@p0security/cli 0.21.0 → 0.22.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/dist/commands/login.js +4 -2
- package/build/dist/commands/login.js.map +1 -1
- package/build/dist/commands/shared/request.js +2 -1
- package/build/dist/commands/shared/request.js.map +1 -1
- package/build/dist/drivers/auth/index.js +18 -2
- package/build/dist/drivers/auth/index.js.map +1 -1
- package/build/dist/drivers/firestore.js +8 -2
- package/build/dist/drivers/firestore.js.map +1 -1
- package/build/dist/plugins/azure/login.js +19 -8
- package/build/dist/plugins/azure/login.js.map +1 -1
- package/build/dist/plugins/login.d.ts +0 -10
- package/build/dist/plugins/login.js +18 -1
- package/build/dist/plugins/login.js.map +1 -1
- package/build/dist/plugins/oidc/login.js +22 -8
- package/build/dist/plugins/oidc/login.js.map +1 -1
- package/build/dist/plugins/okta/login.js +21 -7
- package/build/dist/plugins/okta/login.js.map +1 -1
- package/build/dist/plugins/ping/login.d.ts +0 -10
- package/build/dist/plugins/ping/login.js +18 -4
- package/build/dist/plugins/ping/login.js.map +1 -1
- package/build/dist/types/authUtils.d.ts +28 -0
- package/build/dist/types/authUtils.js +58 -0
- package/build/dist/types/authUtils.js.map +1 -0
- package/build/dist/types/org.d.ts +54 -11
- package/build/dist/types/request.d.ts +1 -0
- package/build/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getMicrosoftPrimaryDomain = exports.usePasswordAuth = exports.getProviderId = exports.getSsoProvider = exports.getEnvironmentId = exports.getClientId = exports.getProviderDomain = exports.getProviderType = void 0;
|
|
4
|
+
/** Helper functions to access auth fields */
|
|
5
|
+
/** Get provider type from org data */
|
|
6
|
+
const getProviderType = (org) => {
|
|
7
|
+
return org.auth.type === "sso" && "providerType" in org.auth.provider
|
|
8
|
+
? org.auth.provider.providerType
|
|
9
|
+
: undefined;
|
|
10
|
+
};
|
|
11
|
+
exports.getProviderType = getProviderType;
|
|
12
|
+
/** Get provider domain from org data */
|
|
13
|
+
const getProviderDomain = (org) => {
|
|
14
|
+
return org.auth.type === "sso" && "providerDomain" in org.auth.provider
|
|
15
|
+
? org.auth.provider.providerDomain
|
|
16
|
+
: undefined;
|
|
17
|
+
};
|
|
18
|
+
exports.getProviderDomain = getProviderDomain;
|
|
19
|
+
/** Get client ID from org data */
|
|
20
|
+
const getClientId = (org) => {
|
|
21
|
+
return org.auth.type === "sso" && "clientId" in org.auth.provider
|
|
22
|
+
? org.auth.provider.clientId
|
|
23
|
+
: undefined;
|
|
24
|
+
};
|
|
25
|
+
exports.getClientId = getClientId;
|
|
26
|
+
/** Get environment ID from org data */
|
|
27
|
+
const getEnvironmentId = (org) => {
|
|
28
|
+
return org.auth.type === "sso" && "environmentId" in org.auth.provider
|
|
29
|
+
? org.auth.provider.environmentId
|
|
30
|
+
: undefined;
|
|
31
|
+
};
|
|
32
|
+
exports.getEnvironmentId = getEnvironmentId;
|
|
33
|
+
/** Get SSO provider from org data */
|
|
34
|
+
const getSsoProvider = (org) => {
|
|
35
|
+
return org.auth.type === "sso" ? org.auth.provider.ssoProvider : undefined;
|
|
36
|
+
};
|
|
37
|
+
exports.getSsoProvider = getSsoProvider;
|
|
38
|
+
/** Get provider ID from org data */
|
|
39
|
+
const getProviderId = (org) => {
|
|
40
|
+
return org.auth.type === "sso" && "providerId" in org.auth.provider
|
|
41
|
+
? org.auth.provider.providerId
|
|
42
|
+
: undefined;
|
|
43
|
+
};
|
|
44
|
+
exports.getProviderId = getProviderId;
|
|
45
|
+
/** Check if org uses password authentication */
|
|
46
|
+
const usePasswordAuth = (org) => {
|
|
47
|
+
return org.auth.type === "password";
|
|
48
|
+
};
|
|
49
|
+
exports.usePasswordAuth = usePasswordAuth;
|
|
50
|
+
/** Get Microsoft primary domain from org data (for Azure/Microsoft providers) */
|
|
51
|
+
const getMicrosoftPrimaryDomain = (org) => {
|
|
52
|
+
return org.auth.type === "sso" &&
|
|
53
|
+
"microsoftPrimaryDomain" in org.auth.provider
|
|
54
|
+
? org.auth.provider.microsoftPrimaryDomain
|
|
55
|
+
: undefined;
|
|
56
|
+
};
|
|
57
|
+
exports.getMicrosoftPrimaryDomain = getMicrosoftPrimaryDomain;
|
|
58
|
+
//# sourceMappingURL=authUtils.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"authUtils.js","sourceRoot":"","sources":["../../../src/types/authUtils.ts"],"names":[],"mappings":";;;AAYA,6CAA6C;AAE7C,sCAAsC;AAC/B,MAAM,eAAe,GAAG,CAC7B,GAAY,EACgC,EAAE;IAC9C,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,IAAI,cAAc,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ;QACnE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY;QAChC,CAAC,CAAC,SAAS,CAAC;AAChB,CAAC,CAAC;AANW,QAAA,eAAe,mBAM1B;AAEF,wCAAwC;AACjC,MAAM,iBAAiB,GAAG,CAAC,GAAY,EAAsB,EAAE;IACpE,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,IAAI,gBAAgB,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ;QACrE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,cAAc;QAClC,CAAC,CAAC,SAAS,CAAC;AAChB,CAAC,CAAC;AAJW,QAAA,iBAAiB,qBAI5B;AAEF,kCAAkC;AAC3B,MAAM,WAAW,GAAG,CAAC,GAAY,EAAsB,EAAE;IAC9D,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,IAAI,UAAU,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ;QAC/D,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ;QAC5B,CAAC,CAAC,SAAS,CAAC;AAChB,CAAC,CAAC;AAJW,QAAA,WAAW,eAItB;AAEF,uCAAuC;AAChC,MAAM,gBAAgB,GAAG,CAAC,GAAY,EAAsB,EAAE;IACnE,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,IAAI,eAAe,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ;QACpE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa;QACjC,CAAC,CAAC,SAAS,CAAC;AAChB,CAAC,CAAC;AAJW,QAAA,gBAAgB,oBAI3B;AAEF,qCAAqC;AAC9B,MAAM,cAAc,GAAG,CAAC,GAAY,EAAsB,EAAE;IACjE,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;AAC7E,CAAC,CAAC;AAFW,QAAA,cAAc,kBAEzB;AAEF,oCAAoC;AAC7B,MAAM,aAAa,GAAG,CAAC,GAAY,EAAsB,EAAE;IAChE,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,IAAI,YAAY,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ;QACjE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU;QAC9B,CAAC,CAAC,SAAS,CAAC;AAChB,CAAC,CAAC;AAJW,QAAA,aAAa,iBAIxB;AAEF,gDAAgD;AACzC,MAAM,eAAe,GAAG,CAAC,GAAY,EAAW,EAAE;IACvD,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,UAAU,CAAC;AACtC,CAAC,CAAC;AAFW,QAAA,eAAe,mBAE1B;AAEF,iFAAiF;AAC1E,MAAM,yBAAyB,GAAG,CAAC,GAAY,EAAsB,EAAE;IAC5E,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK;QAC5B,wBAAwB,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ;QAC7C,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB;QAC1C,CAAC,CAAC,SAAS,CAAC;AAChB,CAAC,CAAC;AALW,QAAA,yBAAyB,6BAKpC"}
|
|
@@ -30,24 +30,67 @@ export type GoogleApplicationConfig = ApplicationConfig & {
|
|
|
30
30
|
};
|
|
31
31
|
};
|
|
32
32
|
export type Config = ApplicationConfig | GoogleApplicationConfig;
|
|
33
|
-
type
|
|
33
|
+
type GoogleOidcProvider = {
|
|
34
|
+
ssoProvider: "google-oidc";
|
|
35
|
+
};
|
|
36
|
+
type GoogleSsoProvider = {
|
|
37
|
+
ssoProvider: "google";
|
|
38
|
+
};
|
|
39
|
+
type LegacyOktaSsoProvider = {
|
|
40
|
+
ssoProvider: "okta";
|
|
41
|
+
providerId: string;
|
|
42
|
+
};
|
|
43
|
+
type CommonOidcProvider = {
|
|
44
|
+
providerId: string;
|
|
45
|
+
providerDomain: string;
|
|
34
46
|
clientId: string;
|
|
47
|
+
};
|
|
48
|
+
type AzureOidcProvider = Partial<CommonOidcProvider> & {
|
|
49
|
+
ssoProvider: "azure-oidc";
|
|
50
|
+
microsoftPrimaryDomain: string;
|
|
51
|
+
};
|
|
52
|
+
type MicrosoftSsoProvider = Partial<CommonOidcProvider> & {
|
|
53
|
+
ssoProvider: "microsoft";
|
|
54
|
+
microsoftPrimaryDomain: string;
|
|
55
|
+
};
|
|
56
|
+
type BaseOidcPkceProvider = {
|
|
57
|
+
ssoProvider: "oidc-pkce";
|
|
35
58
|
providerId: string;
|
|
36
|
-
providerDomain
|
|
37
|
-
|
|
38
|
-
|
|
59
|
+
providerDomain: string;
|
|
60
|
+
clientId: string;
|
|
61
|
+
};
|
|
62
|
+
type OktaOidcPkceProvider = BaseOidcPkceProvider & {
|
|
63
|
+
providerType: "okta";
|
|
64
|
+
authServerPath?: string;
|
|
65
|
+
};
|
|
66
|
+
type PingIdOidcPkceProvider = BaseOidcPkceProvider & {
|
|
67
|
+
providerType: "ping";
|
|
68
|
+
environmentId: string;
|
|
69
|
+
};
|
|
70
|
+
type CloudflareOidcPkceProvider = BaseOidcPkceProvider & {
|
|
71
|
+
providerType: "cloudflare";
|
|
72
|
+
clientSecret: string;
|
|
73
|
+
};
|
|
74
|
+
type OidcPkceProvider = CloudflareOidcPkceProvider | OktaOidcPkceProvider | PingIdOidcPkceProvider;
|
|
75
|
+
type SsoProvider = AzureOidcProvider | GoogleOidcProvider | GoogleSsoProvider | LegacyOktaSsoProvider | MicrosoftSsoProvider | OidcPkceProvider;
|
|
76
|
+
type OrgMagicLinkAuth = {
|
|
77
|
+
type: "magic-link";
|
|
78
|
+
};
|
|
79
|
+
type OrgPasswordAuth = {
|
|
80
|
+
type: "password";
|
|
81
|
+
};
|
|
82
|
+
type OrgSsoAuth = {
|
|
83
|
+
type: "sso";
|
|
84
|
+
provider: SsoProvider;
|
|
85
|
+
};
|
|
86
|
+
export type OrgAuth = OrgMagicLinkAuth | OrgPasswordAuth | OrgSsoAuth;
|
|
87
|
+
export type RawOrgData = {
|
|
39
88
|
tenantId: string;
|
|
89
|
+
auth: OrgAuth;
|
|
40
90
|
config: Config;
|
|
41
91
|
/** Swaps API auth to tokens from the ssoProvider, rather than firebase */
|
|
42
92
|
useProviderToken?: boolean;
|
|
43
93
|
};
|
|
44
|
-
/** Publicly readable organization data */
|
|
45
|
-
export type RawOrgData = BaseOrgData & ({
|
|
46
|
-
providerType?: "okta";
|
|
47
|
-
} | {
|
|
48
|
-
providerType?: "ping";
|
|
49
|
-
environmentId: string;
|
|
50
|
-
});
|
|
51
94
|
export type OrgData = RawOrgData & {
|
|
52
95
|
slug: string;
|
|
53
96
|
};
|