@p0security/cli 0.19.14 → 0.19.16

package/build/dist/commands/index.js

@@ -35,6 +35,7 @@ const login_1 = require("./login");
 const logout_1 = require("./logout");
 const ls_1 = require("./ls");
 const print_bearer_token_1 = require("./print-bearer-token");
+const rdp_1 = require("./rdp");
 const request_1 = require("./request");
 const scp_1 = require("./scp");
 const ssh_1 = require("./ssh");
@@ -55,6 +56,7 @@ const commands = [
     ssh_proxy_1.sshProxyCommand,
     ssh_resolve_1.sshResolveCommand,
     scp_1.scpCommand,
+    rdp_1.rdpCommand,
     kubeconfig_1.kubeconfigCommand,
     print_bearer_token_1.printBearerTokenCommand,
 ];

package/build/dist/commands/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/commands/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,8CAAmD;AACnD,4CAAkD;AAClD,oDAAsD;AACtD,wCAA2C;AAC3C,mCAAuC;AACvC,+BAAmC;AACnC,mCAAuC;AACvC,6CAAiD;AACjD,mCAAuC;AACvC,qCAAyC;AACzC,6BAAiC;AACjC,6DAA+D;AAC/D,uCAA2C;AAC3C,+BAAmC;AACnC,+BAAmC;AACnC,2CAA8C;AAC9C,+CAAkD;AAClD,2CAAiC;AACjC,kDAA0B;AAC1B,2CAAwC;AAExC,MAAM,QAAQ,GAAG;IACf,gBAAU;IACV,oBAAY;IACZ,oBAAY;IACZ,sBAAa;IACb,cAAS;IACT,wBAAc;IACd,oBAAY;IACZ,gBAAU;IACV,2BAAe;IACf,+BAAiB;IACjB,gBAAU;IACV,8BAAiB;IACjB,4CAAuB;CACxB,CAAC;AAEF,MAAM,SAAS,GAAG,GAAS,EAAE;IAC3B,MAAM,EAAE,OAAO,EAAE,GAAG,uBAAa,CAAC;IAClC,MAAM,IAAI,GAAG,IAAA,eAAK,EAAC,IAAA,iBAAO,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAE3D,6FAA6F;IAC7F,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,CAAC,QAAQ,GAAG,CAAC,GAAoC,EAAE,EAAE;QACvD,IAAI,OAAO,GAAG,KAAK,UAAU,EAAE;YAC7B,gBAAgB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,IAAA,uBAAc,GAAE,CAAC,CAAC,CAAC;SAC3D;aAAM;YACL,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACtB,IAAA,cAAM,EAAC,KAAK,IAAA,uBAAc,GAAE,EAAE,CAAC,CAAC;SACjC;QAED,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;IAEF,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEF,4DAA4D;AAC5D,MAAM,mBAAmB,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;AAEzD,SAAe,uBAAuB,CAAC,IAA8B;;QACnE,MAAM,cAAc,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEjC,IAAI,OAAO,cAAc,KAAK,QAAQ,EAAE;YACtC,OAAO;SACR;QAED,IAAI,mBAAmB,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE;YAChD,OAAO;SACR;aAAM;YACL,OAAO,MAAM,IAAA,sBAAY,EAAC,IAAI,CAAC,CAAC;SACjC;IACH,CAAC;CAAA;AAEM,MAAM,MAAM,GAAG,GAAS,EAAE;IAC/B,OAAA,QAAQ;SACL,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,SAAS,EAAE,CAAC;SACzC,UAAU,CAAC,uBAAuB,CAAC;SACnC,MAAM,EAAE;SACR,aAAa,CAAC,CAAC,CAAC;SAChB,IAAI,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QAC9B,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;SACf;aAAM;YACL,IAAA,cAAM,EAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YACrB,IAAA,cAAM,EAAC,KAAK,OAAO,EAAE,CAAC,CAAC;YACvB,IAAA,cAAM,EAAC,KAAK,IAAA,uBAAc,GAAE,EAAE,CAAC,CAAC;SACjC;QACD,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC,CAAC,CAAA;EAAA,CAAC;AAfM,QAAA,MAAM,UAeZ"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/commands/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,8CAAmD;AACnD,4CAAkD;AAClD,oDAAsD;AACtD,wCAA2C;AAC3C,mCAAuC;AACvC,+BAAmC;AACnC,mCAAuC;AACvC,6CAAiD;AACjD,mCAAuC;AACvC,qCAAyC;AACzC,6BAAiC;AACjC,6DAA+D;AAC/D,+BAAmC;AACnC,uCAA2C;AAC3C,+BAAmC;AACnC,+BAAmC;AACnC,2CAA8C;AAC9C,+CAAkD;AAClD,2CAAiC;AACjC,kDAA0B;AAC1B,2CAAwC;AAExC,MAAM,QAAQ,GAAG;IACf,gBAAU;IACV,oBAAY;IACZ,oBAAY;IACZ,sBAAa;IACb,cAAS;IACT,wBAAc;IACd,oBAAY;IACZ,gBAAU;IACV,2BAAe;IACf,+BAAiB;IACjB,gBAAU;IACV,gBAAU;IACV,8BAAiB;IACjB,4CAAuB;CACxB,CAAC;AAEF,MAAM,SAAS,GAAG,GAAS,EAAE;IAC3B,MAAM,EAAE,OAAO,EAAE,GAAG,uBAAa,CAAC;IAClC,MAAM,IAAI,GAAG,IAAA,eAAK,EAAC,IAAA,iBAAO,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAE3D,6FAA6F;IAC7F,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,CAAC,QAAQ,GAAG,CAAC,GAAoC,EAAE,EAAE;QACvD,IAAI,OAAO,GAAG,KAAK,UAAU,EAAE;YAC7B,gBAAgB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,GAAG,IAAA,uBAAc,GAAE,CAAC,CAAC,CAAC;SAC3D;aAAM;YACL,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACtB,IAAA,cAAM,EAAC,KAAK,IAAA,uBAAc,GAAE,EAAE,CAAC,CAAC;SACjC;QAED,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;IAEF,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEF,4DAA4D;AAC5D,MAAM,mBAAmB,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;AAEzD,SAAe,uBAAuB,CAAC,IAA8B;;QACnE,MAAM,cAAc,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEjC,IAAI,OAAO,cAAc,KAAK,QAAQ,EAAE;YACtC,OAAO;SACR;QAED,IAAI,mBAAmB,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE;YAChD,OAAO;SACR;aAAM;YACL,OAAO,MAAM,IAAA,sBAAY,EAAC,IAAI,CAAC,CAAC;SACjC;IACH,CAAC;CAAA;AAEM,MAAM,MAAM,GAAG,GAAS,EAAE;IAC/B,OAAA,QAAQ;SACL,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,SAAS,EAAE,CAAC;SACzC,UAAU,CAAC,uBAAuB,CAAC;SACnC,MAAM,EAAE;SACR,aAAa,CAAC,CAAC,CAAC;SAChB,IAAI,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QAC9B,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,KAAK,CAAC,CAAC;SACf;aAAM;YACL,IAAA,cAAM,EAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YACrB,IAAA,cAAM,EAAC,KAAK,OAAO,EAAE,CAAC,CAAC;YACvB,IAAA,cAAM,EAAC,KAAK,IAAA,uBAAc,GAAE,EAAE,CAAC,CAAC;SACjC;QACD,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC,CAAC,CAAA;EAAA,CAAC;AAfM,QAAA,MAAM,UAeZ"}

package/build/dist/commands/rdp.d.ts

@@ -0,0 +1,2 @@
+import yargs from "yargs";
+export declare const rdpCommand: (yargs: yargs.Argv<{}>) => yargs.Argv<{}>;

package/build/dist/commands/rdp.js

@@ -0,0 +1,77 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.rdpCommand = void 0;
+/** Copyright © 2024-present P0 Security
+
+This file is part of @p0security/cli
+
+@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
+
+@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
+**/
+const auth_1 = require("../drivers/auth");
+const stdio_1 = require("../drivers/stdio");
+const rdp_1 = require("../plugins/rdp");
+const util_1 = require("../util");
+const rdpCommand = (yargs) => yargs.command("rdp <destination>", "Connect to a Windows virtual machine via RDP", (yargs) => yargs
+    .positional("destination", {
+    type: "string",
+    demandOption: true,
+})
+    .option("reason", {
+    describe: "Reason access is needed",
+    type: "string",
+})
+    .option("debug", {
+    type: "boolean",
+    describe: "Print debug information.",
+    default: false,
+})
+    .option("configure", {
+    type: "boolean",
+    describe: "Configure the RDP session before connecting",
+    default: false,
+})
+    .usage("$0 rdp <destination>")
+    .epilogue(`Connect to a Windows virtual machine via RDP through Azure Bastion Host.
+
+Example:
+  $ ${(0, util_1.getAppName)()} rdp my-windows-vm --reason "Reason for access"`), rdpAction);
+exports.rdpCommand = rdpCommand;
+/**
+ * Connect to a Virtual Machine via RDP
+ *
+ * Implicitly requests access to the machine if not already granted.
+ * Implicitly logs the user into Azure if not already logged in.
+ *
+ * Supported RDP mechanisms:
+ * - Azure VM via Bastion Host with Entra ID authentication
+ */
+const rdpAction = (cmdArgs) => __awaiter(void 0, void 0, void 0, function* () {
+    // Entra ID authentication is only supported on Windows client machines.
+    // See: https://learn.microsoft.com/en-us/windows/client-management/client-tools/connect-to-remote-aadj-pc#connect-with-microsoft-entra-authentication
+    const os = (0, util_1.getOperatingSystem)();
+    if (os !== "win") {
+        (0, stdio_1.print2)("RDP session connections are only supported on Windows.");
+        process.exit(1);
+    }
+    const authn = yield (0, auth_1.authenticate)(cmdArgs);
+    yield (0, rdp_1.rdp)(authn, cmdArgs);
+    // Force exit to prevent hanging due to orphaned child processes
+    // Skip in tests to avoid killing the test runner
+    if (process.env.NODE_ENV !== "unit") {
+        process.exit(0);
+    }
+});
+//# sourceMappingURL=rdp.js.map

package/build/dist/commands/rdp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rdp.js","sourceRoot":"","sources":["../../../src/commands/rdp.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,0CAA+C;AAC/C,4CAA0C;AAC1C,wCAAqC;AAErC,kCAAyD;AAGlD,MAAM,UAAU,GAAG,CAAC,KAAiB,EAAE,EAAE,CAC9C,KAAK,CAAC,OAAO,CACX,mBAAmB,EACnB,8CAA8C,EAC9C,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,aAAa,EAAE;IACzB,IAAI,EAAE,QAAQ;IACd,YAAY,EAAE,IAAI;CACnB,CAAC;KACD,MAAM,CAAC,QAAQ,EAAE;IAChB,QAAQ,EAAE,yBAAyB;IACnC,IAAI,EAAE,QAAQ;CACf,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;IACpC,OAAO,EAAE,KAAK;CACf,CAAC;KACD,MAAM,CAAC,WAAW,EAAE;IACnB,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,6CAA6C;IACvD,OAAO,EAAE,KAAK;CACf,CAAC;KACD,KAAK,CAAC,sBAAsB,CAAC;KAC7B,QAAQ,CACP;;;MAGJ,IAAA,iBAAU,GAAE,iDAAiD,CAC1D,EAEL,SAAS,CACV,CAAC;AAjCS,QAAA,UAAU,cAiCnB;AAEJ;;;;;;;;GAQG;AACH,MAAM,SAAS,GAAG,CAAO,OAAiD,EAAE,EAAE;IAC5E,wEAAwE;IACxE,sJAAsJ;IACtJ,MAAM,EAAE,GAAG,IAAA,yBAAkB,GAAE,CAAC;IAChC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,IAAA,cAAM,EAAC,wDAAwD,CAAC,CAAC;QACjE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,EAAC,OAAO,CAAC,CAAC;IAC1C,MAAM,IAAA,SAAG,EAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAE1B,gEAAgE;IAChE,iDAAiD;IACjD,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE;QACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;AACH,CAAC,CAAA,CAAC"}

package/build/dist/commands/shared/ssh.js

@@ -72,23 +72,34 @@ const provisionRequest = (authn, args, destination, options) => __awaiter(void 0
                 ...(args.parent ? ["--parent", args.parent] : []),
             ], wait: true, debug: args.debug }), authn, { message: (options === null || options === void 0 ? void 0 : options.quiet) ? "quiet" : "approval-required" });
     });
+    // Always prints the error, but adds a hint if we think a username was included in the instance name by mistake.
+    const requestErrorHandler = (err) => {
+        if (typeof err === "string") {
+            (0, stdio_1.print2)(err);
+            if (err.startsWith("Could not find any instances matching") &&
+                destination.includes("@")) {
+                (0, stdio_1.print2)("Hint: The instance name appears to include a username. The username should be omitted.");
+            }
+        }
+        typescript_1.sys.exit(1);
+    };
     let response;
     if (options === null || options === void 0 ? void 0 : options.approvedOnly) {
         // Try first with sudo
         try {
-            response = yield makeRequest({ forceSudo: true });
+            response = yield makeRequest({ forceSudo: true }).catch(requestErrorHandler);
         }
         catch (error) {
             // If that fails, try without sudo
             if (args.debug) {
                 (0, stdio_1.print2)("Request with sudo failed, retrying without sudo");
             }
-            response = yield makeRequest();
+            response = yield makeRequest().catch(requestErrorHandler);
         }
     }
     else {
         // Normal behavior when not approvedOnly
-        response = yield makeRequest();
+        response = yield makeRequest().catch(requestErrorHandler);
     }
     if (!response) {
         if (!(options === null || options === void 0 ? void 0 : options.quiet)) {

package/build/dist/commands/shared/ssh.js.map

@@ -1 +1 @@
-{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/commands/shared/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wBAA0C;AAC1C,4CAAkD;AAClD,2CAA2D;AAC3D,iDAAyD;AACzD,+CAA6C;AAC7C,+CAAuD;AACvD,iDAA2D;AAC3D,kDAA0D;AAC1D,uDAAsE;AAItE,yCAMyB;AACzB,uCAAoC;AACpC,mCAA8B;AAC9B,2CAAiC;AA0DpB,QAAA,aAAa,GAGtB;IACF,GAAG,EAAE,oBAAc;IACnB,KAAK,EAAE,sBAAgB;IACvB,MAAM,EAAE,oBAAc;IACtB,aAAa,EAAE,2BAAqB;CACrC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,KAAY,EACZ,IAAkD,EAClD,EAAE;IACF,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAsB,EAC5C,KAAK,EACL,KAAK,EACL,IAAI,CAAC,KAAK,CACX,CAAC;IACF,MAAM,WAAW,GAAG,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAEnD,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ;QACpC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;QACjB,CAAC,CAAC,2BAAqB,CAAC;IAE1B,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,EAAE,CAAC,CAAC,MAAM,CACpD,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CACf,KAAK,CAAC,KAAK,IAAI,WAAW;QAC1B,gBAAgB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAC5D,CAAC;IAEF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QACtB,MAAM,oDAAoD,CAAC;KAC5D;AACH,CAAC,CAAA,CAAC;AAEK,MAAM,aAAa,GAAG,CAAC,IAA0C,EAAE,EAAE,CAC1E,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,CAAC;AAD1B,QAAA,aAAa,iBACa;AAEhC,MAAM,gBAAgB,GAAG,CAC9B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,OAA2B,EAC3B,EAAE;IACF,MAAM,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAA,oBAAa,GAAE,CAAC;IAExD,MAAM,WAAW,GAAG,CAAO,cAAuC,EAAE,EAAE;QACpE,OAAO,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAExB,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;gBACT,KAAK;gBACL,SAAS;gBACT,WAAW;gBACX,cAAc;gBACd,SAAS;gBACT,GAAG,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAChD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvD,GAAG,CAAC,CAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,SAAS,KAAI,IAAA,qBAAa,EAAC,IAAI,CAAC;oBAClD,CAAC,CAAC,CAAC,QAAQ,CAAC;oBACZ,CAAC,CAAC,EAAE,CAAC;gBACP,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aAClD,EACD,IAAI,EAAE,IAAI,EACV,KAAK,EAAE,IAAI,CAAC,KAAK,KAEnB,KAAK,EACL,EAAE,OAAO,EAAE,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB,EAAE,CAC5D,CAAC;IACJ,CAAC,CAAA,CAAC;IAEF,IAAI,QAAQ,CAAC;IACb,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAE;QACzB,sBAAsB;QACtB,IAAI;YACF,QAAQ,GAAG,MAAM,WAAW,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;SACnD;QAAC,OAAO,KAAK,EAAE;YACd,kCAAkC;YAClC,IAAI,IAAI,CAAC,KAAK,EAAE;gBACd,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;aAC3D;YACD,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC;SAChC;KACF;SAAM;QACL,wCAAwC;QACxC,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC;KAChC;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,EAAE;YACnB,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;SACjD;QACD,OAAO;KACR;IAED,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IAEvC,MAAM,OAAO,GAAG,aAAa;QAC3B,CAAC,CAAC,iDAAiD;QACnD,CAAC,CAAC,sCAAsC,CAAC;IAC3C,IAAA,cAAM,EAAC,OAAO,CAAC,CAAC;IAEhB,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAqB,EACxC,QAAQ,CAAC,OAAO,CACjB,CAAC;IAEF,IAAI,CAAC,MAAM;QAAE,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAEzB,OAAO;QACL,SAAS,EAAE,EAAE;QACb,kBAAkB,EAAE,QAAQ,CAAC,OAAO;QACpC,SAAS;QACT,UAAU;KACX,CAAC;AACJ,CAAC,CAAA,CAAC;AA/EW,QAAA,gBAAgB,oBA+E3B;AAEF,MAAM,kBAAkB,GAAG,CACzB,OAA4C,EAC5C,OAA+C,EACJ,EAAE;IAC7C,OAAA,MAAM,qBAAa,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,YAAY,CAC3D,OAAc,EACd,OAAO,CACR,CAAA;EAAA,CAAC;AAEG,MAAM,cAAc,GAAG,CAC5B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,OAA2B,EAC3B,EAAE;;IACF,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAgB,EAAC,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;IACzE,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,uCAAuC,IAAA,0BAAiB,GAAE,EAAE,CAAC;KACpE;IAED,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,MAAM,CAAC;IAE5D,MAAM,WAAW,GAAG,qBAAa,CAAC,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE1E,MAAM,CAAA,MAAA,WAAW,CAAC,eAAe,4DAC/B,KAAK,EACL,kBAAkB,EAClB,SAAS,EACT,SAAS,EACT,IAAI,CAAC,KAAK,CACX,CAAA,CAAC;IAEF,MAAM,WAAW,CAAC,aAAa,EAAE,CAAC;IAElC,MAAM,UAAU,GAAG,MAAM,kBAAkB,CAAC,kBAAkB,kCACzD,IAAI,KACP,SAAS,IACT,CAAC;IAEH,MAAM,OAAO,GAAG,WAAW,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;IAErD,MAAM,WAAW,GAAG,MAAM,CAAA,MAAA,WAAW,CAAC,YAAY,4DAAG,OAAO,EAAE,IAAI,CAAC,CAAA,CAAC;IAEpE,uCAAY,MAAM,KAAE,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,WAAW,IAAG;AAC9E,CAAC,CAAA,CAAC;AAnCW,QAAA,cAAc,kBAmCzB"}
+{"version":3,"file":"ssh.js","sourceRoot":"","sources":["../../../../src/commands/shared/ssh.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wBAA0C;AAC1C,4CAAkD;AAClD,2CAA2D;AAC3D,iDAAyD;AACzD,+CAA6C;AAC7C,+CAAuD;AACvD,iDAA2D;AAC3D,kDAA0D;AAC1D,uDAAsE;AAItE,yCAMyB;AACzB,uCAAoC;AACpC,mCAA8B;AAC9B,2CAAiC;AA0DpB,QAAA,aAAa,GAGtB;IACF,GAAG,EAAE,oBAAc;IACnB,KAAK,EAAE,sBAAgB;IACvB,MAAM,EAAE,oBAAc;IACtB,aAAa,EAAE,2BAAqB;CACrC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CACzB,KAAY,EACZ,IAAkD,EAClD,EAAE;IACF,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAsB,EAC5C,KAAK,EACL,KAAK,EACL,IAAI,CAAC,KAAK,CACX,CAAC;IACF,MAAM,WAAW,GAAG,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAEnD,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ;QACpC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;QACjB,CAAC,CAAC,2BAAqB,CAAC;IAE1B,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,EAAE,CAAC,CAAC,MAAM,CACpD,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CACf,KAAK,CAAC,KAAK,IAAI,WAAW;QAC1B,gBAAgB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAC5D,CAAC;IAEF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QACtB,MAAM,oDAAoD,CAAC;KAC5D;AACH,CAAC,CAAA,CAAC;AAEK,MAAM,aAAa,GAAG,CAAC,IAA0C,EAAE,EAAE,CAC1E,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,KAAK,MAAM,CAAC;AAD1B,QAAA,aAAa,iBACa;AAEhC,MAAM,gBAAgB,GAAG,CAC9B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,OAA2B,EAC3B,EAAE;IACF,MAAM,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,IAAA,oBAAa,GAAE,CAAC;IAExD,MAAM,WAAW,GAAG,CAAO,cAAuC,EAAE,EAAE;QACpE,OAAO,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAExB,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;gBACT,KAAK;gBACL,SAAS;gBACT,WAAW;gBACX,cAAc;gBACd,SAAS;gBACT,GAAG,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAChD,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvD,GAAG,CAAC,CAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,SAAS,KAAI,IAAA,qBAAa,EAAC,IAAI,CAAC;oBAClD,CAAC,CAAC,CAAC,QAAQ,CAAC;oBACZ,CAAC,CAAC,EAAE,CAAC;gBACP,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aAClD,EACD,IAAI,EAAE,IAAI,EACV,KAAK,EAAE,IAAI,CAAC,KAAK,KAEnB,KAAK,EACL,EAAE,OAAO,EAAE,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB,EAAE,CAC5D,CAAC;IACJ,CAAC,CAAA,CAAC;IAEF,gHAAgH;IAChH,MAAM,mBAAmB,GAAG,CAAC,GAAQ,EAAE,EAAE;QACvC,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YAC3B,IAAA,cAAM,EAAC,GAAG,CAAC,CAAC;YACZ,IACE,GAAG,CAAC,UAAU,CAAC,uCAAuC,CAAC;gBACvD,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EACzB;gBACA,IAAA,cAAM,EACJ,wFAAwF,CACzF,CAAC;aACH;SACF;QACD,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC,CAAC;IAEF,IAAI,QAAQ,CAAC;IACb,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAE;QACzB,sBAAsB;QACtB,IAAI;YACF,QAAQ,GAAG,MAAM,WAAW,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CACrD,mBAAmB,CACpB,CAAC;SACH;QAAC,OAAO,KAAK,EAAE;YACd,kCAAkC;YAClC,IAAI,IAAI,CAAC,KAAK,EAAE;gBACd,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;aAC3D;YACD,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;SAC3D;KACF;SAAM;QACL,wCAAwC;QACxC,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;KAC3D;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,EAAE;YACnB,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;SACjD;QACD,OAAO;KACR;IAED,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IAEvC,MAAM,OAAO,GAAG,aAAa;QAC3B,CAAC,CAAC,iDAAiD;QACnD,CAAC,CAAC,sCAAsC,CAAC;IAC3C,IAAA,cAAM,EAAC,OAAO,CAAC,CAAC;IAEhB,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAqB,EACxC,QAAQ,CAAC,OAAO,CACjB,CAAC;IAEF,IAAI,CAAC,MAAM;QAAE,gBAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAEzB,OAAO;QACL,SAAS,EAAE,EAAE;QACb,kBAAkB,EAAE,QAAQ,CAAC,OAAO;QACpC,SAAS;QACT,UAAU;KACX,CAAC;AACJ,CAAC,CAAA,CAAC;AAjGW,QAAA,gBAAgB,oBAiG3B;AAEF,MAAM,kBAAkB,GAAG,CACzB,OAA4C,EAC5C,OAA+C,EACJ,EAAE;IAC7C,OAAA,MAAM,qBAAa,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,YAAY,CAC3D,OAAc,EACd,OAAO,CACR,CAAA;EAAA,CAAC;AAEG,MAAM,cAAc,GAAG,CAC5B,KAAY,EACZ,IAAkD,EAClD,WAAmB,EACnB,OAA2B,EAC3B,EAAE;;IACF,MAAM,MAAM,GAAG,MAAM,IAAA,wBAAgB,EAAC,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;IACzE,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,uCAAuC,IAAA,0BAAiB,GAAE,EAAE,CAAC;KACpE;IAED,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,MAAM,CAAC;IAE5D,MAAM,WAAW,GAAG,qBAAa,CAAC,kBAAkB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE1E,MAAM,CAAA,MAAA,WAAW,CAAC,eAAe,4DAC/B,KAAK,EACL,kBAAkB,EAClB,SAAS,EACT,SAAS,EACT,IAAI,CAAC,KAAK,CACX,CAAA,CAAC;IAEF,MAAM,WAAW,CAAC,aAAa,EAAE,CAAC;IAElC,MAAM,UAAU,GAAG,MAAM,kBAAkB,CAAC,kBAAkB,kCACzD,IAAI,KACP,SAAS,IACT,CAAC;IAEH,MAAM,OAAO,GAAG,WAAW,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;IAErD,MAAM,WAAW,GAAG,MAAM,CAAA,MAAA,WAAW,CAAC,YAAY,4DAAG,OAAO,EAAE,IAAI,CAAC,CAAA,CAAC;IAEpE,uCAAY,MAAM,KAAE,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE,WAAW,IAAG;AAC9E,CAAC,CAAA,CAAC;AAnCW,QAAA,cAAc,kBAmCzB"}

package/build/dist/plugins/azure/auth.d.ts

@@ -1,8 +1,13 @@
+import { AzureRdpRequest } from "../../types/rdp";
 import { AzureSshRequest } from "./types";
 export declare const AUTHORIZATION_FAILED_PATTERN: RegExp;
 export declare const USER_NOT_IN_CACHE_PATTERN: RegExp;
 export declare const NASCENT_ACCESS_GRANT_MESSAGE = "If access was recently granted, please try again in a few minutes.";
 export declare const ABORT_AUTHORIZATION_FAILED_MESSAGE: string;
+export declare const azCommandArgs: (args: string[]) => {
+    command: string;
+    args: string[];
+};
 export declare const azLoginCommand: (tenantId: string) => {
     command: string;
     args: string[];
@@ -23,7 +28,7 @@ export declare const azAccountShowUserPrincipalName: () => {
  * Attempts to set the Azure subscription for the current ssh session request. If
  * the user is not logged in, this function will attempt to log in.
  */
-export declare const azSetSubscription: (request: AzureSshRequest, options?: {
+export declare const azSetSubscription: (request: AzureRdpRequest["permission"]["resource"] | AzureSshRequest, options: {
     debug?: boolean;
     forceLogout?: boolean;
 }) => Promise<string>;

package/build/dist/plugins/azure/auth.js

@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.azSetSubscription = exports.azAccountShowUserPrincipalName = exports.azAccountSetCommand = exports.azAccountClearCommand = exports.azLoginCommand = exports.ABORT_AUTHORIZATION_FAILED_MESSAGE = exports.NASCENT_ACCESS_GRANT_MESSAGE = exports.USER_NOT_IN_CACHE_PATTERN = exports.AUTHORIZATION_FAILED_PATTERN = void 0;
+exports.azSetSubscription = exports.azAccountShowUserPrincipalName = exports.azAccountSetCommand = exports.azAccountClearCommand = exports.azLoginCommand = exports.azCommandArgs = exports.ABORT_AUTHORIZATION_FAILED_MESSAGE = exports.NASCENT_ACCESS_GRANT_MESSAGE = exports.USER_NOT_IN_CACHE_PATTERN = exports.AUTHORIZATION_FAILED_PATTERN = void 0;
 /** Copyright © 2024-present P0 Security
 
 This file is part of @p0security/cli
@@ -30,31 +30,31 @@ exports.AUTHORIZATION_FAILED_PATTERN = /The client '.+' with object id '.+' does
 exports.USER_NOT_IN_CACHE_PATTERN = /Exception in handling client: User '.+' does not exist in MSAL token cache./;
 exports.NASCENT_ACCESS_GRANT_MESSAGE = "If access was recently granted, please try again in a few minutes.";
 exports.ABORT_AUTHORIZATION_FAILED_MESSAGE = `Your Microsoft Token Cache is out of date. Run 'az account clear' and 'az login' to refresh your credentials. ${(0, config_1.getContactMessage)()}`;
-const azLoginCommand = (tenantId) => ({
-    command: "az",
-    args: [
-        "login",
-        "--scope",
-        "https://management.core.windows.net//.default",
-        "--tenant",
-        tenantId,
-    ],
-});
+const azCommandArgs = (args) => {
+    const isWindows = (0, util_1.getOperatingSystem)() === "win";
+    // On Windows, when installing the Azure CLI, the main az file is
+    // a .cmd (shell script) file rather than a .exe (binary executable) file,
+    // so when calling spawn, it cannot be located except via cmd.exe
+    // Unlike in MacOS, the underlying Windows OS API that spawn uses doesn't
+    // resolve .CMD files by default
+    return isWindows
+        ? { command: "cmd.exe", args: ["/d", "/s", "/c", "az", ...args] }
+        : { command: "az", args };
+};
+exports.azCommandArgs = azCommandArgs;
+const azLoginCommand = (tenantId) => (0, exports.azCommandArgs)([
+    "login",
+    "--scope",
+    "https://management.core.windows.net//.default",
+    "--tenant",
+    tenantId,
+]);
 exports.azLoginCommand = azLoginCommand;
-const azAccountClearCommand = () => ({
-    command: "az",
-    args: ["account", "clear"],
-});
+const azAccountClearCommand = () => (0, exports.azCommandArgs)(["account", "clear"]);
 exports.azAccountClearCommand = azAccountClearCommand;
-const azAccountSetCommand = (subscriptionId) => ({
-    command: "az",
-    args: ["account", "set", "--subscription", subscriptionId],
-});
+const azAccountSetCommand = (subscriptionId) => (0, exports.azCommandArgs)(["account", "set", "--subscription", subscriptionId]);
 exports.azAccountSetCommand = azAccountSetCommand;
-const azAccountShowUserPrincipalName = () => ({
-    command: "az",
-    args: ["account", "show", "--query", "user.name", "-o", "tsv"],
-});
+const azAccountShowUserPrincipalName = () => (0, exports.azCommandArgs)(["account", "show", "--query", "user.name", "-o", "tsv"]);
 exports.azAccountShowUserPrincipalName = azAccountShowUserPrincipalName;
 const performAccountClear = ({ debug }) => __awaiter(void 0, void 0, void 0, function* () {
     try {
@@ -151,7 +151,7 @@ const getUserPrincipalName = ({ debug }) => __awaiter(void 0, void 0, void 0, fu
  * Attempts to set the Azure subscription for the current ssh session request. If
  * the user is not logged in, this function will attempt to log in.
  */
-const azSetSubscription = (request, options = {}) => __awaiter(void 0, void 0, void 0, function* () {
+const azSetSubscription = (request, options) => __awaiter(void 0, void 0, void 0, function* () {
     const { debug, forceLogout } = options;
     if (debug)
         (0, stdio_1.print2)("Forming Azure connection...");
@@ -160,7 +160,7 @@ const azSetSubscription = (request, options = {}) => __awaiter(void 0, void 0, v
     if (forceLogout)
         yield performAccountClear({ debug });
     yield performSetAccount(request, Object.assign(Object.assign({}, options), { attempts: 2 }));
-    return yield getUserPrincipalName(options);
+    return yield getUserPrincipalName({ debug });
 });
 exports.azSetSubscription = azSetSubscription;
 //# sourceMappingURL=auth.js.map

package/build/dist/plugins/azure/auth.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../../src/plugins/azure/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAyD;AACzD,+CAA6C;AAC7C,qCAAkC;AAGlC,MAAM,8BAA8B,GAClC,+DAA+D,CAAC;AAClE,MAAM,gCAAgC,GAAG,+BAA+B,CAAC;AACzE,MAAM,+BAA+B,GACnC,6FAA6F,CAAC;AACnF,QAAA,4BAA4B,GACvC,iMAAiM,CAAC;AACvL,QAAA,yBAAyB,GACpC,6EAA6E,CAAC;AACnE,QAAA,4BAA4B,GACvC,oEAAoE,CAAC;AAC1D,QAAA,kCAAkC,GAAG,iHAAiH,IAAA,0BAAiB,GAAE,EAAE,CAAC;AAElL,MAAM,cAAc,GAAG,CAAC,QAAgB,EAAE,EAAE,CAAC,CAAC;IACnD,OAAO,EAAE,IAAI;IACb,IAAI,EAAE;QACJ,OAAO;QACP,SAAS;QACT,+CAA+C;QAC/C,UAAU;QACV,QAAQ;KACT;CACF,CAAC,CAAC;AATU,QAAA,cAAc,kBASxB;AAEI,MAAM,qBAAqB,GAAG,GAAG,EAAE,CAAC,CAAC;IAC1C,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,SAAS,EAAE,OAAO,CAAC;CAC3B,CAAC,CAAC;AAHU,QAAA,qBAAqB,yBAG/B;AAEI,MAAM,mBAAmB,GAAG,CAAC,cAAsB,EAAE,EAAE,CAAC,CAAC;IAC9D,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,cAAc,CAAC;CAC3D,CAAC,CAAC;AAHU,QAAA,mBAAmB,uBAG7B;AAEI,MAAM,8BAA8B,GAAG,GAAG,EAAE,CAAC,CAAC;IACnD,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,KAAK,CAAC;CAC/D,CAAC,CAAC;AAHU,QAAA,8BAA8B,kCAGxC;AAEH,MAAM,mBAAmB,GAAG,CAAO,EAAE,KAAK,EAAuB,EAAE,EAAE;IACnE,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,GAChD,IAAA,6BAAqB,GAAE,CAAC;QAC1B,MAAM,YAAY,GAAG,MAAM,IAAA,WAAI,EAAC,WAAW,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAE5E,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAC5B,IAAA,cAAM,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC;SAC7B;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,EAAE;YACT,iDAAiD;YACjD,IAAA,cAAM,EAAC,2BAA2B,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;SACnD;KACF;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,YAAY,GAAG,CACnB,WAAmB,EACnB,EAAE,KAAK,EAAuB,EAC9B,EAAE;IACF,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,GAC9C,IAAA,sBAAc,EAAC,WAAW,CAAC,CAAC;QAC9B,MAAM,WAAW,GAAG,MAAM,IAAA,WAAI,EAAC,UAAU,EAAE,WAAW,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEzE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,wBAAwB,CAAC,CAAC;YACjC,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YAC3B,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;SAC5B;QAED,OAAO,WAAW,CAAC,MAAM,CAAC;KAC3B;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,8BAA8B,CAAC,CAAC;YACvC,IAAA,cAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC;SACtB;QAED,IAAI,gCAAgC,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YACvD,MAAM,6BAA6B,WAAW,MAAM,oCAA4B,IAAI,IAAA,0BAAiB,GAAE,EAAE,CAAC;SAC3G;QAED,IAAI,+BAA+B,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YACtD,MAAM,4CAA4C,CAAC;SACpD;QAED,MAAM,KAAK,CAAC;KACb;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,OAAwD,EACxD,OAA8C,EAC9C,EAAE;;IACF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;IAC5B,MAAM,QAAQ,GAAG,MAAA,OAAO,CAAC,QAAQ,mCAAI,CAAC,CAAC;IACvC,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,gBAAgB,EAAE,GACxD,IAAA,2BAAmB,EAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAC9C,MAAM,gBAAgB,GAAG,MAAM,IAAA,WAAI,EAAC,eAAe,EAAE,gBAAgB,EAAE;YACrE,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QAEH,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,sCAAsC,CAAC,CAAC;YAC/C,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAChC,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;SACjC;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,4CAA4C,CAAC,CAAC;YACrD,IAAA,cAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC;SACtB;QAED,IAAI,QAAQ,IAAI,CAAC,EAAE;YACjB,IAAA,cAAM,EACJ,iDAAiD,OAAO,CAAC,QAAQ,YAAY,CAC9E,CAAC;YACF,MAAM,KAAK,CAAC;SACb;QAED,IAAI,8BAA8B,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YACrD,MAAM,mBAAmB,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;YACrC,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,cAAc,CAAC;gBAC1C,MAAM,gBAAgB,OAAO,CAAC,cAAc,eAAe,oCAA4B,EAAE,CAAC;YAC5F,MAAM,iBAAiB,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,GAAG,CAAC,EAAE,CAAC,CAAC;YACpE,OAAO;SACR;QACD,MAAM,KAAK,CAAC;KACb;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,oBAAoB,GAAG,CAAO,EAAE,KAAK,EAAuB,EAAE,EAAE;IACpE,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAA,sCAA8B,GAAE,CAAC;QAC3D,MAAM,iBAAiB,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACrE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,8BAA8B,CAAC,CAAC;YACvC,IAAA,cAAM,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACjC,IAAA,cAAM,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;SAClC;QACD,OAAO,iBAAiB,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;KACxC;IAAC,OAAO,KAAU,EAAE;QACnB,MAAM,wCAAwC,KAAK,GAAG,CAAC;KACxD;AACH,CAAC,CAAA,CAAC;AAEF;;;GAGG;AACI,MAAM,iBAAiB,GAAG,CAC/B,OAAwB,EACxB,UAAsD,EAAE,EACxD,EAAE;IACF,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IACvC,IAAI,KAAK;QAAE,IAAA,cAAM,EAAC,6BAA6B,CAAC,CAAC;IAEjD,qEAAqE;IACrE,kDAAkD;IAClD,IAAI,WAAW;QAAE,MAAM,mBAAmB,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IAEtD,MAAM,iBAAiB,CAAC,OAAO,kCAAO,OAAO,KAAE,QAAQ,EAAE,CAAC,IAAG,CAAC;IAE9D,OAAO,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC7C,CAAC,CAAA,CAAC;AAdW,QAAA,iBAAiB,qBAc5B"}
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../../src/plugins/azure/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAyD;AACzD,+CAA6C;AAE7C,qCAAsD;AAGtD,MAAM,8BAA8B,GAClC,+DAA+D,CAAC;AAClE,MAAM,gCAAgC,GAAG,+BAA+B,CAAC;AACzE,MAAM,+BAA+B,GACnC,6FAA6F,CAAC;AACnF,QAAA,4BAA4B,GACvC,iMAAiM,CAAC;AACvL,QAAA,yBAAyB,GACpC,6EAA6E,CAAC;AACnE,QAAA,4BAA4B,GACvC,oEAAoE,CAAC;AAC1D,QAAA,kCAAkC,GAAG,iHAAiH,IAAA,0BAAiB,GAAE,EAAE,CAAC;AAElL,MAAM,aAAa,GAAG,CAAC,IAAc,EAAE,EAAE;IAC9C,MAAM,SAAS,GAAG,IAAA,yBAAkB,GAAE,KAAK,KAAK,CAAC;IAEjD,iEAAiE;IACjE,0EAA0E;IAC1E,iEAAiE;IACjE,yEAAyE;IACzE,gCAAgC;IAChC,OAAO,SAAS;QACd,CAAC,CAAC,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,EAAE;QACjE,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AAC9B,CAAC,CAAC;AAXW,QAAA,aAAa,iBAWxB;AAEK,MAAM,cAAc,GAAG,CAAC,QAAgB,EAAE,EAAE,CACjD,IAAA,qBAAa,EAAC;IACZ,OAAO;IACP,SAAS;IACT,+CAA+C;IAC/C,UAAU;IACV,QAAQ;CACT,CAAC,CAAC;AAPQ,QAAA,cAAc,kBAOtB;AAEE,MAAM,qBAAqB,GAAG,GAAG,EAAE,CAAC,IAAA,qBAAa,EAAC,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;AAAlE,QAAA,qBAAqB,yBAA6C;AAExE,MAAM,mBAAmB,GAAG,CAAC,cAAsB,EAAE,EAAE,CAC5D,IAAA,qBAAa,EAAC,CAAC,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC;AADzD,QAAA,mBAAmB,uBACsC;AAE/D,MAAM,8BAA8B,GAAG,GAAG,EAAE,CACjD,IAAA,qBAAa,EAAC,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;AAD7D,QAAA,8BAA8B,kCAC+B;AAE1E,MAAM,mBAAmB,GAAG,CAAO,EAAE,KAAK,EAAuB,EAAE,EAAE;IACnE,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,GAChD,IAAA,6BAAqB,GAAE,CAAC;QAC1B,MAAM,YAAY,GAAG,MAAM,IAAA,WAAI,EAAC,WAAW,EAAE,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAE5E,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAC5B,IAAA,cAAM,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC;SAC7B;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,EAAE;YACT,iDAAiD;YACjD,IAAA,cAAM,EAAC,2BAA2B,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;SACnD;KACF;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,YAAY,GAAG,CACnB,WAAmB,EACnB,EAAE,KAAK,EAAuB,EAC9B,EAAE;IACF,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,GAC9C,IAAA,sBAAc,EAAC,WAAW,CAAC,CAAC;QAC9B,MAAM,WAAW,GAAG,MAAM,IAAA,WAAI,EAAC,UAAU,EAAE,WAAW,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEzE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,wBAAwB,CAAC,CAAC;YACjC,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YAC3B,IAAA,cAAM,EAAC,WAAW,CAAC,MAAM,CAAC,CAAC;SAC5B;QAED,OAAO,WAAW,CAAC,MAAM,CAAC;KAC3B;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,8BAA8B,CAAC,CAAC;YACvC,IAAA,cAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC;SACtB;QAED,IAAI,gCAAgC,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YACvD,MAAM,6BAA6B,WAAW,MAAM,oCAA4B,IAAI,IAAA,0BAAiB,GAAE,EAAE,CAAC;SAC3G;QAED,IAAI,+BAA+B,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YACtD,MAAM,4CAA4C,CAAC;SACpD;QAED,MAAM,KAAK,CAAC;KACb;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,OAAwD,EACxD,OAA8C,EAC9C,EAAE;;IACF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;IAC5B,MAAM,QAAQ,GAAG,MAAA,OAAO,CAAC,QAAQ,mCAAI,CAAC,CAAC;IACvC,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,gBAAgB,EAAE,GACxD,IAAA,2BAAmB,EAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAC9C,MAAM,gBAAgB,GAAG,MAAM,IAAA,WAAI,EAAC,eAAe,EAAE,gBAAgB,EAAE;YACrE,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QAEH,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,sCAAsC,CAAC,CAAC;YAC/C,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAChC,IAAA,cAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;SACjC;KACF;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,4CAA4C,CAAC,CAAC;YACrD,IAAA,cAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC;SACtB;QAED,IAAI,QAAQ,IAAI,CAAC,EAAE;YACjB,IAAA,cAAM,EACJ,iDAAiD,OAAO,CAAC,QAAQ,YAAY,CAC9E,CAAC;YACF,MAAM,KAAK,CAAC;SACb;QAED,IAAI,8BAA8B,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YACrD,MAAM,mBAAmB,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;YACrC,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,cAAc,CAAC;gBAC1C,MAAM,gBAAgB,OAAO,CAAC,cAAc,eAAe,oCAA4B,EAAE,CAAC;YAC5F,MAAM,iBAAiB,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,GAAG,CAAC,EAAE,CAAC,CAAC;YACpE,OAAO;SACR;QACD,MAAM,KAAK,CAAC;KACb;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,oBAAoB,GAAG,CAAO,EAAE,KAAK,EAAuB,EAAE,EAAE;IACpE,IAAI;QACF,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAA,sCAA8B,GAAE,CAAC;QAC3D,MAAM,iBAAiB,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACrE,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,8BAA8B,CAAC,CAAC;YACvC,IAAA,cAAM,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACjC,IAAA,cAAM,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;SAClC;QACD,OAAO,iBAAiB,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;KACxC;IAAC,OAAO,KAAU,EAAE;QACnB,MAAM,wCAAwC,KAAK,GAAG,CAAC;KACxD;AACH,CAAC,CAAA,CAAC;AAEF;;;GAGG;AACI,MAAM,iBAAiB,GAAG,CAC/B,OAAoE,EACpE,OAAmD,EACnD,EAAE;IACF,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IACvC,IAAI,KAAK;QAAE,IAAA,cAAM,EAAC,6BAA6B,CAAC,CAAC;IAEjD,qEAAqE;IACrE,kDAAkD;IAClD,IAAI,WAAW;QAAE,MAAM,mBAAmB,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IAEtD,MAAM,iBAAiB,CAAC,OAAO,kCAAO,OAAO,KAAE,QAAQ,EAAE,CAAC,IAAG,CAAC;IAE9D,OAAO,MAAM,oBAAoB,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AAC/C,CAAC,CAAA,CAAC;AAdW,QAAA,iBAAiB,qBAc5B"}

package/build/dist/plugins/azure/rdp.d.ts

@@ -0,0 +1,13 @@
+import { AzureRdpRequest } from "../../types/rdp";
+import { PermissionRequest } from "../../types/request";
+export declare const azureRdpProvider: {
+    setup: (request: PermissionRequest<AzureRdpRequest>, options: {
+        debug?: boolean;
+    }) => Promise<{
+        entraIdUserEmail: string;
+    }>;
+    spawnConnection: (request: PermissionRequest<AzureRdpRequest>, options: {
+        configure?: boolean;
+        debug?: boolean;
+    }) => Promise<void>;
+};

package/build/dist/plugins/azure/rdp.js

@@ -0,0 +1,74 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.azureRdpProvider = void 0;
+/** Copyright © 2024-present P0 Security
+
+This file is part of @p0security/cli
+
+@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
+
+@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
+**/
+const stdio_1 = require("../../drivers/stdio");
+const util_1 = require("../../util");
+const auth_1 = require("./auth");
+const azBastionRdpCommand = (request, options) => {
+    const { configure, debug } = options;
+    const { bastionName, bastionRg, instanceId } = request.permission.resource;
+    return (0, auth_1.azCommandArgs)([
+        "network",
+        "bastion",
+        "rdp",
+        "--name",
+        bastionName,
+        "--resource-group",
+        bastionRg,
+        "--target-resource-id",
+        instanceId,
+        "--auth-type",
+        "aad",
+        ...(configure ? ["--configure"] : []),
+        ...(debug ? ["--debug"] : []),
+    ]);
+};
+exports.azureRdpProvider = {
+    setup: (request, options) => __awaiter(void 0, void 0, void 0, function* () {
+        const entraIdUserEmail = yield (0, auth_1.azSetSubscription)(request.permission.resource, options);
+        return { entraIdUserEmail };
+    }),
+    spawnConnection: (request, options) => __awaiter(void 0, void 0, void 0, function* () {
+        const { debug } = options;
+        if (debug) {
+            (0, stdio_1.print2)("Creating Azure Bastion RDP connection...");
+        }
+        try {
+            const { command, args } = azBastionRdpCommand(request, options);
+            if (debug) {
+                (0, stdio_1.print2)(`Executing: ${command} ${args.join(" ")}`);
+            }
+            yield (0, util_1.exec)(command, args, { check: true });
+        }
+        catch (error) {
+            if (debug) {
+                (0, stdio_1.print2)(`Azure Bastion RDP command failed: ${error.message}`);
+                if (error.stderr) {
+                    (0, stdio_1.print2)("Error details:");
+                    (0, stdio_1.print2)(error.stderr);
+                }
+            }
+            throw new Error(`Failed to create Azure Bastion RDP connection: ${error.message}`);
+        }
+    }),
+};
+//# sourceMappingURL=rdp.js.map

package/build/dist/plugins/azure/rdp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rdp.js","sourceRoot":"","sources":["../../../../src/plugins/azure/rdp.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,+CAA6C;AAG7C,qCAAkC;AAClC,iCAA0D;AAE1D,MAAM,mBAAmB,GAAG,CAC1B,OAA2C,EAC3C,OAAiD,EACjD,EAAE;IACF,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;IACrC,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC;IAC3E,OAAO,IAAA,oBAAa,EAAC;QACnB,SAAS;QACT,SAAS;QACT,KAAK;QACL,QAAQ;QACR,WAAW;QACX,kBAAkB;QAClB,SAAS;QACT,sBAAsB;QACtB,UAAU;QACV,aAAa;QACb,KAAK;QACL,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACrC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KAC9B,CAAC,CAAC;AACL,CAAC,CAAC;AAEW,QAAA,gBAAgB,GAAG;IAC9B,KAAK,EAAE,CACL,OAA2C,EAC3C,OAA4B,EAC5B,EAAE;QACF,MAAM,gBAAgB,GAAG,MAAM,IAAA,wBAAiB,EAC9C,OAAO,CAAC,UAAU,CAAC,QAAQ,EAC3B,OAAO,CACR,CAAC;QACF,OAAO,EAAE,gBAAgB,EAAE,CAAC;IAC9B,CAAC,CAAA;IAED,eAAe,EAAE,CACf,OAA2C,EAC3C,OAGC,EACD,EAAE;QACF,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;QAE1B,IAAI,KAAK,EAAE;YACT,IAAA,cAAM,EAAC,0CAA0C,CAAC,CAAC;SACpD;QAED,IAAI;YACF,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAEhE,IAAI,KAAK,EAAE;gBACT,IAAA,cAAM,EAAC,cAAc,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;aACnD;YAED,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;SAC5C;QAAC,OAAO,KAAU,EAAE;YACnB,IAAI,KAAK,EAAE;gBACT,IAAA,cAAM,EAAC,qCAAqC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC7D,IAAI,KAAK,CAAC,MAAM,EAAE;oBAChB,IAAA,cAAM,EAAC,gBAAgB,CAAC,CAAC;oBACzB,IAAA,cAAM,EAAC,KAAK,CAAC,MAAM,CAAC,CAAC;iBACtB;aACF;YACD,MAAM,IAAI,KAAK,CACb,kDAAkD,KAAK,CAAC,OAAO,EAAE,CAClE,CAAC;SACH;IACH,CAAC,CAAA;CACF,CAAC"}

package/build/dist/plugins/rdp/index.d.ts

@@ -0,0 +1,4 @@
+import { Authn } from "../../types/identity";
+import { RdpCommandArgs } from "../../types/rdp";
+import yargs from "yargs";
+export declare const rdp: (authn: Authn, args: yargs.ArgumentsCamelCase<RdpCommandArgs>) => Promise<void>;

package/build/dist/plugins/rdp/index.js

@@ -0,0 +1,84 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.rdp = void 0;
+/** Copyright © 2024-present P0 Security
+
+This file is part of @p0security/cli
+
+@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
+
+@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
+**/
+const shared_1 = require("../../commands/shared");
+const request_1 = require("../../commands/shared/request");
+const api_1 = require("../../drivers/api");
+const config_1 = require("../../drivers/config");
+const stdio_1 = require("../../drivers/stdio");
+const rdp_1 = require("../azure/rdp");
+const lodash_1 = require("lodash");
+const validateRdpInstall = (authn, args) => __awaiter(void 0, void 0, void 0, function* () {
+    const configDoc = yield (0, api_1.fetchIntegrationConfig)(authn, "rdp", args.debug);
+    const configItems = configDoc === null || configDoc === void 0 ? void 0 : configDoc.config["iam-write"];
+    const items = Object.entries(configItems !== null && configItems !== void 0 ? configItems : {}).filter(([_key, value]) => value.state === "installed");
+    if (items.length === 0) {
+        throw "This organization is not configured for RDP access";
+    }
+});
+const provisionRequest = (authn, args) => __awaiter(void 0, void 0, void 0, function* () {
+    yield validateRdpInstall(authn, args);
+    const { destination } = args;
+    const makeRequest = () => __awaiter(void 0, void 0, void 0, function* () {
+        return yield (0, request_1.request)("request")(Object.assign(Object.assign({}, (0, lodash_1.pick)(args, "$0", "_")), { arguments: [
+                "rdp",
+                "session",
+                destination,
+                ...(args.reason ? ["--reason", args.reason] : []),
+            ], wait: true, debug: args.debug, configure: args.configure }), authn);
+    });
+    const response = yield makeRequest();
+    if (!response) {
+        (0, stdio_1.print2)("Did not receive access ID from server");
+        return;
+    }
+    const { isPreexisting } = response;
+    const message = isPreexisting
+        ? "Existing access found.  Connecting to instance."
+        : "Waiting for access to be provisioned";
+    (0, stdio_1.print2)(message);
+    const result = yield (0, shared_1.decodeProvisionStatus)(response.request);
+    if (!result)
+        process.exit(1);
+    return {
+        provisionedRequest: response.request,
+    };
+});
+const prepareRequest = (authn, args) => __awaiter(void 0, void 0, void 0, function* () {
+    const result = yield provisionRequest(authn, args);
+    if (!result) {
+        throw `Server did not return a request id. ${(0, config_1.getContactMessage)()}`;
+    }
+    const { provisionedRequest } = result;
+    return { request: provisionedRequest };
+});
+const rdp = (authn, args) => __awaiter(void 0, void 0, void 0, function* () {
+    const { request } = yield prepareRequest(authn, args);
+    const { configure, debug } = args;
+    yield rdp_1.azureRdpProvider.setup(request, { debug });
+    yield rdp_1.azureRdpProvider.spawnConnection(request, {
+        configure,
+        debug,
+    });
+});
+exports.rdp = rdp;
+//# sourceMappingURL=index.js.map

package/build/dist/plugins/rdp/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/plugins/rdp/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,kDAA8D;AAC9D,2DAAwD;AACxD,2CAA2D;AAC3D,iDAAyD;AACzD,+CAA6C;AAI7C,sCAAgD;AAChD,mCAA8B;AAG9B,MAAM,kBAAkB,GAAG,CACzB,KAAY,EACZ,IAA8C,EAC9C,EAAE;IACF,MAAM,SAAS,GAAG,MAAM,IAAA,4BAAsB,EAI3C,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7B,MAAM,WAAW,GAAG,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAEnD,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,EAAE,CAAC,CAAC,MAAM,CACpD,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,KAAK,WAAW,CAC/C,CAAC;IAEF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;QACtB,MAAM,oDAAoD,CAAC;KAC5D;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,gBAAgB,GAAG,CACvB,KAAY,EACZ,IAA8C,EAC9C,EAAE;IACF,MAAM,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC;IAE7B,MAAM,WAAW,GAAG,GAAS,EAAE;QAC7B,OAAO,MAAM,IAAA,iBAAO,EAAC,SAAS,CAAC,iCAExB,IAAA,aAAI,EAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,KACxB,SAAS,EAAE;gBACT,KAAK;gBACL,SAAS;gBACT,WAAW;gBACX,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aAClD,EACD,IAAI,EAAE,IAAI,EACV,KAAK,EAAE,IAAI,CAAC,KAAK,EACjB,SAAS,EAAE,IAAI,CAAC,SAAS,KAE3B,KAAK,CACN,CAAC;IACJ,CAAC,CAAA,CAAC;IAEF,MAAM,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC;IAErC,IAAI,CAAC,QAAQ,EAAE;QACb,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;QAChD,OAAO;KACR;IAED,MAAM,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;IAEnC,MAAM,OAAO,GAAG,aAAa;QAC3B,CAAC,CAAC,iDAAiD;QACnD,CAAC,CAAC,sCAAsC,CAAC;IAC3C,IAAA,cAAM,EAAC,OAAO,CAAC,CAAC;IAEhB,MAAM,MAAM,GAAG,MAAM,IAAA,8BAAqB,EAAkB,QAAQ,CAAC,OAAO,CAAC,CAAC;IAE9E,IAAI,CAAC,MAAM;QAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAE7B,OAAO;QACL,kBAAkB,EAAE,QAAQ,CAAC,OAAO;KACrC,CAAC;AACJ,CAAC,CAAA,CAAC;AAEF,MAAM,cAAc,GAAG,CACrB,KAAY,EACZ,IAA8C,EAC9C,EAAE;IACF,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACnD,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,uCAAuC,IAAA,0BAAiB,GAAE,EAAE,CAAC;KACpE;IAED,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,CAAC;IACtC,OAAO,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC;AACzC,CAAC,CAAA,CAAC;AAEK,MAAM,GAAG,GAAG,CACjB,KAAY,EACZ,IAA8C,EAC9C,EAAE;IACF,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,cAAc,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEtD,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;IAClC,MAAM,sBAAgB,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;IAEjD,MAAM,sBAAgB,CAAC,eAAe,CAAC,OAAO,EAAE;QAC9C,SAAS;QACT,KAAK;KACN,CAAC,CAAC;AACL,CAAC,CAAA,CAAC;AAbW,QAAA,GAAG,OAad"}

package/build/dist/types/rdp.d.ts

@@ -0,0 +1,32 @@
+/** Copyright © 2024-present P0 Security
+
+This file is part of @p0security/cli
+
+@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
+
+@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
+**/
+import { PermissionSpec } from "./request";
+export type AzureRdpPermissionSpec = PermissionSpec<"rdp", AzureRdpRequest & {
+    type: "azure";
+}, object>;
+export type AzureRdpRequest = {
+    principal: string;
+    permission: {
+        resource: {
+            instanceId: string;
+            subscriptionId: string;
+            bastionName: string;
+            bastionRg: string;
+            directoryId: string;
+        };
+    };
+};
+export type RdpCommandArgs = {
+    configure?: boolean;
+    debug?: boolean;
+    destination: string;
+    reason?: string;
+};

package/build/dist/types/rdp.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=rdp.js.map

package/build/dist/types/rdp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rdp.js","sourceRoot":"","sources":["../../../src/types/rdp.ts"],"names":[],"mappings":""}

package/build/dist/types/request.d.ts

@@ -9,6 +9,7 @@ This file is part of @p0security/cli
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
 import { K8sPermissionSpec } from "../plugins/kubeconfig/types";
+import { AzureRdpRequest } from "./rdp";
 import { PluginSshRequest, SupportedSshProvider } from "./ssh";
 export declare const DONE_STATUSES: readonly ["DONE", "DONE_NOTIFIED"];
 export declare const DENIED_STATUSES: readonly ["DENIED", "DENIED_NOTIFIED"];
@@ -22,7 +23,7 @@ export type PermissionSpec<K extends string, P extends {
     permission: P;
     generated: G;
 };
-export type PluginRequest = K8sPermissionSpec | PluginSshRequest;
+export type PluginRequest = AzureRdpRequest | K8sPermissionSpec | PluginSshRequest;
 export type PermissionRequest<P extends PluginRequest> = P & {
     error?: {
         message: string;

package/build/dist/types/request.js.map

@@ -1 +1 @@
-{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../src/types/request.ts"],"names":[],"mappings":";;;AAaa,QAAA,aAAa,GAAG,CAAC,MAAM,EAAE,eAAe,CAAU,CAAC;AACnD,QAAA,eAAe,GAAG,CAAC,QAAQ,EAAE,iBAAiB,CAAU,CAAC;AACzD,QAAA,cAAc,GAAG;IAC5B,SAAS;IACT,SAAS;IACT,kBAAkB;CACV,CAAC"}
+{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../src/types/request.ts"],"names":[],"mappings":";;;AAca,QAAA,aAAa,GAAG,CAAC,MAAM,EAAE,eAAe,CAAU,CAAC;AACnD,QAAA,eAAe,GAAG,CAAC,QAAQ,EAAE,iBAAiB,CAAU,CAAC;AACzD,QAAA,cAAc,GAAG;IAC5B,SAAS;IACT,SAAS;IACT,kBAAkB;CACV,CAAC"}