@p0security/cli 0.21.0 → 0.22.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/dist/commands/login.js +4 -2
- package/build/dist/commands/login.js.map +1 -1
- package/build/dist/commands/shared/request.js +2 -1
- package/build/dist/commands/shared/request.js.map +1 -1
- package/build/dist/drivers/auth/index.js +18 -2
- package/build/dist/drivers/auth/index.js.map +1 -1
- package/build/dist/drivers/firestore.js +8 -2
- package/build/dist/drivers/firestore.js.map +1 -1
- package/build/dist/plugins/azure/login.js +19 -8
- package/build/dist/plugins/azure/login.js.map +1 -1
- package/build/dist/plugins/login.d.ts +0 -10
- package/build/dist/plugins/login.js +18 -1
- package/build/dist/plugins/login.js.map +1 -1
- package/build/dist/plugins/oidc/login.js +22 -8
- package/build/dist/plugins/oidc/login.js.map +1 -1
- package/build/dist/plugins/okta/login.js +21 -7
- package/build/dist/plugins/okta/login.js.map +1 -1
- package/build/dist/plugins/ping/login.d.ts +0 -10
- package/build/dist/plugins/ping/login.js +18 -4
- package/build/dist/plugins/ping/login.js.map +1 -1
- package/build/dist/types/authUtils.d.ts +28 -0
- package/build/dist/types/authUtils.js +58 -0
- package/build/dist/types/authUtils.js.map +1 -0
- package/build/dist/types/org.d.ts +54 -11
- package/build/dist/types/request.d.ts +1 -0
- package/build/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +1 -1
|
@@ -27,10 +27,12 @@ const firestore_1 = require("../drivers/firestore");
|
|
|
27
27
|
const org_1 = require("../drivers/org");
|
|
28
28
|
const stdio_1 = require("../drivers/stdio");
|
|
29
29
|
const login_1 = require("../plugins/login");
|
|
30
|
+
const authUtils_1 = require("../types/authUtils");
|
|
30
31
|
const MIN_REMAINING_TOKEN_TIME_SECONDS = 5 * 60;
|
|
31
32
|
const doActualLogin = (orgWithSlug, debug) => __awaiter(void 0, void 0, void 0, function* () {
|
|
32
|
-
|
|
33
|
-
const
|
|
33
|
+
const ssoProvider = (0, authUtils_1.getSsoProvider)(orgWithSlug);
|
|
34
|
+
const isPasswordAuth = (0, authUtils_1.usePasswordAuth)(orgWithSlug);
|
|
35
|
+
const plugin = ssoProvider !== null && ssoProvider !== void 0 ? ssoProvider : (isPasswordAuth ? "password" : undefined);
|
|
34
36
|
if (debug) {
|
|
35
37
|
(0, stdio_1.print2)(`Using login method: ${plugin !== null && plugin !== void 0 ? plugin : "unknown"}`);
|
|
36
38
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/commands/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wCAAkD;AAClD,0CAMyB;AACzB,8CAA+C;AAC/C,oDAA0D;AAC1D,wCAA4C;AAC5C,4CAA0C;AAC1C,4CAAkD;
|
|
1
|
+
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/commands/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,wCAAkD;AAClD,0CAMyB;AACzB,8CAA+C;AAC/C,oDAA0D;AAC1D,wCAA4C;AAC5C,4CAA0C;AAC1C,4CAAkD;AAClD,kDAAqE;AAKrE,MAAM,gCAAgC,GAAG,CAAC,GAAG,EAAE,CAAC;AAEhD,MAAM,aAAa,GAAG,CAAO,WAAoB,EAAE,KAAe,EAAE,EAAE;IACpE,MAAM,WAAW,GAAG,IAAA,0BAAc,EAAC,WAAW,CAAC,CAAC;IAChD,MAAM,cAAc,GAAG,IAAA,2BAAe,EAAC,WAAW,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,WAAW,aAAX,WAAW,cAAX,WAAW,GAAI,CAAC,cAAc,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAExE,IAAI,KAAK,EAAE;QACT,IAAA,cAAM,EAAC,uBAAuB,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,SAAS,EAAE,CAAC,CAAC;KACtD;IAED,MAAM,OAAO,GAAG,MAAM,IAAI,sBAAc,CAAC,MAAM,CAAC,CAAC;IAEjD,IAAI,CAAC,OAAO;QAAE,MAAM,yCAAyC,CAAC;IAE9D,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,CAAC;IAEjD,MAAM,IAAA,oBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;AAClD,CAAC,CAAA,CAAC;AAEF,MAAM,cAAc,GAAG,CAAC,OAAe,EAAE,EAAE;IACzC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,kCAAkC;IACzF,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IACjD,MAAM,CAAC,GAAG,YAAY,GAAG,EAAE,CAAC;IAC5B,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;AAC3B,CAAC,CAAC;AAEF;;;;;;GAMG;AACI,MAAM,KAAK,GAAG,CACnB,IAAyC,EACzC,OAAyD,EACzD,EAAE;IACF,qDAAqD;IACrD,MAAM,QAAQ,GAAG,MAAM,IAAA,sBAAe,GAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IAEhE,MAAM,kBAAkB,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAA,yBAAkB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAEvE,IAAI,QAAQ,GAAG,kBAAkB,GAAG,gCAAgC,CAAC;IACrE,IAAI,OAAO,GAAG,IAAI,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC;IAE7C,IAAI,CAAC,OAAO,EAAE;QACZ,IAAI,QAAQ,IAAI,QAAQ,EAAE;YACxB,kFAAkF;YAClF,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC;SAC7B;aAAM;YACL,MAAM,2GAA2G,CAAC;SACnH;KACF;SAAM;QACL,IAAI,QAAQ,IAAI,QAAQ,EAAE;YACxB,IAAI,OAAO,KAAK,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE;gBACjD,sFAAsF;gBACtF,QAAQ,GAAG,KAAK,CAAC;aAClB;SACF;KACF;IAED,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;QAClB,IAAA,cAAM,EACJ,yBAAyB,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,eAAe,UAAU,OAAO,EAAE,CACrF,CAAC;KACH;IAED,MAAM,IAAA,mBAAU,EAAC,OAAO,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAC,CAAC;IAE1C,MAAM,IAAA,8BAAkB,GAAE,CAAC;IAE3B,MAAM,OAAO,GAAG,MAAM,IAAA,gBAAU,EAAC,OAAO,CAAC,CAAC;IAE1C,MAAM,WAAW,mCAAiB,OAAO,KAAE,IAAI,EAAE,OAAO,GAAE,CAAC;IAE3D,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;QAClB,IAAA,cAAM,EAAC,aAAa,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;KACpD;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;YAClB,IAAA,cAAM,EAAC,wCAAwC,OAAO,EAAE,CAAC,CAAC;SAC3D;QACD,MAAM,aAAa,CAAC,WAAW,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAC,CAAC;KAClD;IAED,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gBAAgB,CAAA,EAAE;QAC9B,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,EAAC,EAAE,KAAK,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE,CAAC,CAAC;QAC5D,MAAM,oBAAoB,CAAC,KAAK,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAC,CAAC;KACnD;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,IAAA,cAAM,EACJ,gCAAgC,OAAO,wCAAwC,CAChF,CAAC;KACH;SAAM;QACL,IAAA,cAAM,EAAC,sCAAsC,OAAO,gBAAgB,CAAC,CAAC;KACvE;IAED,IAAI,kBAAkB,GAAG,CAAC,EAAE;QAC1B,IAAA,cAAM,EACJ,kCAAkC,cAAc,CAAC,kBAAkB,CAAC,GAAG,CACxE,CAAC;KACH;AACH,CAAC,CAAA,CAAC;AAvEW,QAAA,KAAK,SAuEhB;AAEK,MAAM,YAAY,GAAG,CAAC,KAAiB,EAAE,EAAE,CAChD,KAAK,CAAC,OAAO,CACX,aAAa,EACb,4BAA4B,EAC5B,CAAC,KAAK,EAAE,EAAE,CACR,KAAK;KACF,UAAU,CAAC,KAAK,EAAE;IACjB,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,sBAAsB;CACjC,CAAC;KACD,MAAM,CAAC,SAAS,EAAE;IACjB,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,yBAAyB;IACnC,OAAO,EAAE,KAAK;CACf,CAAC;KACD,MAAM,CAAC,OAAO,EAAE;IACf,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,0BAA0B;CACrC,CAAC,EAEN,CACE,IAIE,EACF,EAAE,CAAC,IAAA,aAAK,EAAC,IAAI,EAAE,IAAI,CAAC,CACvB,CAAC;AA3BS,QAAA,YAAY,gBA2BrB;AAEJ,MAAM,oBAAoB,GAAG,CAAO,KAAY,EAAE,KAAe,EAAE,EAAE;IACnE,IAAI;QACF,MAAM,IAAA,sBAAgB,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACrC,OAAO,IAAI,CAAC;KACb;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAA,qBAAc,GAAE,CAAC;QACvB,MAAM,2CAA2C,CAAC;KACnD;AACH,CAAC,CAAA,CAAC"}
|
|
@@ -99,7 +99,8 @@ const request = (command) => (args, authn, options) => __awaiter(void 0, void 0,
|
|
|
99
99
|
(options === null || options === void 0 ? void 0 : options.message) === "all" ||
|
|
100
100
|
((options === null || options === void 0 ? void 0 : options.message) === "approval-required" &&
|
|
101
101
|
!data.isPreexisting &&
|
|
102
|
-
!data.isPersistent
|
|
102
|
+
!data.isPersistent &&
|
|
103
|
+
!data.isPreapproved);
|
|
103
104
|
return { shouldLogMessage, data };
|
|
104
105
|
}
|
|
105
106
|
else {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../../src/commands/shared/request.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAAwE;AACxE,6CAAkD;AAClD,+CAAwD;AAOxD,2CAAiC;AAGpB,QAAA,2BAA2B,GACtC,sCAAsC,CAAC;AAC5B,QAAA,uBAAuB,GAAG,wBAAwB,CAAC;AACnD,QAAA,2BAA2B,GACtC,wCAAwC,CAAC;AAE3C,MAAM,QAAQ,GAAG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACnE,MAAM,MAAM,GAAG,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAC/D,MAAM,OAAO,GAAG,EAAE,OAAO,EAAE,mCAAmC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAE1E,MAAM,0BAA0B,GAAG;IACjC,QAAQ;IACR,iBAAiB,EAAE,QAAQ;IAC3B,IAAI,EAAE,QAAQ;IACd,aAAa,EAAE,QAAQ;IACvB,MAAM;IACN,OAAO;CACR,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,MAAW,EACwC,EAAE,CACrD,MAAM,IAAI,0BAA0B,CAAC;AAEhC,MAAM,WAAW,GAAG,CAAI,KAAoB,EAAE,EAAE,CACrD,KAAK;KACF,mBAAmB,CAAC,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC;KACxD,IAAI,CAAC,KAAK,CAAC,CAAC,4HAA4H;KACxI,MAAM,CAAC,MAAM,EAAE;IACd,KAAK,EAAE,GAAG;IACV,OAAO,EAAE,IAAI;IACb,OAAO,EAAE,KAAK;IACd,QAAQ,EAAE,sCAAsC;CACjD,CAAC;KACD,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,0BAA0B,EAAE,CAAC;KAC1E,MAAM,CAAC,WAAW,EAAE;IACnB,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC,CAAC;AAfM,QAAA,WAAW,eAejB;AAEP,MAAM,WAAW,GAAG,CAClB,UAA4C,EAC5C,UAAmB,EACnB,EAAE;IACF,MAAM,EAAE,MAAM,EAAE,GAAG,UAAU,CAAC;IAC9B,IAAI,iBAAiB,CAAC,MAAM,CAAC,EAAE;QAC7B,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,0BAA0B,CAAC,MAAM,CAAC,CAAC;QAC7D,MAAM,YAAY,GAAG,UAAU,CAAC,KAAK;YACnC,CAAC,CAAC,GAAG,OAAO,KAAK,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE;YAC3C,CAAC,CAAC,OAAO,CAAC;QACZ,IAAI,IAAI,KAAK,CAAC,IAAI,UAAU;YAAE,IAAA,cAAM,EAAC,YAAY,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC;KACb;SAAM;QACL,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;QAC1D,OAAO,CAAC,CAAC;KACV;AACH,CAAC,CAAC;AAEK,MAAM,OAAO,GAClB,CAAC,OAA4B,EAAE,EAAE,CACjC,CACE,IAIE,EACF,KAAa,EACb,OAGC,EACwC,EAAE;IAC3C,MAAM,aAAa,GAAG,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,CAAC,MAAM,IAAA,mBAAY,GAAE,CAAC,CAAC;IAEtD,MAAM,aAAa,GAAG,CAAC,OAAgB,EAAE,EAAE;QACzC,QAAQ,OAAO,EAAE;YACf,KAAK,mBAAmB;gBACtB,OAAO,2BAA2B,CAAC;YACrC;gBACE,OAAO,mBAAmB,CAAC;SAC9B;IACH,CAAC,CAAC;IAEF,MAAM,iBAAiB,GAAG,CACxB,OAAgD,EAChD,EAAE;QACF,OAAO,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,KAAI,OAAO;YAChC,CAAC,CAAC,MAAM,IAAA,iBAAS,EAAC,aAAa,CAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAC,EAAE,OAAO,CAAC;YAC3D,CAAC,CAAC,MAAM,OAAO,CAAC;IACpB,CAAC,CAAA,CAAC;IAEF,MAAM,eAAe,GAAG,CACtB,IAAoC,EACqB,EAAE;QAC3D,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,SAAS,IAAI,IAAI,IAAI,IAAI,CAAC,EAAE,EAAE;YACxD,MAAM,gBAAgB,GACpB,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAA;gBACjB,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,MAAK,KAAK;gBAC1B,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,MAAK,mBAAmB;oBACvC,CAAC,IAAI,CAAC,aAAa;oBACnB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"request.js","sourceRoot":"","sources":["../../../../src/commands/shared/request.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,2CAAwE;AACxE,6CAAkD;AAClD,+CAAwD;AAOxD,2CAAiC;AAGpB,QAAA,2BAA2B,GACtC,sCAAsC,CAAC;AAC5B,QAAA,uBAAuB,GAAG,wBAAwB,CAAC;AACnD,QAAA,2BAA2B,GACtC,wCAAwC,CAAC;AAE3C,MAAM,QAAQ,GAAG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACnE,MAAM,MAAM,GAAG,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAC/D,MAAM,OAAO,GAAG,EAAE,OAAO,EAAE,mCAAmC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AAE1E,MAAM,0BAA0B,GAAG;IACjC,QAAQ;IACR,iBAAiB,EAAE,QAAQ;IAC3B,IAAI,EAAE,QAAQ;IACd,aAAa,EAAE,QAAQ;IACvB,MAAM;IACN,OAAO;CACR,CAAC;AAEF,MAAM,iBAAiB,GAAG,CACxB,MAAW,EACwC,EAAE,CACrD,MAAM,IAAI,0BAA0B,CAAC;AAEhC,MAAM,WAAW,GAAG,CAAI,KAAoB,EAAE,EAAE,CACrD,KAAK;KACF,mBAAmB,CAAC,EAAE,yBAAyB,EAAE,IAAI,EAAE,CAAC;KACxD,IAAI,CAAC,KAAK,CAAC,CAAC,4HAA4H;KACxI,MAAM,CAAC,MAAM,EAAE;IACd,KAAK,EAAE,GAAG;IACV,OAAO,EAAE,IAAI;IACb,OAAO,EAAE,KAAK;IACd,QAAQ,EAAE,sCAAsC;CACjD,CAAC;KACD,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,0BAA0B,EAAE,CAAC;KAC1E,MAAM,CAAC,WAAW,EAAE;IACnB,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAc;CACxB,CAAC,CAAC;AAfM,QAAA,WAAW,eAejB;AAEP,MAAM,WAAW,GAAG,CAClB,UAA4C,EAC5C,UAAmB,EACnB,EAAE;IACF,MAAM,EAAE,MAAM,EAAE,GAAG,UAAU,CAAC;IAC9B,IAAI,iBAAiB,CAAC,MAAM,CAAC,EAAE;QAC7B,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,0BAA0B,CAAC,MAAM,CAAC,CAAC;QAC7D,MAAM,YAAY,GAAG,UAAU,CAAC,KAAK;YACnC,CAAC,CAAC,GAAG,OAAO,KAAK,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE;YAC3C,CAAC,CAAC,OAAO,CAAC;QACZ,IAAI,IAAI,KAAK,CAAC,IAAI,UAAU;YAAE,IAAA,cAAM,EAAC,YAAY,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC;KACb;SAAM;QACL,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;QAC1D,OAAO,CAAC,CAAC;KACV;AACH,CAAC,CAAC;AAEK,MAAM,OAAO,GAClB,CAAC,OAA4B,EAAE,EAAE,CACjC,CACE,IAIE,EACF,KAAa,EACb,OAGC,EACwC,EAAE;IAC3C,MAAM,aAAa,GAAG,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,CAAC,MAAM,IAAA,mBAAY,GAAE,CAAC,CAAC;IAEtD,MAAM,aAAa,GAAG,CAAC,OAAgB,EAAE,EAAE;QACzC,QAAQ,OAAO,EAAE;YACf,KAAK,mBAAmB;gBACtB,OAAO,2BAA2B,CAAC;YACrC;gBACE,OAAO,mBAAmB,CAAC;SAC9B;IACH,CAAC,CAAC;IAEF,MAAM,iBAAiB,GAAG,CACxB,OAAgD,EAChD,EAAE;QACF,OAAO,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,KAAI,OAAO;YAChC,CAAC,CAAC,MAAM,IAAA,iBAAS,EAAC,aAAa,CAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAC,EAAE,OAAO,CAAC;YAC3D,CAAC,CAAC,MAAM,OAAO,CAAC;IACpB,CAAC,CAAA,CAAC;IAEF,MAAM,eAAe,GAAG,CACtB,IAAoC,EACqB,EAAE;QAC3D,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,SAAS,IAAI,IAAI,IAAI,IAAI,CAAC,EAAE,EAAE;YACxD,MAAM,gBAAgB,GACpB,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAA;gBACjB,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,MAAK,KAAK;gBAC1B,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,MAAK,mBAAmB;oBACvC,CAAC,IAAI,CAAC,aAAa;oBACnB,CAAC,IAAI,CAAC,YAAY;oBAClB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACzB,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAAC;SACnC;aAAM;YACL,MAAM,IAAI,CAAC;SACZ;IACH,CAAC,CAAC;IAEF,MAAM,aAAa,GAAG,GAAS,EAAE;QAC/B,MAAM,mBAAmB,GAAG,IAAA,kBAAY,EACtC,aAAa,EACb,IAAI,EACJ,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAC7B,CAAC;QACF,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,mBAAmB,CAAC,CAAC;QAC9D,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC7D,IAAI,gBAAgB;YAAE,IAAA,cAAM,EAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC,CAAA,CAAC;IAEF,MAAM,uBAAuB,GAAG,GAAS,EAAE;;QACzC,MAAM,8BAA8B,GAAG,IAAA,2BAAqB,EAE1D,aAAa,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QACjE,MAAM,6BAA6B,GAAG,GAAS,EAAE;YAC/C,MAAM,cAAc,GAAG,MAAM,8BAA8B,CAAC,IAAI,EAAE,CAAC;YACnE,IAAI,cAAc,CAAC,IAAI,EAAE;gBACvB,OAAO,SAAS,CAAC;aAClB;YACD,OAAO,cAAc,CAAC,KAAK,CAAC;QAC9B,CAAC,CAAA,CAAC;QACF,MAAM,UAAU,GAAG,MAAM,iBAAiB,CACxC,6BAA6B,EAAE,CAChC,CAAC;QACF,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;QAC/D,IAAI,gBAAgB,EAAE;YACpB,IAAA,cAAM,EAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACrB,IAAA,cAAM,EAAC,2DAA2D,CAAC,CAAC;SACrE;;YACD,KAA8B,eAAA,mCAAA,cAAA,8BAA8B,CAAA,oCAAA;gBAA9B,8CAA8B;gBAA9B,WAA8B;;oBAAjD,MAAM,SAAS,KAAA,CAAA;oBACxB,IAAI,CAAC,SAAS,EAAE;wBACd,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;qBAC5D;oBACD,MAAM,IAAI,GAAG,WAAW,CACtB,SAAS,CAAC,OAA2C,EACrD,gBAAgB,CACjB,CAAC;oBACF,IAAI,IAAI,EAAE;wBACR,gBAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBACf,OAAO,SAAS,CAAC;qBAClB;oBACD,OAAO,SAAS,CAAC;;;;;aAClB;;;;;;;;;QACD,MAAM,IAAI,CAAC;IACb,CAAC,CAAA,CAAC;IAEF,IAAI;QACF,OAAO,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,uBAAuB,EAAE,CAAC,CAAC;KACzE;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE;YAC3D,IAAA,cAAM,EAAC,iDAAiD,CAAC,CAAC;SAC3D;QACD,IACE,KAAK,YAAY,KAAK;YACtB,CAAC,KAAK,CAAC,IAAI,KAAK,YAAY,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC,EAC5D;YACA,IAAA,cAAM,EAAC,kDAAkD,CAAC,CAAC;SAC5D;QACD,MAAM,KAAK,CAAC;KACb;AACH,CAAC,CAAA,CAAC;AAhHS,QAAA,OAAO,WAgHhB;AAEG,MAAM,gBAAgB,GAAG,CAC9B,IAGE,EACF,KAAY,EACZ,EAAE;IACF,IAAI;QACF,MAAM,QAAQ,GAAG,MAAM,IAAA,eAAO,EAAC,SAAS,CAAC,iCAAM,IAAI,KAAE,IAAI,EAAE,IAAI,KAAI,KAAK,EAAE;YACxE,OAAO,EAAE,mBAAmB;SAC7B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,EAAE;YACb,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;YAChD,OAAO;SACR;QAED,MAAM,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC;QAEnC,IAAA,cAAM,EACJ,CAAC,aAAa,CAAC,CAAC,CAAC,mCAA2B,CAAC,CAAC,CAAC,+BAAuB,CACvE,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;QACd,IAAI,KAAK,KAAK,mCAA2B,EAAE;YACzC,IAAA,cAAM,EAAC,+BAAuB,CAAC,CAAC;SACjC;aAAM;YACL,MAAM,KAAK,CAAC;SACb;KACF;AACH,CAAC,CAAA,CAAC;AA7BW,QAAA,gBAAgB,oBA6B3B"}
|
|
@@ -114,9 +114,14 @@ const clearIdentityCache = () => __awaiter(void 0, void 0, void 0, function* ()
|
|
|
114
114
|
}
|
|
115
115
|
});
|
|
116
116
|
const loadCredentials = () => __awaiter(void 0, void 0, void 0, function* () {
|
|
117
|
+
var _d;
|
|
117
118
|
try {
|
|
118
119
|
const buffer = yield fs.readFile((0, path_1.getIdentityFilePath)());
|
|
119
|
-
|
|
120
|
+
const data = JSON.parse(buffer.toString());
|
|
121
|
+
if (!((_d = data.org) === null || _d === void 0 ? void 0 : _d.auth)) {
|
|
122
|
+
throw { code: "LEGACY_IDENTITY", slug: data.org.slug };
|
|
123
|
+
}
|
|
124
|
+
return data;
|
|
120
125
|
}
|
|
121
126
|
catch (error) {
|
|
122
127
|
if ((error === null || error === void 0 ? void 0 : error.code) === "ENOENT") {
|
|
@@ -129,7 +134,18 @@ exports.loadCredentials = loadCredentials;
|
|
|
129
134
|
const remainingTokenTime = (identity) => Math.floor(identity.credential.expires_at - Date.now() * 1e-3);
|
|
130
135
|
exports.remainingTokenTime = remainingTokenTime;
|
|
131
136
|
const loadCredentialsWithAutoLogin = (options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
132
|
-
|
|
137
|
+
let identity;
|
|
138
|
+
try {
|
|
139
|
+
identity = yield (0, exports.loadCredentials)();
|
|
140
|
+
}
|
|
141
|
+
catch (e) {
|
|
142
|
+
if ((e === null || e === void 0 ? void 0 : e.code) === "LEGACY_IDENTITY") {
|
|
143
|
+
yield (0, login_1.login)({ org: e.slug }, { debug: options === null || options === void 0 ? void 0 : options.debug, skipAuthenticate: true });
|
|
144
|
+
(0, stdio_1.print2)("\n");
|
|
145
|
+
return loadCredentialsWithAutoLogin({ noRefresh: true });
|
|
146
|
+
}
|
|
147
|
+
throw e;
|
|
148
|
+
}
|
|
133
149
|
if ((0, exports.remainingTokenTime)(identity) > MIN_REMAINING_TOKEN_TIME_SECONDS) {
|
|
134
150
|
return identity;
|
|
135
151
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/drivers/auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,gDAA6C;AAC7C,yEAA4E;AAI5E,qCAAwC;AACxC,gCAAmC;AACnC,4CAAsD;AACtD,oCAAkC;AAClC,kCAAuD;AACvD,iCAAmE;AACnE,gDAAkC;AAClC,2CAA6B;AAE7B,MAAM,gCAAgC,GAAG,EAAE,CAAC;AAErC,MAAM,MAAM,GAAG,CACpB,IAAY,EACZ,MAAwB,EACxB,OAA6B,EAC7B,UAAiC,EACrB,EAAE;;IACd,MAAM,iBAAiB,GAAG,IAAA,2BAAoB,GAAE,CAAC;IAEjD,iCAAiC;IACjC,mHAAmH;IACnH,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC;IACvE,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE;QACtC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;KAC3C;IAED,MAAM,SAAS,GAAG,GAAS,EAAE;QAC3B,MAAM,IAAI,GAAG,MAAM,MAAM,EAAE,CAAC;QAC5B,IAAI,CAAC,IAAI;YAAE,MAAM,mCAAmC,IAAI,GAAG,CAAC;QAC5D,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACpE,MAAM,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,CAAC,CAAA,CAAC;IAEF,IAAI;QACF,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,QAAQ,EAAE;YACxD,MAAM,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;YACjB,OAAO,MAAM,SAAS,EAAE,CAAC;SAC1B;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAM,CAAC;QACzE,IAAI,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAG,IAAI,CAAC,EAAE;YACtB,MAAM,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;YACjB,OAAO,MAAM,SAAS,EAAE,CAAC;SAC1B;QACD,OAAO,IAAI,CAAC;KACb;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,IAAI,MAAK,QAAQ;YAC1B,IAAA,cAAM,EACJ,+BAA+B,IAAI,iBAAiB,MAAA,KAAK,CAAC,OAAO,mCAAI,KAAK,EAAE,CAC7E,CAAC;QACJ,OAAO,MAAM,SAAS,EAAE,CAAC;KAC1B;AACH,CAAC,CAAA,CAAC;AA3CW,QAAA,MAAM,UA2CjB;AAEF,MAAM,iBAAiB,GAAG,GAAS,EAAE;IACnC,IAAI;QACF,MAAM,gBAAgB,GAAG,IAAA,0BAAmB,GAAE,CAAC;QAC/C,6DAA6D;QAC7D,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAClC,MAAM,EAAE,CAAC,EAAE,CAAC,gBAAgB,CAAC,CAAC;KAC/B;IAAC,WAAM;QACN,OAAO;KACR;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,kBAAkB,GAAG,GAAS,EAAE;IACpC,IAAI;QACF,MAAM,iBAAiB,GAAG,IAAA,2BAAoB,GAAE,CAAC;QACjD,kEAAkE;QAClE,MAAM,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QACnC,MAAM,EAAE,CAAC,EAAE,CAAC,iBAAiB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;KACrD;IAAC,WAAM;QACN,OAAO;KACR;AACH,CAAC,CAAA,CAAC;AAEK,MAAM,eAAe,GAAG,GAA4B,EAAE
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/drivers/auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,gDAA6C;AAC7C,yEAA4E;AAI5E,qCAAwC;AACxC,gCAAmC;AACnC,4CAAsD;AACtD,oCAAkC;AAClC,kCAAuD;AACvD,iCAAmE;AACnE,gDAAkC;AAClC,2CAA6B;AAE7B,MAAM,gCAAgC,GAAG,EAAE,CAAC;AAErC,MAAM,MAAM,GAAG,CACpB,IAAY,EACZ,MAAwB,EACxB,OAA6B,EAC7B,UAAiC,EACrB,EAAE;;IACd,MAAM,iBAAiB,GAAG,IAAA,2BAAoB,GAAE,CAAC;IAEjD,iCAAiC;IACjC,mHAAmH;IACnH,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC;IACvE,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE;QACtC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;KAC3C;IAED,MAAM,SAAS,GAAG,GAAS,EAAE;QAC3B,MAAM,IAAI,GAAG,MAAM,MAAM,EAAE,CAAC;QAC5B,IAAI,CAAC,IAAI;YAAE,MAAM,mCAAmC,IAAI,GAAG,CAAC;QAC5D,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACpE,MAAM,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,CAAC,CAAA,CAAC;IAEF,IAAI;QACF,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,QAAQ,EAAE;YACxD,MAAM,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;YACjB,OAAO,MAAM,SAAS,EAAE,CAAC;SAC1B;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAM,CAAC;QACzE,IAAI,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAG,IAAI,CAAC,EAAE;YACtB,MAAM,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;YACjB,OAAO,MAAM,SAAS,EAAE,CAAC;SAC1B;QACD,OAAO,IAAI,CAAC;KACb;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,IAAI,MAAK,QAAQ;YAC1B,IAAA,cAAM,EACJ,+BAA+B,IAAI,iBAAiB,MAAA,KAAK,CAAC,OAAO,mCAAI,KAAK,EAAE,CAC7E,CAAC;QACJ,OAAO,MAAM,SAAS,EAAE,CAAC;KAC1B;AACH,CAAC,CAAA,CAAC;AA3CW,QAAA,MAAM,UA2CjB;AAEF,MAAM,iBAAiB,GAAG,GAAS,EAAE;IACnC,IAAI;QACF,MAAM,gBAAgB,GAAG,IAAA,0BAAmB,GAAE,CAAC;QAC/C,6DAA6D;QAC7D,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAClC,MAAM,EAAE,CAAC,EAAE,CAAC,gBAAgB,CAAC,CAAC;KAC/B;IAAC,WAAM;QACN,OAAO;KACR;AACH,CAAC,CAAA,CAAC;AAEF,MAAM,kBAAkB,GAAG,GAAS,EAAE;IACpC,IAAI;QACF,MAAM,iBAAiB,GAAG,IAAA,2BAAoB,GAAE,CAAC;QACjD,kEAAkE;QAClE,MAAM,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QACnC,MAAM,EAAE,CAAC,EAAE,CAAC,iBAAiB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;KACrD;IAAC,WAAM;QACN,OAAO;KACR;AACH,CAAC,CAAA,CAAC;AAEK,MAAM,eAAe,GAAG,GAA4B,EAAE;;IAC3D,IAAI;QACF,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAA,0BAAmB,GAAE,CAAC,CAAC;QACxD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAa,CAAC;QACvD,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,GAAG,0CAAE,IAAI,CAAA,EAAE;YACnB,MAAM,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;SACxD;QACD,OAAO,IAAI,CAAC;KACb;IAAC,OAAO,KAAU,EAAE;QACnB,IAAI,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,IAAI,MAAK,QAAQ,EAAE;YAC5B,MAAM,gBAAgB,IAAA,iBAAU,GAAE,0BAA0B,CAAC;SAC9D;QACD,MAAM,KAAK,CAAC;KACb;AACH,CAAC,CAAA,CAAC;AAdW,QAAA,eAAe,mBAc1B;AAEK,MAAM,kBAAkB,GAAG,CAAC,QAAkB,EAAE,EAAE,CACvD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AADpD,QAAA,kBAAkB,sBACkC;AAEjE,MAAM,4BAA4B,GAAG,CAAO,OAG3C,EAAqB,EAAE;IACtB,IAAI,QAAkB,CAAC;IACvB,IAAI;QACF,QAAQ,GAAG,MAAM,IAAA,uBAAe,GAAE,CAAC;KACpC;IAAC,OAAO,CAAM,EAAE;QACf,IAAI,CAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,MAAK,iBAAiB,EAAE;YACjC,MAAM,IAAA,aAAK,EACT,EAAE,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,EACf,EAAE,KAAK,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAClD,CAAC;YACF,IAAA,cAAM,EAAC,IAAI,CAAC,CAAC;YACb,OAAO,4BAA4B,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;SAC1D;QACD,MAAM,CAAC,CAAC;KACT;IAED,IAAI,IAAA,0BAAkB,EAAC,QAAQ,CAAC,GAAG,gCAAgC,EAAE;QACnE,OAAO,QAAQ,CAAC;KACjB;IAED,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE;QACtB,MAAM,IAAA,mCAA4B,GAAE,CAAC;KACtC;IAED,MAAM,IAAA,aAAK,EACT,EAAE,GAAG,EAAE,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,EAC1B,EAAE,KAAK,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAClD,CAAC;IACF,IAAA,cAAM,EAAC,QAAQ,CAAC,CAAC,CAAC,mBAAmB;IACrC,OAAO,4BAA4B,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AAC3D,CAAC,CAAA,CAAC;AAEK,MAAM,aAAa,GAAG,CAC3B,GAAY,EACZ,UAAyB,EACzB,EAAE;IACF,MAAM,kBAAkB,EAAE,CAAC;IAE3B,MAAM,gBAAgB,GAAG,IAAA,0BAAmB,GAAE,CAAC;IAE/C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,UAAU,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,6BAA6B;IAC/F,IAAA,cAAM,EAAC,2BAA2B,gBAAgB,GAAG,CAAC,CAAC;IACvD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAC3C,MAAM,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,MAAM,EAAE,CAAC,SAAS,CAChB,gBAAgB,EAChB,IAAI,CAAC,SAAS,CAAC,EAAE,UAAU,kCAAO,UAAU,KAAE,UAAU,GAAE,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,EAC3E,EAAE,IAAI,EAAE,KAAK,EAAE,CAChB,CAAC;AACJ,CAAC,CAAA,CAAC;AAjBW,QAAA,aAAa,iBAiBxB;AAEK,MAAM,cAAc,GAAG,GAAS,EAAE;IACvC,MAAM,kBAAkB,EAAE,CAAC;IAC3B,MAAM,iBAAiB,EAAE,CAAC;AAC5B,CAAC,CAAA,CAAC;AAHW,QAAA,cAAc,kBAGzB;AAEF,gEAAgE;AAChE,MAAM,wBAAwB,GAAG,CAAO,KAAY,EAAiB,EAAE;IACrE,MAAM,GAAG,GAAG,IAAA,eAAS,EAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC/C,MAAM,IAAA,uCAAqB,EAAC,GAAG,EAAE,MAAM,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;AAC3D,CAAC,CAAA,CAAC;AAEK,MAAM,YAAY,GAAG,CAAO,OAGlC,EAAkB,EAAE;IACnB,MAAM,QAAQ,GAAG,MAAM,4BAA4B,CAAC,OAAO,CAAC,CAAC;IAC7D,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;QAClB,IAAA,cAAM,EAAC,oCAAoC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;QAChE,IAAA,cAAM,EAAC,oBAAoB,IAAA,0BAAkB,EAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;KACpE;IACD,IAAI,KAAY,CAAC;IAEjB,IAAI,QAAQ,CAAC,GAAG,CAAC,gBAAgB,EAAE;QACjC,KAAK,GAAG;YACN,QAAQ;YACR,QAAQ,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,YAAY,CAAC;SAClE,CAAC;KACH;SAAM;QACL,kEAAkE;QAClE,yEAAyE;QACzE,oEAAoE;QACpE,MAAM,cAAc,GAAG,MAAM,IAAA,kCAAsB,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACvE,KAAK,GAAG;YACN,QAAQ;YACR,cAAc;YACd,QAAQ,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,EAAE;SACjD,CAAC;KACH;IAED,MAAM,wBAAwB,CAAC,KAAK,CAAC,CAAC;IACtC,OAAO,KAAK,CAAC;AACf,CAAC,CAAA,CAAC;AA9BW,QAAA,YAAY,gBA8BvB"}
|
|
@@ -21,6 +21,7 @@ This file is part of @p0security/cli
|
|
|
21
21
|
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
22
22
|
**/
|
|
23
23
|
const login_1 = require("../plugins/email/login");
|
|
24
|
+
const authUtils_1 = require("../types/authUtils");
|
|
24
25
|
const config_1 = require("./config");
|
|
25
26
|
const stdio_1 = require("./stdio");
|
|
26
27
|
const util_1 = require("./util");
|
|
@@ -35,7 +36,9 @@ function initializeFirebase() {
|
|
|
35
36
|
}
|
|
36
37
|
exports.initializeFirebase = initializeFirebase;
|
|
37
38
|
const findProviderId = (org) => {
|
|
38
|
-
|
|
39
|
+
const ssoProvider = (0, authUtils_1.getSsoProvider)(org);
|
|
40
|
+
const providerId = (0, authUtils_1.getProviderId)(org);
|
|
41
|
+
switch (ssoProvider) {
|
|
39
42
|
case "google":
|
|
40
43
|
return auth_1.ProviderId.GOOGLE;
|
|
41
44
|
case "google-oidc":
|
|
@@ -46,7 +49,7 @@ const findProviderId = (org) => {
|
|
|
46
49
|
case undefined:
|
|
47
50
|
return auth_1.ProviderId.PASSWORD;
|
|
48
51
|
default:
|
|
49
|
-
return
|
|
52
|
+
return providerId;
|
|
50
53
|
}
|
|
51
54
|
};
|
|
52
55
|
const signInToTenant = (org, firebaseCredential, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
@@ -88,6 +91,9 @@ exports.signInToTenant = signInToTenant;
|
|
|
88
91
|
const authenticateToFirebase = (identity, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
89
92
|
const { credential, org } = identity;
|
|
90
93
|
const providerId = findProviderId(org);
|
|
94
|
+
if (!providerId) {
|
|
95
|
+
throw new Error("No provider ID found for organization");
|
|
96
|
+
}
|
|
91
97
|
const firebaseCredential = providerId === auth_1.ProviderId.PASSWORD
|
|
92
98
|
? (0, login_1.getPasswordCredential)()
|
|
93
99
|
: new auth_1.OAuthProvider(providerId).credential({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"firestore.js","sourceRoot":"","sources":["../../../src/drivers/firestore.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,kDAA+D;
|
|
1
|
+
{"version":3,"file":"firestore.js","sourceRoot":"","sources":["../../../src/drivers/firestore.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,kDAA+D;AAC/D,kDAAmE;AAGnE,qCAAyD;AACzD,mCAAiC;AACjC,iCAAsD;AACtD,sCAAyE;AACzE,wCAQuB;AAEvB,IAAI,GAAgB,CAAC;AAErB,SAAsB,kBAAkB;;QACtC,MAAM,YAAY,GAAG,MAAM,IAAA,mBAAU,GAAE,CAAC;QACxC,GAAG,GAAG,IAAA,mBAAa,EAAC,YAAY,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC;IACvD,CAAC;CAAA;AAHD,gDAGC;AAED,MAAM,cAAc,GAAG,CAAC,GAAY,EAAE,EAAE;IACtC,MAAM,WAAW,GAAG,IAAA,0BAAc,EAAC,GAAG,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,IAAA,yBAAa,EAAC,GAAG,CAAC,CAAC;IAEtC,QAAQ,WAAW,EAAE;QACnB,KAAK,QAAQ;YACX,OAAO,iBAAU,CAAC,MAAM,CAAC;QAC3B,KAAK,aAAa;YAChB,OAAO,kBAAkB,CAAC;QAC5B,gDAAgD;QAChD,+CAA+C;QAC/C,wCAAwC;QACxC,KAAK,SAAS;YACZ,OAAO,iBAAU,CAAC,QAAQ,CAAC;QAC7B;YACE,OAAO,UAAU,CAAC;KACrB;AACH,CAAC,CAAC;AAEK,MAAM,cAAc,GAAG,CAC5B,GAAY,EACZ,kBAAyD,EACzD,OAEC,EACwB,EAAE;;IAC3B,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC;IAEzB,MAAM,kBAAkB,EAAE,CAAC;IAE3B,MAAM,IAAI,GAAG,IAAA,cAAO,EAAC,GAAG,CAAC,CAAC;IAC1B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAEzB,IAAI,cAAc,CAAC;IACnB,IAAI;QACF,cAAc,GAAG,MAAM,IAAA,2BAAoB,EAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;KACvE;IAAC,OAAO,KAAK,EAAE;QACd,IACE,KAAK,YAAY,mBAAa;YAC9B,KAAK,CAAC,IAAI,KAAK,yBAAyB,EACxC;YACA,MAAM,IAAA,mCAA4B,GAAE,CAAC;SACtC;aAAM;YACL,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;gBAClB,IAAI,KAAK,YAAY,KAAK,EAAE;oBAC1B,IAAA,cAAM,EAAC,yBAAyB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;iBAClD;qBAAM;oBACL,IAAA,cAAM,EAAC,yBAAyB,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;iBAClD;aACF;YACD,MAAM,wDAAwD,IAAA,0BAAiB,GAAE,EAAE,CAAC;SACrF;KACF;IAED,IAAI,CAAC,CAAA,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,IAAI,0CAAE,KAAK,CAAA,EAAE;QAChC,MAAM,4FAA4F,IAAA,0BAAiB,GAAE,EAAE,CAAC;KACzH;IAED,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,EAAE;QAClB,IAAA,cAAM,EACJ,qCAAqC,cAAc,CAAC,IAAI,CAAC,KAAK,cAAc,QAAQ,EAAE,CACvF,CAAC;KACH;IAED,OAAO,cAAc,CAAC;AACxB,CAAC,CAAA,CAAC;AA9CW,QAAA,cAAc,kBA8CzB;AAEK,MAAM,sBAAsB,GAAG,CACpC,QAAkB,EAClB,OAEC,EACwB,EAAE;IAC3B,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAC;IAErC,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IACvC,IAAI,CAAC,UAAU,EAAE;QACf,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;KAC1D;IAED,MAAM,kBAAkB,GACtB,UAAU,KAAK,iBAAU,CAAC,QAAQ;QAChC,CAAC,CAAC,IAAA,6BAAqB,GAAE;QACzB,CAAC,CAAC,IAAI,oBAAa,CAAC,UAAU,CAAC,CAAC,UAAU,CAAC;YACvC,WAAW,EAAE,UAAU,CAAC,YAAY;YACpC,OAAO,EAAE,UAAU,CAAC,QAAQ;SAC7B,CAAC,CAAC;IAET,OAAO,MAAM,IAAA,sBAAc,EAAC,GAAG,EAAE,kBAAkB,EAAE,OAAO,CAAC,CAAC;AAChE,CAAC,CAAA,CAAC;AAtBW,QAAA,sBAAsB,0BAsBjC"}
|
|
@@ -27,6 +27,7 @@ const oidc_1 = require("../../common/auth/oidc");
|
|
|
27
27
|
const server_1 = require("../../common/auth/server");
|
|
28
28
|
const fetch_1 = require("../../common/fetch");
|
|
29
29
|
const stdio_1 = require("../../drivers/stdio");
|
|
30
|
+
const authUtils_1 = require("../../types/authUtils");
|
|
30
31
|
const util_1 = require("../../util");
|
|
31
32
|
const pkce_challenge_1 = __importDefault(require("pkce-challenge"));
|
|
32
33
|
const AZURE_SCOPE = "openid profile email offline_access";
|
|
@@ -34,13 +35,18 @@ const AZURE_REDIRECT_PORT = 52701;
|
|
|
34
35
|
const AZURE_REDIRECT_URL = `http://localhost:${AZURE_REDIRECT_PORT}`;
|
|
35
36
|
const PKCE_LENGTH = 128;
|
|
36
37
|
const requestAuth = (org) => __awaiter(void 0, void 0, void 0, function* () {
|
|
37
|
-
|
|
38
|
-
|
|
38
|
+
const providerDomain = (0, authUtils_1.getMicrosoftPrimaryDomain)(org) || (0, authUtils_1.getProviderDomain)(org);
|
|
39
|
+
const clientId = (0, authUtils_1.getClientId)(org);
|
|
40
|
+
if (!providerDomain) {
|
|
41
|
+
throw "Azure login requires a configured Microsoft primary domain.";
|
|
42
|
+
}
|
|
43
|
+
if (!clientId) {
|
|
44
|
+
throw "Azure login requires a configured client ID.";
|
|
39
45
|
}
|
|
40
46
|
const pkce = yield (0, pkce_challenge_1.default)(PKCE_LENGTH);
|
|
41
|
-
const baseUrl = `https://login.microsoftonline.com/${
|
|
47
|
+
const baseUrl = `https://login.microsoftonline.com/${providerDomain}/oauth2/v2.0/authorize`;
|
|
42
48
|
const authBody = {
|
|
43
|
-
client_id:
|
|
49
|
+
client_id: clientId,
|
|
44
50
|
code_challenge: pkce.code_challenge,
|
|
45
51
|
code_challenge_method: "S256",
|
|
46
52
|
redirect_uri: AZURE_REDIRECT_URL,
|
|
@@ -61,12 +67,17 @@ const requestAuth = (org) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
61
67
|
return pkce;
|
|
62
68
|
});
|
|
63
69
|
const requestToken = (org, code, pkce) => __awaiter(void 0, void 0, void 0, function* () {
|
|
64
|
-
|
|
65
|
-
|
|
70
|
+
const providerDomain = (0, authUtils_1.getMicrosoftPrimaryDomain)(org) || (0, authUtils_1.getProviderDomain)(org);
|
|
71
|
+
const clientId = (0, authUtils_1.getClientId)(org);
|
|
72
|
+
if (!providerDomain) {
|
|
73
|
+
throw "Azure login requires a configured Microsoft primary domain.";
|
|
74
|
+
}
|
|
75
|
+
if (!clientId) {
|
|
76
|
+
throw "Azure login requires a configured client ID.";
|
|
66
77
|
}
|
|
67
|
-
const tokenUrl = `https://login.microsoftonline.com/${
|
|
78
|
+
const tokenUrl = `https://login.microsoftonline.com/${providerDomain}/oauth2/v2.0/token`;
|
|
68
79
|
const body = {
|
|
69
|
-
client_id:
|
|
80
|
+
client_id: clientId,
|
|
70
81
|
code,
|
|
71
82
|
code_verifier: pkce.code_verifier,
|
|
72
83
|
grant_type: "authorization_code",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../../src/plugins/azure/login.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,qDAA8D;AAC9D,8CAAiE;AACjE,+CAA6C;
|
|
1
|
+
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../../src/plugins/azure/login.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,qDAA8D;AAC9D,8CAAiE;AACjE,+CAA6C;AAC7C,qDAI+B;AAG/B,qCAAwC;AACxC,oEAA2C;AAE3C,MAAM,WAAW,GAAG,qCAAqC,CAAC;AAC1D,MAAM,mBAAmB,GAAG,KAAK,CAAC;AAClC,MAAM,kBAAkB,GAAG,oBAAoB,mBAAmB,EAAE,CAAC;AACrE,MAAM,WAAW,GAAG,GAAG,CAAC;AAOxB,MAAM,WAAW,GAAG,CAAO,GAAY,EAAE,EAAE;IACzC,MAAM,cAAc,GAClB,IAAA,qCAAyB,EAAC,GAAG,CAAC,IAAI,IAAA,6BAAiB,EAAC,GAAG,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,IAAA,uBAAW,EAAC,GAAG,CAAC,CAAC;IAElC,IAAI,CAAC,cAAc,EAAE;QACnB,MAAM,6DAA6D,CAAC;KACrE;IACD,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,8CAA8C,CAAC;KACtD;IAED,MAAM,IAAI,GAAG,MAAM,IAAA,wBAAa,EAAC,WAAW,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,qCAAqC,cAAc,wBAAwB,CAAC;IAE5F,MAAM,QAAQ,GAAqB;QACjC,SAAS,EAAE,QAAQ;QACnB,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,qBAAqB,EAAE,MAAM;QAC7B,YAAY,EAAE,kBAAkB;QAChC,aAAa,EAAE,MAAM;QACrB,KAAK,EAAE,WAAW;QAClB,KAAK,EAAE,aAAa;KACrB,CAAC;IAEF,MAAM,GAAG,GAAG,GAAG,OAAO,IAAI,IAAA,iBAAS,EAAC,QAAQ,CAAC,EAAE,CAAC;IAEhD,IAAI;QACF,MAAM,IAAA,iBAAU,EAAC,GAAG,CAAC,CAAC;QACtB,IAAA,cAAM,EAAC,iEAAiE,CAAC,CAAC;KAC3E;IAAC,WAAM;QACN,IAAA,cAAM,EAAC;;MAEL,GAAG,EAAE,CAAC,CAAC;KACV;IAED,OAAO,IAAI,CAAC;AACd,CAAC,CAAA,CAAC;AAEF,MAAM,YAAY,GAAG,CACnB,GAAY,EACZ,IAAY,EACZ,IAAuD,EACvD,EAAE;IACF,MAAM,cAAc,GAClB,IAAA,qCAAyB,EAAC,GAAG,CAAC,IAAI,IAAA,6BAAiB,EAAC,GAAG,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,IAAA,uBAAW,EAAC,GAAG,CAAC,CAAC;IAElC,IAAI,CAAC,cAAc,EAAE;QACnB,MAAM,6DAA6D,CAAC;KACrE;IACD,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,8CAA8C,CAAC;KACtD;IAED,MAAM,QAAQ,GAAG,qCAAqC,cAAc,oBAAoB,CAAC;IAEzF,MAAM,IAAI,GAAG;QACX,SAAS,EAAE,QAAQ;QACnB,IAAI;QACJ,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,UAAU,EAAE,oBAAoB;QAChC,YAAY,EAAE,kBAAkB;KACjC,CAAC;IAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;QACrC,MAAM,EAAE,MAAM;QACd,OAAO,kCACF,mBAAY,KACf,MAAM,EAAE,kBAAkB,EAC1B,MAAM,EAAE,kBAAkB,GAC3B;QACD,IAAI,EAAE,IAAA,iBAAS,EAAC,IAAI,CAAC;KACtB,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;IAC/C,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,EAAE,CAAkB,CAAC;AAC/C,CAAC,CAAA,CAAC;AAEK,MAAM,UAAU,GAAG,CAAO,GAAY,EAA0B,EAAE;IACvE,OAAO,MAAM,IAAA,2BAAkB,EAC7B,GAAS,EAAE,kDAAC,OAAA,MAAM,WAAW,CAAC,GAAG,CAAC,CAAA,GAAA,EAClC,CAAO,IAAI,EAAE,KAAK,EAAE,EAAE,kDAAC,OAAA,MAAM,YAAY,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA,GAAA,EAChE,EAAE,IAAI,EAAE,mBAAmB,EAAE,CAC9B,CAAC;AACJ,CAAC,CAAA,CAAC;AANW,QAAA,UAAU,cAMrB"}
|
|
@@ -1,13 +1,3 @@
|
|
|
1
|
-
/** Copyright © 2024-present P0 Security
|
|
2
|
-
|
|
3
|
-
This file is part of @p0security/cli
|
|
4
|
-
|
|
5
|
-
@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
|
|
6
|
-
|
|
7
|
-
@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
|
|
9
|
-
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
10
|
-
**/
|
|
11
1
|
import { TokenResponse } from "../types/oidc";
|
|
12
2
|
import { OrgData } from "../types/org";
|
|
13
3
|
declare const loginPlugins: readonly ["google", "okta", "ping", "oidc-pkce", "microsoft", "azure-oidc", "google-oidc", "aws-oidc"];
|
|
@@ -10,6 +10,17 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.pluginLoginMap = void 0;
|
|
13
|
+
/** Copyright © 2024-present P0 Security
|
|
14
|
+
|
|
15
|
+
This file is part of @p0security/cli
|
|
16
|
+
|
|
17
|
+
@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
|
|
18
|
+
|
|
19
|
+
@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
20
|
+
|
|
21
|
+
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
22
|
+
**/
|
|
23
|
+
const authUtils_1 = require("../types/authUtils");
|
|
13
24
|
const login_1 = require("./azure/login");
|
|
14
25
|
const login_2 = require("./email/login");
|
|
15
26
|
const login_3 = require("./google/login");
|
|
@@ -30,7 +41,13 @@ exports.pluginLoginMap = {
|
|
|
30
41
|
okta: login_4.oktaLogin,
|
|
31
42
|
ping: login_5.pingLogin,
|
|
32
43
|
"google-oidc": login_3.googleLogin,
|
|
33
|
-
"oidc-pkce": (org) => __awaiter(void 0, void 0, void 0, function* () {
|
|
44
|
+
"oidc-pkce": (org) => __awaiter(void 0, void 0, void 0, function* () {
|
|
45
|
+
const providerType = (0, authUtils_1.getProviderType)(org);
|
|
46
|
+
if (!providerType) {
|
|
47
|
+
throw "Missing provider type for OIDC PKCE login";
|
|
48
|
+
}
|
|
49
|
+
return yield exports.pluginLoginMap[providerType](org);
|
|
50
|
+
}),
|
|
34
51
|
password: login_2.emailPasswordLogin,
|
|
35
52
|
"azure-oidc": login_1.azureLogin,
|
|
36
53
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/plugins/login.ts"],"names":[],"mappings":";;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../src/plugins/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,kDAAqD;AAGrD,yCAA2C;AAC3C,yCAAmD;AACnD,0CAA6C;AAC7C,wCAAyC;AACzC,wCAAyC;AAEzC,MAAM,YAAY,GAAG;IACnB,QAAQ;IACR,MAAM;IACN,MAAM;IACN,WAAW;IACX,WAAW;IACX,YAAY;IACZ,aAAa;IACb,UAAU;CACF,CAAC;AAIE,QAAA,cAAc,GAGvB;IACF,MAAM,EAAE,mBAAW;IACnB,IAAI,EAAE,iBAAS;IACf,IAAI,EAAE,iBAAS;IACf,aAAa,EAAE,mBAAW;IAC1B,WAAW,EAAE,CAAO,GAAG,EAAE,EAAE;QACzB,MAAM,YAAY,GAAG,IAAA,2BAAe,EAAC,GAAG,CAAC,CAAC;QAC1C,IAAI,CAAC,YAAY,EAAE;YACjB,MAAM,2CAA2C,CAAC;SACnD;QACD,OAAO,MAAM,sBAAc,CAAC,YAAY,CAAE,CAAC,GAAG,CAAC,CAAC;IAClD,CAAC,CAAA;IACD,QAAQ,EAAE,0BAAkB;IAC5B,YAAY,EAAE,kBAAU;CACzB,CAAC"}
|
|
@@ -23,11 +23,18 @@ You should have received a copy of the GNU General Public License along with @p0
|
|
|
23
23
|
const oidc_1 = require("../../common/auth/oidc");
|
|
24
24
|
const fetch_1 = require("../../common/fetch");
|
|
25
25
|
const stdio_1 = require("../../drivers/stdio");
|
|
26
|
+
const authUtils_1 = require("../../types/authUtils");
|
|
26
27
|
const util_1 = require("../../util");
|
|
27
28
|
exports.DEVICE_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:device_code";
|
|
28
29
|
const validateProviderDomain = (org) => {
|
|
29
|
-
|
|
30
|
+
const ssoProvider = (0, authUtils_1.getSsoProvider)(org);
|
|
31
|
+
const providerDomain = (0, authUtils_1.getProviderDomain)(org);
|
|
32
|
+
if (ssoProvider !== "oidc-pkce") {
|
|
33
|
+
throw "Login requires an OIDC PKCE provider configuration.";
|
|
34
|
+
}
|
|
35
|
+
if (!providerDomain) {
|
|
30
36
|
throw "Login requires a configured provider domain.";
|
|
37
|
+
}
|
|
31
38
|
};
|
|
32
39
|
exports.validateProviderDomain = validateProviderDomain;
|
|
33
40
|
const oidcProviderLabels = (providerType) => {
|
|
@@ -102,7 +109,10 @@ tokenRequest) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
102
109
|
exports.waitForActivation = waitForActivation;
|
|
103
110
|
const oidcLoginSteps = (org, scope, urls) => {
|
|
104
111
|
const { deviceAuthorizationUrl, tokenUrl } = urls();
|
|
105
|
-
|
|
112
|
+
const ssoProvider = (0, authUtils_1.getSsoProvider)(org);
|
|
113
|
+
const clientId = (0, authUtils_1.getClientId)(org);
|
|
114
|
+
const providerType = (0, authUtils_1.getProviderType)(org);
|
|
115
|
+
if (ssoProvider !== "oidc-pkce" || !clientId) {
|
|
106
116
|
throw "Your organization's login configuration does not support this access. Your admin will need to install a supported OIDC provider in order for you to use this command.";
|
|
107
117
|
}
|
|
108
118
|
const buildOidcAuthorizeRequest = () => {
|
|
@@ -112,7 +122,7 @@ const oidcLoginSteps = (org, scope, urls) => {
|
|
|
112
122
|
method: "POST",
|
|
113
123
|
headers: oidc_1.OIDC_HEADERS,
|
|
114
124
|
body: (0, fetch_1.urlEncode)({
|
|
115
|
-
client_id:
|
|
125
|
+
client_id: clientId,
|
|
116
126
|
scope,
|
|
117
127
|
}),
|
|
118
128
|
},
|
|
@@ -127,7 +137,7 @@ const oidcLoginSteps = (org, scope, urls) => {
|
|
|
127
137
|
method: "POST",
|
|
128
138
|
headers: oidc_1.OIDC_HEADERS,
|
|
129
139
|
body: (0, fetch_1.urlEncode)({
|
|
130
|
-
client_id:
|
|
140
|
+
client_id: clientId,
|
|
131
141
|
device_code: authorize.device_code,
|
|
132
142
|
grant_type: exports.DEVICE_GRANT_TYPE,
|
|
133
143
|
}),
|
|
@@ -135,7 +145,7 @@ const oidcLoginSteps = (org, scope, urls) => {
|
|
|
135
145
|
};
|
|
136
146
|
};
|
|
137
147
|
return {
|
|
138
|
-
providerType
|
|
148
|
+
providerType,
|
|
139
149
|
validateResponse: fetch_1.validateResponse,
|
|
140
150
|
buildAuthorizeRequest: buildOidcAuthorizeRequest,
|
|
141
151
|
buildTokenRequest: buildOidcTokenRequest,
|
|
@@ -157,12 +167,16 @@ const oidcLogin = (steps) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
157
167
|
const { user_code, verification_uri_complete } = processAuthzResponse(deviceAuthorizationResponse);
|
|
158
168
|
try {
|
|
159
169
|
yield (0, util_1.osSafeOpen)(verification_uri_complete);
|
|
160
|
-
(0, stdio_1.print1)(
|
|
170
|
+
(0, stdio_1.print1)("Please use the opened browser window to continue your P0 login.");
|
|
171
|
+
(0, stdio_1.print1)("If the browser window didn't open automatically or you are operating in a headless environment,\nyou can also visit this URL from any device:");
|
|
172
|
+
(0, stdio_1.print1)(verification_uri_complete);
|
|
161
173
|
}
|
|
162
174
|
catch (_a) {
|
|
163
|
-
(0, stdio_1.print1)(
|
|
175
|
+
(0, stdio_1.print1)("Could not open browser automatically.");
|
|
176
|
+
(0, stdio_1.print1)("Please visit the following URL in a web browser on any device to complete your P0 login:");
|
|
177
|
+
(0, stdio_1.print1)(verification_uri_complete);
|
|
164
178
|
}
|
|
165
|
-
(0, stdio_1.
|
|
179
|
+
(0, stdio_1.print1)(`
|
|
166
180
|
When prompted, confirm that ${oidcProviderLabels(providerType)} displays this code:
|
|
167
181
|
|
|
168
182
|
${user_code}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../../src/plugins/oidc/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,8CAAiE;AACjE,+
|
|
1
|
+
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../../src/plugins/oidc/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,8CAAiE;AACjE,+CAA6C;AAC7C,qDAK+B;AAG/B,qCAAiE;AAGpD,QAAA,iBAAiB,GAAG,8CAA8C,CAAC;AAEzE,MAAM,sBAAsB,GAAG,CAAC,GAAY,EAAE,EAAE;IACrD,MAAM,WAAW,GAAG,IAAA,0BAAc,EAAC,GAAG,CAAC,CAAC;IACxC,MAAM,cAAc,GAAG,IAAA,6BAAiB,EAAC,GAAG,CAAC,CAAC;IAE9C,IAAI,WAAW,KAAK,WAAW,EAAE;QAC/B,MAAM,qDAAqD,CAAC;KAC7D;IACD,IAAI,CAAC,cAAc,EAAE;QACnB,MAAM,8CAA8C,CAAC;KACtD;AACH,CAAC,CAAC;AAVW,QAAA,sBAAsB,0BAUjC;AAEF,MAAM,kBAAkB,GAAG,CAAC,YAA6B,EAAE,EAAE;IAC3D,QAAQ,YAAY,EAAE;QACpB,KAAK,MAAM;YACT,OAAO,MAAM,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,SAAS,CAAC;QACnB,KAAK,QAAQ,CAAC;QACd,KAAK,aAAa;YAChB,OAAO,QAAQ,CAAC;QAClB,KAAK,WAAW;YACd,OAAO,MAAM,CAAC;QAChB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC;QACf,KAAK,YAAY,CAAC;QAClB,KAAK,WAAW;YACd,OAAO,UAAU,CAAC;QACpB;YACE,IAAA,uBAAgB,EAAC,YAAY,CAAC,CAAC;KAClC;IACD,MAAM,uBAAuB,CAAC;AAChC,CAAC,CAAC;AAEF,mEAAmE;AACnE,8EAA8E;AACvE,MAAM,SAAS,GAAG,CACvB,OAGC,EACD,gBAA2D,EAC3D,EAAE;IACF,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IAC9B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,gBAAgB,CAAC,QAAQ,CAAC,CAAC;IACjC,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;AACtC,CAAC,CAAA,CAAC;AAXW,QAAA,SAAS,aAWpB;AAEF;;;;;GAKG;AACI,MAAM,cAAc,GAAG,CAAU,OAGvC,EAAE,EAAE;IACH,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IAC9B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;QAChB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3B,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,IAAI,IAAI,CAAC,KAAK,KAAK,uBAAuB;gBAAE,OAAO,SAAS,CAAC;YAC7D,IAAI,IAAI,CAAC,KAAK,KAAK,eAAe;gBAAE,MAAM,0BAA0B,CAAC;SACtE;QACD,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;KAClC;IACD,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;AACtC,CAAC,CAAA,CAAC;AAfW,QAAA,cAAc,kBAezB;AAEF;;;GAGG;AACI,MAAM,iBAAiB,GAAG,CAC/B,SAAY,EACZ,qBAGC,EAAE,0FAA0F;AAC7F,YAAgD,EAChD,EAAE;IACF,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,qBAAqB,CAAC,SAAS,CAAC,CAAC;IAClE,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,IAAI,UAAU,GAAG,GAAG,EAAE;QAC7C,MAAM,QAAQ,GAAG,MAAM,IAAA,sBAAc,EAAI,YAAY,CAAC,CAAC;QACvD,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAA,YAAK,EAAC,QAAQ,GAAG,GAAG,CAAC,CAAC;;YACtC,OAAO,QAAQ,CAAC;KACtB;IACD,MAAM,4CAA4C,CAAC;AACrD,CAAC,CAAA,CAAC;AAhBW,QAAA,iBAAiB,qBAgB5B;AAEK,MAAM,cAAc,GAAG,CAC5B,GAAY,EACZ,KAAa,EACb,IAAgE,EAChE,EAAE;IACF,MAAM,EAAE,sBAAsB,EAAE,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAC;IACpD,MAAM,WAAW,GAAG,IAAA,0BAAc,EAAC,GAAG,CAAC,CAAC;IACxC,MAAM,QAAQ,GAAG,IAAA,uBAAW,EAAC,GAAG,CAAC,CAAC;IAClC,MAAM,YAAY,GAAG,IAAA,2BAAe,EAAC,GAAG,CAAC,CAAC;IAE1C,IAAI,WAAW,KAAK,WAAW,IAAI,CAAC,QAAQ,EAAE;QAC5C,MAAM,uKAAuK,CAAC;KAC/K;IAED,MAAM,yBAAyB,GAAG,GAAG,EAAE;QACrC,IAAA,8BAAsB,EAAC,GAAG,CAAC,CAAC;QAC5B,OAAO;YACL,IAAI,EAAE;gBACJ,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,mBAAY;gBACrB,IAAI,EAAE,IAAA,iBAAS,EAAC;oBACd,SAAS,EAAE,QAAQ;oBACnB,KAAK;iBACN,CAAC;aACH;YACD,GAAG,EAAE,sBAAsB;SAC5B,CAAC;IACJ,CAAC,CAAC;IACF,MAAM,qBAAqB,GAAG,CAAC,SAA4B,EAAE,EAAE;QAC7D,IAAA,8BAAsB,EAAC,GAAG,CAAC,CAAC;QAE5B,OAAO;YACL,GAAG,EAAE,QAAQ;YACb,IAAI,EAAE;gBACJ,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,mBAAY;gBACrB,IAAI,EAAE,IAAA,iBAAS,EAAC;oBACd,SAAS,EAAE,QAAQ;oBACnB,WAAW,EAAE,SAAS,CAAC,WAAW;oBAClC,UAAU,EAAE,yBAAiB;iBAC9B,CAAC;aACH;SACF,CAAC;IACJ,CAAC,CAAC;IACF,OAAO;QACL,YAAY;QACZ,gBAAgB,EAAhB,wBAAgB;QAChB,qBAAqB,EAAE,yBAAyB;QAChD,iBAAiB,EAAE,qBAAqB;QACxC,kBAAkB,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YAClC,UAAU,EAAE,SAAS,CAAC,UAAU;YAChC,QAAQ,EAAE,SAAS,CAAC,QAAQ;SAC7B,CAAC;QACF,oBAAoB,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YACpC,SAAS,EAAE,SAAS,CAAC,SAAS;YAC9B,yBAAyB,EAAE,SAAS,CAAC,yBAAyB;SAC/D,CAAC;KACkC,CAAC;AACzC,CAAC,CAAC;AA1DW,QAAA,cAAc,kBA0DzB;AAEF,+CAA+C;AACxC,MAAM,SAAS,GAAG,CAAa,KAAwB,EAAE,EAAE;IAChE,MAAM,EACJ,YAAY,EACZ,qBAAqB,EACrB,iBAAiB,EACjB,kBAAkB,EAClB,oBAAoB,EACpB,gBAAgB,GACjB,GAAG,KAAK,CAAC;IACV,MAAM,2BAA2B,GAAG,MAAM,IAAA,iBAAS,EACjD,qBAAqB,EAAE,EACvB,gBAAgB,CACjB,CAAC;IACF,MAAM,EAAE,SAAS,EAAE,yBAAyB,EAAE,GAAG,oBAAoB,CACnE,2BAA2B,CAC5B,CAAC;IAEF,IAAI;QACF,MAAM,IAAA,iBAAU,EAAC,yBAAyB,CAAC,CAAC;QAC5C,IAAA,cAAM,EAAC,iEAAiE,CAAC,CAAC;QAC1E,IAAA,cAAM,EACJ,+IAA+I,CAChJ,CAAC;QACF,IAAA,cAAM,EAAC,yBAAyB,CAAC,CAAC;KACnC;IAAC,WAAM;QACN,IAAA,cAAM,EAAC,uCAAuC,CAAC,CAAC;QAChD,IAAA,cAAM,EACJ,0FAA0F,CAC3F,CAAC;QACF,IAAA,cAAM,EAAC,yBAAyB,CAAC,CAAC;KACnC;IAED,IAAA,cAAM,EAAC;kCACyB,kBAAkB,CAAC,YAAY,CAAC;;QAE1D,SAAS;;;KAGZ,CAAC,CAAC;IACL,OAAO,MAAM,IAAA,yBAAiB,EAC5B,2BAA2B,EAC3B,kBAAkB,EAClB,iBAAiB,CAAC,2BAA2B,CAAC,CAC/C,CAAC;AACJ,CAAC,CAAA,CAAC;AA5CW,QAAA,SAAS,aA4CpB"}
|
|
@@ -46,6 +46,7 @@ You should have received a copy of the GNU General Public License along with @p0
|
|
|
46
46
|
const oidc_1 = require("../../common/auth/oidc");
|
|
47
47
|
const fetch_1 = require("../../common/fetch");
|
|
48
48
|
const auth_1 = require("../../drivers/auth");
|
|
49
|
+
const authUtils_1 = require("../../types/authUtils");
|
|
49
50
|
const login_1 = require("../oidc/login");
|
|
50
51
|
const cheerio = __importStar(require("cheerio"));
|
|
51
52
|
const lodash_1 = require("lodash");
|
|
@@ -62,12 +63,18 @@ const WEB_SSO_TOKEN_TYPE = "urn:okta:oauth:token-type:web_sso_token";
|
|
|
62
63
|
* @throws Error if Okta session has expired or been terminated
|
|
63
64
|
*/
|
|
64
65
|
const fetchSsoWebToken = (appId, { org, credential }) => __awaiter(void 0, void 0, void 0, function* () {
|
|
66
|
+
const providerType = (0, authUtils_1.getProviderType)(org);
|
|
67
|
+
const providerDomain = (0, authUtils_1.getProviderDomain)(org);
|
|
68
|
+
const clientId = (0, authUtils_1.getClientId)(org);
|
|
69
|
+
if (providerType !== "okta" || !providerDomain || !clientId) {
|
|
70
|
+
throw "Invalid provider configuration for Okta token exchange";
|
|
71
|
+
}
|
|
65
72
|
const init = {
|
|
66
73
|
method: "POST",
|
|
67
74
|
headers: oidc_1.OIDC_HEADERS,
|
|
68
75
|
body: (0, fetch_1.urlEncode)({
|
|
69
76
|
audience: `urn:okta:apps:${appId}`,
|
|
70
|
-
client_id:
|
|
77
|
+
client_id: clientId,
|
|
71
78
|
actor_token: credential.access_token,
|
|
72
79
|
actor_token_type: ACCESS_TOKEN_TYPE,
|
|
73
80
|
subject_token: credential.id_token,
|
|
@@ -77,7 +84,7 @@ const fetchSsoWebToken = (appId, { org, credential }) => __awaiter(void 0, void
|
|
|
77
84
|
}),
|
|
78
85
|
};
|
|
79
86
|
(0, login_1.validateProviderDomain)(org);
|
|
80
|
-
const response = yield fetch(`https:${
|
|
87
|
+
const response = yield fetch(`https:${providerDomain}/oauth2/v1/token`, init);
|
|
81
88
|
if (!response.ok) {
|
|
82
89
|
if (response.status === 400) {
|
|
83
90
|
const data = yield response.json();
|
|
@@ -93,12 +100,17 @@ const fetchSsoWebToken = (appId, { org, credential }) => __awaiter(void 0, void
|
|
|
93
100
|
});
|
|
94
101
|
/** Retrieves an Okta app's SAML response */
|
|
95
102
|
const fetchSamlResponse = (org, { access_token }) => __awaiter(void 0, void 0, void 0, function* () {
|
|
103
|
+
const providerType = (0, authUtils_1.getProviderType)(org);
|
|
104
|
+
const providerDomain = (0, authUtils_1.getProviderDomain)(org);
|
|
105
|
+
if (providerType !== "okta" || !providerDomain) {
|
|
106
|
+
throw "Invalid provider configuration for Okta SAML response";
|
|
107
|
+
}
|
|
96
108
|
const init = {
|
|
97
109
|
method: "GET",
|
|
98
110
|
headers: (0, lodash_1.omit)(oidc_1.OIDC_HEADERS, "Content-Type"),
|
|
99
111
|
};
|
|
100
112
|
(0, login_1.validateProviderDomain)(org);
|
|
101
|
-
const url = `https://${
|
|
113
|
+
const url = `https://${providerDomain}/login/token/sso?token=${encodeURIComponent(access_token)}`;
|
|
102
114
|
const response = yield fetch(url, init);
|
|
103
115
|
yield (0, fetch_1.validateResponse)(response);
|
|
104
116
|
const html = yield response.text();
|
|
@@ -109,12 +121,14 @@ const fetchSamlResponse = (org, { access_token }) => __awaiter(void 0, void 0, v
|
|
|
109
121
|
/** Logs in to Okta via OIDC */
|
|
110
122
|
const oktaLogin = (org) => __awaiter(void 0, void 0, void 0, function* () {
|
|
111
123
|
return (0, login_1.oidcLogin)((0, login_1.oidcLoginSteps)(org, "openid email profile okta.apps.sso", () => {
|
|
112
|
-
|
|
113
|
-
|
|
124
|
+
const providerType = (0, authUtils_1.getProviderType)(org);
|
|
125
|
+
const providerDomain = (0, authUtils_1.getProviderDomain)(org);
|
|
126
|
+
if (providerType !== "okta" || !providerDomain) {
|
|
127
|
+
throw `Invalid provider configuration (expected okta OIDC provider)`;
|
|
114
128
|
}
|
|
115
129
|
return {
|
|
116
|
-
deviceAuthorizationUrl: `https://${
|
|
117
|
-
tokenUrl: `https://${
|
|
130
|
+
deviceAuthorizationUrl: `https://${providerDomain}/oauth2/v1/device/authorize`,
|
|
131
|
+
tokenUrl: `https://${providerDomain}/oauth2/v1/token`,
|
|
118
132
|
};
|
|
119
133
|
}));
|
|
120
134
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../../src/plugins/okta/login.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,8CAAiE;AACjE,6CAAoD;
|
|
1
|
+
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../../src/plugins/okta/login.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,iDAAsD;AACtD,8CAAiE;AACjE,6CAAoD;AACpD,qDAI+B;AAK/B,yCAIuB;AACvB,iDAAmC;AACnC,mCAA8B;AAE9B,MAAM,iBAAiB,GAAG,+CAA+C,CAAC;AAC1E,MAAM,aAAa,GAAG,2CAA2C,CAAC;AAClE,MAAM,mBAAmB,GAAG,iDAAiD,CAAC;AAC9E,MAAM,kBAAkB,GAAG,yCAAyC,CAAC;AAErE;;;;;;;GAOG;AACH,MAAM,gBAAgB,GAAG,CACvB,KAAa,EACb,EAAE,GAAG,EAAE,UAAU,EAAY,EAC7B,EAAE;IACF,MAAM,YAAY,GAAG,IAAA,2BAAe,EAAC,GAAG,CAAC,CAAC;IAC1C,MAAM,cAAc,GAAG,IAAA,6BAAiB,EAAC,GAAG,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,IAAA,uBAAW,EAAC,GAAG,CAAC,CAAC;IAElC,IAAI,YAAY,KAAK,MAAM,IAAI,CAAC,cAAc,IAAI,CAAC,QAAQ,EAAE;QAC3D,MAAM,wDAAwD,CAAC;KAChE;IAED,MAAM,IAAI,GAAG;QACX,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,mBAAY;QACrB,IAAI,EAAE,IAAA,iBAAS,EAAC;YACd,QAAQ,EAAE,iBAAiB,KAAK,EAAE;YAClC,SAAS,EAAE,QAAQ;YACnB,WAAW,EAAE,UAAU,CAAC,YAAY;YACpC,gBAAgB,EAAE,iBAAiB;YACnC,aAAa,EAAE,UAAU,CAAC,QAAQ;YAClC,kBAAkB,EAAE,aAAa;YACjC,UAAU,EAAE,mBAAmB;YAC/B,oBAAoB,EAAE,kBAAkB;SACzC,CAAC;KACH,CAAC;IACF,IAAA,8BAAsB,EAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,cAAc,kBAAkB,EAAE,IAAI,CAAC,CAAC;IAE9E,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;QAChB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3B,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,IAAI,IAAI,CAAC,KAAK,KAAK,eAAe,EAAE;gBAClC,MAAM,IAAA,qBAAc,GAAE,CAAC;gBACvB,MAAM,oDAAoD,CAAC;aAC5D;SACF;QAED,wDAAwD;QACxD,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;KAClC;IAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAkB,CAAC;AAClD,CAAC,CAAA,CAAC;AAEF,4CAA4C;AAC5C,MAAM,iBAAiB,GAAG,CACxB,GAAY,EACZ,EAAE,YAAY,EAAiB,EAC/B,EAAE;IACF,MAAM,YAAY,GAAG,IAAA,2BAAe,EAAC,GAAG,CAAC,CAAC;IAC1C,MAAM,cAAc,GAAG,IAAA,6BAAiB,EAAC,GAAG,CAAC,CAAC;IAE9C,IAAI,YAAY,KAAK,MAAM,IAAI,CAAC,cAAc,EAAE;QAC9C,MAAM,uDAAuD,CAAC;KAC/D;IAED,MAAM,IAAI,GAAG;QACX,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,IAAA,aAAI,EAAC,mBAAY,EAAE,cAAc,CAAC;KAC5C,CAAC;IACF,IAAA,8BAAsB,EAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,GAAG,GAAG,WAAW,cAAc,0BAA0B,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC;IAClG,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxC,MAAM,IAAA,wBAAgB,EAAC,QAAQ,CAAC,CAAC;IACjC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IACnC,MAAM,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7B,MAAM,cAAc,GAAG,CAAC,CAAC,4BAA4B,CAAC,CAAC,GAAG,EAAE,CAAC;IAC7D,OAAO,OAAO,cAAc,KAAK,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;AACzE,CAAC,CAAA,CAAC;AAEF,+BAA+B;AACxB,MAAM,SAAS,GAAG,CAAO,GAAY,EAAE,EAAE;IAC9C,OAAA,IAAA,iBAAS,EACP,IAAA,sBAAc,EAAC,GAAG,EAAE,oCAAoC,EAAE,GAAG,EAAE;QAC7D,MAAM,YAAY,GAAG,IAAA,2BAAe,EAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,cAAc,GAAG,IAAA,6BAAiB,EAAC,GAAG,CAAC,CAAC;QAE9C,IAAI,YAAY,KAAK,MAAM,IAAI,CAAC,cAAc,EAAE;YAC9C,MAAM,8DAA8D,CAAC;SACtE;QACD,OAAO;YACL,sBAAsB,EAAE,WAAW,cAAc,6BAA6B;YAC9E,QAAQ,EAAE,WAAW,cAAc,kBAAkB;SACtD,CAAC;IACJ,CAAC,CAAC,CACH,CAAA;EAAA,CAAC;AAdS,QAAA,SAAS,aAclB;AAEJ;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAwB;AACjB,MAAM,wBAAwB,GAAG,CACtC,QAAkB,EAClB,MAAyB,EACR,EAAE;IACnB,MAAM,gBAAgB,GAAG,MAAM,gBAAgB,CAC7C,MAAM,CAAC,QAAQ,CAAC,KAAK,EACrB,QAAQ,CACT,CAAC;IACF,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,QAAQ,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;IAC7E,IAAI,CAAC,YAAY,EAAE;QACjB,MAAM,uCAAuC,CAAC;KAC/C;IACD,OAAO,YAAY,CAAC;AACtB,CAAC,CAAA,CAAC;AAbW,QAAA,wBAAwB,4BAanC"}
|
|
@@ -1,13 +1,3 @@
|
|
|
1
|
-
/** Copyright © 2024-present P0 Security
|
|
2
|
-
|
|
3
|
-
This file is part of @p0security/cli
|
|
4
|
-
|
|
5
|
-
@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
|
|
6
|
-
|
|
7
|
-
@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
-
|
|
9
|
-
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
10
|
-
**/
|
|
11
1
|
import { TokenResponse } from "../../types/oidc";
|
|
12
2
|
import { OrgData } from "../../types/org";
|
|
13
3
|
/** Logs in to PingOne via OIDC */
|
|
@@ -10,16 +10,30 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.pingLogin = void 0;
|
|
13
|
+
/** Copyright © 2024-present P0 Security
|
|
14
|
+
|
|
15
|
+
This file is part of @p0security/cli
|
|
16
|
+
|
|
17
|
+
@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
|
|
18
|
+
|
|
19
|
+
@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
20
|
+
|
|
21
|
+
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
22
|
+
**/
|
|
23
|
+
const authUtils_1 = require("../../types/authUtils");
|
|
13
24
|
const login_1 = require("../oidc/login");
|
|
14
25
|
/** Logs in to PingOne via OIDC */
|
|
15
26
|
const pingLogin = (org) => __awaiter(void 0, void 0, void 0, function* () {
|
|
16
27
|
return (0, login_1.oidcLogin)((0, login_1.oidcLoginSteps)(org, "openid email profile", () => {
|
|
17
|
-
|
|
18
|
-
|
|
28
|
+
const providerType = (0, authUtils_1.getProviderType)(org);
|
|
29
|
+
const providerDomain = (0, authUtils_1.getProviderDomain)(org);
|
|
30
|
+
const environmentId = (0, authUtils_1.getEnvironmentId)(org);
|
|
31
|
+
if (providerType !== "ping" || !providerDomain || !environmentId) {
|
|
32
|
+
throw `Invalid provider ${providerType} (expected ping OIDC provider)`;
|
|
19
33
|
}
|
|
20
34
|
return {
|
|
21
|
-
deviceAuthorizationUrl: `https://${
|
|
22
|
-
tokenUrl: `https://${
|
|
35
|
+
deviceAuthorizationUrl: `https://${providerDomain}/${environmentId}/as/device_authorization`,
|
|
36
|
+
tokenUrl: `https://${providerDomain}/${environmentId}/as/token`,
|
|
23
37
|
};
|
|
24
38
|
}));
|
|
25
39
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../../src/plugins/ping/login.ts"],"names":[],"mappings":";;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"login.js","sourceRoot":"","sources":["../../../../src/plugins/ping/login.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;;;;;;GASG;AACH,qDAI+B;AAG/B,yCAA0D;AAE1D,kCAAkC;AAC3B,MAAM,SAAS,GAAG,CAAO,GAAY,EAAE,EAAE;IAC9C,OAAA,IAAA,iBAAS,EACP,IAAA,sBAAc,EAAC,GAAG,EAAE,sBAAsB,EAAE,GAAG,EAAE;QAC/C,MAAM,YAAY,GAAG,IAAA,2BAAe,EAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,cAAc,GAAG,IAAA,6BAAiB,EAAC,GAAG,CAAC,CAAC;QAC9C,MAAM,aAAa,GAAG,IAAA,4BAAgB,EAAC,GAAG,CAAC,CAAC;QAE5C,IAAI,YAAY,KAAK,MAAM,IAAI,CAAC,cAAc,IAAI,CAAC,aAAa,EAAE;YAChE,MAAM,oBAAoB,YAAY,gCAAgC,CAAC;SACxE;QACD,OAAO;YACL,sBAAsB,EAAE,WAAW,cAAc,IAAI,aAAa,0BAA0B;YAC5F,QAAQ,EAAE,WAAW,cAAc,IAAI,aAAa,WAAW;SAChE,CAAC;IACJ,CAAC,CAAC,CACH,CAAA;EAAA,CAAC;AAfS,QAAA,SAAS,aAelB"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
/** Copyright © 2024-present P0 Security
|
|
2
|
+
|
|
3
|
+
This file is part of @p0security/cli
|
|
4
|
+
|
|
5
|
+
@p0security/cli is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
|
|
6
|
+
|
|
7
|
+
@p0security/cli is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
8
|
+
|
|
9
|
+
You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
|
|
10
|
+
**/
|
|
11
|
+
import type { OrgData } from "./org";
|
|
12
|
+
/** Helper functions to access auth fields */
|
|
13
|
+
/** Get provider type from org data */
|
|
14
|
+
export declare const getProviderType: (org: OrgData) => "cloudflare" | "okta" | "ping" | undefined;
|
|
15
|
+
/** Get provider domain from org data */
|
|
16
|
+
export declare const getProviderDomain: (org: OrgData) => string | undefined;
|
|
17
|
+
/** Get client ID from org data */
|
|
18
|
+
export declare const getClientId: (org: OrgData) => string | undefined;
|
|
19
|
+
/** Get environment ID from org data */
|
|
20
|
+
export declare const getEnvironmentId: (org: OrgData) => string | undefined;
|
|
21
|
+
/** Get SSO provider from org data */
|
|
22
|
+
export declare const getSsoProvider: (org: OrgData) => string | undefined;
|
|
23
|
+
/** Get provider ID from org data */
|
|
24
|
+
export declare const getProviderId: (org: OrgData) => string | undefined;
|
|
25
|
+
/** Check if org uses password authentication */
|
|
26
|
+
export declare const usePasswordAuth: (org: OrgData) => boolean;
|
|
27
|
+
/** Get Microsoft primary domain from org data (for Azure/Microsoft providers) */
|
|
28
|
+
export declare const getMicrosoftPrimaryDomain: (org: OrgData) => string | undefined;
|