@rockcarver/frodo-lib 0.16.2-8 → 0.17.0

package/cjs/ops/AuthenticateOps.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthenticateOps.js","names":["adminClientPassword","redirectUrlTemplate","idmAdminScope","adminClientId","getCookieName","getServerInfo","data","cookieName","error","printMessage","checkAndHandle2FA","payload","element","callbacks","type","input","value","includes","need2fa","output","code","readlineSync","question","determineDefaultRealm","deploymentType","storage","session","getRealm","globalConfig","DEFAULT_REALM_KEY","setRealm","DEPLOYMENT_TYPE_REALM_MAP","determineDeploymentType","fidcClientId","forgeopsClientId","verifier","encodeBase64Url","randomBytes","challenge","createHash","update","digest","challengeMethod","redirectURL","url","resolve","getTenant","config","maxRedirects","bodyFormData","getCookieValue","CLASSIC_DEPLOYMENT_TYPE_KEY","authorize","e","response","status","headers","location","indexOf","CLOUD_DEPLOYMENT_TYPE_KEY","ex","FORGEOPS_DEPLOYMENT_TYPE_KEY","getSemanticVersion","versionInfo","versionString","version","rx","match","Error","authenticate","setCookieName","getUsername","getPassword","response1","step","skip2FA","response2","setCookieValue","getDeploymentType","setDeploymentType","getServerVersionInfo","setAmVersion","message","getAuthCode","codeChallenge","codeChallengeMethod","redirectLocationURL","request","res","responseUrl","queryObject","parse","query","getAccessToken","authCode","auth","username","password","accessToken","setBearerToken","access_token","getTokens","save","credsFromParameters","conn","getConnectionProfile","setTenant","tenant","setUsername","setPassword","setAuthenticationService","authenticationService","setAuthenticationHeaderOverrides","authenticationHeaderOverrides","getBearerToken","saveConnectionProfile"],"sources":["ops/AuthenticateOps.ts"],"sourcesContent":["import url from 'url';\nimport { createHash, randomBytes } from 'crypto';\nimport readlineSync from 'readline-sync';\nimport { encodeBase64Url } from '../api/utils/Base64';\nimport storage from '../storage/SessionStorage';\nimport * as globalConfig from '../storage/StaticStorage';\nimport { printMessage } from './utils/Console';\nimport { getServerInfo, getServerVersionInfo } from '../api/ServerInfoApi';\nimport { step } from '../api/AuthenticateApi';\nimport { accessToken, authorize } from '../api/OAuth2OIDCApi';\nimport {\n  getConnectionProfile,\n  saveConnectionProfile,\n} from './ConnectionProfileOps';\n\nconst adminClientPassword = 'doesnotmatter';\nconst redirectUrlTemplate = '/platform/appAuthHelperRedirect.html';\n\nconst idmAdminScope = 'fr:idm:* openid';\n\nlet adminClientId = 'idmAdminClient';\n\n/**\n * Helper function to get cookie name\n * @returns {String} cookie name\n */\nasync function getCookieName() {\n  try {\n    return (await getServerInfo()).data.cookieName;\n  } catch (error) {\n    printMessage(`Error getting cookie name: ${error}`, 'error');\n    return null;\n  }\n}\n\n/**\n * Helper function to determine if this is a setup mfa prompt in the ID Cloud tenant admin login journey\n * @param {Object} payload response from the previous authentication journey step\n * @returns {Object} an object indicating if 2fa is required and the original payload\n */\nfunction checkAndHandle2FA(payload) {\n  // let skippable = false;\n  if ('callbacks' in payload) {\n    for (const element of payload.callbacks) {\n      if (element.type === 'HiddenValueCallback') {\n        if (element.input[0].value.includes('skip')) {\n          // skippable = true;\n          element.input[0].value = 'Skip';\n          return {\n            need2fa: true,\n            payload,\n          };\n        }\n      }\n      if (element.type === 'NameCallback') {\n        if (element.output[0].value.includes('code')) {\n          // skippable = false;\n          printMessage('2FA is enabled and required for this user...');\n          const code = readlineSync.question(`${element.output[0].value}: `);\n          element.input[0].value = code;\n          return {\n            need2fa: true,\n            payload,\n          };\n        }\n      }\n    }\n    // console.info(\"NO2FA\");\n    return {\n      need2fa: false,\n      payload,\n    };\n  }\n  // console.info(\"NO2FA\");\n  return {\n    need2fa: false,\n    payload,\n  };\n}\n\n/**\n * Helper function to set the default realm by deployment type\n * @param {String} deploymentType deployment type\n */\nfunction determineDefaultRealm(deploymentType) {\n  if (storage.session.getRealm() === globalConfig.DEFAULT_REALM_KEY) {\n    storage.session.setRealm(\n      globalConfig.DEPLOYMENT_TYPE_REALM_MAP[deploymentType]\n    );\n  }\n}\n\n/**\n * Helper function to determine the deployment type\n * @returns {String} deployment type\n */\nasync function determineDeploymentType() {\n  const fidcClientId = 'idmAdminClient';\n  const forgeopsClientId = 'idm-admin-ui';\n\n  const verifier = encodeBase64Url(randomBytes(32));\n  const challenge = encodeBase64Url(\n    createHash('sha256').update(verifier).digest()\n  );\n  const challengeMethod = 'S256';\n  const redirectURL = url.resolve(\n    storage.session.getTenant(),\n    redirectUrlTemplate\n  );\n\n  const config = {\n    maxRedirects: 0,\n  };\n  let bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScope}&response_type=code&client_id=${fidcClientId}&csrf=${storage.session.getCookieValue()}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n\n  let deploymentType = globalConfig.CLASSIC_DEPLOYMENT_TYPE_KEY;\n  try {\n    await authorize(bodyFormData, config);\n  } catch (e) {\n    if (\n      e.response?.status === 302 &&\n      e.response.headers?.location?.indexOf('code=') > -1\n    ) {\n      printMessage('ForgeRock Identity Cloud ', 'info', false);\n      deploymentType = globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY;\n    } else {\n      try {\n        bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScope}&response_type=code&client_id=${forgeopsClientId}&csrf=${storage.session.getCookieValue()}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n        await authorize(bodyFormData, config);\n      } catch (ex) {\n        if (\n          ex.response?.status === 302 &&\n          ex.response.headers?.location?.indexOf('code=') > -1\n        ) {\n          adminClientId = forgeopsClientId;\n          printMessage('ForgeOps deployment ', 'info', false);\n          deploymentType = globalConfig.FORGEOPS_DEPLOYMENT_TYPE_KEY;\n        } else {\n          printMessage('Classic deployment ', 'info', false);\n        }\n      }\n    }\n    printMessage('detected.');\n  }\n  determineDefaultRealm(deploymentType);\n  return deploymentType;\n}\n\n/**\n * Helper function to extract the semantic version string from a version info object\n * @param {Object} versionInfo version info object\n * @returns {String} semantic version\n */\nasync function getSemanticVersion(versionInfo) {\n  if ('version' in versionInfo) {\n    const versionString = versionInfo.version;\n    const rx = /([\\d]\\.[\\d]\\.[\\d](\\.[\\d])*)/g;\n    const version = versionString.match(rx);\n    return version[0];\n  }\n  throw new Error('Cannot extract semantic version from version info object.');\n}\n\n/**\n * Helper function to authenticate and obtain and store session cookie\n * @returns {String} empty string or null\n */\nasync function authenticate() {\n  storage.session.setCookieName(await getCookieName());\n  try {\n    const config = {\n      headers: {\n        'X-OpenAM-Username': storage.session.getUsername(),\n        'X-OpenAM-Password': storage.session.getPassword(),\n      },\n    };\n    const response1 = (await step({}, config)).data;\n    const skip2FA = checkAndHandle2FA(response1);\n    let response2 = {};\n    if (skip2FA.need2fa) {\n      response2 = (await step(skip2FA.payload)).data;\n    } else {\n      response2 = skip2FA.payload;\n    }\n    if ('tokenId' in response2) {\n      storage.session.setCookieValue(response2['tokenId']);\n      if (!storage.session.getDeploymentType()) {\n        storage.session.setDeploymentType(await determineDeploymentType());\n      } else {\n        determineDefaultRealm(storage.session.getDeploymentType());\n      }\n      const versionInfo = (await getServerVersionInfo()).data;\n\n      // https://github.com/rockcarver/frodo-cli/issues/109\n      // printMessage(`Connected to ${versionInfo.fullVersion}`);\n\n      // https://github.com/rockcarver/frodo-cli/issues/102\n      printMessage(\n        `Connected to [${storage.session.getTenant()}], [${\n          !storage.session.getRealm() ? 'alpha' : storage.session.getRealm()\n        }] realm, as [${storage.session.getUsername()}]`\n      );\n      const version = await getSemanticVersion(versionInfo);\n      storage.session.setAmVersion(version);\n      return '';\n    }\n    printMessage(`error authenticating`, 'error');\n    printMessage('+++ likely cause, bad credentials!!! +++', 'error');\n    return null;\n  } catch (e) {\n    if (e.response?.status === 401) {\n      printMessage(`error authenticating - ${e.message}`, 'error');\n      printMessage('+++ likely cause, bad credentials +++', 'error');\n    }\n    if (e.message === 'self signed certificate') {\n      printMessage(`error authenticating - ${e.message}`, 'error');\n      printMessage('+++ use -k, --insecure option to allow +++', 'error');\n    } else {\n      printMessage(`error authenticating - ${e.message}`, 'error');\n      printMessage(e.response?.data, 'error');\n    }\n    return null;\n  }\n}\n\n/**\n * Helper function to obtain an oauth2 authorization code\n * @param {String} redirectURL oauth2 redirect uri\n * @param {String} codeChallenge PKCE code challenge\n * @param {String} codeChallengeMethod PKCE code challenge method\n * @returns {String} oauth2 authorization code or null\n */\nasync function getAuthCode(redirectURL, codeChallenge, codeChallengeMethod) {\n  try {\n    const bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScope}&response_type=code&client_id=${adminClientId}&csrf=${storage.session.getCookieValue()}&decision=allow&code_challenge=${codeChallenge}&code_challenge_method=${codeChallengeMethod}`;\n    const config = {\n      headers: {\n        'Content-Type': 'application/x-www-form-urlencoded',\n      },\n    };\n    const response = await authorize(bodyFormData, config);\n    if (response.status < 200 || response.status > 399) {\n      printMessage('error getting auth code', 'error');\n      printMessage(\n        'likely cause: mismatched parameters with OAuth client config',\n        'error'\n      );\n      return null;\n    }\n    const redirectLocationURL = response.request.res.responseUrl;\n    const queryObject = url.parse(redirectLocationURL, true).query;\n    if ('code' in queryObject) {\n      return queryObject.code;\n    }\n    printMessage('auth code not found', 'error');\n    return null;\n  } catch (error) {\n    printMessage(`error getting auth code - ${error.message}`, 'error');\n    printMessage(error.response.data, 'error');\n    return null;\n  }\n}\n\n/**\n * Helper function to obtain oauth2 access token\n * @returns {String} empty string or null\n */\nasync function getAccessToken() {\n  try {\n    const verifier = encodeBase64Url(randomBytes(32));\n    const challenge = encodeBase64Url(\n      createHash('sha256').update(verifier).digest()\n    );\n    const challengeMethod = 'S256';\n    const redirectURL = url.resolve(\n      storage.session.getTenant(),\n      redirectUrlTemplate\n    );\n    const authCode = await getAuthCode(redirectURL, challenge, challengeMethod);\n    if (authCode == null) {\n      printMessage('error getting auth code', 'error');\n      return null;\n    }\n    let response = null;\n    if (\n      storage.session.getDeploymentType() ===\n      globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY\n    ) {\n      const config = {\n        auth: {\n          username: adminClientId,\n          password: adminClientPassword,\n        },\n      };\n      const bodyFormData = `redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n      response = await accessToken(bodyFormData, config);\n    } else {\n      const bodyFormData = `client_id=${adminClientId}&redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n      response = await accessToken(bodyFormData);\n    }\n    if (response.status < 200 || response.status > 399) {\n      printMessage(`access token call returned ${response.status}`, 'error');\n      return null;\n    }\n    if ('access_token' in response.data) {\n      storage.session.setBearerToken(response.data.access_token);\n      return '';\n    }\n    printMessage(\"can't get access token\", 'error');\n    return null;\n  } catch (e) {\n    printMessage('error getting access token - ', 'error');\n    return null;\n  }\n}\n\n/**\n * Get tokens\n * @param {boolean} save true to save a connection profile upon successful authentication, false otherwise\n * @returns {boolean} true if tokens were successfully obtained, false otherwise\n */\nexport async function getTokens(save = false) {\n  let credsFromParameters = true;\n  // if username/password on cli are empty, try to read from connections.json\n  if (\n    storage.session.getUsername() == null &&\n    storage.session.getPassword() == null\n  ) {\n    credsFromParameters = false;\n    const conn = await getConnectionProfile();\n    if (conn) {\n      storage.session.setTenant(conn.tenant);\n      storage.session.setUsername(conn.username);\n      storage.session.setPassword(conn.password);\n      storage.session.setAuthenticationService(conn.authenticationService);\n      storage.session.setAuthenticationHeaderOverrides(\n        conn.authenticationHeaderOverrides\n      );\n    } else {\n      return false;\n    }\n  }\n  await authenticate();\n  if (\n    storage.session.getCookieValue() &&\n    !storage.session.getBearerToken() &&\n    (storage.session.getDeploymentType() ===\n      globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY ||\n      storage.session.getDeploymentType() ===\n        globalConfig.FORGEOPS_DEPLOYMENT_TYPE_KEY)\n  ) {\n    await getAccessToken();\n  }\n  if (save && storage.session.getCookieValue() && credsFromParameters) {\n    // valid cookie, which means valid username/password combo. Save it in connections.json\n    saveConnectionProfile();\n    return true;\n  }\n  if (!storage.session.getCookieValue()) {\n    return false;\n  }\n  return true;\n}\n"],"mappings":";;;;;;;AAAA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;;;;;;;;;;;AAKA,IAAMA,mBAAmB,GAAG,eAA5B;AACA,IAAMC,mBAAmB,GAAG,sCAA5B;AAEA,IAAMC,aAAa,GAAG,iBAAtB;AAEA,IAAIC,aAAa,GAAG,gBAApB;AAEA;AACA;AACA;AACA;;SACeC,a;;;AASf;AACA;AACA;AACA;AACA;;;;qCAbA,aAA+B;IAC7B,IAAI;MACF,OAAO,OAAO,IAAAC,4BAAA,GAAP,EAAwBC,IAAxB,CAA6BC,UAApC;IACD,CAFD,CAEE,OAAOC,KAAP,EAAc;MACd,IAAAC,qBAAA,uCAA2CD,KAA3C,GAAoD,OAApD;MACA,OAAO,IAAP;IACD;EACF,C;;;;AAOD,SAASE,iBAAT,CAA2BC,OAA3B,EAAoC;EAClC;EACA,IAAI,eAAeA,OAAnB,EAA4B;IAC1B,KAAK,IAAMC,OAAX,IAAsBD,OAAO,CAACE,SAA9B,EAAyC;MACvC,IAAID,OAAO,CAACE,IAAR,KAAiB,qBAArB,EAA4C;QAC1C,IAAIF,OAAO,CAACG,KAAR,CAAc,CAAd,EAAiBC,KAAjB,CAAuBC,QAAvB,CAAgC,MAAhC,CAAJ,EAA6C;UAC3C;UACAL,OAAO,CAACG,KAAR,CAAc,CAAd,EAAiBC,KAAjB,GAAyB,MAAzB;UACA,OAAO;YACLE,OAAO,EAAE,IADJ;YAELP;UAFK,CAAP;QAID;MACF;;MACD,IAAIC,OAAO,CAACE,IAAR,KAAiB,cAArB,EAAqC;QACnC,IAAIF,OAAO,CAACO,MAAR,CAAe,CAAf,EAAkBH,KAAlB,CAAwBC,QAAxB,CAAiC,MAAjC,CAAJ,EAA8C;UAC5C;UACA,IAAAR,qBAAA,EAAa,8CAAb;;UACA,IAAMW,IAAI,GAAGC,qBAAA,CAAaC,QAAb,WAAyBV,OAAO,CAACO,MAAR,CAAe,CAAf,EAAkBH,KAA3C,QAAb;;UACAJ,OAAO,CAACG,KAAR,CAAc,CAAd,EAAiBC,KAAjB,GAAyBI,IAAzB;UACA,OAAO;YACLF,OAAO,EAAE,IADJ;YAELP;UAFK,CAAP;QAID;MACF;IACF,CAxByB,CAyB1B;;;IACA,OAAO;MACLO,OAAO,EAAE,KADJ;MAELP;IAFK,CAAP;EAID,CAhCiC,CAiClC;;;EACA,OAAO;IACLO,OAAO,EAAE,KADJ;IAELP;EAFK,CAAP;AAID;AAED;AACA;AACA;AACA;;;AACA,SAASY,qBAAT,CAA+BC,cAA/B,EAA+C;EAC7C,IAAIC,uBAAA,CAAQC,OAAR,CAAgBC,QAAhB,OAA+BC,YAAY,CAACC,iBAAhD,EAAmE;IACjEJ,uBAAA,CAAQC,OAAR,CAAgBI,QAAhB,CACEF,YAAY,CAACG,yBAAb,CAAuCP,cAAvC,CADF;EAGD;AACF;AAED;AACA;AACA;AACA;;;SACeQ,uB;;;AAoDf;AACA;AACA;AACA;AACA;;;;+CAxDA,aAAyC;IACvC,IAAMC,YAAY,GAAG,gBAArB;IACA,IAAMC,gBAAgB,GAAG,cAAzB;IAEA,IAAMC,QAAQ,GAAG,IAAAC,qBAAA,EAAgB,IAAAC,mBAAA,EAAY,EAAZ,CAAhB,CAAjB;IACA,IAAMC,SAAS,GAAG,IAAAF,qBAAA,EAChB,IAAAG,kBAAA,EAAW,QAAX,EAAqBC,MAArB,CAA4BL,QAA5B,EAAsCM,MAAtC,EADgB,CAAlB;IAGA,IAAMC,eAAe,GAAG,MAAxB;;IACA,IAAMC,WAAW,GAAGC,YAAA,CAAIC,OAAJ,CAClBpB,uBAAA,CAAQC,OAAR,CAAgBoB,SAAhB,EADkB,EAElB7C,mBAFkB,CAApB;;IAKA,IAAM8C,MAAM,GAAG;MACbC,YAAY,EAAE;IADD,CAAf;IAGA,IAAIC,YAAY,0BAAmBN,WAAnB,oBAAwCzC,aAAxC,2CAAsF+B,YAAtF,mBAA2GR,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAA3G,4CAA6KZ,SAA7K,oCAAgNI,eAAhN,CAAhB;IAEA,IAAIlB,cAAc,GAAGI,YAAY,CAACuB,2BAAlC;;IACA,IAAI;MACF,MAAM,IAAAC,wBAAA,EAAUH,YAAV,EAAwBF,MAAxB,CAAN;IACD,CAFD,CAEE,OAAOM,CAAP,EAAU;MAAA;;MACV,IACE,gBAAAA,CAAC,CAACC,QAAF,4DAAYC,MAAZ,MAAuB,GAAvB,IACA,wBAAAF,CAAC,CAACC,QAAF,CAAWE,OAAX,qGAAoBC,QAApB,gFAA8BC,OAA9B,CAAsC,OAAtC,KAAiD,CAAC,CAFpD,EAGE;QACA,IAAAjD,qBAAA,EAAa,2BAAb,EAA0C,MAA1C,EAAkD,KAAlD;QACAe,cAAc,GAAGI,YAAY,CAAC+B,yBAA9B;MACD,CAND,MAMO;QACL,IAAI;UACFV,YAAY,0BAAmBN,WAAnB,oBAAwCzC,aAAxC,2CAAsFgC,gBAAtF,mBAA+GT,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAA/G,4CAAiLZ,SAAjL,oCAAoNI,eAApN,CAAZ;UACA,MAAM,IAAAU,wBAAA,EAAUH,YAAV,EAAwBF,MAAxB,CAAN;QACD,CAHD,CAGE,OAAOa,EAAP,EAAW;UAAA;;UACX,IACE,iBAAAA,EAAE,CAACN,QAAH,8DAAaC,MAAb,MAAwB,GAAxB,IACA,yBAAAK,EAAE,CAACN,QAAH,CAAYE,OAAZ,uGAAqBC,QAArB,gFAA+BC,OAA/B,CAAuC,OAAvC,KAAkD,CAAC,CAFrD,EAGE;YACAvD,aAAa,GAAG+B,gBAAhB;YACA,IAAAzB,qBAAA,EAAa,sBAAb,EAAqC,MAArC,EAA6C,KAA7C;YACAe,cAAc,GAAGI,YAAY,CAACiC,4BAA9B;UACD,CAPD,MAOO;YACL,IAAApD,qBAAA,EAAa,qBAAb,EAAoC,MAApC,EAA4C,KAA5C;UACD;QACF;MACF;;MACD,IAAAA,qBAAA,EAAa,WAAb;IACD;;IACDc,qBAAqB,CAACC,cAAD,CAArB;IACA,OAAOA,cAAP;EACD,C;;;;SAOcsC,kB;;;AAUf;AACA;AACA;AACA;;;;0CAbA,WAAkCC,WAAlC,EAA+C;IAC7C,IAAI,aAAaA,WAAjB,EAA8B;MAC5B,IAAMC,aAAa,GAAGD,WAAW,CAACE,OAAlC;MACA,IAAMC,EAAE,GAAG,8BAAX;MACA,IAAMD,OAAO,GAAGD,aAAa,CAACG,KAAd,CAAoBD,EAApB,CAAhB;MACA,OAAOD,OAAO,CAAC,CAAD,CAAd;IACD;;IACD,MAAM,IAAIG,KAAJ,CAAU,2DAAV,CAAN;EACD,C;;;;SAMcC,Y;;;AA0Df;AACA;AACA;AACA;AACA;AACA;AACA;;;;oCAhEA,aAA8B;IAC5B5C,uBAAA,CAAQC,OAAR,CAAgB4C,aAAhB,OAAoClE,aAAa,EAAjD;;IACA,IAAI;MACF,IAAM2C,MAAM,GAAG;QACbS,OAAO,EAAE;UACP,qBAAqB/B,uBAAA,CAAQC,OAAR,CAAgB6C,WAAhB,EADd;UAEP,qBAAqB9C,uBAAA,CAAQC,OAAR,CAAgB8C,WAAhB;QAFd;MADI,CAAf;MAMA,IAAMC,SAAS,GAAG,OAAO,IAAAC,qBAAA,EAAK,EAAL,EAAS3B,MAAT,CAAP,EAAyBzC,IAA3C;MACA,IAAMqE,OAAO,GAAGjE,iBAAiB,CAAC+D,SAAD,CAAjC;MACA,IAAIG,SAAS,GAAG,EAAhB;;MACA,IAAID,OAAO,CAACzD,OAAZ,EAAqB;QACnB0D,SAAS,GAAG,OAAO,IAAAF,qBAAA,EAAKC,OAAO,CAAChE,OAAb,CAAP,EAA8BL,IAA1C;MACD,CAFD,MAEO;QACLsE,SAAS,GAAGD,OAAO,CAAChE,OAApB;MACD;;MACD,IAAI,aAAaiE,SAAjB,EAA4B;QAC1BnD,uBAAA,CAAQC,OAAR,CAAgBmD,cAAhB,CAA+BD,SAAS,CAAC,SAAD,CAAxC;;QACA,IAAI,CAACnD,uBAAA,CAAQC,OAAR,CAAgBoD,iBAAhB,EAAL,EAA0C;UACxCrD,uBAAA,CAAQC,OAAR,CAAgBqD,iBAAhB,OAAwC/C,uBAAuB,EAA/D;QACD,CAFD,MAEO;UACLT,qBAAqB,CAACE,uBAAA,CAAQC,OAAR,CAAgBoD,iBAAhB,EAAD,CAArB;QACD;;QACD,IAAMf,WAAW,GAAG,OAAO,IAAAiB,mCAAA,GAAP,EAA+B1E,IAAnD,CAP0B,CAS1B;QACA;QAEA;;QACA,IAAAG,qBAAA,0BACmBgB,uBAAA,CAAQC,OAAR,CAAgBoB,SAAhB,EADnB,iBAEI,CAACrB,uBAAA,CAAQC,OAAR,CAAgBC,QAAhB,EAAD,GAA8B,OAA9B,GAAwCF,uBAAA,CAAQC,OAAR,CAAgBC,QAAhB,EAF5C,0BAGkBF,uBAAA,CAAQC,OAAR,CAAgB6C,WAAhB,EAHlB;QAKA,IAAMN,OAAO,SAASH,kBAAkB,CAACC,WAAD,CAAxC;;QACAtC,uBAAA,CAAQC,OAAR,CAAgBuD,YAAhB,CAA6BhB,OAA7B;;QACA,OAAO,EAAP;MACD;;MACD,IAAAxD,qBAAA,0BAAqC,OAArC;MACA,IAAAA,qBAAA,EAAa,0CAAb,EAAyD,OAAzD;MACA,OAAO,IAAP;IACD,CAxCD,CAwCE,OAAO4C,CAAP,EAAU;MAAA;;MACV,IAAI,iBAAAA,CAAC,CAACC,QAAF,8DAAYC,MAAZ,MAAuB,GAA3B,EAAgC;QAC9B,IAAA9C,qBAAA,mCAAuC4C,CAAC,CAAC6B,OAAzC,GAAoD,OAApD;QACA,IAAAzE,qBAAA,EAAa,uCAAb,EAAsD,OAAtD;MACD;;MACD,IAAI4C,CAAC,CAAC6B,OAAF,KAAc,yBAAlB,EAA6C;QAC3C,IAAAzE,qBAAA,mCAAuC4C,CAAC,CAAC6B,OAAzC,GAAoD,OAApD;QACA,IAAAzE,qBAAA,EAAa,4CAAb,EAA2D,OAA3D;MACD,CAHD,MAGO;QAAA;;QACL,IAAAA,qBAAA,mCAAuC4C,CAAC,CAAC6B,OAAzC,GAAoD,OAApD;QACA,IAAAzE,qBAAA,kBAAa4C,CAAC,CAACC,QAAf,iDAAa,aAAYhD,IAAzB,EAA+B,OAA/B;MACD;;MACD,OAAO,IAAP;IACD;EACF,C;;;;SASc6E,W;;;AA+Bf;AACA;AACA;AACA;;;;mCAlCA,WAA2BxC,WAA3B,EAAwCyC,aAAxC,EAAuDC,mBAAvD,EAA4E;IAC1E,IAAI;MACF,IAAMpC,YAAY,0BAAmBN,WAAnB,oBAAwCzC,aAAxC,2CAAsFC,aAAtF,mBAA4GsB,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAA5G,4CAA8KkC,aAA9K,oCAAqNC,mBAArN,CAAlB;MACA,IAAMtC,MAAM,GAAG;QACbS,OAAO,EAAE;UACP,gBAAgB;QADT;MADI,CAAf;MAKA,IAAMF,QAAQ,SAAS,IAAAF,wBAAA,EAAUH,YAAV,EAAwBF,MAAxB,CAAvB;;MACA,IAAIO,QAAQ,CAACC,MAAT,GAAkB,GAAlB,IAAyBD,QAAQ,CAACC,MAAT,GAAkB,GAA/C,EAAoD;QAClD,IAAA9C,qBAAA,EAAa,yBAAb,EAAwC,OAAxC;QACA,IAAAA,qBAAA,EACE,8DADF,EAEE,OAFF;QAIA,OAAO,IAAP;MACD;;MACD,IAAM6E,mBAAmB,GAAGhC,QAAQ,CAACiC,OAAT,CAAiBC,GAAjB,CAAqBC,WAAjD;;MACA,IAAMC,WAAW,GAAG9C,YAAA,CAAI+C,KAAJ,CAAUL,mBAAV,EAA+B,IAA/B,EAAqCM,KAAzD;;MACA,IAAI,UAAUF,WAAd,EAA2B;QACzB,OAAOA,WAAW,CAACtE,IAAnB;MACD;;MACD,IAAAX,qBAAA,EAAa,qBAAb,EAAoC,OAApC;MACA,OAAO,IAAP;IACD,CAvBD,CAuBE,OAAOD,KAAP,EAAc;MACd,IAAAC,qBAAA,sCAA0CD,KAAK,CAAC0E,OAAhD,GAA2D,OAA3D;MACA,IAAAzE,qBAAA,EAAaD,KAAK,CAAC8C,QAAN,CAAehD,IAA5B,EAAkC,OAAlC;MACA,OAAO,IAAP;IACD;EACF,C;;;;SAMcuF,c;;;AAiDf;AACA;AACA;AACA;AACA;;;;sCArDA,aAAgC;IAC9B,IAAI;MACF,IAAM1D,QAAQ,GAAG,IAAAC,qBAAA,EAAgB,IAAAC,mBAAA,EAAY,EAAZ,CAAhB,CAAjB;MACA,IAAMC,SAAS,GAAG,IAAAF,qBAAA,EAChB,IAAAG,kBAAA,EAAW,QAAX,EAAqBC,MAArB,CAA4BL,QAA5B,EAAsCM,MAAtC,EADgB,CAAlB;MAGA,IAAMC,eAAe,GAAG,MAAxB;;MACA,IAAMC,WAAW,GAAGC,YAAA,CAAIC,OAAJ,CAClBpB,uBAAA,CAAQC,OAAR,CAAgBoB,SAAhB,EADkB,EAElB7C,mBAFkB,CAApB;;MAIA,IAAM6F,QAAQ,SAASX,WAAW,CAACxC,WAAD,EAAcL,SAAd,EAAyBI,eAAzB,CAAlC;;MACA,IAAIoD,QAAQ,IAAI,IAAhB,EAAsB;QACpB,IAAArF,qBAAA,EAAa,yBAAb,EAAwC,OAAxC;QACA,OAAO,IAAP;MACD;;MACD,IAAI6C,QAAQ,GAAG,IAAf;;MACA,IACE7B,uBAAA,CAAQC,OAAR,CAAgBoD,iBAAhB,OACAlD,YAAY,CAAC+B,yBAFf,EAGE;QACA,IAAMZ,MAAM,GAAG;UACbgD,IAAI,EAAE;YACJC,QAAQ,EAAE7F,aADN;YAEJ8F,QAAQ,EAAEjG;UAFN;QADO,CAAf;QAMA,IAAMiD,YAAY,0BAAmBN,WAAnB,iDAAqEmD,QAArE,4BAA+F3D,QAA/F,CAAlB;QACAmB,QAAQ,SAAS,IAAA4C,0BAAA,EAAYjD,YAAZ,EAA0BF,MAA1B,CAAjB;MACD,CAZD,MAYO;QACL,IAAME,aAAY,uBAAgB9C,aAAhB,2BAA8CwC,WAA9C,iDAAgGmD,QAAhG,4BAA0H3D,QAA1H,CAAlB;;QACAmB,QAAQ,SAAS,IAAA4C,0BAAA,EAAYjD,aAAZ,CAAjB;MACD;;MACD,IAAIK,QAAQ,CAACC,MAAT,GAAkB,GAAlB,IAAyBD,QAAQ,CAACC,MAAT,GAAkB,GAA/C,EAAoD;QAClD,IAAA9C,qBAAA,uCAA2C6C,QAAQ,CAACC,MAApD,GAA8D,OAA9D;QACA,OAAO,IAAP;MACD;;MACD,IAAI,kBAAkBD,QAAQ,CAAChD,IAA/B,EAAqC;QACnCmB,uBAAA,CAAQC,OAAR,CAAgByE,cAAhB,CAA+B7C,QAAQ,CAAChD,IAAT,CAAc8F,YAA7C;;QACA,OAAO,EAAP;MACD;;MACD,IAAA3F,qBAAA,EAAa,wBAAb,EAAuC,OAAvC;MACA,OAAO,IAAP;IACD,CA1CD,CA0CE,OAAO4C,CAAP,EAAU;MACV,IAAA5C,qBAAA,EAAa,+BAAb,EAA8C,OAA9C;MACA,OAAO,IAAP;IACD;EACF,C;;;;SAOqB4F,S;;;;;iCAAf,aAAuC;IAAA,IAAdC,IAAc,uEAAP,KAAO;IAC5C,IAAIC,mBAAmB,GAAG,IAA1B,CAD4C,CAE5C;;IACA,IACE9E,uBAAA,CAAQC,OAAR,CAAgB6C,WAAhB,MAAiC,IAAjC,IACA9C,uBAAA,CAAQC,OAAR,CAAgB8C,WAAhB,MAAiC,IAFnC,EAGE;MACA+B,mBAAmB,GAAG,KAAtB;MACA,IAAMC,IAAI,SAAS,IAAAC,0CAAA,GAAnB;;MACA,IAAID,IAAJ,EAAU;QACR/E,uBAAA,CAAQC,OAAR,CAAgBgF,SAAhB,CAA0BF,IAAI,CAACG,MAA/B;;QACAlF,uBAAA,CAAQC,OAAR,CAAgBkF,WAAhB,CAA4BJ,IAAI,CAACR,QAAjC;;QACAvE,uBAAA,CAAQC,OAAR,CAAgBmF,WAAhB,CAA4BL,IAAI,CAACP,QAAjC;;QACAxE,uBAAA,CAAQC,OAAR,CAAgBoF,wBAAhB,CAAyCN,IAAI,CAACO,qBAA9C;;QACAtF,uBAAA,CAAQC,OAAR,CAAgBsF,gCAAhB,CACER,IAAI,CAACS,6BADP;MAGD,CARD,MAQO;QACL,OAAO,KAAP;MACD;IACF;;IACD,MAAM5C,YAAY,EAAlB;;IACA,IACE5C,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,MACA,CAACzB,uBAAA,CAAQC,OAAR,CAAgBwF,cAAhB,EADD,KAECzF,uBAAA,CAAQC,OAAR,CAAgBoD,iBAAhB,OACClD,YAAY,CAAC+B,yBADd,IAEClC,uBAAA,CAAQC,OAAR,CAAgBoD,iBAAhB,OACElD,YAAY,CAACiC,4BALjB,CADF,EAOE;MACA,MAAMgC,cAAc,EAApB;IACD;;IACD,IAAIS,IAAI,IAAI7E,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAAR,IAA4CqD,mBAAhD,EAAqE;MACnE;MACA,IAAAY,2CAAA;MACA,OAAO,IAAP;IACD;;IACD,IAAI,CAAC1F,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAAL,EAAuC;MACrC,OAAO,KAAP;IACD;;IACD,OAAO,IAAP;EACD,C"}
+{"version":3,"file":"AuthenticateOps.js","names":["adminClientPassword","redirectUrlTemplate","idmAdminScopes","serviceAccountScopes","adminClientId","determineCookieName","data","getServerInfo","debugMessage","cookieName","error","printMessage","stack","checkAndHandle2FA","payload","element","callbacks","type","input","value","includes","need2fa","output","code","readlineSync","question","determineDefaultRealm","deploymentType","state","getRealm","globalConfig","DEFAULT_REALM_KEY","setRealm","DEPLOYMENT_TYPE_REALM_MAP","determineDeploymentType","cookieValue","getCookieValue","getUseBearerTokenForAmApis","CLOUD_DEPLOYMENT_TYPE_KEY","fidcClientId","forgeopsClientId","verifier","encodeBase64Url","randomBytes","challenge","createHash","update","digest","challengeMethod","redirectURL","url","resolve","getHost","config","maxRedirects","headers","getCookieName","bodyFormData","CLASSIC_DEPLOYMENT_TYPE_KEY","authorize","e","response","status","location","indexOf","verboseMessage","ex","FORGEOPS_DEPLOYMENT_TYPE_KEY","getSemanticVersion","versionInfo","versionString","version","rx","match","Error","authenticate","username","password","response1","step","skip2FA","response2","getAuthCode","codeChallenge","codeChallengeMethod","undefined","redirectLocationURL","queryObject","parse","query","message","getAccessTokenForUser","authCode","getDeploymentType","auth","accessToken","access_token","createPayload","serviceAccountId","u","parseUrl","aud","origin","port","protocol","pathname","exp","Math","floor","Date","getTime","jti","v4","iss","sub","getAccessTokenForServiceAccount","jwk","jwt","createSignedJwtToken","determineDeploymentTypeAndDefaultRealmAndVersion","setDeploymentType","getServerVersionInfo","fullVersion","setAmVersion","getLoggedInSubject","subjectString","getUsername","name","getManagedObject","getServiceAccountId","getTokens","getPassword","getServiceAccountJwk","conn","getConnectionProfile","setHost","tenant","setUsername","setPassword","setAuthenticationService","authenticationService","setAuthenticationHeaderOverrides","authenticationHeaderOverrides","setServiceAccountId","svcacctId","setServiceAccountJwk","svcacctJwk","setCookieName","token","setBearerToken","setUseBearerTokenForAmApis","saErr","error_description","setCookieValue","getBearerToken"],"sources":["ops/AuthenticateOps.ts"],"sourcesContent":["import url from 'url';\nimport { createHash, randomBytes } from 'crypto';\nimport readlineSync from 'readline-sync';\nimport { encodeBase64Url } from '../api/utils/Base64';\nimport * as state from '../shared/State';\nimport * as globalConfig from '../storage/StaticStorage';\nimport { debugMessage, printMessage, verboseMessage } from './utils/Console';\nimport { getServerInfo, getServerVersionInfo } from '../api/ServerInfoApi';\nimport { step } from '../api/AuthenticateApi';\nimport { accessToken, authorize } from '../api/OAuth2OIDCApi';\nimport { getConnectionProfile } from './ConnectionProfileOps';\nimport { v4 } from 'uuid';\nimport { parseUrl } from '../api/utils/ApiUtils';\nimport { JwkRsa, createSignedJwtToken } from './JoseOps';\nimport { getManagedObject } from '../api/ManagedObjectApi';\n\nconst adminClientPassword = 'doesnotmatter';\nconst redirectUrlTemplate = '/platform/appAuthHelperRedirect.html';\n\nconst idmAdminScopes = 'fr:idm:* openid';\nconst serviceAccountScopes = 'fr:am:* fr:idm:* fr:idc:esv:*';\n\nlet adminClientId = 'idmAdminClient';\n\n/**\n * Helper function to get cookie name\n * @returns {String} cookie name\n */\nasync function determineCookieName() {\n  try {\n    const { data } = await getServerInfo();\n    debugMessage(\n      `AuthenticateOps.getCookieName: cookieName=${data.cookieName}`\n    );\n    return data.cookieName;\n  } catch (error) {\n    printMessage(`Error getting cookie name: ${error}`, 'error');\n    debugMessage(error.stack);\n    return null;\n  }\n}\n\n/**\n * Helper function to determine if this is a setup mfa prompt in the ID Cloud tenant admin login journey\n * @param {Object} payload response from the previous authentication journey step\n * @returns {Object} an object indicating if 2fa is required and the original payload\n */\nfunction checkAndHandle2FA(payload) {\n  // let skippable = false;\n  if ('callbacks' in payload) {\n    for (const element of payload.callbacks) {\n      if (element.type === 'HiddenValueCallback') {\n        if (element.input[0].value.includes('skip')) {\n          // skippable = true;\n          element.input[0].value = 'Skip';\n          return {\n            need2fa: true,\n            payload,\n          };\n        }\n      }\n      if (element.type === 'NameCallback') {\n        if (element.output[0].value.includes('code')) {\n          // skippable = false;\n          printMessage('2FA is enabled and required for this user...');\n          const code = readlineSync.question(`${element.output[0].value}: `);\n          element.input[0].value = code;\n          return {\n            need2fa: true,\n            payload,\n          };\n        }\n      }\n    }\n    // console.info(\"NO2FA\");\n    return {\n      need2fa: false,\n      payload,\n    };\n  }\n  // console.info(\"NO2FA\");\n  return {\n    need2fa: false,\n    payload,\n  };\n}\n\n/**\n * Helper function to set the default realm by deployment type\n * @param {string} deploymentType deployment type\n */\nfunction determineDefaultRealm(deploymentType: string) {\n  if (state.getRealm() === globalConfig.DEFAULT_REALM_KEY) {\n    state.setRealm(globalConfig.DEPLOYMENT_TYPE_REALM_MAP[deploymentType]);\n  }\n}\n\n/**\n * Helper function to determine the deployment type\n * @returns {Promise<string>} deployment type\n */\nasync function determineDeploymentType(): Promise<string> {\n  const cookieValue = state.getCookieValue();\n  // https://bugster.forgerock.org/jira/browse/FRAAS-13018\n  // There is a chance that this will be blocked due to security concerns and thus is probably best not to keep active\n  // if (!cookieValue && getUseBearerTokenForAmApis()) {\n  //   const token = await getTokenInfo();\n  //   cookieValue = token.sessionToken;\n  //   setCookieValue(cookieValue);\n  // }\n\n  // if we are using a service account, we know it's cloud\n  if (state.getUseBearerTokenForAmApis())\n    return globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY;\n\n  const fidcClientId = 'idmAdminClient';\n  const forgeopsClientId = 'idm-admin-ui';\n\n  const verifier = encodeBase64Url(randomBytes(32));\n  const challenge = encodeBase64Url(\n    createHash('sha256').update(verifier).digest()\n  );\n  const challengeMethod = 'S256';\n  const redirectURL = url.resolve(state.getHost(), redirectUrlTemplate);\n\n  const config = {\n    maxRedirects: 0,\n    headers: {\n      [state.getCookieName()]: state.getCookieValue(),\n    },\n  };\n  let bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScopes}&response_type=code&client_id=${fidcClientId}&csrf=${cookieValue}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n\n  let deploymentType = globalConfig.CLASSIC_DEPLOYMENT_TYPE_KEY;\n  try {\n    await authorize(bodyFormData, config);\n  } catch (e) {\n    // debugMessage(e.response);\n    if (\n      e.response?.status === 302 &&\n      e.response.headers?.location?.indexOf('code=') > -1\n    ) {\n      verboseMessage(`ForgeRock Identity Cloud`['brightCyan'] + ` detected.`);\n      deploymentType = globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY;\n    } else {\n      try {\n        bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScopes}&response_type=code&client_id=${forgeopsClientId}&csrf=${state.getCookieValue()}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n        await authorize(bodyFormData, config);\n      } catch (ex) {\n        if (\n          ex.response?.status === 302 &&\n          ex.response.headers?.location?.indexOf('code=') > -1\n        ) {\n          adminClientId = forgeopsClientId;\n          verboseMessage(`ForgeOps deployment`['brightCyan'] + ` detected.`);\n          deploymentType = globalConfig.FORGEOPS_DEPLOYMENT_TYPE_KEY;\n        } else {\n          verboseMessage(`Classic deployment`['brightCyan'] + ` detected.`);\n        }\n      }\n    }\n  }\n  return deploymentType;\n}\n\n/**\n * Helper function to extract the semantic version string from a version info object\n * @param {Object} versionInfo version info object\n * @returns {String} semantic version\n */\nasync function getSemanticVersion(versionInfo) {\n  if ('version' in versionInfo) {\n    const versionString = versionInfo.version;\n    const rx = /([\\d]\\.[\\d]\\.[\\d](\\.[\\d])*)/g;\n    const version = versionString.match(rx);\n    return version[0];\n  }\n  throw new Error('Cannot extract semantic version from version info object.');\n}\n\n/**\n * Helper function to authenticate and obtain and store session cookie\n * @returns {string} Session token or null\n */\nasync function authenticate(\n  username: string,\n  password: string\n): Promise<string> {\n  const config = {\n    headers: {\n      'X-OpenAM-Username': username,\n      'X-OpenAM-Password': password,\n    },\n  };\n  const response1 = await step({}, config);\n  const skip2FA = checkAndHandle2FA(response1);\n  let response2 = {};\n  if (skip2FA.need2fa) {\n    response2 = await step(skip2FA.payload);\n  } else {\n    response2 = skip2FA.payload;\n  }\n  if ('tokenId' in response2) {\n    return response2['tokenId'] as string;\n  }\n  return null;\n}\n\n/**\n * Helper function to obtain an oauth2 authorization code\n * @param {string} redirectURL oauth2 redirect uri\n * @param {string} codeChallenge PKCE code challenge\n * @param {string} codeChallengeMethod PKCE code challenge method\n * @returns {string} oauth2 authorization code or null\n */\nasync function getAuthCode(redirectURL, codeChallenge, codeChallengeMethod) {\n  try {\n    const bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScopes}&response_type=code&client_id=${adminClientId}&csrf=${state.getCookieValue()}&decision=allow&code_challenge=${codeChallenge}&code_challenge_method=${codeChallengeMethod}`;\n    const config = {\n      headers: {\n        'Content-Type': 'application/x-www-form-urlencoded',\n      },\n      maxRedirects: 0,\n    };\n    let response = undefined;\n    try {\n      response = await authorize(bodyFormData, config);\n    } catch (error) {\n      response = error.response;\n    }\n    if (response.status < 200 || response.status > 399) {\n      printMessage('error getting auth code', 'error');\n      printMessage(\n        'likely cause: mismatched parameters with OAuth client config',\n        'error'\n      );\n      return null;\n    }\n    const redirectLocationURL = response.headers?.location;\n    const queryObject = url.parse(redirectLocationURL, true).query;\n    if ('code' in queryObject) {\n      return queryObject.code;\n    }\n    printMessage('auth code not found', 'error');\n    return null;\n  } catch (error) {\n    printMessage(`error getting auth code - ${error.message}`, 'error');\n    printMessage(error.response?.data, 'error');\n    debugMessage(error.stack);\n    return null;\n  }\n}\n\n/**\n * Helper function to obtain oauth2 access token\n * @returns {Promise<string | null>} access token or null\n */\nasync function getAccessTokenForUser(): Promise<string | null> {\n  try {\n    const verifier = encodeBase64Url(randomBytes(32));\n    const challenge = encodeBase64Url(\n      createHash('sha256').update(verifier).digest()\n    );\n    const challengeMethod = 'S256';\n    const redirectURL = url.resolve(state.getHost(), redirectUrlTemplate);\n    const authCode = await getAuthCode(redirectURL, challenge, challengeMethod);\n    if (authCode == null) {\n      printMessage('error getting auth code', 'error');\n      return null;\n    }\n    let response = null;\n    if (state.getDeploymentType() === globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY) {\n      const config = {\n        auth: {\n          username: adminClientId,\n          password: adminClientPassword,\n        },\n      };\n      const bodyFormData = `redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n      response = await accessToken(bodyFormData, config);\n    } else {\n      const bodyFormData = `client_id=${adminClientId}&redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n      response = await accessToken(bodyFormData);\n    }\n    if ('access_token' in response.data) {\n      return response.data.access_token;\n    }\n    printMessage('No access token in response.', 'error');\n  } catch (error) {\n    debugMessage(`Error getting access token for user: ${error}`);\n    debugMessage(error.response?.data);\n  }\n  return null;\n}\n\nfunction createPayload(serviceAccountId: string) {\n  const u = parseUrl(state.getHost());\n  const aud = `${u.origin}:${\n    u.port ? u.port : u.protocol === 'https' ? '443' : '80'\n  }${u.pathname}/oauth2/access_token`;\n\n  // Cross platform way of setting JWT expiry time 3 minutes in the future, expressed as number of seconds since EPOCH\n  const exp = Math.floor(new Date().getTime() / 1000 + 180);\n\n  // A unique ID for the JWT which is required when requesting the openid scope\n  const jti = v4();\n\n  const iss = serviceAccountId;\n  const sub = serviceAccountId;\n\n  // Create the payload for our bearer token\n  const payload = { iss, sub, aud, exp, jti };\n\n  return payload;\n}\n\n/**\n * Get access token for service account\n * @param {string} serviceAccountId UUID of service account\n * @param {JwkRsa} jwk Java Wek Key\n * @returns {string | null} Access token or null\n */\nexport async function getAccessTokenForServiceAccount(\n  serviceAccountId: string,\n  jwk: JwkRsa\n): Promise<string | null> {\n  debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: start`);\n  const payload = createPayload(serviceAccountId);\n  debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: payload:`);\n  debugMessage(payload);\n  const jwt = await createSignedJwtToken(payload, jwk);\n  debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: jwt:`);\n  debugMessage(jwt);\n  const bodyFormData = `assertion=${jwt}&client_id=service-account&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&scope=${serviceAccountScopes}`;\n  const response = await accessToken(bodyFormData);\n  if ('access_token' in response.data) {\n    debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: token:`);\n    debugMessage(response.data.access_token);\n    debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: end`);\n    return response.data.access_token;\n  }\n  debugMessage(\n    `AuthenticateOps.getAccessTokenForServiceAccount: No access token in response.`\n  );\n  debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: end`);\n  return null;\n}\n\nasync function determineDeploymentTypeAndDefaultRealmAndVersion() {\n  debugMessage(\n    `AuthenticateOps.determineDeploymentTypeAndDefaultRealmAndVersion: start`\n  );\n  if (!state.getDeploymentType()) {\n    state.setDeploymentType(await determineDeploymentType());\n  }\n  determineDefaultRealm(state.getDeploymentType());\n\n  const versionInfo = (await getServerVersionInfo()).data;\n\n  // https://github.com/rockcarver/frodo-cli/issues/109\n  debugMessage(`Full version: ${versionInfo.fullVersion}`);\n\n  const version = await getSemanticVersion(versionInfo);\n  state.setAmVersion(version);\n  debugMessage(\n    `AuthenticateOps.determineDeploymentTypeAndDefaultRealmAndVersion: end`\n  );\n}\n\nasync function getLoggedInSubject(): Promise<string> {\n  let subjectString = `user ${state.getUsername()}`;\n  if (state.getUseBearerTokenForAmApis()) {\n    const name = (\n      await getManagedObject('svcacct', state.getServiceAccountId(), ['name'])\n    ).data.name;\n    subjectString = `service account ${name} [${state.getServiceAccountId()}]`;\n  }\n  return subjectString;\n}\n\n/**\n * Get tokens\n * @param {boolean} save true to save a connection profile upon successful authentication, false otherwise\n * @returns {Promise<boolean>} true if tokens were successfully obtained, false otherwise\n */\nexport async function getTokens(): Promise<boolean> {\n  if (!state.getHost()) {\n    printMessage(\n      `No host specified and FRODO_HOST env variable not set!`,\n      'error'\n    );\n    return false;\n  }\n  try {\n    // if username/password on cli are empty, try to read from connections.json\n    if (\n      state.getUsername() == null &&\n      state.getPassword() == null &&\n      !state.getServiceAccountId() &&\n      !state.getServiceAccountJwk()\n    ) {\n      const conn = await getConnectionProfile();\n      if (conn) {\n        state.setHost(conn.tenant);\n        state.setUsername(conn.username);\n        state.setPassword(conn.password);\n        state.setAuthenticationService(conn.authenticationService);\n        state.setAuthenticationHeaderOverrides(\n          conn.authenticationHeaderOverrides\n        );\n        state.setServiceAccountId(conn.svcacctId);\n        state.setServiceAccountJwk(conn.svcacctJwk);\n      } else {\n        return false;\n      }\n    }\n    // now that we have the full tenant URL we can lookup the cookie name\n    state.setCookieName(await determineCookieName());\n\n    // use service account to login?\n    if (state.getServiceAccountId() && state.getServiceAccountJwk()) {\n      debugMessage(\n        `AuthenticateOps.getTokens: Authenticating with service account ${state.getServiceAccountId()}`\n      );\n      try {\n        const token = await getAccessTokenForServiceAccount(\n          state.getServiceAccountId(),\n          state.getServiceAccountJwk()\n        );\n        state.setBearerToken(token);\n        state.setUseBearerTokenForAmApis(true);\n        await determineDeploymentTypeAndDefaultRealmAndVersion();\n      } catch (saErr) {\n        throw new Error(\n          `Service account login error: ${\n            saErr.response?.data?.error_description ||\n            saErr.response?.data?.message\n          }`\n        );\n      }\n    }\n    // use user account to login\n    else if (state.getUsername() && state.getPassword()) {\n      debugMessage(\n        `AuthenticateOps.getTokens: Authenticating with user account ${state.getUsername()}`\n      );\n      const token = await authenticate(\n        state.getUsername(),\n        state.getPassword()\n      );\n      if (token) state.setCookieValue(token);\n      await determineDeploymentTypeAndDefaultRealmAndVersion();\n      if (\n        state.getCookieValue() &&\n        !state.getBearerToken() &&\n        (state.getDeploymentType() === globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY ||\n          state.getDeploymentType() ===\n            globalConfig.FORGEOPS_DEPLOYMENT_TYPE_KEY)\n      ) {\n        const accessToken = await getAccessTokenForUser();\n        if (accessToken) state.setBearerToken(accessToken);\n      }\n    }\n    // incomplete or no credentials\n    else {\n      printMessage(`Incomplete or no credentials!`, 'error');\n      return false;\n    }\n    if (\n      state.getCookieValue() ||\n      (state.getUseBearerTokenForAmApis() && state.getBearerToken())\n    ) {\n      // https://github.com/rockcarver/frodo-cli/issues/102\n      printMessage(\n        `Connected to ${state.getHost()} [${\n          state.getRealm() ? state.getRealm() : 'root'\n        }] as ${await getLoggedInSubject()}`,\n        'info'\n      );\n      return true;\n    }\n  } catch (error) {\n    // regular error\n    printMessage(error.message, 'error');\n    // axios error am api\n    printMessage(error.response?.data?.message, 'error');\n    // axios error am oauth2 api\n    printMessage(error.response?.data?.error_description, 'error');\n    // axios error data\n    debugMessage(error.response?.data);\n    // stack trace\n    debugMessage(error.stack || new Error().stack);\n  }\n  return false;\n}\n"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAA2D;AAAA;AAAA;AAAA;AAAA;AAE3D,IAAMA,mBAAmB,GAAG,eAAe;AAC3C,IAAMC,mBAAmB,GAAG,sCAAsC;AAElE,IAAMC,cAAc,GAAG,iBAAiB;AACxC,IAAMC,oBAAoB,GAAG,+BAA+B;AAE5D,IAAIC,aAAa,GAAG,gBAAgB;;AAEpC;AACA;AACA;AACA;AAHA,SAIeC,mBAAmB;EAAA;AAAA;AAclC;AACA;AACA;AACA;AACA;AAJA;EAAA,yCAdA,aAAqC;IACnC,IAAI;MACF,IAAM;QAAEC;MAAK,CAAC,SAAS,IAAAC,4BAAa,GAAE;MACtC,IAAAC,qBAAY,sDACmCF,IAAI,CAACG,UAAU,EAC7D;MACD,OAAOH,IAAI,CAACG,UAAU;IACxB,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd,IAAAC,qBAAY,uCAA+BD,KAAK,GAAI,OAAO,CAAC;MAC5D,IAAAF,qBAAY,EAACE,KAAK,CAACE,KAAK,CAAC;MACzB,OAAO,IAAI;IACb;EACF,CAAC;EAAA;AAAA;AAOD,SAASC,iBAAiB,CAACC,OAAO,EAAE;EAClC;EACA,IAAI,WAAW,IAAIA,OAAO,EAAE;IAC1B,KAAK,IAAMC,OAAO,IAAID,OAAO,CAACE,SAAS,EAAE;MACvC,IAAID,OAAO,CAACE,IAAI,KAAK,qBAAqB,EAAE;QAC1C,IAAIF,OAAO,CAACG,KAAK,CAAC,CAAC,CAAC,CAACC,KAAK,CAACC,QAAQ,CAAC,MAAM,CAAC,EAAE;UAC3C;UACAL,OAAO,CAACG,KAAK,CAAC,CAAC,CAAC,CAACC,KAAK,GAAG,MAAM;UAC/B,OAAO;YACLE,OAAO,EAAE,IAAI;YACbP;UACF,CAAC;QACH;MACF;MACA,IAAIC,OAAO,CAACE,IAAI,KAAK,cAAc,EAAE;QACnC,IAAIF,OAAO,CAACO,MAAM,CAAC,CAAC,CAAC,CAACH,KAAK,CAACC,QAAQ,CAAC,MAAM,CAAC,EAAE;UAC5C;UACA,IAAAT,qBAAY,EAAC,8CAA8C,CAAC;UAC5D,IAAMY,IAAI,GAAGC,qBAAY,CAACC,QAAQ,WAAIV,OAAO,CAACO,MAAM,CAAC,CAAC,CAAC,CAACH,KAAK,QAAK;UAClEJ,OAAO,CAACG,KAAK,CAAC,CAAC,CAAC,CAACC,KAAK,GAAGI,IAAI;UAC7B,OAAO;YACLF,OAAO,EAAE,IAAI;YACbP;UACF,CAAC;QACH;MACF;IACF;IACA;IACA,OAAO;MACLO,OAAO,EAAE,KAAK;MACdP;IACF,CAAC;EACH;EACA;EACA,OAAO;IACLO,OAAO,EAAE,KAAK;IACdP;EACF,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA,SAASY,qBAAqB,CAACC,cAAsB,EAAE;EACrD,IAAIC,KAAK,CAACC,QAAQ,EAAE,KAAKC,YAAY,CAACC,iBAAiB,EAAE;IACvDH,KAAK,CAACI,QAAQ,CAACF,YAAY,CAACG,yBAAyB,CAACN,cAAc,CAAC,CAAC;EACxE;AACF;;AAEA;AACA;AACA;AACA;AAHA,SAIeO,uBAAuB;EAAA;AAAA;AAgEtC;AACA;AACA;AACA;AACA;AAJA;EAAA,6CAhEA,aAA0D;IACxD,IAAMC,WAAW,GAAGP,KAAK,CAACQ,cAAc,EAAE;IAC1C;IACA;IACA;IACA;IACA;IACA;IACA;;IAEA;IACA,IAAIR,KAAK,CAACS,0BAA0B,EAAE,EACpC,OAAOP,YAAY,CAACQ,yBAAyB;IAE/C,IAAMC,YAAY,GAAG,gBAAgB;IACrC,IAAMC,gBAAgB,GAAG,cAAc;IAEvC,IAAMC,QAAQ,GAAG,IAAAC,qBAAe,EAAC,IAAAC,mBAAW,EAAC,EAAE,CAAC,CAAC;IACjD,IAAMC,SAAS,GAAG,IAAAF,qBAAe,EAC/B,IAAAG,kBAAU,EAAC,QAAQ,CAAC,CAACC,MAAM,CAACL,QAAQ,CAAC,CAACM,MAAM,EAAE,CAC/C;IACD,IAAMC,eAAe,GAAG,MAAM;IAC9B,IAAMC,WAAW,GAAGC,YAAG,CAACC,OAAO,CAACvB,KAAK,CAACwB,OAAO,EAAE,EAAEnD,mBAAmB,CAAC;IAErE,IAAMoD,MAAM,GAAG;MACbC,YAAY,EAAE,CAAC;MACfC,OAAO,EAAE;QACP,CAAC3B,KAAK,CAAC4B,aAAa,EAAE,GAAG5B,KAAK,CAACQ,cAAc;MAC/C;IACF,CAAC;IACD,IAAIqB,YAAY,0BAAmBR,WAAW,oBAAU/C,cAAc,2CAAiCqC,YAAY,mBAASJ,WAAW,4CAAkCS,SAAS,oCAA0BI,eAAe,CAAE;IAE7N,IAAIrB,cAAc,GAAGG,YAAY,CAAC4B,2BAA2B;IAC7D,IAAI;MACF,MAAM,IAAAC,wBAAS,EAACF,YAAY,EAAEJ,MAAM,CAAC;IACvC,CAAC,CAAC,OAAOO,CAAC,EAAE;MAAA;MACV;MACA,IACE,gBAAAA,CAAC,CAACC,QAAQ,gDAAV,YAAYC,MAAM,MAAK,GAAG,IAC1B,wBAAAF,CAAC,CAACC,QAAQ,CAACN,OAAO,iFAAlB,oBAAoBQ,QAAQ,0DAA5B,sBAA8BC,OAAO,CAAC,OAAO,CAAC,IAAG,CAAC,CAAC,EACnD;QACA,IAAAC,uBAAc,EAAC,2BAA2B,YAAY,CAAC,eAAe,CAAC;QACvEtC,cAAc,GAAGG,YAAY,CAACQ,yBAAyB;MACzD,CAAC,MAAM;QACL,IAAI;UACFmB,YAAY,0BAAmBR,WAAW,oBAAU/C,cAAc,2CAAiCsC,gBAAgB,mBAASZ,KAAK,CAACQ,cAAc,EAAE,4CAAkCQ,SAAS,oCAA0BI,eAAe,CAAE;UACxO,MAAM,IAAAW,wBAAS,EAACF,YAAY,EAAEJ,MAAM,CAAC;QACvC,CAAC,CAAC,OAAOa,EAAE,EAAE;UAAA;UACX,IACE,iBAAAA,EAAE,CAACL,QAAQ,iDAAX,aAAaC,MAAM,MAAK,GAAG,IAC3B,yBAAAI,EAAE,CAACL,QAAQ,CAACN,OAAO,kFAAnB,qBAAqBQ,QAAQ,0DAA7B,sBAA+BC,OAAO,CAAC,OAAO,CAAC,IAAG,CAAC,CAAC,EACpD;YACA5D,aAAa,GAAGoC,gBAAgB;YAChC,IAAAyB,uBAAc,EAAC,sBAAsB,YAAY,CAAC,eAAe,CAAC;YAClEtC,cAAc,GAAGG,YAAY,CAACqC,4BAA4B;UAC5D,CAAC,MAAM;YACL,IAAAF,uBAAc,EAAC,qBAAqB,YAAY,CAAC,eAAe,CAAC;UACnE;QACF;MACF;IACF;IACA,OAAOtC,cAAc;EACvB,CAAC;EAAA;AAAA;AAAA,SAOcyC,kBAAkB;EAAA;AAAA;AAUjC;AACA;AACA;AACA;AAHA;EAAA,wCAVA,WAAkCC,WAAW,EAAE;IAC7C,IAAI,SAAS,IAAIA,WAAW,EAAE;MAC5B,IAAMC,aAAa,GAAGD,WAAW,CAACE,OAAO;MACzC,IAAMC,EAAE,GAAG,8BAA8B;MACzC,IAAMD,OAAO,GAAGD,aAAa,CAACG,KAAK,CAACD,EAAE,CAAC;MACvC,OAAOD,OAAO,CAAC,CAAC,CAAC;IACnB;IACA,MAAM,IAAIG,KAAK,CAAC,2DAA2D,CAAC;EAC9E,CAAC;EAAA;AAAA;AAAA,SAMcC,YAAY;EAAA;AAAA;AAwB3B;AACA;AACA;AACA;AACA;AACA;AACA;AANA;EAAA,kCAxBA,WACEC,QAAgB,EAChBC,QAAgB,EACC;IACjB,IAAMxB,MAAM,GAAG;MACbE,OAAO,EAAE;QACP,mBAAmB,EAAEqB,QAAQ;QAC7B,mBAAmB,EAAEC;MACvB;IACF,CAAC;IACD,IAAMC,SAAS,SAAS,IAAAC,qBAAI,EAAC,CAAC,CAAC,EAAE1B,MAAM,CAAC;IACxC,IAAM2B,OAAO,GAAGnE,iBAAiB,CAACiE,SAAS,CAAC;IAC5C,IAAIG,SAAS,GAAG,CAAC,CAAC;IAClB,IAAID,OAAO,CAAC3D,OAAO,EAAE;MACnB4D,SAAS,SAAS,IAAAF,qBAAI,EAACC,OAAO,CAAClE,OAAO,CAAC;IACzC,CAAC,MAAM;MACLmE,SAAS,GAAGD,OAAO,CAAClE,OAAO;IAC7B;IACA,IAAI,SAAS,IAAImE,SAAS,EAAE;MAC1B,OAAOA,SAAS,CAAC,SAAS,CAAC;IAC7B;IACA,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAAA,SAScC,WAAW;EAAA;AAAA;AAsC1B;AACA;AACA;AACA;AAHA;EAAA,iCAtCA,WAA2BjC,WAAW,EAAEkC,aAAa,EAAEC,mBAAmB,EAAE;IAC1E,IAAI;MAAA;MACF,IAAM3B,YAAY,0BAAmBR,WAAW,oBAAU/C,cAAc,2CAAiCE,aAAa,mBAASwB,KAAK,CAACQ,cAAc,EAAE,4CAAkC+C,aAAa,oCAA0BC,mBAAmB,CAAE;MACnP,IAAM/B,MAAM,GAAG;QACbE,OAAO,EAAE;UACP,cAAc,EAAE;QAClB,CAAC;QACDD,YAAY,EAAE;MAChB,CAAC;MACD,IAAIO,QAAQ,GAAGwB,SAAS;MACxB,IAAI;QACFxB,QAAQ,SAAS,IAAAF,wBAAS,EAACF,YAAY,EAAEJ,MAAM,CAAC;MAClD,CAAC,CAAC,OAAO3C,KAAK,EAAE;QACdmD,QAAQ,GAAGnD,KAAK,CAACmD,QAAQ;MAC3B;MACA,IAAIA,QAAQ,CAACC,MAAM,GAAG,GAAG,IAAID,QAAQ,CAACC,MAAM,GAAG,GAAG,EAAE;QAClD,IAAAnD,qBAAY,EAAC,yBAAyB,EAAE,OAAO,CAAC;QAChD,IAAAA,qBAAY,EACV,8DAA8D,EAC9D,OAAO,CACR;QACD,OAAO,IAAI;MACb;MACA,IAAM2E,mBAAmB,wBAAGzB,QAAQ,CAACN,OAAO,sDAAhB,kBAAkBQ,QAAQ;MACtD,IAAMwB,WAAW,GAAGrC,YAAG,CAACsC,KAAK,CAACF,mBAAmB,EAAE,IAAI,CAAC,CAACG,KAAK;MAC9D,IAAI,MAAM,IAAIF,WAAW,EAAE;QACzB,OAAOA,WAAW,CAAChE,IAAI;MACzB;MACA,IAAAZ,qBAAY,EAAC,qBAAqB,EAAE,OAAO,CAAC;MAC5C,OAAO,IAAI;IACb,CAAC,CAAC,OAAOD,KAAK,EAAE;MAAA;MACd,IAAAC,qBAAY,sCAA8BD,KAAK,CAACgF,OAAO,GAAI,OAAO,CAAC;MACnE,IAAA/E,qBAAY,qBAACD,KAAK,CAACmD,QAAQ,oDAAd,gBAAgBvD,IAAI,EAAE,OAAO,CAAC;MAC3C,IAAAE,qBAAY,EAACE,KAAK,CAACE,KAAK,CAAC;MACzB,OAAO,IAAI;IACb;EACF,CAAC;EAAA;AAAA;AAAA,SAMc+E,qBAAqB;EAAA;AAAA;AAAA;EAAA,2CAApC,aAA+D;IAC7D,IAAI;MACF,IAAMlD,QAAQ,GAAG,IAAAC,qBAAe,EAAC,IAAAC,mBAAW,EAAC,EAAE,CAAC,CAAC;MACjD,IAAMC,SAAS,GAAG,IAAAF,qBAAe,EAC/B,IAAAG,kBAAU,EAAC,QAAQ,CAAC,CAACC,MAAM,CAACL,QAAQ,CAAC,CAACM,MAAM,EAAE,CAC/C;MACD,IAAMC,eAAe,GAAG,MAAM;MAC9B,IAAMC,WAAW,GAAGC,YAAG,CAACC,OAAO,CAACvB,KAAK,CAACwB,OAAO,EAAE,EAAEnD,mBAAmB,CAAC;MACrE,IAAM2F,QAAQ,SAASV,WAAW,CAACjC,WAAW,EAAEL,SAAS,EAAEI,eAAe,CAAC;MAC3E,IAAI4C,QAAQ,IAAI,IAAI,EAAE;QACpB,IAAAjF,qBAAY,EAAC,yBAAyB,EAAE,OAAO,CAAC;QAChD,OAAO,IAAI;MACb;MACA,IAAIkD,QAAQ,GAAG,IAAI;MACnB,IAAIjC,KAAK,CAACiE,iBAAiB,EAAE,KAAK/D,YAAY,CAACQ,yBAAyB,EAAE;QACxE,IAAMe,MAAM,GAAG;UACbyC,IAAI,EAAE;YACJlB,QAAQ,EAAExE,aAAa;YACvByE,QAAQ,EAAE7E;UACZ;QACF,CAAC;QACD,IAAMyD,YAAY,0BAAmBR,WAAW,iDAAuC2C,QAAQ,4BAAkBnD,QAAQ,CAAE;QAC3HoB,QAAQ,SAAS,IAAAkC,0BAAW,EAACtC,YAAY,EAAEJ,MAAM,CAAC;MACpD,CAAC,MAAM;QACL,IAAMI,aAAY,uBAAgBrD,aAAa,2BAAiB6C,WAAW,iDAAuC2C,QAAQ,4BAAkBnD,QAAQ,CAAE;QACtJoB,QAAQ,SAAS,IAAAkC,0BAAW,EAACtC,aAAY,CAAC;MAC5C;MACA,IAAI,cAAc,IAAII,QAAQ,CAACvD,IAAI,EAAE;QACnC,OAAOuD,QAAQ,CAACvD,IAAI,CAAC0F,YAAY;MACnC;MACA,IAAArF,qBAAY,EAAC,8BAA8B,EAAE,OAAO,CAAC;IACvD,CAAC,CAAC,OAAOD,KAAK,EAAE;MAAA;MACd,IAAAF,qBAAY,iDAAyCE,KAAK,EAAG;MAC7D,IAAAF,qBAAY,sBAACE,KAAK,CAACmD,QAAQ,qDAAd,iBAAgBvD,IAAI,CAAC;IACpC;IACA,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAED,SAAS2F,aAAa,CAACC,gBAAwB,EAAE;EAC/C,IAAMC,CAAC,GAAG,IAAAC,kBAAQ,EAACxE,KAAK,CAACwB,OAAO,EAAE,CAAC;EACnC,IAAMiD,GAAG,aAAMF,CAAC,CAACG,MAAM,cACrBH,CAAC,CAACI,IAAI,GAAGJ,CAAC,CAACI,IAAI,GAAGJ,CAAC,CAACK,QAAQ,KAAK,OAAO,GAAG,KAAK,GAAG,IAAI,SACtDL,CAAC,CAACM,QAAQ,yBAAsB;;EAEnC;EACA,IAAMC,GAAG,GAAGC,IAAI,CAACC,KAAK,CAAC,IAAIC,IAAI,EAAE,CAACC,OAAO,EAAE,GAAG,IAAI,GAAG,GAAG,CAAC;;EAEzD;EACA,IAAMC,GAAG,GAAG,IAAAC,QAAE,GAAE;EAEhB,IAAMC,GAAG,GAAGf,gBAAgB;EAC5B,IAAMgB,GAAG,GAAGhB,gBAAgB;;EAE5B;EACA,IAAMpF,OAAO,GAAG;IAAEmG,GAAG;IAAEC,GAAG;IAAEb,GAAG;IAAEK,GAAG;IAAEK;EAAI,CAAC;EAE3C,OAAOjG,OAAO;AAChB;;AAEA;AACA;AACA;AACA;AACA;AACA;AALA,SAMsBqG,+BAA+B;EAAA;AAAA;AAAA;EAAA,qDAA9C,WACLjB,gBAAwB,EACxBkB,GAAW,EACa;IACxB,IAAA5G,qBAAY,2DAA0D;IACtE,IAAMM,OAAO,GAAGmF,aAAa,CAACC,gBAAgB,CAAC;IAC/C,IAAA1F,qBAAY,8DAA6D;IACzE,IAAAA,qBAAY,EAACM,OAAO,CAAC;IACrB,IAAMuG,GAAG,SAAS,IAAAC,6BAAoB,EAACxG,OAAO,EAAEsG,GAAG,CAAC;IACpD,IAAA5G,qBAAY,0DAAyD;IACrE,IAAAA,qBAAY,EAAC6G,GAAG,CAAC;IACjB,IAAM5D,YAAY,uBAAgB4D,GAAG,qGAA2FlH,oBAAoB,CAAE;IACtJ,IAAM0D,QAAQ,SAAS,IAAAkC,0BAAW,EAACtC,YAAY,CAAC;IAChD,IAAI,cAAc,IAAII,QAAQ,CAACvD,IAAI,EAAE;MACnC,IAAAE,qBAAY,4DAA2D;MACvE,IAAAA,qBAAY,EAACqD,QAAQ,CAACvD,IAAI,CAAC0F,YAAY,CAAC;MACxC,IAAAxF,qBAAY,yDAAwD;MACpE,OAAOqD,QAAQ,CAACvD,IAAI,CAAC0F,YAAY;IACnC;IACA,IAAAxF,qBAAY,kFAEX;IACD,IAAAA,qBAAY,yDAAwD;IACpE,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAAA,SAEc+G,gDAAgD;EAAA;AAAA;AAAA;EAAA,sEAA/D,aAAkE;IAChE,IAAA/G,qBAAY,4EAEX;IACD,IAAI,CAACoB,KAAK,CAACiE,iBAAiB,EAAE,EAAE;MAC9BjE,KAAK,CAAC4F,iBAAiB,OAAOtF,uBAAuB,EAAE,CAAC;IAC1D;IACAR,qBAAqB,CAACE,KAAK,CAACiE,iBAAiB,EAAE,CAAC;IAEhD,IAAMxB,WAAW,GAAG,OAAO,IAAAoD,mCAAoB,GAAE,EAAEnH,IAAI;;IAEvD;IACA,IAAAE,qBAAY,0BAAkB6D,WAAW,CAACqD,WAAW,EAAG;IAExD,IAAMnD,OAAO,SAASH,kBAAkB,CAACC,WAAW,CAAC;IACrDzC,KAAK,CAAC+F,YAAY,CAACpD,OAAO,CAAC;IAC3B,IAAA/D,qBAAY,0EAEX;EACH,CAAC;EAAA;AAAA;AAAA,SAEcoH,kBAAkB;EAAA;AAAA;AAWjC;AACA;AACA;AACA;AACA;AAJA;EAAA,wCAXA,aAAqD;IACnD,IAAIC,aAAa,kBAAWjG,KAAK,CAACkG,WAAW,EAAE,CAAE;IACjD,IAAIlG,KAAK,CAACS,0BAA0B,EAAE,EAAE;MACtC,IAAM0F,IAAI,GAAG,OACL,IAAAC,kCAAgB,EAAC,SAAS,EAAEpG,KAAK,CAACqG,mBAAmB,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,EACxE3H,IAAI,CAACyH,IAAI;MACXF,aAAa,6BAAsBE,IAAI,eAAKnG,KAAK,CAACqG,mBAAmB,EAAE,MAAG;IAC5E;IACA,OAAOJ,aAAa;EACtB,CAAC;EAAA;AAAA;AAAA,SAOqBK,SAAS;EAAA;AAAA;AAAA;EAAA,+BAAxB,aAA6C;IAClD,IAAI,CAACtG,KAAK,CAACwB,OAAO,EAAE,EAAE;MACpB,IAAAzC,qBAAY,4DAEV,OAAO,CACR;MACD,OAAO,KAAK;IACd;IACA,IAAI;MACF;MACA,IACEiB,KAAK,CAACkG,WAAW,EAAE,IAAI,IAAI,IAC3BlG,KAAK,CAACuG,WAAW,EAAE,IAAI,IAAI,IAC3B,CAACvG,KAAK,CAACqG,mBAAmB,EAAE,IAC5B,CAACrG,KAAK,CAACwG,oBAAoB,EAAE,EAC7B;QACA,IAAMC,IAAI,SAAS,IAAAC,0CAAoB,GAAE;QACzC,IAAID,IAAI,EAAE;UACRzG,KAAK,CAAC2G,OAAO,CAACF,IAAI,CAACG,MAAM,CAAC;UAC1B5G,KAAK,CAAC6G,WAAW,CAACJ,IAAI,CAACzD,QAAQ,CAAC;UAChChD,KAAK,CAAC8G,WAAW,CAACL,IAAI,CAACxD,QAAQ,CAAC;UAChCjD,KAAK,CAAC+G,wBAAwB,CAACN,IAAI,CAACO,qBAAqB,CAAC;UAC1DhH,KAAK,CAACiH,gCAAgC,CACpCR,IAAI,CAACS,6BAA6B,CACnC;UACDlH,KAAK,CAACmH,mBAAmB,CAACV,IAAI,CAACW,SAAS,CAAC;UACzCpH,KAAK,CAACqH,oBAAoB,CAACZ,IAAI,CAACa,UAAU,CAAC;QAC7C,CAAC,MAAM;UACL,OAAO,KAAK;QACd;MACF;MACA;MACAtH,KAAK,CAACuH,aAAa,OAAO9I,mBAAmB,EAAE,CAAC;;MAEhD;MACA,IAAIuB,KAAK,CAACqG,mBAAmB,EAAE,IAAIrG,KAAK,CAACwG,oBAAoB,EAAE,EAAE;QAC/D,IAAA5H,qBAAY,2EACwDoB,KAAK,CAACqG,mBAAmB,EAAE,EAC9F;QACD,IAAI;UACF,IAAMmB,KAAK,SAASjC,+BAA+B,CACjDvF,KAAK,CAACqG,mBAAmB,EAAE,EAC3BrG,KAAK,CAACwG,oBAAoB,EAAE,CAC7B;UACDxG,KAAK,CAACyH,cAAc,CAACD,KAAK,CAAC;UAC3BxH,KAAK,CAAC0H,0BAA0B,CAAC,IAAI,CAAC;UACtC,MAAM/B,gDAAgD,EAAE;QAC1D,CAAC,CAAC,OAAOgC,KAAK,EAAE;UAAA;UACd,MAAM,IAAI7E,KAAK,wCAEX,oBAAA6E,KAAK,CAAC1F,QAAQ,4EAAd,gBAAgBvD,IAAI,yDAApB,qBAAsBkJ,iBAAiB,0BACvCD,KAAK,CAAC1F,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBoF,OAAO,GAEhC;QACH;MACF;MACA;MAAA,KACK,IAAI9D,KAAK,CAACkG,WAAW,EAAE,IAAIlG,KAAK,CAACuG,WAAW,EAAE,EAAE;QACnD,IAAA3H,qBAAY,wEACqDoB,KAAK,CAACkG,WAAW,EAAE,EACnF;QACD,IAAMsB,MAAK,SAASzE,YAAY,CAC9B/C,KAAK,CAACkG,WAAW,EAAE,EACnBlG,KAAK,CAACuG,WAAW,EAAE,CACpB;QACD,IAAIiB,MAAK,EAAExH,KAAK,CAAC6H,cAAc,CAACL,MAAK,CAAC;QACtC,MAAM7B,gDAAgD,EAAE;QACxD,IACE3F,KAAK,CAACQ,cAAc,EAAE,IACtB,CAACR,KAAK,CAAC8H,cAAc,EAAE,KACtB9H,KAAK,CAACiE,iBAAiB,EAAE,KAAK/D,YAAY,CAACQ,yBAAyB,IACnEV,KAAK,CAACiE,iBAAiB,EAAE,KACvB/D,YAAY,CAACqC,4BAA4B,CAAC,EAC9C;UACA,IAAM4B,YAAW,SAASJ,qBAAqB,EAAE;UACjD,IAAII,YAAW,EAAEnE,KAAK,CAACyH,cAAc,CAACtD,YAAW,CAAC;QACpD;MACF;MACA;MAAA,KACK;QACH,IAAApF,qBAAY,mCAAkC,OAAO,CAAC;QACtD,OAAO,KAAK;MACd;MACA,IACEiB,KAAK,CAACQ,cAAc,EAAE,IACrBR,KAAK,CAACS,0BAA0B,EAAE,IAAIT,KAAK,CAAC8H,cAAc,EAAG,EAC9D;QACA;QACA,IAAA/I,qBAAY,yBACMiB,KAAK,CAACwB,OAAO,EAAE,eAC7BxB,KAAK,CAACC,QAAQ,EAAE,GAAGD,KAAK,CAACC,QAAQ,EAAE,GAAG,MAAM,wBAChC+F,kBAAkB,EAAE,GAClC,MAAM,CACP;QACD,OAAO,IAAI;MACb;IACF,CAAC,CAAC,OAAOlH,KAAK,EAAE;MAAA;MACd;MACA,IAAAC,qBAAY,EAACD,KAAK,CAACgF,OAAO,EAAE,OAAO,CAAC;MACpC;MACA,IAAA/E,qBAAY,sBAACD,KAAK,CAACmD,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBoF,OAAO,EAAE,OAAO,CAAC;MACpD;MACA,IAAA/E,qBAAY,sBAACD,KAAK,CAACmD,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBkJ,iBAAiB,EAAE,OAAO,CAAC;MAC9D;MACA,IAAAhJ,qBAAY,sBAACE,KAAK,CAACmD,QAAQ,qDAAd,iBAAgBvD,IAAI,CAAC;MAClC;MACA,IAAAE,qBAAY,EAACE,KAAK,CAACE,KAAK,IAAI,IAAI8D,KAAK,EAAE,CAAC9D,KAAK,CAAC;IAChD;IACA,OAAO,KAAK;EACd,CAAC;EAAA;AAAA"}

package/cjs/ops/AuthenticateOps.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthenticateOps.test.js","names":["describe","test","state","default","session","setTenant","process","env","FRODO_HOST","setRealm","FRODO_USER","FRODO_PASSWORD","setUsername","setPassword","Authenticate","getTokens","expect","getCookieName","toBeTruthy","getCookieValue","getBearerToken"],"sources":["ops/AuthenticateOps.test.ts"],"sourcesContent":["import { Authenticate, state } from '../index';\n\ndescribe('AuthenticationOps', () => {\n  test('getTokens() 1: ', async () => {\n    state.default.session.setTenant(process.env.FRODO_HOST || 'frodo-dev');\n    state.default.session.setRealm('alpha');\n    if (\n      process.env.FRODO_HOST &&\n      process.env.FRODO_USER &&\n      process.env.FRODO_PASSWORD\n    ) {\n      state.default.session.setUsername(process.env.FRODO_USER);\n      state.default.session.setPassword(process.env.FRODO_PASSWORD);\n    }\n    await Authenticate.getTokens();\n    expect(state.default.session.getCookieName()).toBeTruthy();\n    expect(state.default.session.getCookieValue()).toBeTruthy();\n    expect(state.default.session.getBearerToken()).toBeTruthy();\n  });\n});\n"],"mappings":";;AAAA;;;;;;AAEAA,QAAQ,CAAC,mBAAD,EAAsB,MAAM;EAClCC,IAAI,CAAC,iBAAD,iCAAoB,aAAY;IAClCC,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBC,SAAtB,CAAgCC,OAAO,CAACC,GAAR,CAAYC,UAAZ,IAA0B,WAA1D;;IACAN,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBK,QAAtB,CAA+B,OAA/B;;IACA,IACEH,OAAO,CAACC,GAAR,CAAYC,UAAZ,IACAF,OAAO,CAACC,GAAR,CAAYG,UADZ,IAEAJ,OAAO,CAACC,GAAR,CAAYI,cAHd,EAIE;MACAT,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBQ,WAAtB,CAAkCN,OAAO,CAACC,GAAR,CAAYG,UAA9C;;MACAR,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBS,WAAtB,CAAkCP,OAAO,CAACC,GAAR,CAAYI,cAA9C;IACD;;IACD,MAAMG,mBAAA,CAAaC,SAAb,EAAN;IACAC,MAAM,CAACd,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBa,aAAtB,EAAD,CAAN,CAA8CC,UAA9C;IACAF,MAAM,CAACd,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBe,cAAtB,EAAD,CAAN,CAA+CD,UAA/C;IACAF,MAAM,CAACd,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBgB,cAAtB,EAAD,CAAN,CAA+CF,UAA/C;EACD,CAfG,EAAJ;AAgBD,CAjBO,CAAR"}
+{"version":3,"file":"AuthenticateOps.test.js","names":["describe","test","state","setHost","process","env","FRODO_HOST","setRealm","FRODO_USER","FRODO_PASSWORD","setUsername","setPassword","Authenticate","getTokens","expect","getCookieName","toBeTruthy","getCookieValue","getBearerToken"],"sources":["ops/AuthenticateOps.test.ts"],"sourcesContent":["import { Authenticate, state } from '../index';\n\ndescribe('AuthenticationOps', () => {\n  test('getTokens() 1: ', async () => {\n    state.setHost(process.env.FRODO_HOST || 'frodo-dev');\n    state.setRealm('alpha');\n    if (\n      process.env.FRODO_HOST &&\n      process.env.FRODO_USER &&\n      process.env.FRODO_PASSWORD\n    ) {\n      state.setUsername(process.env.FRODO_USER);\n      state.setPassword(process.env.FRODO_PASSWORD);\n    }\n    await Authenticate.getTokens();\n    expect(state.getCookieName()).toBeTruthy();\n    expect(state.getCookieValue()).toBeTruthy();\n    expect(state.getBearerToken()).toBeTruthy();\n  });\n});\n"],"mappings":";;AAAA;AAA+C;AAAA;AAE/CA,QAAQ,CAAC,mBAAmB,EAAE,MAAM;EAClCC,IAAI,CAAC,iBAAiB,iCAAE,aAAY;IAClCC,YAAK,CAACC,OAAO,CAACC,OAAO,CAACC,GAAG,CAACC,UAAU,IAAI,WAAW,CAAC;IACpDJ,YAAK,CAACK,QAAQ,CAAC,OAAO,CAAC;IACvB,IACEH,OAAO,CAACC,GAAG,CAACC,UAAU,IACtBF,OAAO,CAACC,GAAG,CAACG,UAAU,IACtBJ,OAAO,CAACC,GAAG,CAACI,cAAc,EAC1B;MACAP,YAAK,CAACQ,WAAW,CAACN,OAAO,CAACC,GAAG,CAACG,UAAU,CAAC;MACzCN,YAAK,CAACS,WAAW,CAACP,OAAO,CAACC,GAAG,CAACI,cAAc,CAAC;IAC/C;IACA,MAAMG,mBAAY,CAACC,SAAS,EAAE;IAC9BC,MAAM,CAACZ,YAAK,CAACa,aAAa,EAAE,CAAC,CAACC,UAAU,EAAE;IAC1CF,MAAM,CAACZ,YAAK,CAACe,cAAc,EAAE,CAAC,CAACD,UAAU,EAAE;IAC3CF,MAAM,CAACZ,YAAK,CAACgB,cAAc,EAAE,CAAC,CAACF,UAAU,EAAE;EAC7C,CAAC,EAAC;AACJ,CAAC,CAAC"}

package/cjs/ops/CirclesOfTrustOps.js

@@ -11,23 +11,14 @@ exports.importCirclesOfTrustFromFile = importCirclesOfTrustFromFile;
 exports.importCirclesOfTrustFromFiles = importCirclesOfTrustFromFiles;
 exports.importFirstCircleOfTrust = importFirstCircleOfTrust;
 exports.listCirclesOfTrust = listCirclesOfTrust;
-
 var _fs = _interopRequireDefault(require("fs"));
-
 var _lodash = _interopRequireDefault(require("lodash"));
-
 var _Console = require("./utils/Console");
-
 var _CirclesOfTrustApi = require("../api/CirclesOfTrustApi");
-
 var _ExportImportUtils = require("./utils/ExportImportUtils");
-
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
-
 function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
-
 function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
-
 // use a function vs a template variable to avoid problems in loops
 function getFileDataTemplate() {
   return {
@@ -41,12 +32,11 @@ function getFileDataTemplate() {
     }
   };
 }
+
 /**
  * List entity providers
  * @param {String} long Long list format with details
  */
-
-
 function listCirclesOfTrust() {
   return _listCirclesOfTrust.apply(this, arguments);
 }
@@ -55,22 +45,17 @@ function listCirclesOfTrust() {
  * @param {Object} cotData Object representing a SAML circle of trust
  * @param {Object} fileData File data object to add dependencies to
  */
-
-
 function _listCirclesOfTrust() {
   _listCirclesOfTrust = _asyncToGenerator(function* () {
     var long = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : false;
     var cotList = [];
-
     try {
       cotList = (yield (0, _CirclesOfTrustApi.getCirclesOfTrust)()).result;
     } catch (error) {
       (0, _Console.printMessage)("getCirclesOfTrust ERROR: ".concat(error), 'error');
       (0, _Console.printMessage)(error, 'data');
     }
-
     cotList.sort((a, b) => a._id.localeCompare(b._id));
-
     if (!long) {
       cotList.forEach(cot => {
         (0, _Console.printMessage)("".concat(cot._id), 'data');
@@ -85,7 +70,6 @@ function _listCirclesOfTrust() {
   });
   return _listCirclesOfTrust.apply(this, arguments);
 }
-
 function exportDependencies(_x, _x2) {
   return _exportDependencies.apply(this, arguments);
 }
@@ -94,8 +78,6 @@ function exportDependencies(_x, _x2) {
  * @param {String} cotId circle of trust id/name
  * @param {String} file Optional filename
  */
-
-
 function _exportDependencies() {
   _exportDependencies = _asyncToGenerator(function* (cotData, fileData) {
     // TODO: Export dependencies
@@ -103,7 +85,6 @@ function _exportDependencies() {
   });
   return _exportDependencies.apply(this, arguments);
 }
-
 function exportCircleOfTrust(_x3) {
   return _exportCircleOfTrust.apply(this, arguments);
 }
@@ -111,22 +92,16 @@ function exportCircleOfTrust(_x3) {
  * Export all circles of trust to one file
  * @param {String} file Optional filename
  */
-
-
 function _exportCircleOfTrust() {
   _exportCircleOfTrust = _asyncToGenerator(function* (cotId) {
     var file = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : null;
     var fileName = file;
-
     if (!fileName) {
       fileName = (0, _ExportImportUtils.getTypedFilename)(cotId, 'cot.saml');
     }
-
     (0, _Console.createProgressIndicator)(1, "Exporting circle of trust ".concat(cotId));
-
     try {
       var cotData = _lodash.default.cloneDeep((0, _CirclesOfTrustApi.getCircleOfTrust)(cotId));
-
       delete cotData['_rev'];
       (0, _Console.updateProgressIndicator)("Exporting ".concat(cotId));
       var fileData = getFileDataTemplate();
@@ -141,39 +116,31 @@ function _exportCircleOfTrust() {
   });
   return _exportCircleOfTrust.apply(this, arguments);
 }
-
 function exportCirclesOfTrustToFile() {
   return _exportCirclesOfTrustToFile.apply(this, arguments);
 }
 /**
  * Export all circles of trust to individual files
  */
-
-
 function _exportCirclesOfTrustToFile() {
   _exportCirclesOfTrustToFile = _asyncToGenerator(function* () {
     var file = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : null;
     var fileName = file;
-
     if (!fileName) {
       fileName = (0, _ExportImportUtils.getTypedFilename)("all".concat((0, _ExportImportUtils.getRealmString)(), "CirclesOfTrust"), 'cot.saml');
     }
-
     var fileData = getFileDataTemplate();
     var allCotData = [];
-
     try {
       allCotData = _lodash.default.cloneDeep((yield (0, _CirclesOfTrustApi.getCirclesOfTrust)()).result);
       (0, _Console.createProgressIndicator)(allCotData.length, 'Exporting circles of trust');
-
       for (var cotData of allCotData) {
         delete cotData._rev;
-        (0, _Console.updateProgressIndicator)("Exporting circle of trust ".concat(cotData._id)); // eslint-disable-next-line no-await-in-loop
-
+        (0, _Console.updateProgressIndicator)("Exporting circle of trust ".concat(cotData._id));
+        // eslint-disable-next-line no-await-in-loop
         yield exportDependencies(cotData, fileData);
         fileData.saml.cot[cotData._id] = cotData;
       }
-
       (0, _ExportImportUtils.saveJsonToFile)(fileData, fileName);
       (0, _Console.stopProgressIndicator)("".concat(allCotData.length, " circle(s) of trust exported to ").concat(fileName, "."));
     } catch (error) {
@@ -183,7 +150,6 @@ function _exportCirclesOfTrustToFile() {
   });
   return _exportCirclesOfTrustToFile.apply(this, arguments);
 }
-
 function exportCirclesOfTrustToFiles() {
   return _exportCirclesOfTrustToFiles.apply(this, arguments);
 }
@@ -192,27 +158,22 @@ function exportCirclesOfTrustToFiles() {
  * @param {Object} cotData Object representing a SAML circle of trust
  * @param {Object} fileData File data object to read dependencies from
  */
-
-
 function _exportCirclesOfTrustToFiles() {
   _exportCirclesOfTrustToFiles = _asyncToGenerator(function* () {
     var allCotData = [];
-
     try {
       allCotData = _lodash.default.cloneDeep((yield (0, _CirclesOfTrustApi.getCirclesOfTrust)()).result);
       (0, _Console.createProgressIndicator)(allCotData.length, 'Exporting circles of trust');
-
       for (var cotData of allCotData) {
         delete cotData._rev;
         (0, _Console.updateProgressIndicator)("Exporting circle of trust ".concat(cotData._id));
         var fileName = (0, _ExportImportUtils.getTypedFilename)(cotData._id, 'cot.saml');
-        var fileData = getFileDataTemplate(); // eslint-disable-next-line no-await-in-loop
-
+        var fileData = getFileDataTemplate();
+        // eslint-disable-next-line no-await-in-loop
         yield exportDependencies(cotData, fileData);
         fileData.saml.cot[cotData._id] = cotData;
         (0, _ExportImportUtils.saveJsonToFile)(fileData, fileName);
       }
-
       (0, _Console.stopProgressIndicator)("".concat(allCotData.length, " providers exported."));
     } catch (error) {
       (0, _Console.printMessage)("getCirclesOfTrust ERROR: ".concat(error), 'error');
@@ -221,7 +182,6 @@ function _exportCirclesOfTrustToFiles() {
   });
   return _exportCirclesOfTrustToFiles.apply(this, arguments);
 }
-
 function importDependencies(_x4, _x5) {
   return _importDependencies.apply(this, arguments);
 }
@@ -230,8 +190,6 @@ function importDependencies(_x4, _x5) {
  * @param {String} cotId Circle of trust id/name
  * @param {String} file Import file name
  */
-
-
 function _importDependencies() {
   _importDependencies = _asyncToGenerator(function* (cotData, fileData) {
     // TODO: Import dependencies
@@ -239,7 +197,6 @@ function _importDependencies() {
   });
   return _importDependencies.apply(this, arguments);
 }
-
 function importCircleOfTrust(_x6, _x7) {
   return _importCircleOfTrust.apply(this, arguments);
 }
@@ -247,24 +204,18 @@ function importCircleOfTrust(_x6, _x7) {
  * Import first SAML circle of trust from file
  * @param {String} file Import file name
  */
-
-
 function _importCircleOfTrust() {
   _importCircleOfTrust = _asyncToGenerator(function* (cotId, file) {
     _fs.default.readFile(file, 'utf8', /*#__PURE__*/function () {
       var _ref = _asyncToGenerator(function* (err, data) {
         if (err) throw err;
         var fileData = JSON.parse(data);
-
         if ((0, _ExportImportUtils.validateImport)(fileData.meta)) {
           (0, _Console.createProgressIndicator)(1, 'Importing circle of trust...');
-
           var cotData = _lodash.default.get(fileData, ['saml', 'cot', cotId]);
-
           if (cotData) {
             (0, _Console.updateProgressIndicator)("Importing ".concat(cotId));
             yield importDependencies(cotData, fileData);
-
             try {
               yield (0, _CirclesOfTrustApi.createCircleOfTrust)(cotData);
               (0, _Console.stopProgressIndicator)("Successfully imported ".concat(cotId, "."));
@@ -280,7 +231,6 @@ function _importCircleOfTrust() {
           (0, _Console.printMessage)('Import validation failed...', 'error');
         }
       });
-
       return function (_x10, _x11) {
         return _ref.apply(this, arguments);
       };
@@ -288,7 +238,6 @@ function _importCircleOfTrust() {
   });
   return _importCircleOfTrust.apply(this, arguments);
 }
-
 function importFirstCircleOfTrust(_x8) {
   return _importFirstCircleOfTrust.apply(this, arguments);
 }
@@ -296,26 +245,20 @@ function importFirstCircleOfTrust(_x8) {
  * Import all SAML circles of trust from file
  * @param {String} file Import file name
  */
-
-
 function _importFirstCircleOfTrust() {
   _importFirstCircleOfTrust = _asyncToGenerator(function* (file) {
     _fs.default.readFile(file, 'utf8', /*#__PURE__*/function () {
       var _ref2 = _asyncToGenerator(function* (err, data) {
         if (err) throw err;
         var fileData = JSON.parse(data);
-
         if ((0, _ExportImportUtils.validateImport)(fileData.meta)) {
           (0, _Console.createProgressIndicator)(1, 'Importing circle of trust...');
-
           for (var cotId in fileData.saml.cot) {
             if ({}.hasOwnProperty.call(fileData.saml.cot, cotId)) {
               var cotData = _lodash.default.cloneDeep(fileData.saml.cot[cotId]);
-
-              (0, _Console.updateProgressIndicator)("Importing ".concat(cotId)); // eslint-disable-next-line no-await-in-loop
-
+              (0, _Console.updateProgressIndicator)("Importing ".concat(cotId));
+              // eslint-disable-next-line no-await-in-loop
               yield importDependencies(cotData, fileData);
-
               try {
                 yield (0, _CirclesOfTrustApi.createCircleOfTrust)(cotData);
                 (0, _Console.stopProgressIndicator)("Successfully imported ".concat(cotId, "."));
@@ -324,7 +267,6 @@ function _importFirstCircleOfTrust() {
                 (0, _Console.printMessage)("Error importing ".concat(cotId), 'error');
                 (0, _Console.printMessage)(createCircleOfTrustErr.response.data, 'error');
               }
-
               break;
             }
           }
@@ -332,7 +274,6 @@ function _importFirstCircleOfTrust() {
           (0, _Console.printMessage)('Import validation failed...', 'error');
         }
       });
-
       return function (_x12, _x13) {
         return _ref2.apply(this, arguments);
       };
@@ -340,32 +281,25 @@ function _importFirstCircleOfTrust() {
   });
   return _importFirstCircleOfTrust.apply(this, arguments);
 }
-
 function importCirclesOfTrustFromFile(_x9) {
   return _importCirclesOfTrustFromFile.apply(this, arguments);
 }
 /**
  * Import all SAML circles of trust from all *.cot.saml.json files in the current directory
  */
-
-
 function _importCirclesOfTrustFromFile() {
   _importCirclesOfTrustFromFile = _asyncToGenerator(function* (file) {
     _fs.default.readFile(file, 'utf8', /*#__PURE__*/function () {
       var _ref3 = _asyncToGenerator(function* (err, data) {
         if (err) throw err;
         var fileData = JSON.parse(data);
-
         if ((0, _ExportImportUtils.validateImport)(fileData.meta)) {
           (0, _Console.createProgressIndicator)(Object.keys(fileData.saml.cot).length, 'Importing circles of trust...');
-
           for (var cotId in fileData.saml.cot) {
             if ({}.hasOwnProperty.call(fileData.saml.cot, cotId)) {
-              var cotData = _lodash.default.cloneDeep(fileData.saml.cot[cotId]); // eslint-disable-next-line no-await-in-loop
-
-
+              var cotData = _lodash.default.cloneDeep(fileData.saml.cot[cotId]);
+              // eslint-disable-next-line no-await-in-loop
               yield importDependencies(cotData, fileData);
-
               try {
                 // eslint-disable-next-line no-await-in-loop
                 yield (0, _CirclesOfTrustApi.createCircleOfTrust)(cotData);
@@ -376,13 +310,11 @@ function _importCirclesOfTrustFromFile() {
               }
             }
           }
-
           (0, _Console.stopProgressIndicator)("Circles of trust imported.");
         } else {
           (0, _Console.printMessage)('Import validation failed...', 'error');
         }
       });
-
       return function (_x14, _x15) {
         return _ref3.apply(this, arguments);
       };
@@ -390,39 +322,31 @@ function _importCirclesOfTrustFromFile() {
   });
   return _importCirclesOfTrustFromFile.apply(this, arguments);
 }
-
 function importCirclesOfTrustFromFiles() {
   return _importCirclesOfTrustFromFiles.apply(this, arguments);
 }
-
 function _importCirclesOfTrustFromFiles() {
   _importCirclesOfTrustFromFiles = _asyncToGenerator(function* () {
     var names = _fs.default.readdirSync('.');
-
     var jsonFiles = names.filter(name => name.toLowerCase().endsWith('.cot.saml.json'));
     (0, _Console.createProgressIndicator)(jsonFiles.length, 'Importing circles or trust...');
     var total = 0;
     var totalErrors = 0;
-
     for (var file of jsonFiles) {
       var data = _fs.default.readFileSync(file, 'utf8');
-
       var fileData = JSON.parse(data);
-
       if ((0, _ExportImportUtils.validateImport)(fileData.meta)) {
         total += _lodash.default.keys(fileData.saml.cot).length;
         var errors = 0;
-
         for (var cotId in fileData.saml.cot) {
           if ({}.hasOwnProperty.call(fileData.saml.cot, cotId)) {
-            var cotData = _lodash.default.cloneDeep(fileData.saml.cot[cotId]); // eslint-disable-next-line no-await-in-loop
-
-
+            var cotData = _lodash.default.cloneDeep(fileData.saml.cot[cotId]);
+            // eslint-disable-next-line no-await-in-loop
             yield importDependencies(cotData, fileData);
-
             try {
               // eslint-disable-next-line no-await-in-loop
-              yield (0, _CirclesOfTrustApi.createCircleOfTrust)(cotData); // updateProgressIndicator(`Imported ${cotId}`);
+              yield (0, _CirclesOfTrustApi.createCircleOfTrust)(cotData);
+              // updateProgressIndicator(`Imported ${cotId}`);
             } catch (createCircleOfTrustErr) {
               errors += 1;
               (0, _Console.printMessage)("\nError importing ".concat(cotId), 'error');
@@ -430,14 +354,12 @@ function _importCirclesOfTrustFromFiles() {
             }
           }
         }
-
         totalErrors += errors;
         (0, _Console.updateProgressIndicator)("Imported ".concat(_lodash.default.keys(fileData.saml.cot).length - errors, " circle(s) of trust from ").concat(file));
       } else {
         (0, _Console.printMessage)("Validation of ".concat(file, " failed!"), 'error');
       }
     }
-
     (0, _Console.stopProgressIndicator)("Imported ".concat(total - totalErrors, " of ").concat(total, " circle(s) of trust from ").concat(jsonFiles.length, " file(s)."));
   });
   return _importCirclesOfTrustFromFiles.apply(this, arguments);