ${requestId}`);
|
|
35
|
+
}
|
|
36
|
+
return signedCertificate;
|
|
37
|
+
});
|
|
38
|
+
exports.generateSelfHostedCertificate = generateSelfHostedCertificate;
|
|
39
|
+
//# sourceMappingURL=keygen.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"keygen.js","sourceRoot":"","sources":["../../../../src/plugins/self-hosted/keygen.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAA8D;AAC9D,+CAA6C;AAGtC,MAAM,6BAA6B,GAAG,CAC3C,KAAY,EACZ,EACE,SAAS,EACT,SAAS,EACT,KAAK,GAKN,EACD,EAAE;IACF,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,sDAAsD,SAAS,EAAE,CAAC,CAAC;KAC3E;IACD,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,IAAA,+BAAyB,EAAC,KAAK,EAAE;QACnE,SAAS;QACT,SAAS;KACV,CAAC,CAAC;IAEH,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,qDAAqD,SAAS,EAAE,CAAC,CAAC;KAC1E;IAED,OAAO,iBAAiB,CAAC;AAC3B,CAAC,CAAA,CAAC;AAzBW,QAAA,6BAA6B,iCAyBxC"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
1
|
import { SshProvider } from "../../types/ssh";
|
|
2
2
|
import { SelfHostedSshPermissionSpec, SelfHostedSshRequest } from "./types";
|
|
3
|
+
export declare const SELF_HOSTED_CERT_FILENAME = "p0cli-self-hosted-ssh-cert.pub";
|
|
3
4
|
export declare const selfHostedSshProvider: SshProvider<SelfHostedSshPermissionSpec, undefined, SelfHostedSshRequest>;
|