@p0security/cli 0.18.8 → 0.18.10

package/build/dist/drivers/env.js

@@ -4,11 +4,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.bootstrapConfig = void 0;
+exports.defaultConfig = void 0;
 const dotenv_1 = __importDefault(require("dotenv"));
 dotenv_1.default.config();
 const { env } = process;
-exports.bootstrapConfig = {
+exports.defaultConfig = {
     fs: {
         // Falls back to public production Firestore credentials
         apiKey: (_a = env.P0_FS_API_KEY) !== null && _a !== void 0 ? _a : "AIzaSyCaL-Ik_l_5tdmgNUNZ4Nv6NuR4o5_PPfs",

package/build/dist/drivers/env.js.map

@@ -1 +1 @@
-{"version":3,"file":"env.js","sourceRoot":"","sources":["../../../src/drivers/env.ts"],"names":[],"mappings":";;;;;;;AAWA,oDAA4B;AAE5B,gBAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;AAEX,QAAA,eAAe,GAA4B;IACtD,EAAE,EAAE;QACF,wDAAwD;QACxD,MAAM,EAAE,MAAA,GAAG,CAAC,aAAa,mCAAI,yCAAyC;QACtE,UAAU,EAAE,MAAA,GAAG,CAAC,iBAAiB,mCAAI,yBAAyB;QAC9D,SAAS,EAAE,MAAA,GAAG,CAAC,gBAAgB,mCAAI,SAAS;QAC5C,aAAa,EAAE,MAAA,GAAG,CAAC,oBAAoB,mCAAI,qBAAqB;QAChE,iBAAiB,EAAE,MAAA,GAAG,CAAC,yBAAyB,mCAAI,cAAc;QAClE,KAAK,EAAE,MAAA,GAAG,CAAC,YAAY,mCAAI,2CAA2C;KACvE;IACD,MAAM,EAAE;QACN,QAAQ,EACN,MAAA,GAAG,CAAC,wBAAwB,mCAC5B,0EAA0E;QAC5E,4EAA4E;QAC5E,qFAAqF;QACrF,kFAAkF;QAClF,2FAA2F;QAC3F,uHAAuH;QACvH,iFAAiF;QACjF,uEAAuE;QACvE,wFAAwF;QACxF,yBAAyB,EACvB,MAAA,GAAG,CAAC,4BAA4B,mCAAI,qCAAqC;KAC5E;IACD,MAAM,EAAE,MAAA,GAAG,CAAC,UAAU,mCAAI,oBAAoB;IAC9C,WAAW,EAAE,MAAA,GAAG,CAAC,MAAM,mCAAI,YAAY;IACvC,cAAc,EAAE,+CAA+C;IAC/D,WAAW,EAAE,wDAAwD;CACtE,CAAC"}
+{"version":3,"file":"env.js","sourceRoot":"","sources":["../../../src/drivers/env.ts"],"names":[],"mappings":";;;;;;;AAWA,oDAA4B;AAE5B,gBAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;AAEX,QAAA,aAAa,GAA4B;IACpD,EAAE,EAAE;QACF,wDAAwD;QACxD,MAAM,EAAE,MAAA,GAAG,CAAC,aAAa,mCAAI,yCAAyC;QACtE,UAAU,EAAE,MAAA,GAAG,CAAC,iBAAiB,mCAAI,yBAAyB;QAC9D,SAAS,EAAE,MAAA,GAAG,CAAC,gBAAgB,mCAAI,SAAS;QAC5C,aAAa,EAAE,MAAA,GAAG,CAAC,oBAAoB,mCAAI,qBAAqB;QAChE,iBAAiB,EAAE,MAAA,GAAG,CAAC,yBAAyB,mCAAI,cAAc;QAClE,KAAK,EAAE,MAAA,GAAG,CAAC,YAAY,mCAAI,2CAA2C;KACvE;IACD,MAAM,EAAE;QACN,QAAQ,EACN,MAAA,GAAG,CAAC,wBAAwB,mCAC5B,0EAA0E;QAC5E,4EAA4E;QAC5E,qFAAqF;QACrF,kFAAkF;QAClF,2FAA2F;QAC3F,uHAAuH;QACvH,iFAAiF;QACjF,uEAAuE;QACvE,wFAAwF;QACxF,yBAAyB,EACvB,MAAA,GAAG,CAAC,4BAA4B,mCAAI,qCAAqC;KAC5E;IACD,MAAM,EAAE,MAAA,GAAG,CAAC,UAAU,mCAAI,oBAAoB;IAC9C,WAAW,EAAE,MAAA,GAAG,CAAC,MAAM,mCAAI,YAAY;IACvC,cAAc,EAAE,+CAA+C;IAC/D,WAAW,EAAE,wDAAwD;CACtE,CAAC"}

package/build/dist/drivers/firestore.d.ts

@@ -1,7 +1,6 @@
 import { Identity } from "../types/identity";
 import { OrgData } from "../types/org";
 import { EmailAuthCredential, OAuthCredential, UserCredential } from "firebase/auth";
-import { CollectionReference, DocumentReference } from "firebase/firestore";
 export declare function initializeFirebase(): Promise<void>;
 export declare const signInToTenant: (org: OrgData, firebaseCredential: EmailAuthCredential | OAuthCredential, options?: {
     debug?: boolean;
@@ -9,12 +8,3 @@ export declare const signInToTenant: (org: OrgData, firebaseCredential: EmailAut
 export declare const authenticateToFirebase: (identity: Identity, options?: {
     debug?: boolean;
 }) => Promise<UserCredential>;
-export declare const collection: <T>(path: string, ...pathSegments: string[]) => CollectionReference<T, import("@firebase/firestore").DocumentData>;
-export declare const doc: <T>(path: string) => DocumentReference<T, import("@firebase/firestore").DocumentData>;
-export declare const bootstrapDoc: <T>(path: string) => DocumentReference<T, import("@firebase/firestore").DocumentData>;
-/** Ensures that Firestore is shutdown at command termination
- *
- * This prevents Firestore from holding the command on execution completion or failure.
- */
-export declare const fsShutdownGuard: <P, T>(cb: (args: P) => Promise<T>) => (args: P) => Promise<void>;
-export declare const shutdownFirebase: () => void;

package/build/dist/drivers/firestore.js

@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.shutdownFirebase = exports.fsShutdownGuard = exports.bootstrapDoc = exports.doc = exports.collection = exports.authenticateToFirebase = exports.signInToTenant = exports.initializeFirebase = void 0;
+exports.authenticateToFirebase = exports.signInToTenant = exports.initializeFirebase = void 0;
 /** Copyright © 2024-present P0 Security
 
 This file is part of @p0security/cli
@@ -22,23 +22,15 @@ You should have received a copy of the GNU General Public License along with @p0
 **/
 const login_1 = require("../plugins/email/login");
 const config_1 = require("./config");
-const env_1 = require("./env");
 const stdio_1 = require("./stdio");
 const util_1 = require("./util");
 const app_1 = require("firebase/app");
 const auth_1 = require("firebase/auth");
-const firestore_1 = require("firebase/firestore");
-const bootstrapApp = (0, app_1.initializeApp)(env_1.bootstrapConfig.fs, "bootstrapApp");
-const bootstrapFirestore = (0, firestore_1.getFirestore)(bootstrapApp);
 let app;
-let firestore;
 function initializeFirebase() {
     return __awaiter(this, void 0, void 0, function* () {
-        if (!firestore) {
-            const tenantConfig = yield (0, config_1.loadConfig)();
-            app = (0, app_1.initializeApp)(tenantConfig.fs, "authFirebase");
-            firestore = (0, firestore_1.getFirestore)(app);
-        }
+        const tenantConfig = yield (0, config_1.loadConfig)();
+        app = (0, app_1.initializeApp)(tenantConfig.fs, "authFirebase");
     });
 }
 exports.initializeFirebase = initializeFirebase;
@@ -102,36 +94,4 @@ const authenticateToFirebase = (identity, options) => __awaiter(void 0, void 0,
     return yield (0, exports.signInToTenant)(org, firebaseCredential, options);
 });
 exports.authenticateToFirebase = authenticateToFirebase;
-const collection = (path, ...pathSegments) => {
-    return (0, firestore_1.collection)(firestore, path, ...pathSegments);
-};
-exports.collection = collection;
-const doc = (path) => {
-    return (0, firestore_1.doc)(firestore, path);
-};
-exports.doc = doc;
-const bootstrapDoc = (path) => {
-    return (0, firestore_1.doc)(bootstrapFirestore, path);
-};
-exports.bootstrapDoc = bootstrapDoc;
-/** Ensures that Firestore is shutdown at command termination
- *
- * This prevents Firestore from holding the command on execution completion or failure.
- */
-const fsShutdownGuard = (cb) => (args) => __awaiter(void 0, void 0, void 0, function* () {
-    try {
-        yield cb(args);
-    }
-    finally {
-        (0, exports.shutdownFirebase)();
-    }
-});
-exports.fsShutdownGuard = fsShutdownGuard;
-const shutdownFirebase = () => {
-    if (bootstrapFirestore)
-        void (0, firestore_1.terminate)(bootstrapFirestore);
-    if (firestore)
-        void (0, firestore_1.terminate)(firestore);
-};
-exports.shutdownFirebase = shutdownFirebase;
 //# sourceMappingURL=firestore.js.map

package/build/dist/drivers/firestore.js.map

@@ -1 +1 @@
-{"version":3,"file":"firestore.js","sourceRoot":"","sources":["../../../src/drivers/firestore.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,kDAA+D;AAG/D,qCAAyD;AACzD,+BAAwC;AACxC,mCAAiC;AACjC,iCAAqD;AACrD,sCAAyE;AACzE,wCAQuB;AACvB,kDAQ4B;AAE5B,MAAM,YAAY,GAAG,IAAA,mBAAa,EAAC,qBAAe,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC;AACvE,MAAM,kBAAkB,GAAG,IAAA,wBAAY,EAAC,YAAY,CAAC,CAAC;AAEtD,IAAI,GAAgB,CAAC;AACrB,IAAI,SAAoB,CAAC;AAEzB,SAAsB,kBAAkB;;QACtC,IAAI,CAAC,SAAS,EAAE;YACd,MAAM,YAAY,GAAG,MAAM,IAAA,mBAAU,GAAE,CAAC;YACxC,GAAG,GAAG,IAAA,mBAAa,EAAC,YAAY,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC;YACrD,SAAS,GAAG,IAAA,wBAAY,EAAC,GAAG,CAAC,CAAC;SAC/B;IACH,CAAC;CAAA;AAND,gDAMC;AAED,MAAM,cAAc,GAAG,CAAC,GAAY,EAAE,EAAE;IACtC,QAAQ,GAAG,CAAC,WAAW,EAAE;QACvB,KAAK,QAAQ;YACX,OAAO,iBAAU,CAAC,MAAM,CAAC;QAC3B,KAAK,aAAa;YAChB,OAAO,kBAAkB,CAAC;QAC5B,gDAAgD;QAChD,+CAA+C;QAC/C,wCAAwC;QACxC,KAAK,SAAS;YACZ,OAAO,iBAAU,CAAC,QAAQ,CAAC;QAC7B;YACE,OAAO,GAAG,CAAC,UAAU,CAAC;KACzB;AACH,CAAC,CAAC;AAEK,MAAM,cAAc,GAAG,CAC5B,GAAY,EACZ,kBAAyD,EACzD,OAEC,EACwB,EAAE;;IAC3B,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC;IAEzB,MAAM,kBAAkB,EAAE,CAAC;IAE3B,MAAM,IAAI,GAAG,IAAA,cAAO,EAAC,GAAG,CAAC,CAAC;IAC1B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAEzB,IAAI,cAAc,CAAC;IACnB,IAAI;QACF,cAAc,GAAG,MAAM,IAAA,2BAAoB,EAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;KACvE;IAAC,OAAO,KAAK,EAAE;QACd,IACE,KAAK,YAAY,mBAAa;YAC9B,KAAK,CAAC,IAAI,KAAK,yBAAyB,EACxC;YACA,MAAM,kCAA2B,CAAC;SACnC;aAAM;YACL,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;gBAClB,IAAI,KAAK,YAAY,KAAK,EAAE;oBAC1B,IAAA,cAAM,EAAC,yBAAyB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;iBAClD;qBAAM;oBACL,IAAA,cAAM,EAAC,yBAAyB,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;iBAClD;aACF;YACD,MAAM,wDAAwD,IAAA,0BAAiB,GAAE,EAAE,CAAC;SACrF;KACF;IAED,IAAI,CAAC,CAAA,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,IAAI,0CAAE,KAAK,CAAA,EAAE;QAChC,MAAM,4FAA4F,IAAA,0BAAiB,GAAE,EAAE,CAAC;KACzH;IAED,OAAO,cAAc,CAAC;AACxB,CAAC,CAAA,CAAC;AAxCW,QAAA,cAAc,kBAwCzB;AAEK,MAAM,sBAAsB,GAAG,CACpC,QAAkB,EAClB,OAEC,EACwB,EAAE;IAC3B,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAC;IAErC,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,kBAAkB,GACtB,UAAU,KAAK,iBAAU,CAAC,QAAQ;QAChC,CAAC,CAAC,IAAA,6BAAqB,GAAE;QACzB,CAAC,CAAC,IAAI,oBAAa,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC;YACvC,WAAW,EAAE,UAAU,CAAC,YAAY;YACpC,OAAO,EAAE,UAAU,CAAC,QAAQ;SAC7B,CAAC,CAAC;IAET,OAAO,MAAM,IAAA,sBAAc,EAAC,GAAG,EAAE,kBAAkB,EAAE,OAAO,CAAC,CAAC;AAChE,CAAC,CAAA,CAAC;AAlBW,QAAA,sBAAsB,0BAkBjC;AAEK,MAAM,UAAU,GAAG,CAAI,IAAY,EAAE,GAAG,YAAsB,EAAE,EAAE;IACvE,OAAO,IAAA,sBAAY,EACjB,SAAS,EACT,IAAI,EACJ,GAAG,YAAY,CACU,CAAC;AAC9B,CAAC,CAAC;AANW,QAAA,UAAU,cAMrB;AAEK,MAAM,GAAG,GAAG,CAAI,IAAY,EAAE,EAAE;IACrC,OAAO,IAAA,eAAK,EAAC,SAAS,EAAE,IAAI,CAAyB,CAAC;AACxD,CAAC,CAAC;AAFW,QAAA,GAAG,OAEd;AAEK,MAAM,YAAY,GAAG,CAAI,IAAY,EAAE,EAAE;IAC9C,OAAO,IAAA,eAAK,EAAC,kBAAkB,EAAE,IAAI,CAAyB,CAAC;AACjE,CAAC,CAAC;AAFW,QAAA,YAAY,gBAEvB;AAEF;;;GAGG;AACI,MAAM,eAAe,GAC1B,CAAO,EAA2B,EAAE,EAAE,CACtC,CAAO,IAAO,EAAE,EAAE;IAChB,IAAI;QACF,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC;KAChB;YAAS;QACR,IAAA,wBAAgB,GAAE,CAAC;KACpB;AACH,CAAC,CAAA,CAAC;AARS,QAAA,eAAe,mBAQxB;AAEG,MAAM,gBAAgB,GAAG,GAAG,EAAE;IACnC,IAAI,kBAAkB;QAAE,KAAK,IAAA,qBAAS,EAAC,kBAAkB,CAAC,CAAC;IAC3D,IAAI,SAAS;QAAE,KAAK,IAAA,qBAAS,EAAC,SAAS,CAAC,CAAC;AAC3C,CAAC,CAAC;AAHW,QAAA,gBAAgB,oBAG3B"}
+{"version":3,"file":"firestore.js","sourceRoot":"","sources":["../../../src/drivers/firestore.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,kDAA+D;AAG/D,qCAAyD;AACzD,mCAAiC;AACjC,iCAAqD;AACrD,sCAAyE;AACzE,wCAQuB;AAEvB,IAAI,GAAgB,CAAC;AAErB,SAAsB,kBAAkB;;QACtC,MAAM,YAAY,GAAG,MAAM,IAAA,mBAAU,GAAE,CAAC;QACxC,GAAG,GAAG,IAAA,mBAAa,EAAC,YAAY,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC;IACvD,CAAC;CAAA;AAHD,gDAGC;AAED,MAAM,cAAc,GAAG,CAAC,GAAY,EAAE,EAAE;IACtC,QAAQ,GAAG,CAAC,WAAW,EAAE;QACvB,KAAK,QAAQ;YACX,OAAO,iBAAU,CAAC,MAAM,CAAC;QAC3B,KAAK,aAAa;YAChB,OAAO,kBAAkB,CAAC;QAC5B,gDAAgD;QAChD,+CAA+C;QAC/C,wCAAwC;QACxC,KAAK,SAAS;YACZ,OAAO,iBAAU,CAAC,QAAQ,CAAC;QAC7B;YACE,OAAO,GAAG,CAAC,UAAU,CAAC;KACzB;AACH,CAAC,CAAC;AAEK,MAAM,cAAc,GAAG,CAC5B,GAAY,EACZ,kBAAyD,EACzD,OAEC,EACwB,EAAE;;IAC3B,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC;IAEzB,MAAM,kBAAkB,EAAE,CAAC;IAE3B,MAAM,IAAI,GAAG,IAAA,cAAO,EAAC,GAAG,CAAC,CAAC;IAC1B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAEzB,IAAI,cAAc,CAAC;IACnB,IAAI;QACF,cAAc,GAAG,MAAM,IAAA,2BAAoB,EAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;KACvE;IAAC,OAAO,KAAK,EAAE;QACd,IACE,KAAK,YAAY,mBAAa;YAC9B,KAAK,CAAC,IAAI,KAAK,yBAAyB,EACxC;YACA,MAAM,kCAA2B,CAAC;SACnC;aAAM;YACL,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;gBAClB,IAAI,KAAK,YAAY,KAAK,EAAE;oBAC1B,IAAA,cAAM,EAAC,yBAAyB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;iBAClD;qBAAM;oBACL,IAAA,cAAM,EAAC,yBAAyB,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;iBAClD;aACF;YACD,MAAM,wDAAwD,IAAA,0BAAiB,GAAE,EAAE,CAAC;SACrF;KACF;IAED,IAAI,CAAC,CAAA,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,IAAI,0CAAE,KAAK,CAAA,EAAE;QAChC,MAAM,4FAA4F,IAAA,0BAAiB,GAAE,EAAE,CAAC;KACzH;IAED,OAAO,cAAc,CAAC;AACxB,CAAC,CAAA,CAAC;AAxCW,QAAA,cAAc,kBAwCzB;AAEK,MAAM,sBAAsB,GAAG,CACpC,QAAkB,EAClB,OAEC,EACwB,EAAE;IAC3B,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAC;IAErC,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,kBAAkB,GACtB,UAAU,KAAK,iBAAU,CAAC,QAAQ;QAChC,CAAC,CAAC,IAAA,6BAAqB,GAAE;QACzB,CAAC,CAAC,IAAI,oBAAa,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC;YACvC,WAAW,EAAE,UAAU,CAAC,YAAY;YACpC,OAAO,EAAE,UAAU,CAAC,QAAQ;SAC7B,CAAC,CAAC;IAET,OAAO,MAAM,IAAA,sBAAc,EAAC,GAAG,EAAE,kBAAkB,EAAE,OAAO,CAAC,CAAC;AAChE,CAAC,CAAA,CAAC;AAlBW,QAAA,sBAAsB,0BAkBjC"}

package/build/dist/drivers/org.d.ts

@@ -0,0 +1 @@
+export declare const getOrgData: (orgId: string) => Promise<any>;

package/build/dist/drivers/org.js

@@ -0,0 +1,43 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getOrgData = void 0;
+const api_1 = require("./api");
+const path_1 = require("./auth/path");
+const promises_1 = __importDefault(require("fs/promises"));
+const getOrgData = (orgId) => __awaiter(void 0, void 0, void 0, function* () {
+    try {
+        // Try to read the org data from the bootstrap file first
+        const bootstrapOrgDataPath = (0, path_1.getBootstrapOrgDataPath)(orgId);
+        const buffer = yield promises_1.default.readFile(bootstrapOrgDataPath);
+        return JSON.parse(buffer.toString());
+    }
+    catch (err) {
+        // ... if that fails, fetch it via API
+        try {
+            return yield (0, api_1.fetchOrgData)(orgId);
+        }
+        catch (e) {
+            if (typeof e === "string" && e.startsWith("Network error:")) {
+                throw e;
+            }
+            if (typeof e === "string" && e.startsWith("Not found")) {
+                throw "Could not find organization";
+            }
+            throw e;
+        }
+    }
+});
+exports.getOrgData = getOrgData;
+//# sourceMappingURL=org.js.map

package/build/dist/drivers/org.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"org.js","sourceRoot":"","sources":["../../../src/drivers/org.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAWA,+BAAqC;AACrC,sCAAsD;AACtD,2DAA6B;AAEtB,MAAM,UAAU,GAAG,CAAO,KAAa,EAAE,EAAE;IAChD,IAAI;QACF,yDAAyD;QACzD,MAAM,oBAAoB,GAAG,IAAA,8BAAuB,EAAC,KAAK,CAAC,CAAC;QAC5D,MAAM,MAAM,GAAG,MAAM,kBAAE,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;KACtC;IAAC,OAAO,GAAG,EAAE;QACZ,sCAAsC;QACtC,IAAI;YACF,OAAO,MAAM,IAAA,kBAAY,EAAa,KAAK,CAAC,CAAC;SAC9C;QAAC,OAAO,CAAM,EAAE;YACf,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE;gBAC3D,MAAM,CAAC,CAAC;aACT;YACD,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE;gBACtD,MAAM,6BAA6B,CAAC;aACrC;YACD,MAAM,CAAC,CAAC;SACT;KACF;AACH,CAAC,CAAA,CAAC;AApBW,QAAA,UAAU,cAoBrB"}

package/build/dist/plugins/aws/config.js

@@ -20,14 +20,12 @@ This file is part of @p0security/cli
 
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
-const firestore_1 = require("../../drivers/firestore");
-const firestore_2 = require("firebase/firestore");
+const api_1 = require("../../drivers/api");
 const lodash_1 = require("lodash");
 const getFirstAwsConfig = (authn) => __awaiter(void 0, void 0, void 0, function* () {
     var _a;
     const { identity } = authn;
-    const snapshot = yield (0, firestore_2.getDoc)((0, firestore_1.doc)(`o/${identity.org.tenantId}/integrations/aws`));
-    const config = snapshot.data();
+    const { config } = yield (0, api_1.fetchIntegrationConfig)(authn, "aws");
     const item = Object.entries((_a = config === null || config === void 0 ? void 0 : config["iam-write"]) !== null && _a !== void 0 ? _a : {}).find(([_id, { state }]) => state === "installed");
     if (!item)
         throw `P0 is not installed on any AWS account`;
@@ -37,8 +35,7 @@ exports.getFirstAwsConfig = getFirstAwsConfig;
 const getAwsConfig = (authn, account) => __awaiter(void 0, void 0, void 0, function* () {
     var _b;
     const { identity } = authn;
-    const snapshot = yield (0, firestore_2.getDoc)((0, firestore_1.doc)(`o/${identity.org.tenantId}/integrations/aws`));
-    const config = snapshot.data();
+    const { config } = yield (0, api_1.fetchIntegrationConfig)(authn, "aws");
     // TODO: Support alias lookup
     const allItems = (0, lodash_1.sortBy)(Object.entries((_b = config === null || config === void 0 ? void 0 : config["iam-write"]) !== null && _b !== void 0 ? _b : {}).filter(([, { state }]) => state === "installed"), ([id]) => id);
     const item = account

package/build/dist/plugins/aws/config.js.map

@@ -1 +1 @@
-{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../../src/plugins/aws/config.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,uDAA8C;AAG9C,kDAA4C;AAC5C,mCAAgC;AAEzB,MAAM,iBAAiB,GAAG,CAAO,KAAY,EAAE,EAAE;;IACtD,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;IAC3B,MAAM,QAAQ,GAAG,MAAM,IAAA,kBAAM,EAC3B,IAAA,eAAG,EAAC,KAAK,QAAQ,CAAC,GAAG,CAAC,QAAQ,mBAAmB,CAAC,CACnD,CAAC;IACF,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;IAE/B,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAG,WAAW,CAAC,mCAAI,EAAE,CAAC,CAAC,IAAI,CAC3D,CAAC,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,KAAK,WAAW,CAC5C,CAAC;IAEF,IAAI,CAAC,IAAI;QAAE,MAAM,wCAAwC,CAAC;IAE1D,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAI,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,IAAK,IAAI,CAAC,CAAC,CAAC,CAAE,EAAE,CAAC;AAC3D,CAAC,CAAA,CAAC;AAdW,QAAA,iBAAiB,qBAc5B;AAEK,MAAM,YAAY,GAAG,CAC1B,KAAY,EACZ,OAA2B,EAC3B,EAAE;;IACF,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;IAC3B,MAAM,QAAQ,GAAG,MAAM,IAAA,kBAAM,EAC3B,IAAA,eAAG,EAAC,KAAK,QAAQ,CAAC,GAAG,CAAC,QAAQ,mBAAmB,CAAC,CACnD,CAAC;IACF,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC/B,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,IAAA,eAAM,EACrB,MAAM,CAAC,OAAO,CAAC,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAG,WAAW,CAAC,mCAAI,EAAE,CAAC,CAAC,MAAM,CAChD,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,KAAK,WAAW,CACzC,EACD,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CACb,CAAC;IACF,MAAM,IAAI,GAAG,OAAO;QAClB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,KAAK,OAAO,IAAI,KAAK,KAAK,OAAO,CAAC;QACzE,CAAC,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;YACrB,CAAC,CAAC,CAAC,GAAG,EAAE;gBACJ,MAAM,2EAA2E,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/I,CAAC,CAAC,EAAE;YACN,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAClB,IAAI,CAAC,IAAI;QAAE,MAAM,sCAAsC,OAAO,EAAE,CAAC;IACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAI,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,IAAK,IAAI,CAAC,CAAC,CAAC,CAAE,EAAE,CAAC;AAC3D,CAAC,CAAA,CAAC;AAzBW,QAAA,YAAY,gBAyBvB"}
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../../src/plugins/aws/config.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAA2D;AAG3D,mCAAgC;AAEzB,MAAM,iBAAiB,GAAG,CAAO,KAAY,EAAE,EAAE;;IACtD,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;IAC3B,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,4BAAsB,EAC7C,KAAK,EACL,KAAK,CACN,CAAC;IAEF,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAG,WAAW,CAAC,mCAAI,EAAE,CAAC,CAAC,IAAI,CAC3D,CAAC,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,KAAK,WAAW,CAC5C,CAAC;IAEF,IAAI,CAAC,IAAI;QAAE,MAAM,wCAAwC,CAAC;IAE1D,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAI,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,IAAK,IAAI,CAAC,CAAC,CAAC,CAAE,EAAE,CAAC;AAC3D,CAAC,CAAA,CAAC;AAdW,QAAA,iBAAiB,qBAc5B;AAEK,MAAM,YAAY,GAAG,CAC1B,KAAY,EACZ,OAA2B,EAC3B,EAAE;;IACF,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;IAC3B,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,4BAAsB,EAC7C,KAAK,EACL,KAAK,CACN,CAAC;IACF,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,IAAA,eAAM,EACrB,MAAM,CAAC,OAAO,CAAC,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAG,WAAW,CAAC,mCAAI,EAAE,CAAC,CAAC,MAAM,CAChD,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,KAAK,WAAW,CACzC,EACD,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CACb,CAAC;IACF,MAAM,IAAI,GAAG,OAAO;QAClB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,KAAK,OAAO,IAAI,KAAK,KAAK,OAAO,CAAC;QACzE,CAAC,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;YACrB,CAAC,CAAC,CAAC,GAAG,EAAE;gBACJ,MAAM,2EAA2E,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/I,CAAC,CAAC,EAAE;YACN,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAClB,IAAI,CAAC,IAAI;QAAE,MAAM,sCAAsC,OAAO,EAAE,CAAC;IACjE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAI,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC,IAAK,IAAI,CAAC,CAAC,CAAC,CAAE,EAAE,CAAC;AAC3D,CAAC,CAAA,CAAC;AAzBW,QAAA,YAAY,gBAyBvB"}

package/build/dist/plugins/azure/login.d.ts

@@ -0,0 +1,3 @@
+import { TokenResponse } from "../../types/oidc";
+import { OrgData } from "../../types/org";
+export declare const azureLogin: (org: OrgData) => Promise<TokenResponse>;

package/build/dist/plugins/azure/login.js

@@ -0,0 +1,86 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.azureLogin = void 0;
+/** Copyright © 2024-present P0 Security
+
+This file is part of @p0security/cli
+
+@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
+
+@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
+**/
+const oidc_1 = require("../../common/auth/oidc");
+const server_1 = require("../../common/auth/server");
+const fetch_1 = require("../../common/fetch");
+const stdio_1 = require("../../drivers/stdio");
+const open_1 = __importDefault(require("open"));
+const pkce_challenge_1 = __importDefault(require("pkce-challenge"));
+const AZURE_SCOPE = "openid profile email offline_access";
+const AZURE_REDIRECT_PORT = 52701;
+const AZURE_REDIRECT_URL = `http://localhost:${AZURE_REDIRECT_PORT}`;
+const PKCE_LENGTH = 128;
+const requestAuth = (org) => __awaiter(void 0, void 0, void 0, function* () {
+    if (!org.providerDomain) {
+        throw "Azure login requires a configured provider domain.";
+    }
+    const pkce = yield (0, pkce_challenge_1.default)(PKCE_LENGTH);
+    const baseUrl = `https://login.microsoftonline.com/${org.providerDomain}/oauth2/v2.0/authorize`;
+    const authBody = {
+        client_id: org.clientId,
+        code_challenge: pkce.code_challenge,
+        code_challenge_method: "S256",
+        redirect_uri: AZURE_REDIRECT_URL,
+        response_type: "code",
+        scope: AZURE_SCOPE,
+        state: "azure_login",
+    };
+    const url = `${baseUrl}?${(0, fetch_1.urlEncode)(authBody)}`;
+    (0, stdio_1.print2)(`Your browser has been opened to visit:
+
+    ${url}\n`);
+    (0, open_1.default)(url).catch(() => {
+        (0, stdio_1.print2)(`Please visit the following URL to continue login:
+
+    ${url}`);
+    });
+    return pkce;
+});
+const requestToken = (org, code, pkce) => __awaiter(void 0, void 0, void 0, function* () {
+    if (!org.providerDomain) {
+        throw "Azure login requires a configured provider domain.";
+    }
+    const tokenUrl = `https://login.microsoftonline.com/${org.providerDomain}/oauth2/v2.0/token`;
+    const body = {
+        client_id: org.clientId,
+        code,
+        code_verifier: pkce.code_verifier,
+        grant_type: "authorization_code",
+        redirect_uri: AZURE_REDIRECT_URL,
+    };
+    const response = yield fetch(tokenUrl, {
+        method: "POST",
+        headers: Object.assign(Object.assign({}, oidc_1.OIDC_HEADERS), { Accept: "application/json", Origin: AZURE_REDIRECT_URL }),
+        body: (0, fetch_1.urlEncode)(body),
+    });
+    const valid = yield (0, fetch_1.validateResponse)(response);
+    return (yield valid.json());
+});
+const azureLogin = (org) => __awaiter(void 0, void 0, void 0, function* () {
+    return yield (0, server_1.withRedirectServer)(() => __awaiter(void 0, void 0, void 0, function* () { return yield requestAuth(org); }), (pkce, token) => __awaiter(void 0, void 0, void 0, function* () { return yield requestToken(org, token.code, pkce); }), { port: AZURE_REDIRECT_PORT });
+});
+exports.azureLogin = azureLogin;
+//# sourceMappingURL=login.js.map

package/build/dist/plugins/azure/login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../../src/plugins/azure/login.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,qDAA8D;AAC9D,8CAAiE;AACjE,+CAA6C;AAG7C,gDAAwB;AACxB,oEAA2C;AAE3C,MAAM,WAAW,GAAG,qCAAqC,CAAC;AAC1D,MAAM,mBAAmB,GAAG,KAAK,CAAC;AAClC,MAAM,kBAAkB,GAAG,oBAAoB,mBAAmB,EAAE,CAAC;AACrE,MAAM,WAAW,GAAG,GAAG,CAAC;AAOxB,MAAM,WAAW,GAAG,CAAO,GAAY,EAAE,EAAE;IACzC,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE;QACvB,MAAM,oDAAoD,CAAC;KAC5D;IAED,MAAM,IAAI,GAAG,MAAM,IAAA,wBAAa,EAAC,WAAW,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,qCAAqC,GAAG,CAAC,cAAc,wBAAwB,CAAC;IAEhG,MAAM,QAAQ,GAAqB;QACjC,SAAS,EAAE,GAAG,CAAC,QAAQ;QACvB,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,qBAAqB,EAAE,MAAM;QAC7B,YAAY,EAAE,kBAAkB;QAChC,aAAa,EAAE,MAAM;QACrB,KAAK,EAAE,WAAW;QAClB,KAAK,EAAE,aAAa;KACrB,CAAC;IAEF,MAAM,GAAG,GAAG,GAAG,OAAO,IAAI,IAAA,iBAAS,EAAC,QAAQ,CAAC,EAAE,CAAC;IAEhD,IAAA,cAAM,EAAC;;MAEH,GAAG,IAAI,CAAC,CAAC;IAEb,IAAA,cAAI,EAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;QACnB,IAAA,cAAM,EAAC;;MAEL,GAAG,EAAE,CAAC,CAAC;IACX,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEF,MAAM,YAAY,GAAG,CACnB,GAAY,EACZ,IAAY,EACZ,IAAuD,EACvD,EAAE;IACF,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE;QACvB,MAAM,oDAAoD,CAAC;KAC5D;IAED,MAAM,QAAQ,GAAG,qCAAqC,GAAG,CAAC,cAAc,oBAAoB,CAAC;IAE7F,MAAM,IAAI,GAAG;QACX,SAAS,EAAE,GAAG,CAAC,QAAQ;QACvB,IAAI;QACJ,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,UAAU,EAAE,oBAAoB;QAChC,YAAY,EAAE,kBAAkB;KACjC,CAAC;IAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;QACrC,MAAM,EAAE,MAAM;QACd,OAAO,kCACF,mBAAY,KACf,MAAM,EAAE,kBAAkB,EAC1B,MAAM,EAAE,kBAAkB,GAC3B;QACD,IAAI,EAAE,IAAA,iBAAS,EAAC,IAAI,CAAC;KACtB,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;IAC/C,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,EAAE,CAAkB,CAAC;AAC/C,CAAC,CAAA,CAAC;AAEK,MAAM,UAAU,GAAG,CAAO,GAAY,EAA0B,EAAE;IACvE,OAAO,MAAM,IAAA,2BAAkB,EAC7B,GAAS,EAAE,kDAAC,OAAA,MAAM,WAAW,CAAC,GAAG,CAAC,CAAA,GAAA,EAClC,CAAO,IAAI,EAAE,KAAK,EAAE,EAAE,kDAAC,OAAA,MAAM,YAAY,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA,GAAA,EAChE,EAAE,IAAI,EAAE,mBAAmB,EAAE,CAC9B,CAAC;AACJ,CAAC,CAAA,CAAC;AANW,QAAA,UAAU,cAMrB"}

package/build/dist/plugins/google/ssh-key.js

@@ -22,6 +22,7 @@ You should have received a copy of the GNU General Public License along with @p0
 **/
 const subprocess_1 = require("../../common/subprocess");
 const stdio_1 = require("../../drivers/stdio");
+const util_1 = require("../../util");
 /**
  * Adds an ssh public key to the user object's sshPublicKeys array in Google Workspace.
  * GCP OS Login uses these public keys to authenticate the user.
@@ -36,16 +37,15 @@ const stdio_1 = require("../../drivers/stdio");
 const importSshKey = (publicKey, options) => __awaiter(void 0, void 0, void 0, function* () {
     var _a;
     const debug = (_a = options === null || options === void 0 ? void 0 : options.debug) !== null && _a !== void 0 ? _a : false;
+    const isWindows = (0, util_1.getOperatingSystem)() === "win";
+    const cmd = isWindows ? "cmd.exe" : "gcloud";
     // Force debug=false otherwise it prints the access token
-    const accessToken = yield (0, subprocess_1.asyncSpawn)({ debug: false }, "gcloud", [
-        "auth",
-        "print-access-token",
-    ]);
-    const account = yield (0, subprocess_1.asyncSpawn)({ debug }, "gcloud", [
-        "config",
-        "get-value",
-        "account",
-    ]);
+    const accessToken = yield (0, subprocess_1.asyncSpawn)({ debug: false }, cmd, isWindows
+        ? ["/d", "/s", "/c", "gcloud", "auth", "print-access-token"]
+        : ["auth", "print-access-token"]);
+    const account = yield (0, subprocess_1.asyncSpawn)({ debug }, cmd, isWindows
+        ? ["/d", "/s", "/c", "gcloud", "config", "get-value", "account"]
+        : ["config", "get-value", "account"]);
     if (debug) {
         (0, stdio_1.print2)(`Retrieved access token ${accessToken.slice(0, 10)}... for account ${account}`);
     }

package/build/dist/plugins/google/ssh-key.js.map

@@ -1 +1 @@
-{"version":3,"file":"ssh-key.js","sourceRoot":"","sources":["../../../../src/plugins/google/ssh-key.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wDAAqD;AACrD,+CAA6C;AAG7C;;;;;;;;;;GAUG;AACI,MAAM,YAAY,GAAG,CAC1B,SAAiB,EACjB,OAA6B,EAC7B,EAAE;;IACF,MAAM,KAAK,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,mCAAI,KAAK,CAAC;IACtC,yDAAyD;IACzD,MAAM,WAAW,GAAG,MAAM,IAAA,uBAAU,EAAC,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE;QAC/D,MAAM;QACN,oBAAoB;KACrB,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,MAAM,IAAA,uBAAU,EAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE;QACpD,QAAQ;QACR,WAAW;QACX,SAAS;KACV,CAAC,CAAC;IAEH,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EACJ,0BAA0B,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,OAAO,EAAE,CAC/E,CAAC;KACH;IAED,MAAM,GAAG,GAAG,2CAA2C,OAAO,qBAAqB,CAAC;IACpF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,GAAG,EAAE,SAAS;SACf,CAAC;QACF,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,WAAW,EAAE;YACtC,cAAc,EAAE,kBAAkB;SACnC;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;QAChB,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,cAAc,QAAQ,CAAC,MAAM,KAAK,MAAM,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;SACnE;QAED,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3B,MAAM,kFAAkF,CAAC;SAC1F;aAAM;YACL,MAAM,kCAAkC,CAAC;SAC1C;KACF;IAED,MAAM,IAAI,GAA+B,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC/D,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EACJ,sDAAsD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAC7E,CAAC;KACH;IAED,MAAM,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;IAE9B,yEAAyE;IACzE,MAAM,aAAa,GAAG,YAAY,CAAC,aAAa,CAAC,MAAM,CACrD,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,mBAAmB,KAAK,OAAO,CACrD,CAAC;IAEF,MAAM,YAAY,GAChB,aAAa,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC;QAChD,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAEhC,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,2BAA2B,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,QAAQ,EAAE,CAAC,CAAC;KAC7D;IAED,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,2HAA2H,CAAC;KACnI;IAED,OAAO,YAAY,CAAC,QAAQ,CAAC;AAC/B,CAAC,CAAA,CAAC;AA1EW,QAAA,YAAY,gBA0EvB"}
+{"version":3,"file":"ssh-key.js","sourceRoot":"","sources":["../../../../src/plugins/google/ssh-key.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wDAAqD;AACrD,+CAA6C;AAC7C,qCAAgD;AAGhD;;;;;;;;;;GAUG;AACI,MAAM,YAAY,GAAG,CAC1B,SAAiB,EACjB,OAA6B,EAC7B,EAAE;;IACF,MAAM,KAAK,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,mCAAI,KAAK,CAAC;IACtC,MAAM,SAAS,GAAG,IAAA,yBAAkB,GAAE,KAAK,KAAK,CAAC;IACjD,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC;IAE7C,yDAAyD;IACzD,MAAM,WAAW,GAAG,MAAM,IAAA,uBAAU,EAClC,EAAE,KAAK,EAAE,KAAK,EAAE,EAChB,GAAG,EACH,SAAS;QACP,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,oBAAoB,CAAC;QAC5D,CAAC,CAAC,CAAC,MAAM,EAAE,oBAAoB,CAAC,CACnC,CAAC;IAEF,MAAM,OAAO,GAAG,MAAM,IAAA,uBAAU,EAC9B,EAAE,KAAK,EAAE,EACT,GAAG,EACH,SAAS;QACP,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,SAAS,CAAC;QAChE,CAAC,CAAC,CAAC,QAAQ,EAAE,WAAW,EAAE,SAAS,CAAC,CACvC,CAAC;IAEF,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EACJ,0BAA0B,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,OAAO,EAAE,CAC/E,CAAC;KACH;IAED,MAAM,GAAG,GAAG,2CAA2C,OAAO,qBAAqB,CAAC;IACpF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,GAAG,EAAE,SAAS;SACf,CAAC;QACF,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,WAAW,EAAE;YACtC,cAAc,EAAE,kBAAkB;SACnC;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;QAChB,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,cAAc,QAAQ,CAAC,MAAM,KAAK,MAAM,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;SACnE;QAED,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3B,MAAM,kFAAkF,CAAC;SAC1F;aAAM;YACL,MAAM,kCAAkC,CAAC;SAC1C;KACF;IAED,MAAM,IAAI,GAA+B,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC/D,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EACJ,sDAAsD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAC7E,CAAC;KACH;IAED,MAAM,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;IAE9B,yEAAyE;IACzE,MAAM,aAAa,GAAG,YAAY,CAAC,aAAa,CAAC,MAAM,CACrD,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,mBAAmB,KAAK,OAAO,CACrD,CAAC;IAEF,MAAM,YAAY,GAChB,aAAa,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC;QAChD,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;IAEhC,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,2BAA2B,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,QAAQ,EAAE,CAAC,CAAC;KAC7D;IAED,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,2HAA2H,CAAC;KACnI;IAED,OAAO,YAAY,CAAC,QAAQ,CAAC;AAC/B,CAAC,CAAA,CAAC;AAlFW,QAAA,YAAY,gBAkFvB"}

package/build/dist/plugins/kubeconfig/index.js

@@ -12,21 +12,20 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.awsCloudAuth = exports.aliasedArn = exports.profileName = exports.requestAccessToCluster = exports.getAndValidateK8sIntegration = void 0;
 const shared_1 = require("../../commands/shared");
 const request_1 = require("../../commands/shared/request");
-const firestore_1 = require("../../drivers/firestore");
-const stdio_1 = require("../../drivers/stdio");
+const api_1 = require("../../drivers/api");
 const util_1 = require("../../util");
 const config_1 = require("../aws/config");
 const idc_1 = require("../aws/idc");
 const utils_1 = require("../aws/utils");
 const aws_1 = require("../okta/aws");
-const firestore_2 = require("firebase/firestore");
 const lodash_1 = require("lodash");
+const typescript_1 = require("typescript");
 const KUBECONFIG_PREFIX = "p0";
 const getAndValidateK8sIntegration = (authn, clusterId) => __awaiter(void 0, void 0, void 0, function* () {
-    var _a, _b;
-    const configDoc = yield (0, firestore_2.getDoc)((0, firestore_1.doc)(`o/${authn.identity.org.tenantId}/integrations/k8s`));
+    var _a;
+    const configDoc = yield (0, api_1.fetchIntegrationConfig)(authn, "k8s");
     // Validation done here in lieu of the backend, since the backend doesn't validate until approval. TODO: ENG-2365.
-    const config = (_b = (_a = configDoc.data()) === null || _a === void 0 ? void 0 : _a["iam-write"]) === null || _b === void 0 ? void 0 : _b[clusterId];
+    const config = (_a = configDoc.config["iam-write"]) === null || _a === void 0 ? void 0 : _a[clusterId];
     if (!config) {
         throw `Cluster with ID ${clusterId} not found`;
     }
@@ -69,8 +68,11 @@ const requestAccessToCluster = (authn, args, clusterId, role) => __awaiter(void
     if (!response) {
         throw "Did not receive access ID from server";
     }
-    const { id } = response;
-    return yield (0, stdio_1.spinUntil)("Waiting for access to be provisioned. This may take up to a minute.", (0, shared_1.waitForProvisioning)(authn, id));
+    const code = yield (0, shared_1.decodeProvisionStatus)(response.request);
+    if (!code) {
+        typescript_1.sys.exit(1);
+    }
+    return response.request;
 });
 exports.requestAccessToCluster = requestAccessToCluster;
 const profileName = (eksCluterName) => `${KUBECONFIG_PREFIX}-${eksCluterName}`;
@@ -78,13 +80,13 @@ exports.profileName = profileName;
 const aliasedArn = (eksCluterArn) => `${KUBECONFIG_PREFIX}-${eksCluterArn}`;
 exports.aliasedArn = aliasedArn;
 const awsCloudAuth = (authn, awsAccountId, request, loginType) => __awaiter(void 0, void 0, void 0, function* () {
-    var _c;
+    var _b;
     const { permission, generated } = request;
     const { eksGenerated } = generated;
     const { name } = eksGenerated;
     switch (loginType) {
         case "idc": {
-            const { idcId, idcRegion } = (_c = permission.awsResourcePermission) !== null && _c !== void 0 ? _c : {};
+            const { idcId, idcRegion } = (_b = permission.awsResourcePermission) !== null && _b !== void 0 ? _b : {};
             if (!idcId || !idcRegion) {
                 throw "AWS is configured to use Identity Center, but IDC information wasn't received in the request.";
             }

package/build/dist/plugins/kubeconfig/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/plugins/kubeconfig/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAWA,kDAA4D;AAC5D,2DAAwD;AACxD,uDAA8C;AAC9C,+CAAgD;AAGhD,qCAAyC;AACzC,0CAA6C;AAC7C,oCAA+C;AAE/C,wCAAwC;AACxC,qCAAqD;AAErD,kDAA4C;AAC5C,mCAA8B;AAG9B,MAAM,iBAAiB,GAAG,IAAI,CAAC;AAExB,MAAM,4BAA4B,GAAG,CAC1C,KAAY,EACZ,SAAiB,EAQhB,EAAE;;IACH,MAAM,SAAS,GAAG,MAAM,IAAA,kBAAM,EAC5B,IAAA,eAAG,EAAC,KAAK,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,mBAAmB,CAAC,CACzD,CAAC;IAEF,kHAAkH;IAClH,MAAM,MAAM,GAAG,MAAA,MAAA,SAAS,CAAC,IAAI,EAAE,0CAAG,WAAW,CAAC,0CAAG,SAAS,CAAC,CAAC;IAC5D,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,mBAAmB,SAAS,YAAY,CAAC;KAChD;IAED,IAAI,MAAM,CAAC,KAAK,KAAK,WAAW,EAAE;QAChC,MAAM,mBAAmB,SAAS,mBAAmB,CAAC;KACvD;IAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IAE3B,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE;QAC1B,MAAM,CACJ,8DAA8D,SAAS,8BAA8B;YACrG,2EAA2E,CAC5E,CAAC;KACH;IAED,MAAM,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;IACvC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,IAAA,gBAAQ,EAAC,aAAa,CAAC,CAAC;IAC5D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAA,qBAAY,EAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IACtE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,SAAS,CAAC;IAEtC,yEAAyE;IACzE,IAAI,CAAC,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,IAAI,CAAA,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,IAAI,MAAK,KAAK,EAAE;QAC/C,MAAM,kJAAkJ,CAAC;KAC1J;IAED,OAAO;QACL,aAAa,EAAE,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE;QACzD,YAAY,EAAE,QAAQ,CAAC,IAAI;KAC5B,CAAC;AACJ,CAAC,CAAA,CAAC;AAhDW,QAAA,4BAA4B,gCAgDvC;AAEK,MAAM,sBAAsB,GAAG,CACpC,KAAY,EACZ,IAAqD,EACrD,SAAiB,EACjB,IAAY,EACmC,EAAE;IACjD,MAAM,QAAQ,GAAG,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAElC,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;YACT,KAAK;YACL,UAAU;YACV,WAAW;YACX,SAAS;YACT,QAAQ;YACR,IAAI;YACJ,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACtD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjD,GAAG,CAAC,IAAI,CAAC,iBAAiB;gBACxB,CAAC,CAAC,CAAC,sBAAsB,EAAE,IAAI,CAAC,iBAAiB,CAAC;gBAClD,CAAC,CAAC,EAAE,CAAC;SACR,EACD,IAAI,EAAE,IAAI,KAEZ,KAAK,EACL,EAAE,OAAO,EAAE,mBAAmB,EAAE,CACjC,CAAC;IAEF,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,uCAAuC,CAAC;KAC/C;IACD,MAAM,EAAE,EAAE,EAAE,GAAG,QAAQ,CAAC;IAExB,OAAO,MAAM,IAAA,iBAAS,EACpB,qEAAqE,EACrE,IAAA,4BAAmB,EAAoB,KAAK,EAAE,EAAE,CAAC,CAClD,CAAC;AACJ,CAAC,CAAA,CAAC;AArCW,QAAA,sBAAsB,0BAqCjC;AAEK,MAAM,WAAW,GAAG,CAAC,aAAqB,EAAU,EAAE,CAC3D,GAAG,iBAAiB,IAAI,aAAa,EAAE,CAAC;AAD7B,QAAA,WAAW,eACkB;AAEnC,MAAM,UAAU,GAAG,CAAC,YAAoB,EAAU,EAAE,CACzD,GAAG,iBAAiB,IAAI,YAAY,EAAE,CAAC;AAD5B,QAAA,UAAU,cACkB;AAElC,MAAM,YAAY,GAAG,CAC1B,KAAY,EACZ,YAAoB,EACpB,OAA6C,EAC7C,SAA8B,EACL,EAAE;;IAC3B,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;IAC1C,MAAM,EAAE,YAAY,EAAE,GAAG,SAAS,CAAC;IACnC,MAAM,EAAE,IAAI,EAAE,GAAG,YAAY,CAAC;IAE9B,QAAQ,SAAS,EAAE;QACjB,KAAK,KAAK,CAAC,CAAC;YACV,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,MAAA,UAAU,CAAC,qBAAqB,mCAAI,EAAE,CAAC;YAEpE,IAAI,CAAC,KAAK,IAAI,CAAC,SAAS,EAAE;gBACxB,MAAM,+FAA+F,CAAC;aACvG;YAED,OAAO,MAAM,IAAA,uBAAiB,EAAC;gBAC7B,SAAS,EAAE,YAAY;gBACvB,aAAa,EAAE,IAAI;gBACnB,GAAG,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE;aACtC,CAAC,CAAC;SACJ;QACD,KAAK,WAAW;YACd,OAAO,MAAM,IAAA,4BAAsB,EAAC,KAAK,EAAE;gBACzC,SAAS,EAAE,YAAY;gBACvB,IAAI,EAAE,IAAI;aACX,CAAC,CAAC;QACL;YACE,MAAM,IAAA,kBAAW,EAAC,SAAS,CAAC,CAAC;KAChC;AACH,CAAC,CAAA,CAAC;AAhCW,QAAA,YAAY,gBAgCvB"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/plugins/kubeconfig/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAWA,kDAA8D;AAC9D,2DAAwD;AACxD,2CAA2D;AAG3D,qCAAyC;AACzC,0CAA6C;AAC7C,oCAA+C;AAE/C,wCAAwC;AACxC,qCAAqD;AAErD,mCAA8B;AAC9B,2CAAiC;AAGjC,MAAM,iBAAiB,GAAG,IAAI,CAAC;AAExB,MAAM,4BAA4B,GAAG,CAC1C,KAAY,EACZ,SAAiB,EAQhB,EAAE;;IACH,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAsB,EAC5C,KAAK,EACL,KAAK,CACN,CAAC;IAEF,kHAAkH;IAClH,MAAM,MAAM,GAAG,MAAA,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,0CAAG,SAAS,CAAC,CAAC;IAC1D,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,mBAAmB,SAAS,YAAY,CAAC;KAChD;IAED,IAAI,MAAM,CAAC,KAAK,KAAK,WAAW,EAAE;QAChC,MAAM,mBAAmB,SAAS,mBAAmB,CAAC;KACvD;IAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IAE3B,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE;QAC1B,MAAM,CACJ,8DAA8D,SAAS,8BAA8B;YACrG,2EAA2E,CAC5E,CAAC;KACH;IAED,MAAM,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;IACvC,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,IAAA,gBAAQ,EAAC,aAAa,CAAC,CAAC;IAC5D,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAA,qBAAY,EAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IACtE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,SAAS,CAAC;IAEtC,yEAAyE;IACzE,IAAI,CAAC,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,IAAI,CAAA,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,IAAI,MAAK,KAAK,EAAE;QAC/C,MAAM,kJAAkJ,CAAC;KAC1J;IAED,OAAO;QACL,aAAa,EAAE,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE;QACzD,YAAY,EAAE,QAAQ,CAAC,IAAI;KAC5B,CAAC;AACJ,CAAC,CAAA,CAAC;AAjDW,QAAA,4BAA4B,gCAiDvC;AAEK,MAAM,sBAAsB,GAAG,CACpC,KAAY,EACZ,IAAqD,EACrD,SAAiB,EACjB,IAAY,EACmC,EAAE;IACjD,MAAM,QAAQ,GAAG,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAIlC,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;YACT,KAAK;YACL,UAAU;YACV,WAAW;YACX,SAAS;YACT,QAAQ;YACR,IAAI;YACJ,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACtD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjD,GAAG,CAAC,IAAI,CAAC,iBAAiB;gBACxB,CAAC,CAAC,CAAC,sBAAsB,EAAE,IAAI,CAAC,iBAAiB,CAAC;gBAClD,CAAC,CAAC,EAAE,CAAC;SACR,EACD,IAAI,EAAE,IAAI,KAEZ,KAAK,EACL,EAAE,OAAO,EAAE,mBAAmB,EAAE,CACjC,CAAC;IAEF,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,uCAAuC,CAAC;KAC/C;IAED,MAAM,IAAI,GAAG,MAAM,IAAA,8BAAqB,EAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC3D,IAAI,CAAC,IAAI,EAAE;QACT,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACb;IACD,OAAO,QAAQ,CAAC,OAAO,CAAC;AAC1B,CAAC,CAAA,CAAC;AAvCW,QAAA,sBAAsB,0BAuCjC;AAEK,MAAM,WAAW,GAAG,CAAC,aAAqB,EAAU,EAAE,CAC3D,GAAG,iBAAiB,IAAI,aAAa,EAAE,CAAC;AAD7B,QAAA,WAAW,eACkB;AAEnC,MAAM,UAAU,GAAG,CAAC,YAAoB,EAAU,EAAE,CACzD,GAAG,iBAAiB,IAAI,YAAY,EAAE,CAAC;AAD5B,QAAA,UAAU,cACkB;AAElC,MAAM,YAAY,GAAG,CAC1B,KAAY,EACZ,YAAoB,EACpB,OAA6C,EAC7C,SAA8B,EACL,EAAE;;IAC3B,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;IAC1C,MAAM,EAAE,YAAY,EAAE,GAAG,SAAS,CAAC;IACnC,MAAM,EAAE,IAAI,EAAE,GAAG,YAAY,CAAC;IAE9B,QAAQ,SAAS,EAAE;QACjB,KAAK,KAAK,CAAC,CAAC;YACV,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,MAAA,UAAU,CAAC,qBAAqB,mCAAI,EAAE,CAAC;YAEpE,IAAI,CAAC,KAAK,IAAI,CAAC,SAAS,EAAE;gBACxB,MAAM,+FAA+F,CAAC;aACvG;YAED,OAAO,MAAM,IAAA,uBAAiB,EAAC;gBAC7B,SAAS,EAAE,YAAY;gBACvB,aAAa,EAAE,IAAI;gBACnB,GAAG,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE;aACtC,CAAC,CAAC;SACJ;QACD,KAAK,WAAW;YACd,OAAO,MAAM,IAAA,4BAAsB,EAAC,KAAK,EAAE;gBACzC,SAAS,EAAE,YAAY;gBACvB,IAAI,EAAE,IAAI;aACX,CAAC,CAAC;QACL;YACE,MAAM,IAAA,kBAAW,EAAC,SAAS,CAAC,CAAC;KAChC;AACH,CAAC,CAAA,CAAC;AAhCW,QAAA,YAAY,gBAgCvB"}

package/build/dist/plugins/login.js

@@ -10,10 +10,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.pluginLoginMap = void 0;
-const login_1 = require("./email/login");
-const login_2 = require("./google/login");
-const login_3 = require("./okta/login");
-const login_4 = require("./ping/login");
+const login_1 = require("./azure/login");
+const login_2 = require("./email/login");
+const login_3 = require("./google/login");
+const login_4 = require("./okta/login");
+const login_5 = require("./ping/login");
 const loginPlugins = [
     "google",
     "okta",
@@ -25,11 +26,12 @@ const loginPlugins = [
     "aws-oidc",
 ];
 exports.pluginLoginMap = {
-    google: login_2.googleLogin,
-    okta: login_3.oktaLogin,
-    ping: login_4.pingLogin,
-    "google-oidc": login_2.googleLogin,
+    google: login_3.googleLogin,
+    okta: login_4.oktaLogin,
+    ping: login_5.pingLogin,
+    "google-oidc": login_3.googleLogin,
     "oidc-pkce": (org) => __awaiter(void 0, void 0, void 0, function* () { return yield exports.pluginLoginMap[org.providerType](org); }),
-    password: login_1.emailPasswordLogin,
+    password: login_2.emailPasswordLogin,
+    "azure-oidc": login_1.azureLogin,
 };
 //# sourceMappingURL=login.js.map

package/build/dist/plugins/login.js.map

@@ -1 +1 @@
-{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/plugins/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAYA,yCAAmD;AACnD,0CAA6C;AAC7C,wCAAyC;AACzC,wCAAyC;AAEzC,MAAM,YAAY,GAAG;IACnB,QAAQ;IACR,MAAM;IACN,MAAM;IACN,WAAW;IACX,WAAW;IACX,YAAY;IACZ,aAAa;IACb,UAAU;CACF,CAAC;AAIE,QAAA,cAAc,GAGvB;IACF,MAAM,EAAE,mBAAW;IACnB,IAAI,EAAE,iBAAS;IACf,IAAI,EAAE,iBAAS;IACf,aAAa,EAAE,mBAAW;IAC1B,WAAW,EAAE,CAAO,GAAG,EAAE,EAAE,kDAAC,OAAA,MAAM,sBAAc,CAAC,GAAG,CAAC,YAAa,CAAE,CAAC,GAAG,CAAC,CAAA,GAAA;IACzE,QAAQ,EAAE,0BAAkB;CAC7B,CAAC"}
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/plugins/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAYA,yCAA2C;AAC3C,yCAAmD;AACnD,0CAA6C;AAC7C,wCAAyC;AACzC,wCAAyC;AAEzC,MAAM,YAAY,GAAG;IACnB,QAAQ;IACR,MAAM;IACN,MAAM;IACN,WAAW;IACX,WAAW;IACX,YAAY;IACZ,aAAa;IACb,UAAU;CACF,CAAC;AAIE,QAAA,cAAc,GAGvB;IACF,MAAM,EAAE,mBAAW;IACnB,IAAI,EAAE,iBAAS;IACf,IAAI,EAAE,iBAAS;IACf,aAAa,EAAE,mBAAW;IAC1B,WAAW,EAAE,CAAO,GAAG,EAAE,EAAE,kDAAC,OAAA,MAAM,sBAAc,CAAC,GAAG,CAAC,YAAa,CAAE,CAAC,GAAG,CAAC,CAAA,GAAA;IACzE,QAAQ,EAAE,0BAAkB;IAC5B,YAAY,EAAE,kBAAU;CACzB,CAAC"}

package/build/dist/plugins/self-hosted/ssh.d.ts

@@ -0,0 +1,3 @@
+import { SshProvider } from "../../types/ssh";
+import { SelfHostedSshPermissionSpec, SelfHostedSshRequest } from "./types";
+export declare const selfHostedSshProvider: SshProvider<SelfHostedSshPermissionSpec, undefined, SelfHostedSshRequest>;

package/build/dist/plugins/self-hosted/ssh.js

@@ -0,0 +1,80 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.selfHostedSshProvider = void 0;
+/** Copyright © 2024-present P0 Security
+
+This file is part of @p0security/cli
+
+@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
+
+@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
+**/
+const ssh_1 = require("../../commands/shared/ssh");
+const keys_1 = require("../../common/keys");
+const api_1 = require("../../drivers/api");
+const PROPAGATION_TIMEOUT_LIMIT_MS = 2 * 60 * 1000;
+const unprovisionedAccessPatterns = [
+    { pattern: /Permission denied \(publickey\)/ },
+    {
+        // The output of `sudo -v` when the user is not allowed to run sudo
+        pattern: /Sorry, user .+ may not run sudo on .+/,
+    },
+];
+exports.selfHostedSshProvider = {
+    cloudProviderLogin: () => __awaiter(void 0, void 0, void 0, function* () { return undefined; }),
+    ensureInstall: () => __awaiter(void 0, void 0, void 0, function* () { }),
+    friendlyName: "Self-hosted",
+    loginRequiredMessage: "Please login to P0 CLI with 'p0 login'",
+    propagationTimeoutMs: PROPAGATION_TIMEOUT_LIMIT_MS,
+    preTestAccessPropagationArgs: (cmdArgs) => {
+        if ((0, ssh_1.isSudoCommand)(cmdArgs)) {
+            return Object.assign(Object.assign({}, cmdArgs), { 
+                // `sudo -v` prints `Sorry, user <user> may not run sudo on <hostname>.` to stderr when user is not a sudoer.
+                // It prints nothing to stdout when user is a sudoer - which is important because we don't want any output from the pre-test.
+                command: "sudo", arguments: ["-v"] });
+        }
+        return undefined;
+    },
+    generateKeys: (_) => __awaiter(void 0, void 0, void 0, function* () {
+        return {
+            privateKeyPath: keys_1.PRIVATE_KEY_PATH,
+        };
+    }),
+    proxyCommand: (request, port) => {
+        return ["nc", request.id, port !== null && port !== void 0 ? port : "22"];
+    },
+    reproCommands: () => undefined,
+    requestToSsh: (request) => {
+        return {
+            id: request.permission.resource.publicIp,
+            linuxUserName: request.generated.linuxUserName,
+            type: "self-hosted",
+        };
+    },
+    unprovisionedAccessPatterns,
+    toCliRequest: (request) => __awaiter(void 0, void 0, void 0, function* () { return (Object.assign(Object.assign({}, request), { cliLocalData: undefined })); }),
+    submitPublicKey(authn, request, requestId, publicKey) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (request.generated.publicKey) {
+                if (request.generated.publicKey !== publicKey) {
+                    throw "Public key mismatch. Please revoke the request and try again.";
+                }
+            }
+            else {
+                yield (0, api_1.submitPublicKey)(authn, { publicKey, requestId });
+            }
+        });
+    },
+};
+//# sourceMappingURL=ssh.js.map

package/build/dist/plugins/self-hosted/ssh.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/plugins/self-hosted/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,mDAA0D;AAC1D,4CAAqD;AACrD,2CAAoD;AAIpD,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEnD,MAAM,2BAA2B,GAAG;IAClC,EAAE,OAAO,EAAE,iCAAiC,EAAE;IAC9C;QACE,mEAAmE;QACnE,OAAO,EAAE,uCAAuC;KACjD;CACO,CAAC;AAEE,QAAA,qBAAqB,GAI9B;IACF,kBAAkB,EAAE,GAAS,EAAE,kDAAC,OAAA,SAAS,CAAA,GAAA;IACzC,aAAa,EAAE,GAAS,EAAE,kDAAE,CAAC,CAAA;IAE7B,YAAY,EAAE,aAAa;IAE3B,oBAAoB,EAAE,wCAAwC;IAE9D,oBAAoB,EAAE,4BAA4B;IAElD,4BAA4B,EAAE,CAAC,OAAO,EAAE,EAAE;QACxC,IAAI,IAAA,mBAAa,EAAC,OAAO,CAAC,EAAE;YAC1B,uCACK,OAAO;gBACV,6GAA6G;gBAC7G,6HAA6H;gBAC7H,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,CAAC,IAAI,CAAC,IACjB;SACH;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,YAAY,EAAE,CAAO,CAAC,EAAE,EAAE;QACxB,OAAO;YACL,cAAc,EAAE,uBAAgB;SACjC,CAAC;IACJ,CAAC,CAAA;IAED,YAAY,EAAE,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE;QAC9B,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,EAAE,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,IAAI,CAAC,CAAC;IAC1C,CAAC;IAED,aAAa,EAAE,GAAG,EAAE,CAAC,SAAS;IAE9B,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;QACxB,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,QAAQ;YACxC,aAAa,EAAE,OAAO,CAAC,SAAS,CAAC,aAAa;YAC9C,IAAI,EAAE,aAAa;SACpB,CAAC;IACJ,CAAC;IAED,2BAA2B;IAE3B,YAAY,EAAE,CAAO,OAAO,EAAE,EAAE,kDAAC,OAAA,iCAAM,OAAO,KAAE,YAAY,EAAE,SAAS,IAAG,CAAA,GAAA;IAEpE,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;;YACxD,IAAI,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE;gBAC/B,IAAI,OAAO,CAAC,SAAS,CAAC,SAAS,KAAK,SAAS,EAAE;oBAC7C,MAAM,+DAA+D,CAAC;iBACvE;aACF;iBAAM;gBACL,MAAM,IAAA,qBAAe,EAAC,KAAK,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;aACxD;QACH,CAAC;KAAA;CACF,CAAC"}

package/build/dist/plugins/self-hosted/types.d.ts

@@ -0,0 +1,31 @@
+/** Copyright © 2024-present P0 Security
+
+This file is part of @p0security/cli
+
+@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
+
+@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
+**/
+import { PermissionSpec } from "../../types/request";
+import { CliPermissionSpec } from "../../types/ssh";
+import { CommonSshPermissionSpec } from "../ssh/types";
+export type SelfHostedSshPermission = CommonSshPermissionSpec & {
+    provider: "self-hosted";
+    resource: {
+        hostname: string;
+        publicIp: string;
+    };
+};
+export type SelfHostedSshGenerated = {
+    linuxUserName: string;
+    publicKey: string;
+};
+export type SelfHostedSshPermissionSpec = PermissionSpec<"ssh", SelfHostedSshPermission, SelfHostedSshGenerated>;
+export type SelfHostedSsh = CliPermissionSpec<SelfHostedSshPermissionSpec, undefined>;
+export type SelfHostedSshRequest = {
+    type: "self-hosted";
+    linuxUserName: string;
+    id: string;
+};

package/build/dist/plugins/self-hosted/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/build/dist/plugins/self-hosted/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../../src/plugins/self-hosted/types.ts"],"names":[],"mappings":""}