@rockcarver/frodo-lib 0.11.0 → 0.11.1-2

package/.github/workflows/pipeline.yml

@@ -47,11 +47,20 @@ jobs:
       #
       # Run tests.
       #
-      - name: Test Suites
+      - name: Direct Tests
         env:
-          FIDC_TENANT_URL: ${{ secrets.FIDC_TENANT_URL }}
-          FIDC_TENANT_ADMIN_USERNAME: ${{ secrets.FIDC_TENANT_ADMIN_USERNAME }}
-          FIDC_TENANT_ADMIN_PASSWORD: ${{ secrets.FIDC_TENANT_ADMIN_PASSWORD }}
+          FRODO_HOST: ${{ secrets.FIDC_TENANT_URL }}
+          FRODO_USER: ${{ secrets.FIDC_TENANT_ADMIN_USERNAME }}
+          FRODO_PASSWORD: ${{ secrets.FIDC_TENANT_ADMIN_PASSWORD }}
+        run: |
+          npm test
+
+      - name: Proxy Tests
+        env:
+          HTTPS_PROXY: 'http://127.0.0.1:3128'
+          FRODO_HOST: ${{ secrets.FIDC_TENANT_URL }}
+          FRODO_USER: ${{ secrets.FIDC_TENANT_ADMIN_USERNAME }}
+          FRODO_PASSWORD: ${{ secrets.FIDC_TENANT_ADMIN_PASSWORD }}
         run: |
           npm test
 
@@ -59,25 +68,6 @@ jobs:
         run: |
           npm audit
 
-      # - name: Direct Tests
-      #   env:
-      #     FIDC_TENANT_URL: ${{ secrets.FIDC_TENANT_URL }}
-      #     FIDC_TENANT_ADMIN_USERNAME: ${{ secrets.FIDC_TENANT_ADMIN_USERNAME }}
-      #     FIDC_TENANT_ADMIN_PASSWORD: ${{ secrets.FIDC_TENANT_ADMIN_PASSWORD }}
-      #   run: |
-      #     frodo conn add "$FIDC_TENANT_URL" "$FIDC_TENANT_ADMIN_USERNAME" "$FIDC_TENANT_ADMIN_PASSWORD"
-      #     frodo info "$FIDC_TENANT_URL"
-
-      # - name: Proxy Tests
-      #   env:
-      #     HTTPS_PROXY: "http://127.0.0.1:3128"
-      #     FIDC_TENANT_URL: ${{ secrets.FIDC_TENANT_URL }}
-      #     FIDC_TENANT_ADMIN_USERNAME: ${{ secrets.FIDC_TENANT_ADMIN_USERNAME }}
-      #     FIDC_TENANT_ADMIN_PASSWORD: ${{ secrets.FIDC_TENANT_ADMIN_PASSWORD }}
-      #   run: |
-      #     frodo conn add "$FIDC_TENANT_URL" "$FIDC_TENANT_ADMIN_USERNAME" "$FIDC_TENANT_ADMIN_PASSWORD"
-      #     frodo info "$FIDC_TENANT_URL"
-
   update-changelog:
     needs: smoke-tests
     name: 'Update Changelog'

package/CHANGELOG.md

@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.11.1-2] - 2022-08-18
+
+## [0.11.1-1] - 2022-08-18
+
+## [0.11.1-0] - 2022-08-17
+
 ## [0.11.0] - 2022-08-16
 
 ### Changed
@@ -411,7 +417,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 -   Fixed problem with adding connection profiles
 -   Miscellaneous bug fixes
 
-[Unreleased]: https://github.com/rockcarver/frodo/compare/v0.10.4...HEAD
+[Unreleased]: https://github.com/rockcarver/frodo-lib/compare/v0.11.1-2...HEAD
+
+[0.11.1-2]: https://github.com/rockcarver/frodo-lib/compare/v0.11.1-1...v0.11.1-2
+
+[0.11.1-1]: https://github.com/rockcarver/frodo-lib/compare/v0.11.1-0...v0.11.1-1
+
+[0.11.1-0]: https://github.com/rockcarver/frodo-lib/compare/v0.10.4...v0.11.1-0
 
 [0.10.4]: https://github.com/rockcarver/frodo/compare/v0.10.3...v0.10.4
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rockcarver/frodo-lib",
-  "version": "0.11.0",
+  "version": "0.11.1-2",
   "type": "module",
   "description": "ForgeROck DO Library, frodo-lib, a library to manage ForgeRock platform deployments supporting Identity Cloud tenants, ForgeOps deployments, and classic deployments.",
   "keywords": [
@@ -27,8 +27,8 @@
   },
   "main": "src/index.js",
   "scripts": {
-    "test": "node --experimental-vm-modules node_modules/jest/bin/jest.js",
-    "test:watch": "node --experimental-vm-modules node_modules/jest/bin/jest.js --watch",
+    "test": "node --no-warnings --experimental-vm-modules node_modules/jest/bin/jest.js",
+    "test:watch": "node --no-warnings --experimental-vm-modules node_modules/jest/bin/jest.js --watch",
     "lint": "eslint --ext .js --ignore-path .gitignore ."
   },
   "jest": {

package/src/index.js

@@ -30,3 +30,4 @@ export * as Variables from './ops/VariablesOps.js';
 // TODO: reconsider the aproach to pass in state from client
 // lib should be stateless, an aplication should own its state
 export * as state from './storage/SessionStorage.js';
+export * as OAuth2OIDCApi from './api/OAuth2OIDCApi.js';

package/src/ops/AuthenticateOps.test.js

@@ -0,0 +1,14 @@
+import { Authenticate, state } from '../index.js';
+
+describe('AuthenticationOps.js', () => {
+  test('getTokens() 1: ', async () => {
+    state.default.session.setTenant(process.env.FRODO_HOST);
+    state.default.session.setRealm('alpha');
+    state.default.session.setUsername(process.env.FRODO_USER);
+    state.default.session.setPassword(process.env.FRODO_PASSWORD);
+    await Authenticate.getTokens();
+    expect(state.default.session.getCookieName()).toBeTruthy();
+    expect(state.default.session.getCookieValue()).toBeTruthy();
+    expect(state.default.session.getBearerToken()).toBeTruthy();
+  });
+});

package/src/ops/ConnectionProfileOps.js

@@ -1,5 +1,6 @@
 import fs from 'fs';
 import os from 'os';
+import path from 'path';
 import storage from '../storage/SessionStorage.js';
 import DataProtection from './utils/DataProtection.js';
 import {
@@ -7,6 +8,7 @@ import {
   createTable,
   printMessage,
 } from './utils/Console.js';
+import { FRODO_CONNECTION_PROFILES_PATH_KEY } from '../storage/StaticStorage.js';
 
 const dataProtection = new DataProtection();
 
@@ -15,14 +17,16 @@ const fileOptions = {
   indentation: 4,
 };
 
-const getConnectionProfilesFolder = () => `${os.homedir()}/.frodo`;
-
 /**
  * Get connection profiles file name
  * @returns {String} connection profiles file name
  */
-export function getConnectionProfilesFileName() {
-  return `${os.homedir()}/.frodo/.frodorc`;
+export function getConnectionProfilesPath() {
+  return (
+    storage.session.getConnectionProfilesPath() ||
+    process.env[FRODO_CONNECTION_PROFILES_PATH_KEY] ||
+    `${os.homedir()}/.frodo/.frodorc`
+  );
 }
 
 /**
@@ -47,7 +51,7 @@ function findConnectionProfile(connectionProfiles, host) {
  * @param {boolean} long Long list format with details
  */
 export function listConnectionProfiles(long = false) {
-  const filename = getConnectionProfilesFileName();
+  const filename = getConnectionProfilesPath();
   try {
     const data = fs.readFileSync(filename, 'utf8');
     const connectionsData = JSON.parse(data);
@@ -80,8 +84,8 @@ export function listConnectionProfiles(long = false) {
  */
 export function initConnectionProfiles() {
   // create connections.json file if it doesn't exist
-  const folderName = getConnectionProfilesFolder();
-  const filename = getConnectionProfilesFileName();
+  const filename = getConnectionProfilesPath();
+  const folderName = path.dirname(filename);
   if (!fs.existsSync(folderName)) {
     fs.mkdirSync(folderName, { recursive: true });
     if (!fs.existsSync(filename)) {
@@ -121,7 +125,7 @@ export function initConnectionProfiles() {
  */
 export async function getConnectionProfileByHost(host) {
   try {
-    const filename = getConnectionProfilesFileName();
+    const filename = getConnectionProfilesPath();
     const connectionsData = JSON.parse(
       fs.readFileSync(filename, fileOptions.options)
     );
@@ -163,7 +167,7 @@ export async function getConnectionProfile() {
  * Save connection profile
  */
 export async function saveConnectionProfile() {
-  const filename = getConnectionProfilesFileName();
+  const filename = getConnectionProfilesPath();
   printMessage(`Saving creds in ${filename}...`);
   let connectionsData = {};
   let existingData = {};
@@ -174,13 +178,13 @@ export async function saveConnectionProfile() {
     if (connectionsData[storage.session.getTenant()]) {
       existingData = connectionsData[storage.session.getTenant()];
       printMessage(
-        `Updating existing connection profile ${storage.session.getTenant()}`
+        `Updating connection profile ${storage.session.getTenant()}`
       );
     } else
       printMessage(`Adding connection profile ${storage.session.getTenant()}`);
   } catch (e) {
     printMessage(
-      `Creating connection profile file ${filename} with ${storage.session.getTenant()}`
+      `Creating connection profiles file ${filename} with ${storage.session.getTenant()}`
     );
   }
   if (storage.session.getUsername())
@@ -203,7 +207,7 @@ export async function saveConnectionProfile() {
  * @param {String} host host tenant host url or unique substring
  */
 export function deleteConnectionProfile(host) {
-  const filename = getConnectionProfilesFileName();
+  const filename = getConnectionProfilesPath();
   let connectionsData = {};
   fs.stat(filename, (err) => {
     if (err == null) {

package/src/ops/ConnectionProfileOps.test.js

@@ -0,0 +1,90 @@
+import fs from 'fs';
+import { homedir } from 'os';
+import { ConnectionProfile, state } from '../index.js';
+import {
+  FRODO_CONNECTION_PROFILES_PATH_KEY,
+  FRODO_MASTER_KEY_PATH_KEY,
+  FRODO_MASTER_KEY_KEY,
+} from '../storage/StaticStorage.js';
+
+describe('ConnectionProfileOps.js', () => {
+  test('saveConnectionProfile() 1: Create connection profiles in location from state field', async () => {
+    const host = 'https://openam-tenant-name.forgeblocks.com/am';
+    const user = 'frodo.baggins@shire.me';
+    const password = 'G@nd@lfTheW153';
+    const connectionProfilePath = `${homedir()}/connections1.json`;
+
+    state.default.session.setTenant(host);
+    state.default.session.setUsername(user);
+    state.default.session.setPassword(password);
+    state.default.session.setConnectionProfilesPath(connectionProfilePath);
+    await ConnectionProfile.saveConnectionProfile();
+    expect(fs.existsSync(connectionProfilePath)).toBeTruthy();
+    const connections = JSON.parse(
+      fs.readFileSync(connectionProfilePath, {
+        options: 'utf8',
+        indentation: 4,
+      })
+    );
+    expect(connections).toBeTruthy();
+    expect(connections[host]).toBeTruthy();
+    expect(connections[host].username).toEqual(user);
+    expect(connections[host].encodedPassword).toBeTruthy();
+  });
+
+  test(`saveConnectionProfile() 2: Create connection profiles in location from env ${FRODO_MASTER_KEY_PATH_KEY}`, async () => {
+    const host = 'https://openam-tenant-name.forgeblocks.com/am';
+    const user = 'frodo.baggins@shire.me';
+    const password = 'G@nd@lfTheW153';
+    const connectionProfilePath = `${homedir()}/connections2.json`;
+    // set the hard-coded master key
+    process.env[FRODO_CONNECTION_PROFILES_PATH_KEY] = connectionProfilePath;
+
+    state.default.session.setTenant(host);
+    state.default.session.setUsername(user);
+    state.default.session.setPassword(password);
+    state.default.session.setConnectionProfilesPath(null);
+    await ConnectionProfile.saveConnectionProfile();
+    expect(ConnectionProfile.getConnectionProfilesPath()).toEqual(
+      connectionProfilePath
+    );
+    expect(fs.existsSync(connectionProfilePath)).toBeTruthy();
+    const connections = JSON.parse(
+      fs.readFileSync(connectionProfilePath, {
+        options: 'utf8',
+        indentation: 4,
+      })
+    );
+    expect(connections).toBeTruthy();
+    expect(connections[host]).toBeTruthy();
+    expect(connections[host].username).toEqual(user);
+    expect(connections[host].encodedPassword).toBeTruthy();
+  });
+
+  test(`saveConnectionProfile() 3: Use Master Key from env ${FRODO_MASTER_KEY_KEY}`, async () => {
+    const host = 'https://openam-tenant-name.forgeblocks.com/am';
+    const user = 'frodo.baggins@shire.me';
+    const password = 'G@nd@lfTheW153';
+    const connectionProfilePath = `${homedir()}/connections3.json`;
+    const masterKey = 'bxnQlhcU5VfyDs+BBPhRhK09yHaNtdIIk85HUMKBnqg=';
+    // set the hard-coded master key
+    process.env[FRODO_MASTER_KEY_KEY] = masterKey;
+
+    state.default.session.setTenant(host);
+    state.default.session.setUsername(user);
+    state.default.session.setPassword(password);
+    state.default.session.setConnectionProfilesPath(connectionProfilePath);
+    await ConnectionProfile.saveConnectionProfile();
+    expect(fs.existsSync(connectionProfilePath)).toBeTruthy();
+    const connections = JSON.parse(
+      fs.readFileSync(connectionProfilePath, {
+        options: 'utf8',
+        indentation: 4,
+      })
+    );
+    expect(connections).toBeTruthy();
+    expect(connections[host]).toBeTruthy();
+    expect(connections[host].username).toEqual(user);
+    expect(connections[host].encodedPassword).toBeTruthy();
+  });
+});

package/src/ops/utils/DataProtection.js

@@ -14,6 +14,11 @@ import crypto from 'crypto';
 import { homedir } from 'os';
 import { promisify } from 'util';
 import { printMessage } from './Console.js';
+import storage from '../../storage/SessionStorage.js';
+import {
+  FRODO_MASTER_KEY_PATH_KEY,
+  FRODO_MASTER_KEY_KEY,
+} from '../../storage/StaticStorage.js';
 
 const scrypt = promisify(crypto.scrypt);
 // using WeakMaps for added security since  it gets garbage collected
@@ -25,10 +30,15 @@ const _encrypt = new WeakMap();
 
 class DataProtection {
   constructor() {
-    const masterKeyPath = () => `${homedir()}/.frodo/masterkey.key`;
+    const masterKeyPath = () =>
+      storage.session.getMasterKeyPath() ||
+      process.env[FRODO_MASTER_KEY_PATH_KEY] ||
+      `${homedir()}/.frodo/masterkey.key`;
     // Generates a master key in base64 format. This master key will be used to derive the key for encryption. this key should be protected by an HSM or KMS
     _masterKey.set(this, async () => {
       try {
+        if (process.env[FRODO_MASTER_KEY_KEY])
+          return process.env[FRODO_MASTER_KEY_KEY];
         if (!fs.existsSync(masterKeyPath())) {
           const masterKey = crypto.randomBytes(32).toString('base64');
           await fsp.writeFile(masterKeyPath(), masterKey);

package/src/storage/SessionStorage.js

@@ -41,5 +41,10 @@ export default {
       _sessionStorage.frodoVersion || `v${pkg.version} [${process.version}]`,
     setAllowInsecureConnection: (value) => (_sessionStorage.insecure = value),
     getAllowInsecureConnection: () => _sessionStorage.insecure,
+    setConnectionProfilesPath: (value) =>
+      (_sessionStorage.connectionProfilesPath = value),
+    getConnectionProfilesPath: () => _sessionStorage.connectionProfilesPath,
+    setMasterKeyPath: (value) => (_sessionStorage.masterKeyPath = value),
+    getMasterKeyPath: () => _sessionStorage.masterKeyPath,
   },
 };

package/src/storage/StaticStorage.js

@@ -13,3 +13,7 @@ export const DEPLOYMENT_TYPE_REALM_MAP = {
   [FORGEOPS_DEPLOYMENT_TYPE_KEY]: '/',
 };
 export const FRODO_METADATA_ID = 'frodo';
+export const FRODO_CONNECTION_PROFILES_PATH_KEY =
+  'FRODO_CONNECTION_PROFILES_PATH';
+export const FRODO_MASTER_KEY_PATH_KEY = 'FRODO_MASTER_KEY_PATH';
+export const FRODO_MASTER_KEY_KEY = 'FRODO_MASTER_KEY';

package/test/e2e/setup.js

@@ -1,5 +1,4 @@
-import fs from 'fs';
-import { Authenticate, state } from '../../src/index.js';
+import { ConnectionProfile, Authenticate, state } from '../../src/index.js';
 
 export default async function setup(globalConfig) {
   let run = globalConfig.nonFlagArgs.length === 0;
@@ -12,19 +11,17 @@ export default async function setup(globalConfig) {
     // make sure we have connectivity
     try {
       state.default.session.setTenant(
-        process.env.FIDC_TENANT_URL ||
-          'https://openam-frodo-dev.forgeblocks.com/am'
+        process.env.FRODO_HOST || 'https://openam-frodo-dev.forgeblocks.com/am'
       );
-      state.default.session.setRealm('alpha');
+      state.default.session.setRealm(process.env.FRODO_REALM || 'alpha');
       state.default.session.setUsername(
-        process.env.FIDC_TENANT_ADMIN_USERNAME ||
-          'volker.scheuber@forgerock.com'
+        process.env.FRODO_USER || 'volker.scheuber@forgerock.com'
       );
       state.default.session.setPassword(
-        process.env.FIDC_TENANT_ADMIN_PASSWORD ||
-          fs.readFileSync(new URL('./FIDC_TENANT_PWD', import.meta.url))
+        process.env.FRODO_PASSWORD || '99Luftballons!'
       );
 
+      await ConnectionProfile.saveConnectionProfile();
       await Authenticate.getTokens();
       if (
         state.default.session.getCookieName() &&

package/test/global/setup.js

@@ -1,7 +1,7 @@
-import e2e from '../e2e/setup.js';
+// import e2e from '../e2e/setup.js';
 
 export default async function setup(globalConfig) {
-  e2e(globalConfig);
+  // e2e(globalConfig);
 }
 
 /*