@rockcarver/frodo-lib 0.18.2 → 0.18.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +17 -1
- package/cjs/api/cloud/LogApi.js +18 -15
- package/cjs/api/cloud/LogApi.js.map +1 -1
- package/cjs/ops/AuthenticateOps.js +6 -5
- package/cjs/ops/AuthenticateOps.js.map +1 -1
- package/cjs/ops/Saml2Ops.js +13 -5
- package/cjs/ops/Saml2Ops.js.map +1 -1
- package/cjs/ops/cloud/LogOps.js +11 -9
- package/cjs/ops/cloud/LogOps.js.map +1 -1
- package/esm/api/cloud/LogApi.mjs +11 -8
- package/esm/ops/AuthenticateOps.mjs +6 -6
- package/esm/ops/Saml2Ops.mjs +13 -5
- package/esm/ops/cloud/LogOps.mjs +12 -10
- package/package.json +1 -1
- package/types/api/cloud/LogApi.d.ts +2 -2
- package/types/api/cloud/LogApi.d.ts.map +1 -1
- package/types/ops/AuthenticateOps.d.ts +2 -2
- package/types/ops/AuthenticateOps.d.ts.map +1 -1
- package/types/ops/Saml2Ops.d.ts.map +1 -1
- package/types/ops/cloud/LogOps.d.ts.map +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [0.18.4] - 2023-02-11
|
|
11
|
+
|
|
12
|
+
### Fixed
|
|
13
|
+
|
|
14
|
+
- rockcarver/frodo-cli#195: Backend support to fix issue: `Authenticate.getTokens` API now supports new `forceLoginAsUser` param to force logging in as a user even if a service account is available.
|
|
15
|
+
|
|
16
|
+
## [0.18.3] - 2023-01-27
|
|
17
|
+
|
|
18
|
+
### Changed
|
|
19
|
+
|
|
20
|
+
- rockcarver/frodo-cli#192: Backend support for better error handling and reporting in frodo-cli
|
|
21
|
+
|
|
10
22
|
## [0.18.2] - 2023-01-25
|
|
11
23
|
|
|
12
24
|
### Added
|
|
@@ -1040,7 +1052,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
1040
1052
|
- Fixed problem with adding connection profiles
|
|
1041
1053
|
- Miscellaneous bug fixes
|
|
1042
1054
|
|
|
1043
|
-
[Unreleased]: https://github.com/rockcarver/frodo-lib/compare/v0.18.
|
|
1055
|
+
[Unreleased]: https://github.com/rockcarver/frodo-lib/compare/v0.18.4...HEAD
|
|
1056
|
+
|
|
1057
|
+
[0.18.4]: https://github.com/rockcarver/frodo-lib/compare/v0.18.3...v0.18.4
|
|
1058
|
+
|
|
1059
|
+
[0.18.3]: https://github.com/rockcarver/frodo-lib/compare/v0.18.2...v0.18.3
|
|
1044
1060
|
|
|
1045
1061
|
[0.18.2]: https://github.com/rockcarver/frodo-lib/compare/v0.18.2-0...v0.18.2
|
|
1046
1062
|
|
package/cjs/api/cloud/LogApi.js
CHANGED
|
@@ -22,26 +22,16 @@ var logsFetchURLTemplate = '%s/monitoring/logs?source=%s&beginTime=%s&endTime=%s
|
|
|
22
22
|
var logsSourcesURLTemplate = '%s/monitoring/logs/sources';
|
|
23
23
|
var logsCreateAPIKeyAndSecretURLTemplate = '%s/keys?_action=create';
|
|
24
24
|
var logsGetAPIKeysURLTemplate = '%s/keys';
|
|
25
|
-
function tail(_x, _x2) {
|
|
26
|
-
return _tail.apply(this, arguments);
|
|
27
|
-
}
|
|
28
|
-
function _tail() {
|
|
29
|
-
_tail = _asyncToGenerator(function* (source, cookie) {
|
|
30
|
-
var urlString = _util.default.format(logsTailURLTemplate, (0, _ApiUtils.getTenantURL)(state.getHost()), encodeURIComponent(source));
|
|
31
|
-
if (cookie) {
|
|
32
|
-
urlString += "&_pagedResultsCookie=".concat(encodeURIComponent(cookie));
|
|
33
|
-
}
|
|
34
|
-
return (0, _BaseApi.generateLogApi)().get(urlString);
|
|
35
|
-
});
|
|
36
|
-
return _tail.apply(this, arguments);
|
|
37
|
-
}
|
|
38
25
|
function getAPIKeys() {
|
|
39
26
|
return _getAPIKeys.apply(this, arguments);
|
|
40
27
|
}
|
|
41
28
|
function _getAPIKeys() {
|
|
42
29
|
_getAPIKeys = _asyncToGenerator(function* () {
|
|
43
30
|
var urlString = _util.default.format(logsGetAPIKeysURLTemplate, (0, _ApiUtils.getTenantURL)(state.getHost()));
|
|
44
|
-
|
|
31
|
+
var {
|
|
32
|
+
data
|
|
33
|
+
} = yield (0, _BaseApi.generateLogKeysApi)().get(urlString);
|
|
34
|
+
return data;
|
|
45
35
|
});
|
|
46
36
|
return _getAPIKeys.apply(this, arguments);
|
|
47
37
|
}
|
|
@@ -55,7 +45,7 @@ function _getSources() {
|
|
|
55
45
|
});
|
|
56
46
|
return _getSources.apply(this, arguments);
|
|
57
47
|
}
|
|
58
|
-
function createAPIKeyAndSecret(
|
|
48
|
+
function createAPIKeyAndSecret(_x) {
|
|
59
49
|
return _createAPIKeyAndSecret.apply(this, arguments);
|
|
60
50
|
}
|
|
61
51
|
function _createAPIKeyAndSecret() {
|
|
@@ -67,6 +57,19 @@ function _createAPIKeyAndSecret() {
|
|
|
67
57
|
});
|
|
68
58
|
return _createAPIKeyAndSecret.apply(this, arguments);
|
|
69
59
|
}
|
|
60
|
+
function tail(_x2, _x3) {
|
|
61
|
+
return _tail.apply(this, arguments);
|
|
62
|
+
}
|
|
63
|
+
function _tail() {
|
|
64
|
+
_tail = _asyncToGenerator(function* (source, cookie) {
|
|
65
|
+
var urlString = _util.default.format(logsTailURLTemplate, (0, _ApiUtils.getTenantURL)(state.getHost()), encodeURIComponent(source));
|
|
66
|
+
if (cookie) {
|
|
67
|
+
urlString += "&_pagedResultsCookie=".concat(encodeURIComponent(cookie));
|
|
68
|
+
}
|
|
69
|
+
return (0, _BaseApi.generateLogApi)().get(urlString);
|
|
70
|
+
});
|
|
71
|
+
return _tail.apply(this, arguments);
|
|
72
|
+
}
|
|
70
73
|
function fetch(_x4, _x5, _x6, _x7) {
|
|
71
74
|
return _fetch.apply(this, arguments);
|
|
72
75
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"LogApi.js","names":["logsTailURLTemplate","logsFetchURLTemplate","logsSourcesURLTemplate","logsCreateAPIKeyAndSecretURLTemplate","logsGetAPIKeysURLTemplate","
|
|
1
|
+
{"version":3,"file":"LogApi.js","names":["logsTailURLTemplate","logsFetchURLTemplate","logsSourcesURLTemplate","logsCreateAPIKeyAndSecretURLTemplate","logsGetAPIKeysURLTemplate","getAPIKeys","urlString","util","format","getTenantURL","state","getHost","data","generateLogKeysApi","get","getSources","generateLogApi","createAPIKeyAndSecret","keyName","post","name","tail","source","cookie","encodeURIComponent","fetch","startTs","endTs","timeout"],"sources":["api/cloud/LogApi.ts"],"sourcesContent":["import util from 'util';\nimport { generateLogApi, generateLogKeysApi } from '../BaseApi';\nimport { getTenantURL } from '../utils/ApiUtils';\nimport * as state from '../../shared/State';\n\nconst logsTailURLTemplate = '%s/monitoring/logs/tail?source=%s';\nconst logsFetchURLTemplate =\n '%s/monitoring/logs?source=%s&beginTime=%s&endTime=%s';\nconst logsSourcesURLTemplate = '%s/monitoring/logs/sources';\nconst logsCreateAPIKeyAndSecretURLTemplate = '%s/keys?_action=create';\nconst logsGetAPIKeysURLTemplate = '%s/keys';\n\nexport async function getAPIKeys() {\n const urlString = util.format(\n logsGetAPIKeysURLTemplate,\n getTenantURL(state.getHost())\n );\n const { data } = await generateLogKeysApi().get(urlString);\n return data;\n}\n\nexport async function getSources() {\n const urlString = util.format(\n logsSourcesURLTemplate,\n getTenantURL(state.getHost())\n );\n return generateLogApi().get(urlString);\n}\n\nexport async function createAPIKeyAndSecret(keyName) {\n const urlString = util.format(\n logsCreateAPIKeyAndSecretURLTemplate,\n getTenantURL(state.getHost())\n );\n return generateLogKeysApi().post(urlString, { name: keyName });\n}\n\nexport async function tail(source, cookie) {\n let urlString = util.format(\n logsTailURLTemplate,\n getTenantURL(state.getHost()),\n encodeURIComponent(source)\n );\n if (cookie) {\n urlString += `&_pagedResultsCookie=${encodeURIComponent(cookie)}`;\n }\n return generateLogApi().get(urlString);\n}\n\nexport async function fetch(source, startTs, endTs, cookie) {\n let urlString = util.format(\n logsFetchURLTemplate,\n getTenantURL(state.getHost()),\n encodeURIComponent(source),\n startTs,\n endTs\n );\n if (cookie) {\n urlString += `&_pagedResultsCookie=${encodeURIComponent(cookie)}`;\n }\n return generateLogApi({ timeout: 60000 }).get(urlString);\n}\n"],"mappings":";;;;;;;;;;AAAA;AACA;AACA;AACA;AAA4C;AAAA;AAAA;AAAA;AAAA;AAE5C,IAAMA,mBAAmB,GAAG,mCAAmC;AAC/D,IAAMC,oBAAoB,GACxB,sDAAsD;AACxD,IAAMC,sBAAsB,GAAG,4BAA4B;AAC3D,IAAMC,oCAAoC,GAAG,wBAAwB;AACrE,IAAMC,yBAAyB,GAAG,SAAS;AAAC,SAEtBC,UAAU;EAAA;AAAA;AAAA;EAAA,gCAAzB,aAA4B;IACjC,IAAMC,SAAS,GAAGC,aAAI,CAACC,MAAM,CAC3BJ,yBAAyB,EACzB,IAAAK,sBAAY,EAACC,KAAK,CAACC,OAAO,EAAE,CAAC,CAC9B;IACD,IAAM;MAAEC;IAAK,CAAC,SAAS,IAAAC,2BAAkB,GAAE,CAACC,GAAG,CAACR,SAAS,CAAC;IAC1D,OAAOM,IAAI;EACb,CAAC;EAAA;AAAA;AAAA,SAEqBG,UAAU;EAAA;AAAA;AAAA;EAAA,gCAAzB,aAA4B;IACjC,IAAMT,SAAS,GAAGC,aAAI,CAACC,MAAM,CAC3BN,sBAAsB,EACtB,IAAAO,sBAAY,EAACC,KAAK,CAACC,OAAO,EAAE,CAAC,CAC9B;IACD,OAAO,IAAAK,uBAAc,GAAE,CAACF,GAAG,CAACR,SAAS,CAAC;EACxC,CAAC;EAAA;AAAA;AAAA,SAEqBW,qBAAqB;EAAA;AAAA;AAAA;EAAA,2CAApC,WAAqCC,OAAO,EAAE;IACnD,IAAMZ,SAAS,GAAGC,aAAI,CAACC,MAAM,CAC3BL,oCAAoC,EACpC,IAAAM,sBAAY,EAACC,KAAK,CAACC,OAAO,EAAE,CAAC,CAC9B;IACD,OAAO,IAAAE,2BAAkB,GAAE,CAACM,IAAI,CAACb,SAAS,EAAE;MAAEc,IAAI,EAAEF;IAAQ,CAAC,CAAC;EAChE,CAAC;EAAA;AAAA;AAAA,SAEqBG,IAAI;EAAA;AAAA;AAAA;EAAA,0BAAnB,WAAoBC,MAAM,EAAEC,MAAM,EAAE;IACzC,IAAIjB,SAAS,GAAGC,aAAI,CAACC,MAAM,CACzBR,mBAAmB,EACnB,IAAAS,sBAAY,EAACC,KAAK,CAACC,OAAO,EAAE,CAAC,EAC7Ba,kBAAkB,CAACF,MAAM,CAAC,CAC3B;IACD,IAAIC,MAAM,EAAE;MACVjB,SAAS,mCAA4BkB,kBAAkB,CAACD,MAAM,CAAC,CAAE;IACnE;IACA,OAAO,IAAAP,uBAAc,GAAE,CAACF,GAAG,CAACR,SAAS,CAAC;EACxC,CAAC;EAAA;AAAA;AAAA,SAEqBmB,KAAK;EAAA;AAAA;AAAA;EAAA,2BAApB,WAAqBH,MAAM,EAAEI,OAAO,EAAEC,KAAK,EAAEJ,MAAM,EAAE;IAC1D,IAAIjB,SAAS,GAAGC,aAAI,CAACC,MAAM,CACzBP,oBAAoB,EACpB,IAAAQ,sBAAY,EAACC,KAAK,CAACC,OAAO,EAAE,CAAC,EAC7Ba,kBAAkB,CAACF,MAAM,CAAC,EAC1BI,OAAO,EACPC,KAAK,CACN;IACD,IAAIJ,MAAM,EAAE;MACVjB,SAAS,mCAA4BkB,kBAAkB,CAACD,MAAM,CAAC,CAAE;IACnE;IACA,OAAO,IAAAP,uBAAc,EAAC;MAAEY,OAAO,EAAE;IAAM,CAAC,CAAC,CAACd,GAAG,CAACR,SAAS,CAAC;EAC1D,CAAC;EAAA;AAAA"}
|
|
@@ -27,7 +27,7 @@ function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try
|
|
|
27
27
|
function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
|
|
28
28
|
var adminClientPassword = 'doesnotmatter';
|
|
29
29
|
var redirectUrlTemplate = '/platform/appAuthHelperRedirect.html';
|
|
30
|
-
var idmAdminScopes = 'fr:idm:* fr:idc:esv:*';
|
|
30
|
+
var idmAdminScopes = 'openid fr:idm:* fr:idc:esv:*';
|
|
31
31
|
var serviceAccountScopes = 'fr:am:* fr:idm:* fr:idc:esv:*';
|
|
32
32
|
var adminClientId = 'idmAdminClient';
|
|
33
33
|
|
|
@@ -398,7 +398,7 @@ function getLoggedInSubject() {
|
|
|
398
398
|
}
|
|
399
399
|
/**
|
|
400
400
|
* Get tokens
|
|
401
|
-
* @param {boolean}
|
|
401
|
+
* @param {boolean} forceLoginAsUser true to force login as user even if a service account is available (default: false)
|
|
402
402
|
* @returns {Promise<boolean>} true if tokens were successfully obtained, false otherwise
|
|
403
403
|
*/
|
|
404
404
|
function _getLoggedInSubject() {
|
|
@@ -417,6 +417,7 @@ function getTokens() {
|
|
|
417
417
|
}
|
|
418
418
|
function _getTokens() {
|
|
419
419
|
_getTokens = _asyncToGenerator(function* () {
|
|
420
|
+
var forceLoginAsUser = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : false;
|
|
420
421
|
(0, _Console.debugMessage)("AuthenticateOps.getTokens: start");
|
|
421
422
|
if (!state.getHost()) {
|
|
422
423
|
(0, _Console.printMessage)("No host specified and FRODO_HOST env variable not set!", 'error');
|
|
@@ -442,7 +443,7 @@ function _getTokens() {
|
|
|
442
443
|
state.setCookieName(yield determineCookieName());
|
|
443
444
|
|
|
444
445
|
// use service account to login?
|
|
445
|
-
if (state.getServiceAccountId() && state.getServiceAccountJwk()) {
|
|
446
|
+
if (!forceLoginAsUser && state.getServiceAccountId() && state.getServiceAccountJwk()) {
|
|
446
447
|
(0, _Console.debugMessage)("AuthenticateOps.getTokens: Authenticating with service account ".concat(state.getServiceAccountId()));
|
|
447
448
|
try {
|
|
448
449
|
var token = yield getAccessTokenForServiceAccount(state.getServiceAccountId(), state.getServiceAccountJwk());
|
|
@@ -451,8 +452,8 @@ function _getTokens() {
|
|
|
451
452
|
yield determineDeploymentTypeAndDefaultRealmAndVersion();
|
|
452
453
|
} catch (saErr) {
|
|
453
454
|
var _saErr$response, _saErr$response2, _saErr$response2$data, _saErr$response3, _saErr$response3$data;
|
|
454
|
-
(0, _Console.debugMessage)((_saErr$response = saErr.response) === null || _saErr$response === void 0 ? void 0 : _saErr$response.data);
|
|
455
|
-
throw new Error("Service account login error: ".concat(((_saErr$response2 = saErr.response) === null || _saErr$response2 === void 0 ? void 0 : (_saErr$response2$data = _saErr$response2.data) === null || _saErr$response2$data === void 0 ? void 0 : _saErr$response2$data.error_description) || ((_saErr$response3 = saErr.response) === null || _saErr$response3 === void 0 ? void 0 : (_saErr$response3$data = _saErr$response3.data) === null || _saErr$response3$data === void 0 ? void 0 : _saErr$response3$data.message)));
|
|
455
|
+
(0, _Console.debugMessage)(((_saErr$response = saErr.response) === null || _saErr$response === void 0 ? void 0 : _saErr$response.data) || saErr);
|
|
456
|
+
throw new Error("Service account login error: ".concat(((_saErr$response2 = saErr.response) === null || _saErr$response2 === void 0 ? void 0 : (_saErr$response2$data = _saErr$response2.data) === null || _saErr$response2$data === void 0 ? void 0 : _saErr$response2$data.error_description) || ((_saErr$response3 = saErr.response) === null || _saErr$response3 === void 0 ? void 0 : (_saErr$response3$data = _saErr$response3.data) === null || _saErr$response3$data === void 0 ? void 0 : _saErr$response3$data.message) || saErr));
|
|
456
457
|
}
|
|
457
458
|
}
|
|
458
459
|
// use user account to login
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthenticateOps.js","names":["adminClientPassword","redirectUrlTemplate","idmAdminScopes","serviceAccountScopes","adminClientId","determineCookieName","data","getServerInfo","debugMessage","cookieName","error","printMessage","stack","checkAndHandle2FA","payload","element","callbacks","type","input","value","includes","need2fa","output","code","readlineSync","question","determineDefaultRealm","deploymentType","state","getRealm","globalConfig","DEFAULT_REALM_KEY","setRealm","DEPLOYMENT_TYPE_REALM_MAP","determineDeploymentType","cookieValue","getCookieValue","getUseBearerTokenForAmApis","CLOUD_DEPLOYMENT_TYPE_KEY","fidcClientId","forgeopsClientId","verifier","encodeBase64Url","randomBytes","challenge","createHash","update","digest","challengeMethod","redirectURL","url","resolve","getHost","config","maxRedirects","headers","getCookieName","bodyFormData","CLASSIC_DEPLOYMENT_TYPE_KEY","authorize","e","response","status","location","indexOf","verboseMessage","ex","FORGEOPS_DEPLOYMENT_TYPE_KEY","getSemanticVersion","versionInfo","versionString","version","rx","match","Error","authenticate","username","password","response1","step","skip2FA","response2","getAuthCode","codeChallenge","codeChallengeMethod","undefined","redirectLocationURL","queryObject","parse","query","message","getAccessTokenForUser","authCode","getDeploymentType","auth","accessToken","access_token","createPayload","serviceAccountId","u","parseUrl","aud","origin","port","protocol","pathname","exp","Math","floor","Date","getTime","jti","v4","iss","sub","getAccessTokenForServiceAccount","jwk","jwt","createSignedJwtToken","determineDeploymentTypeAndDefaultRealmAndVersion","setDeploymentType","getServerVersionInfo","fullVersion","setAmVersion","getLoggedInSubject","subjectString","getUsername","name","getServiceAccount","getServiceAccountId","getTokens","getPassword","getServiceAccountJwk","conn","getConnectionProfile","setHost","tenant","setUsername","setPassword","setAuthenticationService","authenticationService","setAuthenticationHeaderOverrides","authenticationHeaderOverrides","setServiceAccountId","svcacctId","setServiceAccountJwk","svcacctJwk","setCookieName","token","setBearerToken","setUseBearerTokenForAmApis","saErr","error_description","setCookieValue","getBearerToken"],"sources":["ops/AuthenticateOps.ts"],"sourcesContent":["import url from 'url';\nimport { createHash, randomBytes } from 'crypto';\nimport readlineSync from 'readline-sync';\nimport { encodeBase64Url } from '../api/utils/Base64';\nimport * as state from '../shared/State';\nimport * as globalConfig from '../storage/StaticStorage';\nimport { debugMessage, printMessage, verboseMessage } from './utils/Console';\nimport { getServerInfo, getServerVersionInfo } from '../api/ServerInfoApi';\nimport { step } from '../api/AuthenticateApi';\nimport { accessToken, authorize } from '../api/OAuth2OIDCApi';\nimport { getConnectionProfile } from './ConnectionProfileOps';\nimport { v4 } from 'uuid';\nimport { parseUrl } from '../api/utils/ApiUtils';\nimport { JwkRsa, createSignedJwtToken } from './JoseOps';\nimport { getServiceAccount } from './cloud/ServiceAccountOps';\n\nconst adminClientPassword = 'doesnotmatter';\nconst redirectUrlTemplate = '/platform/appAuthHelperRedirect.html';\n\nconst idmAdminScopes = 'fr:idm:* fr:idc:esv:*';\nconst serviceAccountScopes = 'fr:am:* fr:idm:* fr:idc:esv:*';\n\nlet adminClientId = 'idmAdminClient';\n\n/**\n * Helper function to get cookie name\n * @returns {String} cookie name\n */\nasync function determineCookieName() {\n try {\n const data = await getServerInfo();\n debugMessage(\n `AuthenticateOps.getCookieName: cookieName=${data.cookieName}`\n );\n return data.cookieName;\n } catch (error) {\n printMessage(`Error getting cookie name: ${error}`, 'error');\n debugMessage(error.stack);\n return null;\n }\n}\n\n/**\n * Helper function to determine if this is a setup mfa prompt in the ID Cloud tenant admin login journey\n * @param {Object} payload response from the previous authentication journey step\n * @returns {Object} an object indicating if 2fa is required and the original payload\n */\nfunction checkAndHandle2FA(payload) {\n // let skippable = false;\n if ('callbacks' in payload) {\n for (const element of payload.callbacks) {\n if (element.type === 'HiddenValueCallback') {\n if (element.input[0].value.includes('skip')) {\n // skippable = true;\n element.input[0].value = 'Skip';\n return {\n need2fa: true,\n payload,\n };\n }\n }\n if (element.type === 'NameCallback') {\n if (element.output[0].value.includes('code')) {\n // skippable = false;\n printMessage('2FA is enabled and required for this user...');\n const code = readlineSync.question(`${element.output[0].value}: `);\n element.input[0].value = code;\n return {\n need2fa: true,\n payload,\n };\n }\n }\n }\n // console.info(\"NO2FA\");\n return {\n need2fa: false,\n payload,\n };\n }\n // console.info(\"NO2FA\");\n return {\n need2fa: false,\n payload,\n };\n}\n\n/**\n * Helper function to set the default realm by deployment type\n * @param {string} deploymentType deployment type\n */\nfunction determineDefaultRealm(deploymentType: string) {\n if (\n !state.getRealm() ||\n state.getRealm() === globalConfig.DEFAULT_REALM_KEY\n ) {\n state.setRealm(globalConfig.DEPLOYMENT_TYPE_REALM_MAP[deploymentType]);\n }\n}\n\n/**\n * Helper function to determine the deployment type\n * @returns {Promise<string>} deployment type\n */\nasync function determineDeploymentType(): Promise<string> {\n const cookieValue = state.getCookieValue();\n // https://bugster.forgerock.org/jira/browse/FRAAS-13018\n // There is a chance that this will be blocked due to security concerns and thus is probably best not to keep active\n // if (!cookieValue && getUseBearerTokenForAmApis()) {\n // const token = await getTokenInfo();\n // cookieValue = token.sessionToken;\n // setCookieValue(cookieValue);\n // }\n\n // if we are using a service account, we know it's cloud\n if (state.getUseBearerTokenForAmApis())\n return globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY;\n\n const fidcClientId = 'idmAdminClient';\n const forgeopsClientId = 'idm-admin-ui';\n\n const verifier = encodeBase64Url(randomBytes(32));\n const challenge = encodeBase64Url(\n createHash('sha256').update(verifier).digest()\n );\n const challengeMethod = 'S256';\n const redirectURL = url.resolve(state.getHost(), redirectUrlTemplate);\n\n const config = {\n maxRedirects: 0,\n headers: {\n [state.getCookieName()]: state.getCookieValue(),\n },\n };\n let bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScopes}&response_type=code&client_id=${fidcClientId}&csrf=${cookieValue}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n\n let deploymentType = globalConfig.CLASSIC_DEPLOYMENT_TYPE_KEY;\n try {\n await authorize(bodyFormData, config);\n } catch (e) {\n // debugMessage(e.response);\n if (\n e.response?.status === 302 &&\n e.response.headers?.location?.indexOf('code=') > -1\n ) {\n verboseMessage(`ForgeRock Identity Cloud`['brightCyan'] + ` detected.`);\n deploymentType = globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY;\n } else {\n try {\n bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScopes}&response_type=code&client_id=${forgeopsClientId}&csrf=${state.getCookieValue()}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n await authorize(bodyFormData, config);\n } catch (ex) {\n if (\n ex.response?.status === 302 &&\n ex.response.headers?.location?.indexOf('code=') > -1\n ) {\n adminClientId = forgeopsClientId;\n verboseMessage(`ForgeOps deployment`['brightCyan'] + ` detected.`);\n deploymentType = globalConfig.FORGEOPS_DEPLOYMENT_TYPE_KEY;\n } else {\n verboseMessage(`Classic deployment`['brightCyan'] + ` detected.`);\n }\n }\n }\n }\n return deploymentType;\n}\n\n/**\n * Helper function to extract the semantic version string from a version info object\n * @param {Object} versionInfo version info object\n * @returns {String} semantic version\n */\nasync function getSemanticVersion(versionInfo) {\n if ('version' in versionInfo) {\n const versionString = versionInfo.version;\n const rx = /([\\d]\\.[\\d]\\.[\\d](\\.[\\d])*)/g;\n const version = versionString.match(rx);\n return version[0];\n }\n throw new Error('Cannot extract semantic version from version info object.');\n}\n\n/**\n * Helper function to authenticate and obtain and store session cookie\n * @returns {string} Session token or null\n */\nasync function authenticate(\n username: string,\n password: string\n): Promise<string> {\n const config = {\n headers: {\n 'X-OpenAM-Username': username,\n 'X-OpenAM-Password': password,\n },\n };\n const response1 = await step({}, config);\n const skip2FA = checkAndHandle2FA(response1);\n let response2 = {};\n if (skip2FA.need2fa) {\n response2 = await step(skip2FA.payload);\n } else {\n response2 = skip2FA.payload;\n }\n if ('tokenId' in response2) {\n return response2['tokenId'] as string;\n }\n return null;\n}\n\n/**\n * Helper function to obtain an oauth2 authorization code\n * @param {string} redirectURL oauth2 redirect uri\n * @param {string} codeChallenge PKCE code challenge\n * @param {string} codeChallengeMethod PKCE code challenge method\n * @returns {string} oauth2 authorization code or null\n */\nasync function getAuthCode(redirectURL, codeChallenge, codeChallengeMethod) {\n try {\n const bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScopes}&response_type=code&client_id=${adminClientId}&csrf=${state.getCookieValue()}&decision=allow&code_challenge=${codeChallenge}&code_challenge_method=${codeChallengeMethod}`;\n const config = {\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n maxRedirects: 0,\n };\n let response = undefined;\n try {\n response = await authorize(bodyFormData, config);\n } catch (error) {\n response = error.response;\n }\n if (response.status < 200 || response.status > 399) {\n printMessage('error getting auth code', 'error');\n printMessage(\n 'likely cause: mismatched parameters with OAuth client config',\n 'error'\n );\n return null;\n }\n const redirectLocationURL = response.headers?.location;\n const queryObject = url.parse(redirectLocationURL, true).query;\n if ('code' in queryObject) {\n return queryObject.code;\n }\n printMessage('auth code not found', 'error');\n return null;\n } catch (error) {\n printMessage(`error getting auth code - ${error.message}`, 'error');\n printMessage(error.response?.data, 'error');\n debugMessage(error.stack);\n return null;\n }\n}\n\n/**\n * Helper function to obtain oauth2 access token\n * @returns {Promise<string | null>} access token or null\n */\nasync function getAccessTokenForUser(): Promise<string | null> {\n debugMessage(`AuthenticateOps.getAccessTokenForUser: start`);\n try {\n const verifier = encodeBase64Url(randomBytes(32));\n const challenge = encodeBase64Url(\n createHash('sha256').update(verifier).digest()\n );\n const challengeMethod = 'S256';\n const redirectURL = url.resolve(state.getHost(), redirectUrlTemplate);\n const authCode = await getAuthCode(redirectURL, challenge, challengeMethod);\n if (authCode == null) {\n printMessage('error getting auth code', 'error');\n return null;\n }\n let response = null;\n if (state.getDeploymentType() === globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY) {\n const config = {\n auth: {\n username: adminClientId,\n password: adminClientPassword,\n },\n };\n const bodyFormData = `redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n response = await accessToken(bodyFormData, config);\n } else {\n const bodyFormData = `client_id=${adminClientId}&redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n response = await accessToken(bodyFormData);\n }\n if ('access_token' in response.data) {\n debugMessage(`AuthenticateOps.getAccessTokenForUser: end with token`);\n return response.data.access_token;\n }\n printMessage('No access token in response.', 'error');\n } catch (error) {\n debugMessage(`Error getting access token for user: ${error}`);\n debugMessage(error.response?.data);\n }\n debugMessage(`AuthenticateOps.getAccessTokenForUser: end without token`);\n return null;\n}\n\nfunction createPayload(serviceAccountId: string) {\n const u = parseUrl(state.getHost());\n const aud = `${u.origin}:${\n u.port ? u.port : u.protocol === 'https' ? '443' : '80'\n }${u.pathname}/oauth2/access_token`;\n\n // Cross platform way of setting JWT expiry time 3 minutes in the future, expressed as number of seconds since EPOCH\n const exp = Math.floor(new Date().getTime() / 1000 + 180);\n\n // A unique ID for the JWT which is required when requesting the openid scope\n const jti = v4();\n\n const iss = serviceAccountId;\n const sub = serviceAccountId;\n\n // Create the payload for our bearer token\n const payload = { iss, sub, aud, exp, jti };\n\n return payload;\n}\n\n/**\n * Get access token for service account\n * @param {string} serviceAccountId UUID of service account\n * @param {JwkRsa} jwk Java Wek Key\n * @returns {string | null} Access token or null\n */\nexport async function getAccessTokenForServiceAccount(\n serviceAccountId: string,\n jwk: JwkRsa\n): Promise<string | null> {\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: start`);\n const payload = createPayload(serviceAccountId);\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: payload:`);\n debugMessage(payload);\n const jwt = await createSignedJwtToken(payload, jwk);\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: jwt:`);\n debugMessage(jwt);\n const bodyFormData = `assertion=${jwt}&client_id=service-account&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&scope=${serviceAccountScopes}`;\n const response = await accessToken(bodyFormData);\n if ('access_token' in response.data) {\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: token:`);\n debugMessage(response.data.access_token);\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: end`);\n return response.data.access_token;\n }\n debugMessage(\n `AuthenticateOps.getAccessTokenForServiceAccount: No access token in response.`\n );\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: end`);\n return null;\n}\n\nasync function determineDeploymentTypeAndDefaultRealmAndVersion() {\n debugMessage(\n `AuthenticateOps.determineDeploymentTypeAndDefaultRealmAndVersion: start`\n );\n if (!state.getDeploymentType()) {\n state.setDeploymentType(await determineDeploymentType());\n }\n determineDefaultRealm(state.getDeploymentType());\n debugMessage(\n `AuthenticateOps.determineDeploymentTypeAndDefaultRealmAndVersion: realm=${state.getRealm()}, type=${state.getDeploymentType()}`\n );\n\n const versionInfo = await getServerVersionInfo();\n\n // https://github.com/rockcarver/frodo-cli/issues/109\n debugMessage(`Full version: ${versionInfo.fullVersion}`);\n\n const version = await getSemanticVersion(versionInfo);\n state.setAmVersion(version);\n debugMessage(\n `AuthenticateOps.determineDeploymentTypeAndDefaultRealmAndVersion: end`\n );\n}\n\nasync function getLoggedInSubject(): Promise<string> {\n let subjectString = `user ${state.getUsername()}`;\n if (state.getUseBearerTokenForAmApis()) {\n const name = (await getServiceAccount(state.getServiceAccountId())).name;\n subjectString = `service account ${name} [${state.getServiceAccountId()}]`;\n }\n return subjectString;\n}\n\n/**\n * Get tokens\n * @param {boolean} save true to save a connection profile upon successful authentication, false otherwise\n * @returns {Promise<boolean>} true if tokens were successfully obtained, false otherwise\n */\nexport async function getTokens(): Promise<boolean> {\n debugMessage(`AuthenticateOps.getTokens: start`);\n if (!state.getHost()) {\n printMessage(\n `No host specified and FRODO_HOST env variable not set!`,\n 'error'\n );\n return false;\n }\n try {\n // if username/password on cli are empty, try to read from connections.json\n if (\n state.getUsername() == null &&\n state.getPassword() == null &&\n !state.getServiceAccountId() &&\n !state.getServiceAccountJwk()\n ) {\n const conn = await getConnectionProfile();\n if (conn) {\n state.setHost(conn.tenant);\n state.setUsername(conn.username);\n state.setPassword(conn.password);\n state.setAuthenticationService(conn.authenticationService);\n state.setAuthenticationHeaderOverrides(\n conn.authenticationHeaderOverrides\n );\n state.setServiceAccountId(conn.svcacctId);\n state.setServiceAccountJwk(conn.svcacctJwk);\n } else {\n return false;\n }\n }\n // now that we have the full tenant URL we can lookup the cookie name\n state.setCookieName(await determineCookieName());\n\n // use service account to login?\n if (state.getServiceAccountId() && state.getServiceAccountJwk()) {\n debugMessage(\n `AuthenticateOps.getTokens: Authenticating with service account ${state.getServiceAccountId()}`\n );\n try {\n const token = await getAccessTokenForServiceAccount(\n state.getServiceAccountId(),\n state.getServiceAccountJwk()\n );\n state.setBearerToken(token);\n state.setUseBearerTokenForAmApis(true);\n await determineDeploymentTypeAndDefaultRealmAndVersion();\n } catch (saErr) {\n debugMessage(saErr.response?.data);\n throw new Error(\n `Service account login error: ${\n saErr.response?.data?.error_description ||\n saErr.response?.data?.message\n }`\n );\n }\n }\n // use user account to login\n else if (state.getUsername() && state.getPassword()) {\n debugMessage(\n `AuthenticateOps.getTokens: Authenticating with user account ${state.getUsername()}`\n );\n const token = await authenticate(\n state.getUsername(),\n state.getPassword()\n );\n if (token) state.setCookieValue(token);\n await determineDeploymentTypeAndDefaultRealmAndVersion();\n if (\n state.getCookieValue() &&\n !state.getBearerToken() &&\n (state.getDeploymentType() === globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY ||\n state.getDeploymentType() ===\n globalConfig.FORGEOPS_DEPLOYMENT_TYPE_KEY)\n ) {\n const accessToken = await getAccessTokenForUser();\n if (accessToken) state.setBearerToken(accessToken);\n }\n }\n // incomplete or no credentials\n else {\n printMessage(`Incomplete or no credentials!`, 'error');\n return false;\n }\n if (\n state.getCookieValue() ||\n (state.getUseBearerTokenForAmApis() && state.getBearerToken())\n ) {\n // https://github.com/rockcarver/frodo-cli/issues/102\n printMessage(\n `Connected to ${state.getHost()} [${\n state.getRealm() ? state.getRealm() : 'root'\n }] as ${await getLoggedInSubject()}`,\n 'info'\n );\n debugMessage(`AuthenticateOps.getTokens: end with tokens`);\n return true;\n }\n } catch (error) {\n // regular error\n printMessage(error.message, 'error');\n // axios error am api\n printMessage(error.response?.data?.message, 'error');\n // axios error am oauth2 api\n printMessage(error.response?.data?.error_description, 'error');\n // axios error data\n debugMessage(error.response?.data);\n // stack trace\n debugMessage(error.stack || new Error().stack);\n }\n debugMessage(`AuthenticateOps.getTokens: end without tokens`);\n return false;\n}\n"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAA8D;AAAA;AAAA;AAAA;AAAA;AAE9D,IAAMA,mBAAmB,GAAG,eAAe;AAC3C,IAAMC,mBAAmB,GAAG,sCAAsC;AAElE,IAAMC,cAAc,GAAG,uBAAuB;AAC9C,IAAMC,oBAAoB,GAAG,+BAA+B;AAE5D,IAAIC,aAAa,GAAG,gBAAgB;;AAEpC;AACA;AACA;AACA;AAHA,SAIeC,mBAAmB;EAAA;AAAA;AAclC;AACA;AACA;AACA;AACA;AAJA;EAAA,yCAdA,aAAqC;IACnC,IAAI;MACF,IAAMC,IAAI,SAAS,IAAAC,4BAAa,GAAE;MAClC,IAAAC,qBAAY,sDACmCF,IAAI,CAACG,UAAU,EAC7D;MACD,OAAOH,IAAI,CAACG,UAAU;IACxB,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd,IAAAC,qBAAY,uCAA+BD,KAAK,GAAI,OAAO,CAAC;MAC5D,IAAAF,qBAAY,EAACE,KAAK,CAACE,KAAK,CAAC;MACzB,OAAO,IAAI;IACb;EACF,CAAC;EAAA;AAAA;AAOD,SAASC,iBAAiB,CAACC,OAAO,EAAE;EAClC;EACA,IAAI,WAAW,IAAIA,OAAO,EAAE;IAC1B,KAAK,IAAMC,OAAO,IAAID,OAAO,CAACE,SAAS,EAAE;MACvC,IAAID,OAAO,CAACE,IAAI,KAAK,qBAAqB,EAAE;QAC1C,IAAIF,OAAO,CAACG,KAAK,CAAC,CAAC,CAAC,CAACC,KAAK,CAACC,QAAQ,CAAC,MAAM,CAAC,EAAE;UAC3C;UACAL,OAAO,CAACG,KAAK,CAAC,CAAC,CAAC,CAACC,KAAK,GAAG,MAAM;UAC/B,OAAO;YACLE,OAAO,EAAE,IAAI;YACbP;UACF,CAAC;QACH;MACF;MACA,IAAIC,OAAO,CAACE,IAAI,KAAK,cAAc,EAAE;QACnC,IAAIF,OAAO,CAACO,MAAM,CAAC,CAAC,CAAC,CAACH,KAAK,CAACC,QAAQ,CAAC,MAAM,CAAC,EAAE;UAC5C;UACA,IAAAT,qBAAY,EAAC,8CAA8C,CAAC;UAC5D,IAAMY,IAAI,GAAGC,qBAAY,CAACC,QAAQ,WAAIV,OAAO,CAACO,MAAM,CAAC,CAAC,CAAC,CAACH,KAAK,QAAK;UAClEJ,OAAO,CAACG,KAAK,CAAC,CAAC,CAAC,CAACC,KAAK,GAAGI,IAAI;UAC7B,OAAO;YACLF,OAAO,EAAE,IAAI;YACbP;UACF,CAAC;QACH;MACF;IACF;IACA;IACA,OAAO;MACLO,OAAO,EAAE,KAAK;MACdP;IACF,CAAC;EACH;EACA;EACA,OAAO;IACLO,OAAO,EAAE,KAAK;IACdP;EACF,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA,SAASY,qBAAqB,CAACC,cAAsB,EAAE;EACrD,IACE,CAACC,KAAK,CAACC,QAAQ,EAAE,IACjBD,KAAK,CAACC,QAAQ,EAAE,KAAKC,YAAY,CAACC,iBAAiB,EACnD;IACAH,KAAK,CAACI,QAAQ,CAACF,YAAY,CAACG,yBAAyB,CAACN,cAAc,CAAC,CAAC;EACxE;AACF;;AAEA;AACA;AACA;AACA;AAHA,SAIeO,uBAAuB;EAAA;AAAA;AAgEtC;AACA;AACA;AACA;AACA;AAJA;EAAA,6CAhEA,aAA0D;IACxD,IAAMC,WAAW,GAAGP,KAAK,CAACQ,cAAc,EAAE;IAC1C;IACA;IACA;IACA;IACA;IACA;IACA;;IAEA;IACA,IAAIR,KAAK,CAACS,0BAA0B,EAAE,EACpC,OAAOP,YAAY,CAACQ,yBAAyB;IAE/C,IAAMC,YAAY,GAAG,gBAAgB;IACrC,IAAMC,gBAAgB,GAAG,cAAc;IAEvC,IAAMC,QAAQ,GAAG,IAAAC,qBAAe,EAAC,IAAAC,mBAAW,EAAC,EAAE,CAAC,CAAC;IACjD,IAAMC,SAAS,GAAG,IAAAF,qBAAe,EAC/B,IAAAG,kBAAU,EAAC,QAAQ,CAAC,CAACC,MAAM,CAACL,QAAQ,CAAC,CAACM,MAAM,EAAE,CAC/C;IACD,IAAMC,eAAe,GAAG,MAAM;IAC9B,IAAMC,WAAW,GAAGC,YAAG,CAACC,OAAO,CAACvB,KAAK,CAACwB,OAAO,EAAE,EAAEnD,mBAAmB,CAAC;IAErE,IAAMoD,MAAM,GAAG;MACbC,YAAY,EAAE,CAAC;MACfC,OAAO,EAAE;QACP,CAAC3B,KAAK,CAAC4B,aAAa,EAAE,GAAG5B,KAAK,CAACQ,cAAc;MAC/C;IACF,CAAC;IACD,IAAIqB,YAAY,0BAAmBR,WAAW,oBAAU/C,cAAc,2CAAiCqC,YAAY,mBAASJ,WAAW,4CAAkCS,SAAS,oCAA0BI,eAAe,CAAE;IAE7N,IAAIrB,cAAc,GAAGG,YAAY,CAAC4B,2BAA2B;IAC7D,IAAI;MACF,MAAM,IAAAC,wBAAS,EAACF,YAAY,EAAEJ,MAAM,CAAC;IACvC,CAAC,CAAC,OAAOO,CAAC,EAAE;MAAA;MACV;MACA,IACE,gBAAAA,CAAC,CAACC,QAAQ,gDAAV,YAAYC,MAAM,MAAK,GAAG,IAC1B,wBAAAF,CAAC,CAACC,QAAQ,CAACN,OAAO,iFAAlB,oBAAoBQ,QAAQ,0DAA5B,sBAA8BC,OAAO,CAAC,OAAO,CAAC,IAAG,CAAC,CAAC,EACnD;QACA,IAAAC,uBAAc,EAAC,2BAA2B,YAAY,CAAC,eAAe,CAAC;QACvEtC,cAAc,GAAGG,YAAY,CAACQ,yBAAyB;MACzD,CAAC,MAAM;QACL,IAAI;UACFmB,YAAY,0BAAmBR,WAAW,oBAAU/C,cAAc,2CAAiCsC,gBAAgB,mBAASZ,KAAK,CAACQ,cAAc,EAAE,4CAAkCQ,SAAS,oCAA0BI,eAAe,CAAE;UACxO,MAAM,IAAAW,wBAAS,EAACF,YAAY,EAAEJ,MAAM,CAAC;QACvC,CAAC,CAAC,OAAOa,EAAE,EAAE;UAAA;UACX,IACE,iBAAAA,EAAE,CAACL,QAAQ,iDAAX,aAAaC,MAAM,MAAK,GAAG,IAC3B,yBAAAI,EAAE,CAACL,QAAQ,CAACN,OAAO,kFAAnB,qBAAqBQ,QAAQ,0DAA7B,sBAA+BC,OAAO,CAAC,OAAO,CAAC,IAAG,CAAC,CAAC,EACpD;YACA5D,aAAa,GAAGoC,gBAAgB;YAChC,IAAAyB,uBAAc,EAAC,sBAAsB,YAAY,CAAC,eAAe,CAAC;YAClEtC,cAAc,GAAGG,YAAY,CAACqC,4BAA4B;UAC5D,CAAC,MAAM;YACL,IAAAF,uBAAc,EAAC,qBAAqB,YAAY,CAAC,eAAe,CAAC;UACnE;QACF;MACF;IACF;IACA,OAAOtC,cAAc;EACvB,CAAC;EAAA;AAAA;AAAA,SAOcyC,kBAAkB;EAAA;AAAA;AAUjC;AACA;AACA;AACA;AAHA;EAAA,wCAVA,WAAkCC,WAAW,EAAE;IAC7C,IAAI,SAAS,IAAIA,WAAW,EAAE;MAC5B,IAAMC,aAAa,GAAGD,WAAW,CAACE,OAAO;MACzC,IAAMC,EAAE,GAAG,8BAA8B;MACzC,IAAMD,OAAO,GAAGD,aAAa,CAACG,KAAK,CAACD,EAAE,CAAC;MACvC,OAAOD,OAAO,CAAC,CAAC,CAAC;IACnB;IACA,MAAM,IAAIG,KAAK,CAAC,2DAA2D,CAAC;EAC9E,CAAC;EAAA;AAAA;AAAA,SAMcC,YAAY;EAAA;AAAA;AAwB3B;AACA;AACA;AACA;AACA;AACA;AACA;AANA;EAAA,kCAxBA,WACEC,QAAgB,EAChBC,QAAgB,EACC;IACjB,IAAMxB,MAAM,GAAG;MACbE,OAAO,EAAE;QACP,mBAAmB,EAAEqB,QAAQ;QAC7B,mBAAmB,EAAEC;MACvB;IACF,CAAC;IACD,IAAMC,SAAS,SAAS,IAAAC,qBAAI,EAAC,CAAC,CAAC,EAAE1B,MAAM,CAAC;IACxC,IAAM2B,OAAO,GAAGnE,iBAAiB,CAACiE,SAAS,CAAC;IAC5C,IAAIG,SAAS,GAAG,CAAC,CAAC;IAClB,IAAID,OAAO,CAAC3D,OAAO,EAAE;MACnB4D,SAAS,SAAS,IAAAF,qBAAI,EAACC,OAAO,CAAClE,OAAO,CAAC;IACzC,CAAC,MAAM;MACLmE,SAAS,GAAGD,OAAO,CAAClE,OAAO;IAC7B;IACA,IAAI,SAAS,IAAImE,SAAS,EAAE;MAC1B,OAAOA,SAAS,CAAC,SAAS,CAAC;IAC7B;IACA,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAAA,SAScC,WAAW;EAAA;AAAA;AAsC1B;AACA;AACA;AACA;AAHA;EAAA,iCAtCA,WAA2BjC,WAAW,EAAEkC,aAAa,EAAEC,mBAAmB,EAAE;IAC1E,IAAI;MAAA;MACF,IAAM3B,YAAY,0BAAmBR,WAAW,oBAAU/C,cAAc,2CAAiCE,aAAa,mBAASwB,KAAK,CAACQ,cAAc,EAAE,4CAAkC+C,aAAa,oCAA0BC,mBAAmB,CAAE;MACnP,IAAM/B,MAAM,GAAG;QACbE,OAAO,EAAE;UACP,cAAc,EAAE;QAClB,CAAC;QACDD,YAAY,EAAE;MAChB,CAAC;MACD,IAAIO,QAAQ,GAAGwB,SAAS;MACxB,IAAI;QACFxB,QAAQ,SAAS,IAAAF,wBAAS,EAACF,YAAY,EAAEJ,MAAM,CAAC;MAClD,CAAC,CAAC,OAAO3C,KAAK,EAAE;QACdmD,QAAQ,GAAGnD,KAAK,CAACmD,QAAQ;MAC3B;MACA,IAAIA,QAAQ,CAACC,MAAM,GAAG,GAAG,IAAID,QAAQ,CAACC,MAAM,GAAG,GAAG,EAAE;QAClD,IAAAnD,qBAAY,EAAC,yBAAyB,EAAE,OAAO,CAAC;QAChD,IAAAA,qBAAY,EACV,8DAA8D,EAC9D,OAAO,CACR;QACD,OAAO,IAAI;MACb;MACA,IAAM2E,mBAAmB,wBAAGzB,QAAQ,CAACN,OAAO,sDAAhB,kBAAkBQ,QAAQ;MACtD,IAAMwB,WAAW,GAAGrC,YAAG,CAACsC,KAAK,CAACF,mBAAmB,EAAE,IAAI,CAAC,CAACG,KAAK;MAC9D,IAAI,MAAM,IAAIF,WAAW,EAAE;QACzB,OAAOA,WAAW,CAAChE,IAAI;MACzB;MACA,IAAAZ,qBAAY,EAAC,qBAAqB,EAAE,OAAO,CAAC;MAC5C,OAAO,IAAI;IACb,CAAC,CAAC,OAAOD,KAAK,EAAE;MAAA;MACd,IAAAC,qBAAY,sCAA8BD,KAAK,CAACgF,OAAO,GAAI,OAAO,CAAC;MACnE,IAAA/E,qBAAY,qBAACD,KAAK,CAACmD,QAAQ,oDAAd,gBAAgBvD,IAAI,EAAE,OAAO,CAAC;MAC3C,IAAAE,qBAAY,EAACE,KAAK,CAACE,KAAK,CAAC;MACzB,OAAO,IAAI;IACb;EACF,CAAC;EAAA;AAAA;AAAA,SAMc+E,qBAAqB;EAAA;AAAA;AAAA;EAAA,2CAApC,aAA+D;IAC7D,IAAAnF,qBAAY,iDAAgD;IAC5D,IAAI;MACF,IAAMiC,QAAQ,GAAG,IAAAC,qBAAe,EAAC,IAAAC,mBAAW,EAAC,EAAE,CAAC,CAAC;MACjD,IAAMC,SAAS,GAAG,IAAAF,qBAAe,EAC/B,IAAAG,kBAAU,EAAC,QAAQ,CAAC,CAACC,MAAM,CAACL,QAAQ,CAAC,CAACM,MAAM,EAAE,CAC/C;MACD,IAAMC,eAAe,GAAG,MAAM;MAC9B,IAAMC,WAAW,GAAGC,YAAG,CAACC,OAAO,CAACvB,KAAK,CAACwB,OAAO,EAAE,EAAEnD,mBAAmB,CAAC;MACrE,IAAM2F,QAAQ,SAASV,WAAW,CAACjC,WAAW,EAAEL,SAAS,EAAEI,eAAe,CAAC;MAC3E,IAAI4C,QAAQ,IAAI,IAAI,EAAE;QACpB,IAAAjF,qBAAY,EAAC,yBAAyB,EAAE,OAAO,CAAC;QAChD,OAAO,IAAI;MACb;MACA,IAAIkD,QAAQ,GAAG,IAAI;MACnB,IAAIjC,KAAK,CAACiE,iBAAiB,EAAE,KAAK/D,YAAY,CAACQ,yBAAyB,EAAE;QACxE,IAAMe,MAAM,GAAG;UACbyC,IAAI,EAAE;YACJlB,QAAQ,EAAExE,aAAa;YACvByE,QAAQ,EAAE7E;UACZ;QACF,CAAC;QACD,IAAMyD,YAAY,0BAAmBR,WAAW,iDAAuC2C,QAAQ,4BAAkBnD,QAAQ,CAAE;QAC3HoB,QAAQ,SAAS,IAAAkC,0BAAW,EAACtC,YAAY,EAAEJ,MAAM,CAAC;MACpD,CAAC,MAAM;QACL,IAAMI,aAAY,uBAAgBrD,aAAa,2BAAiB6C,WAAW,iDAAuC2C,QAAQ,4BAAkBnD,QAAQ,CAAE;QACtJoB,QAAQ,SAAS,IAAAkC,0BAAW,EAACtC,aAAY,CAAC;MAC5C;MACA,IAAI,cAAc,IAAII,QAAQ,CAACvD,IAAI,EAAE;QACnC,IAAAE,qBAAY,0DAAyD;QACrE,OAAOqD,QAAQ,CAACvD,IAAI,CAAC0F,YAAY;MACnC;MACA,IAAArF,qBAAY,EAAC,8BAA8B,EAAE,OAAO,CAAC;IACvD,CAAC,CAAC,OAAOD,KAAK,EAAE;MAAA;MACd,IAAAF,qBAAY,iDAAyCE,KAAK,EAAG;MAC7D,IAAAF,qBAAY,sBAACE,KAAK,CAACmD,QAAQ,qDAAd,iBAAgBvD,IAAI,CAAC;IACpC;IACA,IAAAE,qBAAY,6DAA4D;IACxE,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAED,SAASyF,aAAa,CAACC,gBAAwB,EAAE;EAC/C,IAAMC,CAAC,GAAG,IAAAC,kBAAQ,EAACxE,KAAK,CAACwB,OAAO,EAAE,CAAC;EACnC,IAAMiD,GAAG,aAAMF,CAAC,CAACG,MAAM,cACrBH,CAAC,CAACI,IAAI,GAAGJ,CAAC,CAACI,IAAI,GAAGJ,CAAC,CAACK,QAAQ,KAAK,OAAO,GAAG,KAAK,GAAG,IAAI,SACtDL,CAAC,CAACM,QAAQ,yBAAsB;;EAEnC;EACA,IAAMC,GAAG,GAAGC,IAAI,CAACC,KAAK,CAAC,IAAIC,IAAI,EAAE,CAACC,OAAO,EAAE,GAAG,IAAI,GAAG,GAAG,CAAC;;EAEzD;EACA,IAAMC,GAAG,GAAG,IAAAC,QAAE,GAAE;EAEhB,IAAMC,GAAG,GAAGf,gBAAgB;EAC5B,IAAMgB,GAAG,GAAGhB,gBAAgB;;EAE5B;EACA,IAAMpF,OAAO,GAAG;IAAEmG,GAAG;IAAEC,GAAG;IAAEb,GAAG;IAAEK,GAAG;IAAEK;EAAI,CAAC;EAE3C,OAAOjG,OAAO;AAChB;;AAEA;AACA;AACA;AACA;AACA;AACA;AALA,SAMsBqG,+BAA+B;EAAA;AAAA;AAAA;EAAA,qDAA9C,WACLjB,gBAAwB,EACxBkB,GAAW,EACa;IACxB,IAAA5G,qBAAY,2DAA0D;IACtE,IAAMM,OAAO,GAAGmF,aAAa,CAACC,gBAAgB,CAAC;IAC/C,IAAA1F,qBAAY,8DAA6D;IACzE,IAAAA,qBAAY,EAACM,OAAO,CAAC;IACrB,IAAMuG,GAAG,SAAS,IAAAC,6BAAoB,EAACxG,OAAO,EAAEsG,GAAG,CAAC;IACpD,IAAA5G,qBAAY,0DAAyD;IACrE,IAAAA,qBAAY,EAAC6G,GAAG,CAAC;IACjB,IAAM5D,YAAY,uBAAgB4D,GAAG,qGAA2FlH,oBAAoB,CAAE;IACtJ,IAAM0D,QAAQ,SAAS,IAAAkC,0BAAW,EAACtC,YAAY,CAAC;IAChD,IAAI,cAAc,IAAII,QAAQ,CAACvD,IAAI,EAAE;MACnC,IAAAE,qBAAY,4DAA2D;MACvE,IAAAA,qBAAY,EAACqD,QAAQ,CAACvD,IAAI,CAAC0F,YAAY,CAAC;MACxC,IAAAxF,qBAAY,yDAAwD;MACpE,OAAOqD,QAAQ,CAACvD,IAAI,CAAC0F,YAAY;IACnC;IACA,IAAAxF,qBAAY,kFAEX;IACD,IAAAA,qBAAY,yDAAwD;IACpE,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAAA,SAEc+G,gDAAgD;EAAA;AAAA;AAAA;EAAA,sEAA/D,aAAkE;IAChE,IAAA/G,qBAAY,4EAEX;IACD,IAAI,CAACoB,KAAK,CAACiE,iBAAiB,EAAE,EAAE;MAC9BjE,KAAK,CAAC4F,iBAAiB,OAAOtF,uBAAuB,EAAE,CAAC;IAC1D;IACAR,qBAAqB,CAACE,KAAK,CAACiE,iBAAiB,EAAE,CAAC;IAChD,IAAArF,qBAAY,oFACiEoB,KAAK,CAACC,QAAQ,EAAE,oBAAUD,KAAK,CAACiE,iBAAiB,EAAE,EAC/H;IAED,IAAMxB,WAAW,SAAS,IAAAoD,mCAAoB,GAAE;;IAEhD;IACA,IAAAjH,qBAAY,0BAAkB6D,WAAW,CAACqD,WAAW,EAAG;IAExD,IAAMnD,OAAO,SAASH,kBAAkB,CAACC,WAAW,CAAC;IACrDzC,KAAK,CAAC+F,YAAY,CAACpD,OAAO,CAAC;IAC3B,IAAA/D,qBAAY,0EAEX;EACH,CAAC;EAAA;AAAA;AAAA,SAEcoH,kBAAkB;EAAA;AAAA;AASjC;AACA;AACA;AACA;AACA;AAJA;EAAA,wCATA,aAAqD;IACnD,IAAIC,aAAa,kBAAWjG,KAAK,CAACkG,WAAW,EAAE,CAAE;IACjD,IAAIlG,KAAK,CAACS,0BAA0B,EAAE,EAAE;MACtC,IAAM0F,IAAI,GAAG,OAAO,IAAAC,oCAAiB,EAACpG,KAAK,CAACqG,mBAAmB,EAAE,CAAC,EAAEF,IAAI;MACxEF,aAAa,6BAAsBE,IAAI,eAAKnG,KAAK,CAACqG,mBAAmB,EAAE,MAAG;IAC5E;IACA,OAAOJ,aAAa;EACtB,CAAC;EAAA;AAAA;AAAA,SAOqBK,SAAS;EAAA;AAAA;AAAA;EAAA,+BAAxB,aAA6C;IAClD,IAAA1H,qBAAY,qCAAoC;IAChD,IAAI,CAACoB,KAAK,CAACwB,OAAO,EAAE,EAAE;MACpB,IAAAzC,qBAAY,4DAEV,OAAO,CACR;MACD,OAAO,KAAK;IACd;IACA,IAAI;MACF;MACA,IACEiB,KAAK,CAACkG,WAAW,EAAE,IAAI,IAAI,IAC3BlG,KAAK,CAACuG,WAAW,EAAE,IAAI,IAAI,IAC3B,CAACvG,KAAK,CAACqG,mBAAmB,EAAE,IAC5B,CAACrG,KAAK,CAACwG,oBAAoB,EAAE,EAC7B;QACA,IAAMC,IAAI,SAAS,IAAAC,0CAAoB,GAAE;QACzC,IAAID,IAAI,EAAE;UACRzG,KAAK,CAAC2G,OAAO,CAACF,IAAI,CAACG,MAAM,CAAC;UAC1B5G,KAAK,CAAC6G,WAAW,CAACJ,IAAI,CAACzD,QAAQ,CAAC;UAChChD,KAAK,CAAC8G,WAAW,CAACL,IAAI,CAACxD,QAAQ,CAAC;UAChCjD,KAAK,CAAC+G,wBAAwB,CAACN,IAAI,CAACO,qBAAqB,CAAC;UAC1DhH,KAAK,CAACiH,gCAAgC,CACpCR,IAAI,CAACS,6BAA6B,CACnC;UACDlH,KAAK,CAACmH,mBAAmB,CAACV,IAAI,CAACW,SAAS,CAAC;UACzCpH,KAAK,CAACqH,oBAAoB,CAACZ,IAAI,CAACa,UAAU,CAAC;QAC7C,CAAC,MAAM;UACL,OAAO,KAAK;QACd;MACF;MACA;MACAtH,KAAK,CAACuH,aAAa,OAAO9I,mBAAmB,EAAE,CAAC;;MAEhD;MACA,IAAIuB,KAAK,CAACqG,mBAAmB,EAAE,IAAIrG,KAAK,CAACwG,oBAAoB,EAAE,EAAE;QAC/D,IAAA5H,qBAAY,2EACwDoB,KAAK,CAACqG,mBAAmB,EAAE,EAC9F;QACD,IAAI;UACF,IAAMmB,KAAK,SAASjC,+BAA+B,CACjDvF,KAAK,CAACqG,mBAAmB,EAAE,EAC3BrG,KAAK,CAACwG,oBAAoB,EAAE,CAC7B;UACDxG,KAAK,CAACyH,cAAc,CAACD,KAAK,CAAC;UAC3BxH,KAAK,CAAC0H,0BAA0B,CAAC,IAAI,CAAC;UACtC,MAAM/B,gDAAgD,EAAE;QAC1D,CAAC,CAAC,OAAOgC,KAAK,EAAE;UAAA;UACd,IAAA/I,qBAAY,qBAAC+I,KAAK,CAAC1F,QAAQ,oDAAd,gBAAgBvD,IAAI,CAAC;UAClC,MAAM,IAAIoE,KAAK,wCAEX,qBAAA6E,KAAK,CAAC1F,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBkJ,iBAAiB,0BACvCD,KAAK,CAAC1F,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBoF,OAAO,GAEhC;QACH;MACF;MACA;MAAA,KACK,IAAI9D,KAAK,CAACkG,WAAW,EAAE,IAAIlG,KAAK,CAACuG,WAAW,EAAE,EAAE;QACnD,IAAA3H,qBAAY,wEACqDoB,KAAK,CAACkG,WAAW,EAAE,EACnF;QACD,IAAMsB,MAAK,SAASzE,YAAY,CAC9B/C,KAAK,CAACkG,WAAW,EAAE,EACnBlG,KAAK,CAACuG,WAAW,EAAE,CACpB;QACD,IAAIiB,MAAK,EAAExH,KAAK,CAAC6H,cAAc,CAACL,MAAK,CAAC;QACtC,MAAM7B,gDAAgD,EAAE;QACxD,IACE3F,KAAK,CAACQ,cAAc,EAAE,IACtB,CAACR,KAAK,CAAC8H,cAAc,EAAE,KACtB9H,KAAK,CAACiE,iBAAiB,EAAE,KAAK/D,YAAY,CAACQ,yBAAyB,IACnEV,KAAK,CAACiE,iBAAiB,EAAE,KACvB/D,YAAY,CAACqC,4BAA4B,CAAC,EAC9C;UACA,IAAM4B,YAAW,SAASJ,qBAAqB,EAAE;UACjD,IAAII,YAAW,EAAEnE,KAAK,CAACyH,cAAc,CAACtD,YAAW,CAAC;QACpD;MACF;MACA;MAAA,KACK;QACH,IAAApF,qBAAY,mCAAkC,OAAO,CAAC;QACtD,OAAO,KAAK;MACd;MACA,IACEiB,KAAK,CAACQ,cAAc,EAAE,IACrBR,KAAK,CAACS,0BAA0B,EAAE,IAAIT,KAAK,CAAC8H,cAAc,EAAG,EAC9D;QACA;QACA,IAAA/I,qBAAY,yBACMiB,KAAK,CAACwB,OAAO,EAAE,eAC7BxB,KAAK,CAACC,QAAQ,EAAE,GAAGD,KAAK,CAACC,QAAQ,EAAE,GAAG,MAAM,wBAChC+F,kBAAkB,EAAE,GAClC,MAAM,CACP;QACD,IAAApH,qBAAY,+CAA8C;QAC1D,OAAO,IAAI;MACb;IACF,CAAC,CAAC,OAAOE,KAAK,EAAE;MAAA;MACd;MACA,IAAAC,qBAAY,EAACD,KAAK,CAACgF,OAAO,EAAE,OAAO,CAAC;MACpC;MACA,IAAA/E,qBAAY,sBAACD,KAAK,CAACmD,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBoF,OAAO,EAAE,OAAO,CAAC;MACpD;MACA,IAAA/E,qBAAY,sBAACD,KAAK,CAACmD,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBkJ,iBAAiB,EAAE,OAAO,CAAC;MAC9D;MACA,IAAAhJ,qBAAY,sBAACE,KAAK,CAACmD,QAAQ,qDAAd,iBAAgBvD,IAAI,CAAC;MAClC;MACA,IAAAE,qBAAY,EAACE,KAAK,CAACE,KAAK,IAAI,IAAI8D,KAAK,EAAE,CAAC9D,KAAK,CAAC;IAChD;IACA,IAAAJ,qBAAY,kDAAiD;IAC7D,OAAO,KAAK;EACd,CAAC;EAAA;AAAA"}
|
|
1
|
+
{"version":3,"file":"AuthenticateOps.js","names":["adminClientPassword","redirectUrlTemplate","idmAdminScopes","serviceAccountScopes","adminClientId","determineCookieName","data","getServerInfo","debugMessage","cookieName","error","printMessage","stack","checkAndHandle2FA","payload","element","callbacks","type","input","value","includes","need2fa","output","code","readlineSync","question","determineDefaultRealm","deploymentType","state","getRealm","globalConfig","DEFAULT_REALM_KEY","setRealm","DEPLOYMENT_TYPE_REALM_MAP","determineDeploymentType","cookieValue","getCookieValue","getUseBearerTokenForAmApis","CLOUD_DEPLOYMENT_TYPE_KEY","fidcClientId","forgeopsClientId","verifier","encodeBase64Url","randomBytes","challenge","createHash","update","digest","challengeMethod","redirectURL","url","resolve","getHost","config","maxRedirects","headers","getCookieName","bodyFormData","CLASSIC_DEPLOYMENT_TYPE_KEY","authorize","e","response","status","location","indexOf","verboseMessage","ex","FORGEOPS_DEPLOYMENT_TYPE_KEY","getSemanticVersion","versionInfo","versionString","version","rx","match","Error","authenticate","username","password","response1","step","skip2FA","response2","getAuthCode","codeChallenge","codeChallengeMethod","undefined","redirectLocationURL","queryObject","parse","query","message","getAccessTokenForUser","authCode","getDeploymentType","auth","accessToken","access_token","createPayload","serviceAccountId","u","parseUrl","aud","origin","port","protocol","pathname","exp","Math","floor","Date","getTime","jti","v4","iss","sub","getAccessTokenForServiceAccount","jwk","jwt","createSignedJwtToken","determineDeploymentTypeAndDefaultRealmAndVersion","setDeploymentType","getServerVersionInfo","fullVersion","setAmVersion","getLoggedInSubject","subjectString","getUsername","name","getServiceAccount","getServiceAccountId","getTokens","forceLoginAsUser","getPassword","getServiceAccountJwk","conn","getConnectionProfile","setHost","tenant","setUsername","setPassword","setAuthenticationService","authenticationService","setAuthenticationHeaderOverrides","authenticationHeaderOverrides","setServiceAccountId","svcacctId","setServiceAccountJwk","svcacctJwk","setCookieName","token","setBearerToken","setUseBearerTokenForAmApis","saErr","error_description","setCookieValue","getBearerToken"],"sources":["ops/AuthenticateOps.ts"],"sourcesContent":["import url from 'url';\nimport { createHash, randomBytes } from 'crypto';\nimport readlineSync from 'readline-sync';\nimport { encodeBase64Url } from '../api/utils/Base64';\nimport * as state from '../shared/State';\nimport * as globalConfig from '../storage/StaticStorage';\nimport { debugMessage, printMessage, verboseMessage } from './utils/Console';\nimport { getServerInfo, getServerVersionInfo } from '../api/ServerInfoApi';\nimport { step } from '../api/AuthenticateApi';\nimport { accessToken, authorize } from '../api/OAuth2OIDCApi';\nimport { getConnectionProfile } from './ConnectionProfileOps';\nimport { v4 } from 'uuid';\nimport { parseUrl } from '../api/utils/ApiUtils';\nimport { JwkRsa, createSignedJwtToken } from './JoseOps';\nimport { getServiceAccount } from './cloud/ServiceAccountOps';\n\nconst adminClientPassword = 'doesnotmatter';\nconst redirectUrlTemplate = '/platform/appAuthHelperRedirect.html';\n\nconst idmAdminScopes = 'openid fr:idm:* fr:idc:esv:*';\nconst serviceAccountScopes = 'fr:am:* fr:idm:* fr:idc:esv:*';\n\nlet adminClientId = 'idmAdminClient';\n\n/**\n * Helper function to get cookie name\n * @returns {String} cookie name\n */\nasync function determineCookieName() {\n try {\n const data = await getServerInfo();\n debugMessage(\n `AuthenticateOps.getCookieName: cookieName=${data.cookieName}`\n );\n return data.cookieName;\n } catch (error) {\n printMessage(`Error getting cookie name: ${error}`, 'error');\n debugMessage(error.stack);\n return null;\n }\n}\n\n/**\n * Helper function to determine if this is a setup mfa prompt in the ID Cloud tenant admin login journey\n * @param {Object} payload response from the previous authentication journey step\n * @returns {Object} an object indicating if 2fa is required and the original payload\n */\nfunction checkAndHandle2FA(payload) {\n // let skippable = false;\n if ('callbacks' in payload) {\n for (const element of payload.callbacks) {\n if (element.type === 'HiddenValueCallback') {\n if (element.input[0].value.includes('skip')) {\n // skippable = true;\n element.input[0].value = 'Skip';\n return {\n need2fa: true,\n payload,\n };\n }\n }\n if (element.type === 'NameCallback') {\n if (element.output[0].value.includes('code')) {\n // skippable = false;\n printMessage('2FA is enabled and required for this user...');\n const code = readlineSync.question(`${element.output[0].value}: `);\n element.input[0].value = code;\n return {\n need2fa: true,\n payload,\n };\n }\n }\n }\n // console.info(\"NO2FA\");\n return {\n need2fa: false,\n payload,\n };\n }\n // console.info(\"NO2FA\");\n return {\n need2fa: false,\n payload,\n };\n}\n\n/**\n * Helper function to set the default realm by deployment type\n * @param {string} deploymentType deployment type\n */\nfunction determineDefaultRealm(deploymentType: string) {\n if (\n !state.getRealm() ||\n state.getRealm() === globalConfig.DEFAULT_REALM_KEY\n ) {\n state.setRealm(globalConfig.DEPLOYMENT_TYPE_REALM_MAP[deploymentType]);\n }\n}\n\n/**\n * Helper function to determine the deployment type\n * @returns {Promise<string>} deployment type\n */\nasync function determineDeploymentType(): Promise<string> {\n const cookieValue = state.getCookieValue();\n // https://bugster.forgerock.org/jira/browse/FRAAS-13018\n // There is a chance that this will be blocked due to security concerns and thus is probably best not to keep active\n // if (!cookieValue && getUseBearerTokenForAmApis()) {\n // const token = await getTokenInfo();\n // cookieValue = token.sessionToken;\n // setCookieValue(cookieValue);\n // }\n\n // if we are using a service account, we know it's cloud\n if (state.getUseBearerTokenForAmApis())\n return globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY;\n\n const fidcClientId = 'idmAdminClient';\n const forgeopsClientId = 'idm-admin-ui';\n\n const verifier = encodeBase64Url(randomBytes(32));\n const challenge = encodeBase64Url(\n createHash('sha256').update(verifier).digest()\n );\n const challengeMethod = 'S256';\n const redirectURL = url.resolve(state.getHost(), redirectUrlTemplate);\n\n const config = {\n maxRedirects: 0,\n headers: {\n [state.getCookieName()]: state.getCookieValue(),\n },\n };\n let bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScopes}&response_type=code&client_id=${fidcClientId}&csrf=${cookieValue}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n\n let deploymentType = globalConfig.CLASSIC_DEPLOYMENT_TYPE_KEY;\n try {\n await authorize(bodyFormData, config);\n } catch (e) {\n // debugMessage(e.response);\n if (\n e.response?.status === 302 &&\n e.response.headers?.location?.indexOf('code=') > -1\n ) {\n verboseMessage(`ForgeRock Identity Cloud`['brightCyan'] + ` detected.`);\n deploymentType = globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY;\n } else {\n try {\n bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScopes}&response_type=code&client_id=${forgeopsClientId}&csrf=${state.getCookieValue()}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n await authorize(bodyFormData, config);\n } catch (ex) {\n if (\n ex.response?.status === 302 &&\n ex.response.headers?.location?.indexOf('code=') > -1\n ) {\n adminClientId = forgeopsClientId;\n verboseMessage(`ForgeOps deployment`['brightCyan'] + ` detected.`);\n deploymentType = globalConfig.FORGEOPS_DEPLOYMENT_TYPE_KEY;\n } else {\n verboseMessage(`Classic deployment`['brightCyan'] + ` detected.`);\n }\n }\n }\n }\n return deploymentType;\n}\n\n/**\n * Helper function to extract the semantic version string from a version info object\n * @param {Object} versionInfo version info object\n * @returns {String} semantic version\n */\nasync function getSemanticVersion(versionInfo) {\n if ('version' in versionInfo) {\n const versionString = versionInfo.version;\n const rx = /([\\d]\\.[\\d]\\.[\\d](\\.[\\d])*)/g;\n const version = versionString.match(rx);\n return version[0];\n }\n throw new Error('Cannot extract semantic version from version info object.');\n}\n\n/**\n * Helper function to authenticate and obtain and store session cookie\n * @returns {string} Session token or null\n */\nasync function authenticate(\n username: string,\n password: string\n): Promise<string> {\n const config = {\n headers: {\n 'X-OpenAM-Username': username,\n 'X-OpenAM-Password': password,\n },\n };\n const response1 = await step({}, config);\n const skip2FA = checkAndHandle2FA(response1);\n let response2 = {};\n if (skip2FA.need2fa) {\n response2 = await step(skip2FA.payload);\n } else {\n response2 = skip2FA.payload;\n }\n if ('tokenId' in response2) {\n return response2['tokenId'] as string;\n }\n return null;\n}\n\n/**\n * Helper function to obtain an oauth2 authorization code\n * @param {string} redirectURL oauth2 redirect uri\n * @param {string} codeChallenge PKCE code challenge\n * @param {string} codeChallengeMethod PKCE code challenge method\n * @returns {string} oauth2 authorization code or null\n */\nasync function getAuthCode(redirectURL, codeChallenge, codeChallengeMethod) {\n try {\n const bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScopes}&response_type=code&client_id=${adminClientId}&csrf=${state.getCookieValue()}&decision=allow&code_challenge=${codeChallenge}&code_challenge_method=${codeChallengeMethod}`;\n const config = {\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n },\n maxRedirects: 0,\n };\n let response = undefined;\n try {\n response = await authorize(bodyFormData, config);\n } catch (error) {\n response = error.response;\n }\n if (response.status < 200 || response.status > 399) {\n printMessage('error getting auth code', 'error');\n printMessage(\n 'likely cause: mismatched parameters with OAuth client config',\n 'error'\n );\n return null;\n }\n const redirectLocationURL = response.headers?.location;\n const queryObject = url.parse(redirectLocationURL, true).query;\n if ('code' in queryObject) {\n return queryObject.code;\n }\n printMessage('auth code not found', 'error');\n return null;\n } catch (error) {\n printMessage(`error getting auth code - ${error.message}`, 'error');\n printMessage(error.response?.data, 'error');\n debugMessage(error.stack);\n return null;\n }\n}\n\n/**\n * Helper function to obtain oauth2 access token\n * @returns {Promise<string | null>} access token or null\n */\nasync function getAccessTokenForUser(): Promise<string | null> {\n debugMessage(`AuthenticateOps.getAccessTokenForUser: start`);\n try {\n const verifier = encodeBase64Url(randomBytes(32));\n const challenge = encodeBase64Url(\n createHash('sha256').update(verifier).digest()\n );\n const challengeMethod = 'S256';\n const redirectURL = url.resolve(state.getHost(), redirectUrlTemplate);\n const authCode = await getAuthCode(redirectURL, challenge, challengeMethod);\n if (authCode == null) {\n printMessage('error getting auth code', 'error');\n return null;\n }\n let response = null;\n if (state.getDeploymentType() === globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY) {\n const config = {\n auth: {\n username: adminClientId,\n password: adminClientPassword,\n },\n };\n const bodyFormData = `redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n response = await accessToken(bodyFormData, config);\n } else {\n const bodyFormData = `client_id=${adminClientId}&redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n response = await accessToken(bodyFormData);\n }\n if ('access_token' in response.data) {\n debugMessage(`AuthenticateOps.getAccessTokenForUser: end with token`);\n return response.data.access_token;\n }\n printMessage('No access token in response.', 'error');\n } catch (error) {\n debugMessage(`Error getting access token for user: ${error}`);\n debugMessage(error.response?.data);\n }\n debugMessage(`AuthenticateOps.getAccessTokenForUser: end without token`);\n return null;\n}\n\nfunction createPayload(serviceAccountId: string) {\n const u = parseUrl(state.getHost());\n const aud = `${u.origin}:${\n u.port ? u.port : u.protocol === 'https' ? '443' : '80'\n }${u.pathname}/oauth2/access_token`;\n\n // Cross platform way of setting JWT expiry time 3 minutes in the future, expressed as number of seconds since EPOCH\n const exp = Math.floor(new Date().getTime() / 1000 + 180);\n\n // A unique ID for the JWT which is required when requesting the openid scope\n const jti = v4();\n\n const iss = serviceAccountId;\n const sub = serviceAccountId;\n\n // Create the payload for our bearer token\n const payload = { iss, sub, aud, exp, jti };\n\n return payload;\n}\n\n/**\n * Get access token for service account\n * @param {string} serviceAccountId UUID of service account\n * @param {JwkRsa} jwk Java Wek Key\n * @returns {string | null} Access token or null\n */\nexport async function getAccessTokenForServiceAccount(\n serviceAccountId: string,\n jwk: JwkRsa\n): Promise<string | null> {\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: start`);\n const payload = createPayload(serviceAccountId);\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: payload:`);\n debugMessage(payload);\n const jwt = await createSignedJwtToken(payload, jwk);\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: jwt:`);\n debugMessage(jwt);\n const bodyFormData = `assertion=${jwt}&client_id=service-account&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&scope=${serviceAccountScopes}`;\n const response = await accessToken(bodyFormData);\n if ('access_token' in response.data) {\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: token:`);\n debugMessage(response.data.access_token);\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: end`);\n return response.data.access_token;\n }\n debugMessage(\n `AuthenticateOps.getAccessTokenForServiceAccount: No access token in response.`\n );\n debugMessage(`AuthenticateOps.getAccessTokenForServiceAccount: end`);\n return null;\n}\n\nasync function determineDeploymentTypeAndDefaultRealmAndVersion() {\n debugMessage(\n `AuthenticateOps.determineDeploymentTypeAndDefaultRealmAndVersion: start`\n );\n if (!state.getDeploymentType()) {\n state.setDeploymentType(await determineDeploymentType());\n }\n determineDefaultRealm(state.getDeploymentType());\n debugMessage(\n `AuthenticateOps.determineDeploymentTypeAndDefaultRealmAndVersion: realm=${state.getRealm()}, type=${state.getDeploymentType()}`\n );\n\n const versionInfo = await getServerVersionInfo();\n\n // https://github.com/rockcarver/frodo-cli/issues/109\n debugMessage(`Full version: ${versionInfo.fullVersion}`);\n\n const version = await getSemanticVersion(versionInfo);\n state.setAmVersion(version);\n debugMessage(\n `AuthenticateOps.determineDeploymentTypeAndDefaultRealmAndVersion: end`\n );\n}\n\nasync function getLoggedInSubject(): Promise<string> {\n let subjectString = `user ${state.getUsername()}`;\n if (state.getUseBearerTokenForAmApis()) {\n const name = (await getServiceAccount(state.getServiceAccountId())).name;\n subjectString = `service account ${name} [${state.getServiceAccountId()}]`;\n }\n return subjectString;\n}\n\n/**\n * Get tokens\n * @param {boolean} forceLoginAsUser true to force login as user even if a service account is available (default: false)\n * @returns {Promise<boolean>} true if tokens were successfully obtained, false otherwise\n */\nexport async function getTokens(forceLoginAsUser = false): Promise<boolean> {\n debugMessage(`AuthenticateOps.getTokens: start`);\n if (!state.getHost()) {\n printMessage(\n `No host specified and FRODO_HOST env variable not set!`,\n 'error'\n );\n return false;\n }\n try {\n // if username/password on cli are empty, try to read from connections.json\n if (\n state.getUsername() == null &&\n state.getPassword() == null &&\n !state.getServiceAccountId() &&\n !state.getServiceAccountJwk()\n ) {\n const conn = await getConnectionProfile();\n if (conn) {\n state.setHost(conn.tenant);\n state.setUsername(conn.username);\n state.setPassword(conn.password);\n state.setAuthenticationService(conn.authenticationService);\n state.setAuthenticationHeaderOverrides(\n conn.authenticationHeaderOverrides\n );\n state.setServiceAccountId(conn.svcacctId);\n state.setServiceAccountJwk(conn.svcacctJwk);\n } else {\n return false;\n }\n }\n // now that we have the full tenant URL we can lookup the cookie name\n state.setCookieName(await determineCookieName());\n\n // use service account to login?\n if (\n !forceLoginAsUser &&\n state.getServiceAccountId() &&\n state.getServiceAccountJwk()\n ) {\n debugMessage(\n `AuthenticateOps.getTokens: Authenticating with service account ${state.getServiceAccountId()}`\n );\n try {\n const token = await getAccessTokenForServiceAccount(\n state.getServiceAccountId(),\n state.getServiceAccountJwk()\n );\n state.setBearerToken(token);\n state.setUseBearerTokenForAmApis(true);\n await determineDeploymentTypeAndDefaultRealmAndVersion();\n } catch (saErr) {\n debugMessage(saErr.response?.data || saErr);\n throw new Error(\n `Service account login error: ${\n saErr.response?.data?.error_description ||\n saErr.response?.data?.message ||\n saErr\n }`\n );\n }\n }\n // use user account to login\n else if (state.getUsername() && state.getPassword()) {\n debugMessage(\n `AuthenticateOps.getTokens: Authenticating with user account ${state.getUsername()}`\n );\n const token = await authenticate(\n state.getUsername(),\n state.getPassword()\n );\n if (token) state.setCookieValue(token);\n await determineDeploymentTypeAndDefaultRealmAndVersion();\n if (\n state.getCookieValue() &&\n !state.getBearerToken() &&\n (state.getDeploymentType() === globalConfig.CLOUD_DEPLOYMENT_TYPE_KEY ||\n state.getDeploymentType() ===\n globalConfig.FORGEOPS_DEPLOYMENT_TYPE_KEY)\n ) {\n const accessToken = await getAccessTokenForUser();\n if (accessToken) state.setBearerToken(accessToken);\n }\n }\n // incomplete or no credentials\n else {\n printMessage(`Incomplete or no credentials!`, 'error');\n return false;\n }\n if (\n state.getCookieValue() ||\n (state.getUseBearerTokenForAmApis() && state.getBearerToken())\n ) {\n // https://github.com/rockcarver/frodo-cli/issues/102\n printMessage(\n `Connected to ${state.getHost()} [${\n state.getRealm() ? state.getRealm() : 'root'\n }] as ${await getLoggedInSubject()}`,\n 'info'\n );\n debugMessage(`AuthenticateOps.getTokens: end with tokens`);\n return true;\n }\n } catch (error) {\n // regular error\n printMessage(error.message, 'error');\n // axios error am api\n printMessage(error.response?.data?.message, 'error');\n // axios error am oauth2 api\n printMessage(error.response?.data?.error_description, 'error');\n // axios error data\n debugMessage(error.response?.data);\n // stack trace\n debugMessage(error.stack || new Error().stack);\n }\n debugMessage(`AuthenticateOps.getTokens: end without tokens`);\n return false;\n}\n"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAA8D;AAAA;AAAA;AAAA;AAAA;AAE9D,IAAMA,mBAAmB,GAAG,eAAe;AAC3C,IAAMC,mBAAmB,GAAG,sCAAsC;AAElE,IAAMC,cAAc,GAAG,8BAA8B;AACrD,IAAMC,oBAAoB,GAAG,+BAA+B;AAE5D,IAAIC,aAAa,GAAG,gBAAgB;;AAEpC;AACA;AACA;AACA;AAHA,SAIeC,mBAAmB;EAAA;AAAA;AAclC;AACA;AACA;AACA;AACA;AAJA;EAAA,yCAdA,aAAqC;IACnC,IAAI;MACF,IAAMC,IAAI,SAAS,IAAAC,4BAAa,GAAE;MAClC,IAAAC,qBAAY,sDACmCF,IAAI,CAACG,UAAU,EAC7D;MACD,OAAOH,IAAI,CAACG,UAAU;IACxB,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd,IAAAC,qBAAY,uCAA+BD,KAAK,GAAI,OAAO,CAAC;MAC5D,IAAAF,qBAAY,EAACE,KAAK,CAACE,KAAK,CAAC;MACzB,OAAO,IAAI;IACb;EACF,CAAC;EAAA;AAAA;AAOD,SAASC,iBAAiB,CAACC,OAAO,EAAE;EAClC;EACA,IAAI,WAAW,IAAIA,OAAO,EAAE;IAC1B,KAAK,IAAMC,OAAO,IAAID,OAAO,CAACE,SAAS,EAAE;MACvC,IAAID,OAAO,CAACE,IAAI,KAAK,qBAAqB,EAAE;QAC1C,IAAIF,OAAO,CAACG,KAAK,CAAC,CAAC,CAAC,CAACC,KAAK,CAACC,QAAQ,CAAC,MAAM,CAAC,EAAE;UAC3C;UACAL,OAAO,CAACG,KAAK,CAAC,CAAC,CAAC,CAACC,KAAK,GAAG,MAAM;UAC/B,OAAO;YACLE,OAAO,EAAE,IAAI;YACbP;UACF,CAAC;QACH;MACF;MACA,IAAIC,OAAO,CAACE,IAAI,KAAK,cAAc,EAAE;QACnC,IAAIF,OAAO,CAACO,MAAM,CAAC,CAAC,CAAC,CAACH,KAAK,CAACC,QAAQ,CAAC,MAAM,CAAC,EAAE;UAC5C;UACA,IAAAT,qBAAY,EAAC,8CAA8C,CAAC;UAC5D,IAAMY,IAAI,GAAGC,qBAAY,CAACC,QAAQ,WAAIV,OAAO,CAACO,MAAM,CAAC,CAAC,CAAC,CAACH,KAAK,QAAK;UAClEJ,OAAO,CAACG,KAAK,CAAC,CAAC,CAAC,CAACC,KAAK,GAAGI,IAAI;UAC7B,OAAO;YACLF,OAAO,EAAE,IAAI;YACbP;UACF,CAAC;QACH;MACF;IACF;IACA;IACA,OAAO;MACLO,OAAO,EAAE,KAAK;MACdP;IACF,CAAC;EACH;EACA;EACA,OAAO;IACLO,OAAO,EAAE,KAAK;IACdP;EACF,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA,SAASY,qBAAqB,CAACC,cAAsB,EAAE;EACrD,IACE,CAACC,KAAK,CAACC,QAAQ,EAAE,IACjBD,KAAK,CAACC,QAAQ,EAAE,KAAKC,YAAY,CAACC,iBAAiB,EACnD;IACAH,KAAK,CAACI,QAAQ,CAACF,YAAY,CAACG,yBAAyB,CAACN,cAAc,CAAC,CAAC;EACxE;AACF;;AAEA;AACA;AACA;AACA;AAHA,SAIeO,uBAAuB;EAAA;AAAA;AAgEtC;AACA;AACA;AACA;AACA;AAJA;EAAA,6CAhEA,aAA0D;IACxD,IAAMC,WAAW,GAAGP,KAAK,CAACQ,cAAc,EAAE;IAC1C;IACA;IACA;IACA;IACA;IACA;IACA;;IAEA;IACA,IAAIR,KAAK,CAACS,0BAA0B,EAAE,EACpC,OAAOP,YAAY,CAACQ,yBAAyB;IAE/C,IAAMC,YAAY,GAAG,gBAAgB;IACrC,IAAMC,gBAAgB,GAAG,cAAc;IAEvC,IAAMC,QAAQ,GAAG,IAAAC,qBAAe,EAAC,IAAAC,mBAAW,EAAC,EAAE,CAAC,CAAC;IACjD,IAAMC,SAAS,GAAG,IAAAF,qBAAe,EAC/B,IAAAG,kBAAU,EAAC,QAAQ,CAAC,CAACC,MAAM,CAACL,QAAQ,CAAC,CAACM,MAAM,EAAE,CAC/C;IACD,IAAMC,eAAe,GAAG,MAAM;IAC9B,IAAMC,WAAW,GAAGC,YAAG,CAACC,OAAO,CAACvB,KAAK,CAACwB,OAAO,EAAE,EAAEnD,mBAAmB,CAAC;IAErE,IAAMoD,MAAM,GAAG;MACbC,YAAY,EAAE,CAAC;MACfC,OAAO,EAAE;QACP,CAAC3B,KAAK,CAAC4B,aAAa,EAAE,GAAG5B,KAAK,CAACQ,cAAc;MAC/C;IACF,CAAC;IACD,IAAIqB,YAAY,0BAAmBR,WAAW,oBAAU/C,cAAc,2CAAiCqC,YAAY,mBAASJ,WAAW,4CAAkCS,SAAS,oCAA0BI,eAAe,CAAE;IAE7N,IAAIrB,cAAc,GAAGG,YAAY,CAAC4B,2BAA2B;IAC7D,IAAI;MACF,MAAM,IAAAC,wBAAS,EAACF,YAAY,EAAEJ,MAAM,CAAC;IACvC,CAAC,CAAC,OAAOO,CAAC,EAAE;MAAA;MACV;MACA,IACE,gBAAAA,CAAC,CAACC,QAAQ,gDAAV,YAAYC,MAAM,MAAK,GAAG,IAC1B,wBAAAF,CAAC,CAACC,QAAQ,CAACN,OAAO,iFAAlB,oBAAoBQ,QAAQ,0DAA5B,sBAA8BC,OAAO,CAAC,OAAO,CAAC,IAAG,CAAC,CAAC,EACnD;QACA,IAAAC,uBAAc,EAAC,2BAA2B,YAAY,CAAC,eAAe,CAAC;QACvEtC,cAAc,GAAGG,YAAY,CAACQ,yBAAyB;MACzD,CAAC,MAAM;QACL,IAAI;UACFmB,YAAY,0BAAmBR,WAAW,oBAAU/C,cAAc,2CAAiCsC,gBAAgB,mBAASZ,KAAK,CAACQ,cAAc,EAAE,4CAAkCQ,SAAS,oCAA0BI,eAAe,CAAE;UACxO,MAAM,IAAAW,wBAAS,EAACF,YAAY,EAAEJ,MAAM,CAAC;QACvC,CAAC,CAAC,OAAOa,EAAE,EAAE;UAAA;UACX,IACE,iBAAAA,EAAE,CAACL,QAAQ,iDAAX,aAAaC,MAAM,MAAK,GAAG,IAC3B,yBAAAI,EAAE,CAACL,QAAQ,CAACN,OAAO,kFAAnB,qBAAqBQ,QAAQ,0DAA7B,sBAA+BC,OAAO,CAAC,OAAO,CAAC,IAAG,CAAC,CAAC,EACpD;YACA5D,aAAa,GAAGoC,gBAAgB;YAChC,IAAAyB,uBAAc,EAAC,sBAAsB,YAAY,CAAC,eAAe,CAAC;YAClEtC,cAAc,GAAGG,YAAY,CAACqC,4BAA4B;UAC5D,CAAC,MAAM;YACL,IAAAF,uBAAc,EAAC,qBAAqB,YAAY,CAAC,eAAe,CAAC;UACnE;QACF;MACF;IACF;IACA,OAAOtC,cAAc;EACvB,CAAC;EAAA;AAAA;AAAA,SAOcyC,kBAAkB;EAAA;AAAA;AAUjC;AACA;AACA;AACA;AAHA;EAAA,wCAVA,WAAkCC,WAAW,EAAE;IAC7C,IAAI,SAAS,IAAIA,WAAW,EAAE;MAC5B,IAAMC,aAAa,GAAGD,WAAW,CAACE,OAAO;MACzC,IAAMC,EAAE,GAAG,8BAA8B;MACzC,IAAMD,OAAO,GAAGD,aAAa,CAACG,KAAK,CAACD,EAAE,CAAC;MACvC,OAAOD,OAAO,CAAC,CAAC,CAAC;IACnB;IACA,MAAM,IAAIG,KAAK,CAAC,2DAA2D,CAAC;EAC9E,CAAC;EAAA;AAAA;AAAA,SAMcC,YAAY;EAAA;AAAA;AAwB3B;AACA;AACA;AACA;AACA;AACA;AACA;AANA;EAAA,kCAxBA,WACEC,QAAgB,EAChBC,QAAgB,EACC;IACjB,IAAMxB,MAAM,GAAG;MACbE,OAAO,EAAE;QACP,mBAAmB,EAAEqB,QAAQ;QAC7B,mBAAmB,EAAEC;MACvB;IACF,CAAC;IACD,IAAMC,SAAS,SAAS,IAAAC,qBAAI,EAAC,CAAC,CAAC,EAAE1B,MAAM,CAAC;IACxC,IAAM2B,OAAO,GAAGnE,iBAAiB,CAACiE,SAAS,CAAC;IAC5C,IAAIG,SAAS,GAAG,CAAC,CAAC;IAClB,IAAID,OAAO,CAAC3D,OAAO,EAAE;MACnB4D,SAAS,SAAS,IAAAF,qBAAI,EAACC,OAAO,CAAClE,OAAO,CAAC;IACzC,CAAC,MAAM;MACLmE,SAAS,GAAGD,OAAO,CAAClE,OAAO;IAC7B;IACA,IAAI,SAAS,IAAImE,SAAS,EAAE;MAC1B,OAAOA,SAAS,CAAC,SAAS,CAAC;IAC7B;IACA,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAAA,SAScC,WAAW;EAAA;AAAA;AAsC1B;AACA;AACA;AACA;AAHA;EAAA,iCAtCA,WAA2BjC,WAAW,EAAEkC,aAAa,EAAEC,mBAAmB,EAAE;IAC1E,IAAI;MAAA;MACF,IAAM3B,YAAY,0BAAmBR,WAAW,oBAAU/C,cAAc,2CAAiCE,aAAa,mBAASwB,KAAK,CAACQ,cAAc,EAAE,4CAAkC+C,aAAa,oCAA0BC,mBAAmB,CAAE;MACnP,IAAM/B,MAAM,GAAG;QACbE,OAAO,EAAE;UACP,cAAc,EAAE;QAClB,CAAC;QACDD,YAAY,EAAE;MAChB,CAAC;MACD,IAAIO,QAAQ,GAAGwB,SAAS;MACxB,IAAI;QACFxB,QAAQ,SAAS,IAAAF,wBAAS,EAACF,YAAY,EAAEJ,MAAM,CAAC;MAClD,CAAC,CAAC,OAAO3C,KAAK,EAAE;QACdmD,QAAQ,GAAGnD,KAAK,CAACmD,QAAQ;MAC3B;MACA,IAAIA,QAAQ,CAACC,MAAM,GAAG,GAAG,IAAID,QAAQ,CAACC,MAAM,GAAG,GAAG,EAAE;QAClD,IAAAnD,qBAAY,EAAC,yBAAyB,EAAE,OAAO,CAAC;QAChD,IAAAA,qBAAY,EACV,8DAA8D,EAC9D,OAAO,CACR;QACD,OAAO,IAAI;MACb;MACA,IAAM2E,mBAAmB,wBAAGzB,QAAQ,CAACN,OAAO,sDAAhB,kBAAkBQ,QAAQ;MACtD,IAAMwB,WAAW,GAAGrC,YAAG,CAACsC,KAAK,CAACF,mBAAmB,EAAE,IAAI,CAAC,CAACG,KAAK;MAC9D,IAAI,MAAM,IAAIF,WAAW,EAAE;QACzB,OAAOA,WAAW,CAAChE,IAAI;MACzB;MACA,IAAAZ,qBAAY,EAAC,qBAAqB,EAAE,OAAO,CAAC;MAC5C,OAAO,IAAI;IACb,CAAC,CAAC,OAAOD,KAAK,EAAE;MAAA;MACd,IAAAC,qBAAY,sCAA8BD,KAAK,CAACgF,OAAO,GAAI,OAAO,CAAC;MACnE,IAAA/E,qBAAY,qBAACD,KAAK,CAACmD,QAAQ,oDAAd,gBAAgBvD,IAAI,EAAE,OAAO,CAAC;MAC3C,IAAAE,qBAAY,EAACE,KAAK,CAACE,KAAK,CAAC;MACzB,OAAO,IAAI;IACb;EACF,CAAC;EAAA;AAAA;AAAA,SAMc+E,qBAAqB;EAAA;AAAA;AAAA;EAAA,2CAApC,aAA+D;IAC7D,IAAAnF,qBAAY,iDAAgD;IAC5D,IAAI;MACF,IAAMiC,QAAQ,GAAG,IAAAC,qBAAe,EAAC,IAAAC,mBAAW,EAAC,EAAE,CAAC,CAAC;MACjD,IAAMC,SAAS,GAAG,IAAAF,qBAAe,EAC/B,IAAAG,kBAAU,EAAC,QAAQ,CAAC,CAACC,MAAM,CAACL,QAAQ,CAAC,CAACM,MAAM,EAAE,CAC/C;MACD,IAAMC,eAAe,GAAG,MAAM;MAC9B,IAAMC,WAAW,GAAGC,YAAG,CAACC,OAAO,CAACvB,KAAK,CAACwB,OAAO,EAAE,EAAEnD,mBAAmB,CAAC;MACrE,IAAM2F,QAAQ,SAASV,WAAW,CAACjC,WAAW,EAAEL,SAAS,EAAEI,eAAe,CAAC;MAC3E,IAAI4C,QAAQ,IAAI,IAAI,EAAE;QACpB,IAAAjF,qBAAY,EAAC,yBAAyB,EAAE,OAAO,CAAC;QAChD,OAAO,IAAI;MACb;MACA,IAAIkD,QAAQ,GAAG,IAAI;MACnB,IAAIjC,KAAK,CAACiE,iBAAiB,EAAE,KAAK/D,YAAY,CAACQ,yBAAyB,EAAE;QACxE,IAAMe,MAAM,GAAG;UACbyC,IAAI,EAAE;YACJlB,QAAQ,EAAExE,aAAa;YACvByE,QAAQ,EAAE7E;UACZ;QACF,CAAC;QACD,IAAMyD,YAAY,0BAAmBR,WAAW,iDAAuC2C,QAAQ,4BAAkBnD,QAAQ,CAAE;QAC3HoB,QAAQ,SAAS,IAAAkC,0BAAW,EAACtC,YAAY,EAAEJ,MAAM,CAAC;MACpD,CAAC,MAAM;QACL,IAAMI,aAAY,uBAAgBrD,aAAa,2BAAiB6C,WAAW,iDAAuC2C,QAAQ,4BAAkBnD,QAAQ,CAAE;QACtJoB,QAAQ,SAAS,IAAAkC,0BAAW,EAACtC,aAAY,CAAC;MAC5C;MACA,IAAI,cAAc,IAAII,QAAQ,CAACvD,IAAI,EAAE;QACnC,IAAAE,qBAAY,0DAAyD;QACrE,OAAOqD,QAAQ,CAACvD,IAAI,CAAC0F,YAAY;MACnC;MACA,IAAArF,qBAAY,EAAC,8BAA8B,EAAE,OAAO,CAAC;IACvD,CAAC,CAAC,OAAOD,KAAK,EAAE;MAAA;MACd,IAAAF,qBAAY,iDAAyCE,KAAK,EAAG;MAC7D,IAAAF,qBAAY,sBAACE,KAAK,CAACmD,QAAQ,qDAAd,iBAAgBvD,IAAI,CAAC;IACpC;IACA,IAAAE,qBAAY,6DAA4D;IACxE,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAED,SAASyF,aAAa,CAACC,gBAAwB,EAAE;EAC/C,IAAMC,CAAC,GAAG,IAAAC,kBAAQ,EAACxE,KAAK,CAACwB,OAAO,EAAE,CAAC;EACnC,IAAMiD,GAAG,aAAMF,CAAC,CAACG,MAAM,cACrBH,CAAC,CAACI,IAAI,GAAGJ,CAAC,CAACI,IAAI,GAAGJ,CAAC,CAACK,QAAQ,KAAK,OAAO,GAAG,KAAK,GAAG,IAAI,SACtDL,CAAC,CAACM,QAAQ,yBAAsB;;EAEnC;EACA,IAAMC,GAAG,GAAGC,IAAI,CAACC,KAAK,CAAC,IAAIC,IAAI,EAAE,CAACC,OAAO,EAAE,GAAG,IAAI,GAAG,GAAG,CAAC;;EAEzD;EACA,IAAMC,GAAG,GAAG,IAAAC,QAAE,GAAE;EAEhB,IAAMC,GAAG,GAAGf,gBAAgB;EAC5B,IAAMgB,GAAG,GAAGhB,gBAAgB;;EAE5B;EACA,IAAMpF,OAAO,GAAG;IAAEmG,GAAG;IAAEC,GAAG;IAAEb,GAAG;IAAEK,GAAG;IAAEK;EAAI,CAAC;EAE3C,OAAOjG,OAAO;AAChB;;AAEA;AACA;AACA;AACA;AACA;AACA;AALA,SAMsBqG,+BAA+B;EAAA;AAAA;AAAA;EAAA,qDAA9C,WACLjB,gBAAwB,EACxBkB,GAAW,EACa;IACxB,IAAA5G,qBAAY,2DAA0D;IACtE,IAAMM,OAAO,GAAGmF,aAAa,CAACC,gBAAgB,CAAC;IAC/C,IAAA1F,qBAAY,8DAA6D;IACzE,IAAAA,qBAAY,EAACM,OAAO,CAAC;IACrB,IAAMuG,GAAG,SAAS,IAAAC,6BAAoB,EAACxG,OAAO,EAAEsG,GAAG,CAAC;IACpD,IAAA5G,qBAAY,0DAAyD;IACrE,IAAAA,qBAAY,EAAC6G,GAAG,CAAC;IACjB,IAAM5D,YAAY,uBAAgB4D,GAAG,qGAA2FlH,oBAAoB,CAAE;IACtJ,IAAM0D,QAAQ,SAAS,IAAAkC,0BAAW,EAACtC,YAAY,CAAC;IAChD,IAAI,cAAc,IAAII,QAAQ,CAACvD,IAAI,EAAE;MACnC,IAAAE,qBAAY,4DAA2D;MACvE,IAAAA,qBAAY,EAACqD,QAAQ,CAACvD,IAAI,CAAC0F,YAAY,CAAC;MACxC,IAAAxF,qBAAY,yDAAwD;MACpE,OAAOqD,QAAQ,CAACvD,IAAI,CAAC0F,YAAY;IACnC;IACA,IAAAxF,qBAAY,kFAEX;IACD,IAAAA,qBAAY,yDAAwD;IACpE,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAAA,SAEc+G,gDAAgD;EAAA;AAAA;AAAA;EAAA,sEAA/D,aAAkE;IAChE,IAAA/G,qBAAY,4EAEX;IACD,IAAI,CAACoB,KAAK,CAACiE,iBAAiB,EAAE,EAAE;MAC9BjE,KAAK,CAAC4F,iBAAiB,OAAOtF,uBAAuB,EAAE,CAAC;IAC1D;IACAR,qBAAqB,CAACE,KAAK,CAACiE,iBAAiB,EAAE,CAAC;IAChD,IAAArF,qBAAY,oFACiEoB,KAAK,CAACC,QAAQ,EAAE,oBAAUD,KAAK,CAACiE,iBAAiB,EAAE,EAC/H;IAED,IAAMxB,WAAW,SAAS,IAAAoD,mCAAoB,GAAE;;IAEhD;IACA,IAAAjH,qBAAY,0BAAkB6D,WAAW,CAACqD,WAAW,EAAG;IAExD,IAAMnD,OAAO,SAASH,kBAAkB,CAACC,WAAW,CAAC;IACrDzC,KAAK,CAAC+F,YAAY,CAACpD,OAAO,CAAC;IAC3B,IAAA/D,qBAAY,0EAEX;EACH,CAAC;EAAA;AAAA;AAAA,SAEcoH,kBAAkB;EAAA;AAAA;AASjC;AACA;AACA;AACA;AACA;AAJA;EAAA,wCATA,aAAqD;IACnD,IAAIC,aAAa,kBAAWjG,KAAK,CAACkG,WAAW,EAAE,CAAE;IACjD,IAAIlG,KAAK,CAACS,0BAA0B,EAAE,EAAE;MACtC,IAAM0F,IAAI,GAAG,OAAO,IAAAC,oCAAiB,EAACpG,KAAK,CAACqG,mBAAmB,EAAE,CAAC,EAAEF,IAAI;MACxEF,aAAa,6BAAsBE,IAAI,eAAKnG,KAAK,CAACqG,mBAAmB,EAAE,MAAG;IAC5E;IACA,OAAOJ,aAAa;EACtB,CAAC;EAAA;AAAA;AAAA,SAOqBK,SAAS;EAAA;AAAA;AAAA;EAAA,+BAAxB,aAAqE;IAAA,IAA5CC,gBAAgB,uEAAG,KAAK;IACtD,IAAA3H,qBAAY,qCAAoC;IAChD,IAAI,CAACoB,KAAK,CAACwB,OAAO,EAAE,EAAE;MACpB,IAAAzC,qBAAY,4DAEV,OAAO,CACR;MACD,OAAO,KAAK;IACd;IACA,IAAI;MACF;MACA,IACEiB,KAAK,CAACkG,WAAW,EAAE,IAAI,IAAI,IAC3BlG,KAAK,CAACwG,WAAW,EAAE,IAAI,IAAI,IAC3B,CAACxG,KAAK,CAACqG,mBAAmB,EAAE,IAC5B,CAACrG,KAAK,CAACyG,oBAAoB,EAAE,EAC7B;QACA,IAAMC,IAAI,SAAS,IAAAC,0CAAoB,GAAE;QACzC,IAAID,IAAI,EAAE;UACR1G,KAAK,CAAC4G,OAAO,CAACF,IAAI,CAACG,MAAM,CAAC;UAC1B7G,KAAK,CAAC8G,WAAW,CAACJ,IAAI,CAAC1D,QAAQ,CAAC;UAChChD,KAAK,CAAC+G,WAAW,CAACL,IAAI,CAACzD,QAAQ,CAAC;UAChCjD,KAAK,CAACgH,wBAAwB,CAACN,IAAI,CAACO,qBAAqB,CAAC;UAC1DjH,KAAK,CAACkH,gCAAgC,CACpCR,IAAI,CAACS,6BAA6B,CACnC;UACDnH,KAAK,CAACoH,mBAAmB,CAACV,IAAI,CAACW,SAAS,CAAC;UACzCrH,KAAK,CAACsH,oBAAoB,CAACZ,IAAI,CAACa,UAAU,CAAC;QAC7C,CAAC,MAAM;UACL,OAAO,KAAK;QACd;MACF;MACA;MACAvH,KAAK,CAACwH,aAAa,OAAO/I,mBAAmB,EAAE,CAAC;;MAEhD;MACA,IACE,CAAC8H,gBAAgB,IACjBvG,KAAK,CAACqG,mBAAmB,EAAE,IAC3BrG,KAAK,CAACyG,oBAAoB,EAAE,EAC5B;QACA,IAAA7H,qBAAY,2EACwDoB,KAAK,CAACqG,mBAAmB,EAAE,EAC9F;QACD,IAAI;UACF,IAAMoB,KAAK,SAASlC,+BAA+B,CACjDvF,KAAK,CAACqG,mBAAmB,EAAE,EAC3BrG,KAAK,CAACyG,oBAAoB,EAAE,CAC7B;UACDzG,KAAK,CAAC0H,cAAc,CAACD,KAAK,CAAC;UAC3BzH,KAAK,CAAC2H,0BAA0B,CAAC,IAAI,CAAC;UACtC,MAAMhC,gDAAgD,EAAE;QAC1D,CAAC,CAAC,OAAOiC,KAAK,EAAE;UAAA;UACd,IAAAhJ,qBAAY,EAAC,oBAAAgJ,KAAK,CAAC3F,QAAQ,oDAAd,gBAAgBvD,IAAI,KAAIkJ,KAAK,CAAC;UAC3C,MAAM,IAAI9E,KAAK,wCAEX,qBAAA8E,KAAK,CAAC3F,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBmJ,iBAAiB,0BACvCD,KAAK,CAAC3F,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBoF,OAAO,KAC7B8D,KAAK,EAER;QACH;MACF;MACA;MAAA,KACK,IAAI5H,KAAK,CAACkG,WAAW,EAAE,IAAIlG,KAAK,CAACwG,WAAW,EAAE,EAAE;QACnD,IAAA5H,qBAAY,wEACqDoB,KAAK,CAACkG,WAAW,EAAE,EACnF;QACD,IAAMuB,MAAK,SAAS1E,YAAY,CAC9B/C,KAAK,CAACkG,WAAW,EAAE,EACnBlG,KAAK,CAACwG,WAAW,EAAE,CACpB;QACD,IAAIiB,MAAK,EAAEzH,KAAK,CAAC8H,cAAc,CAACL,MAAK,CAAC;QACtC,MAAM9B,gDAAgD,EAAE;QACxD,IACE3F,KAAK,CAACQ,cAAc,EAAE,IACtB,CAACR,KAAK,CAAC+H,cAAc,EAAE,KACtB/H,KAAK,CAACiE,iBAAiB,EAAE,KAAK/D,YAAY,CAACQ,yBAAyB,IACnEV,KAAK,CAACiE,iBAAiB,EAAE,KACvB/D,YAAY,CAACqC,4BAA4B,CAAC,EAC9C;UACA,IAAM4B,YAAW,SAASJ,qBAAqB,EAAE;UACjD,IAAII,YAAW,EAAEnE,KAAK,CAAC0H,cAAc,CAACvD,YAAW,CAAC;QACpD;MACF;MACA;MAAA,KACK;QACH,IAAApF,qBAAY,mCAAkC,OAAO,CAAC;QACtD,OAAO,KAAK;MACd;MACA,IACEiB,KAAK,CAACQ,cAAc,EAAE,IACrBR,KAAK,CAACS,0BAA0B,EAAE,IAAIT,KAAK,CAAC+H,cAAc,EAAG,EAC9D;QACA;QACA,IAAAhJ,qBAAY,yBACMiB,KAAK,CAACwB,OAAO,EAAE,eAC7BxB,KAAK,CAACC,QAAQ,EAAE,GAAGD,KAAK,CAACC,QAAQ,EAAE,GAAG,MAAM,wBAChC+F,kBAAkB,EAAE,GAClC,MAAM,CACP;QACD,IAAApH,qBAAY,+CAA8C;QAC1D,OAAO,IAAI;MACb;IACF,CAAC,CAAC,OAAOE,KAAK,EAAE;MAAA;MACd;MACA,IAAAC,qBAAY,EAACD,KAAK,CAACgF,OAAO,EAAE,OAAO,CAAC;MACpC;MACA,IAAA/E,qBAAY,sBAACD,KAAK,CAACmD,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBoF,OAAO,EAAE,OAAO,CAAC;MACpD;MACA,IAAA/E,qBAAY,sBAACD,KAAK,CAACmD,QAAQ,8EAAd,iBAAgBvD,IAAI,0DAApB,sBAAsBmJ,iBAAiB,EAAE,OAAO,CAAC;MAC9D;MACA,IAAAjJ,qBAAY,sBAACE,KAAK,CAACmD,QAAQ,qDAAd,iBAAgBvD,IAAI,CAAC;MAClC;MACA,IAAAE,qBAAY,EAACE,KAAK,CAACE,KAAK,IAAI,IAAI8D,KAAK,EAAE,CAAC9D,KAAK,CAAC;IAChD;IACA,IAAAJ,qBAAY,kDAAiD;IAC7D,OAAO,KAAK;EACd,CAAC;EAAA;AAAA"}
|
package/cjs/ops/Saml2Ops.js
CHANGED
|
@@ -127,18 +127,18 @@ function _exportDependencies() {
|
|
|
127
127
|
if (attrMapperScriptId && attrMapperScriptId !== '[Empty]') {
|
|
128
128
|
var scriptData = yield (0, _ScriptApi.getScript)(attrMapperScriptId);
|
|
129
129
|
scriptData.script = (0, _ExportImportUtils.convertBase64TextToArray)(scriptData.script);
|
|
130
|
-
// eslint-disable-next-line no-param-reassign
|
|
131
130
|
fileData.script[attrMapperScriptId] = scriptData;
|
|
132
131
|
}
|
|
133
132
|
var idpAdapterScriptId = _lodash.default.get(providerData, ['identityProvider', 'advanced', 'idpAdapter', 'idpAdapterScript']);
|
|
134
133
|
if (idpAdapterScriptId && idpAdapterScriptId !== '[Empty]') {
|
|
135
134
|
var _scriptData = yield (0, _ScriptApi.getScript)(idpAdapterScriptId);
|
|
136
135
|
_scriptData.script = (0, _ExportImportUtils.convertBase64TextToArray)(_scriptData.script);
|
|
137
|
-
// eslint-disable-next-line no-param-reassign
|
|
138
136
|
fileData.script[idpAdapterScriptId] = _scriptData;
|
|
139
137
|
}
|
|
140
138
|
var metaDataResponse = yield getProviderMetadata(providerData.entityId);
|
|
141
|
-
|
|
139
|
+
if (!metaDataResponse) {
|
|
140
|
+
throw new Error("Unable to obtain metadata from ".concat(getProviderMetadataUrl(providerData.entityId)));
|
|
141
|
+
}
|
|
142
142
|
fileData.saml.metadata[providerData._id] = (0, _ExportImportUtils.convertBase64UrlTextToArray)((0, _Base.encodeBase64Url)(metaDataResponse));
|
|
143
143
|
});
|
|
144
144
|
return _exportDependencies.apply(this, arguments);
|
|
@@ -252,7 +252,11 @@ function _exportSaml2Provider() {
|
|
|
252
252
|
var id = stub._id;
|
|
253
253
|
var providerData = yield getProviderByLocationAndId(location, id);
|
|
254
254
|
exportData.saml[stub.location][providerData._id] = providerData;
|
|
255
|
-
|
|
255
|
+
try {
|
|
256
|
+
yield exportDependencies(providerData, exportData);
|
|
257
|
+
} catch (error) {
|
|
258
|
+
(0, _Console.printMessage)(error.message, 'error');
|
|
259
|
+
}
|
|
256
260
|
(0, _Console.debugMessage)("Saml2Ops.exportSaml2Provider: end [entityId=".concat(entityId, "]"));
|
|
257
261
|
return exportData;
|
|
258
262
|
});
|
|
@@ -272,7 +276,11 @@ function _exportSaml2Providers() {
|
|
|
272
276
|
var stubs = yield getSaml2ProviderStubs();
|
|
273
277
|
for (var stub of stubs) {
|
|
274
278
|
var providerData = yield getProviderByLocationAndId(stub.location, stub._id);
|
|
275
|
-
|
|
279
|
+
try {
|
|
280
|
+
yield exportDependencies(providerData, fileData);
|
|
281
|
+
} catch (error) {
|
|
282
|
+
(0, _Console.printMessage)(error, 'error');
|
|
283
|
+
}
|
|
276
284
|
fileData.saml[stub.location][providerData._id] = providerData;
|
|
277
285
|
}
|
|
278
286
|
return fileData;
|
package/cjs/ops/Saml2Ops.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Saml2Ops.js","names":["roleMap","identityProvider","serviceProvider","attributeQueryProvider","xacmlPolicyEnforcementPoint","createSaml2ExportTemplate","meta","getMetadata","script","saml","hosted","remote","metadata","getSaml2ProviderStubs","result","getProviders","getProviderByLocationAndId","location","entityId64","_getProviderByLocationAndId","getProviderMetadataUrl","entityId","_getProviderMetadataUrl","getProviderMetadata","_getProviderMetadata","exportDependencies","providerData","fileData","attrMapperScriptId","_","get","scriptData","getScript","convertBase64TextToArray","idpAdapterScriptId","metaDataResponse","_id","convertBase64UrlTextToArray","encodeBase64Url","getSaml2ProviderStub","debugMessage","found","findProviders","resultCount","Error","getSaml2Provider","stub","id","deleteSaml2Provider","deleteProviderByLocationAndId","deleteSaml2Providers","providers","stubs","provider","push","length","exportSaml2Provider","exportData","exportSaml2Providers","importDependencies","convertTextArrayToBase64","putScript","getLocation","data","Saml2ProiderLocation","HOSTED","REMOTE","undefined","importSaml2Provider","importData","encode","metaData","convertTextArrayToBase64Url","createProvider","error","updateProvider","importSaml2Providers","myStatus","total","successes","warnings","failures","hostedIds","Object","keys","remoteIds","providerIds","concat","decodeBase64Url","includes","decode","importDependenciesErr","printMessage","response","createProviderErr","updateProviderError","message","deleteRawSaml2Provider","deleteRawProvider","deleteRawSaml2Providers","applicationList","getRawSaml2Providers","deleteApplicationPromises","forEach","item","deleteApplicationResult","Promise","all","_getRawProviders","getRawSaml2Provider","_getRawProvider","putRawSaml2Provider","entityData","_putRawProvider"],"sources":["ops/Saml2Ops.ts"],"sourcesContent":["import _ from 'lodash';\nimport {\n Saml2ProiderLocation,\n Saml2ProviderSkeleton,\n Saml2ProviderStub,\n} from '../api/ApiTypes';\nimport {\n createProvider,\n updateProvider,\n deleteRawProvider,\n findProviders,\n getProviderByLocationAndId as _getProviderByLocationAndId,\n getProviderMetadata as _getProviderMetadata,\n getProviderMetadataUrl as _getProviderMetadataUrl,\n getRawProvider as _getRawProvider,\n getProviders,\n getRawProviders as _getRawProviders,\n putRawProvider as _putRawProvider,\n deleteProviderByLocationAndId,\n} from '../api/Saml2Api';\nimport { getScript } from '../api/ScriptApi';\nimport {\n decode,\n decodeBase64Url,\n encode,\n encodeBase64Url,\n} from '../api/utils/Base64';\nimport { MultiOpStatusInterface, Saml2ExportInterface } from './OpsTypes';\nimport { putScript } from './ScriptOps';\nimport { debugMessage, printMessage } from './utils/Console';\nimport {\n convertBase64TextToArray,\n convertBase64UrlTextToArray,\n convertTextArrayToBase64,\n convertTextArrayToBase64Url,\n getMetadata,\n} from './utils/ExportImportUtils';\n\nexport const roleMap = {\n identityProvider: 'IDP',\n serviceProvider: 'SP',\n attributeQueryProvider: 'AttrQuery',\n xacmlPolicyEnforcementPoint: 'XACML PEP',\n};\n\n// use a function vs a template variable to avoid problems in loops\nexport function createSaml2ExportTemplate(): Saml2ExportInterface {\n return {\n meta: getMetadata(),\n script: {},\n saml: {\n hosted: {},\n remote: {},\n metadata: {},\n },\n } as Saml2ExportInterface;\n}\n\n/**\n * Get SAML2 entity provider stubs\n * @returns {Promise<Saml2ProviderStub[]>} a promise that resolves to an array of saml2 entity stubs\n */\nexport async function getSaml2ProviderStubs(): Promise<Saml2ProviderStub[]> {\n const { result } = await getProviders();\n return result;\n}\n\n/**\n * Geta SAML2 entity provider by location and id\n * @param {string} location Entity provider location (hosted or remote)\n * @param {string} entityId64 Base64-encoded-without-padding provider entity id\n * @returns {Promise} a promise that resolves to a saml2 entity provider object\n */\nexport async function getProviderByLocationAndId(\n location: string,\n entityId64: string\n) {\n return _getProviderByLocationAndId(location, entityId64);\n}\n\n/**\n * Get a SAML2 entity provider's metadata URL by entity id\n * @param {string} entityId SAML2 entity id\n * @returns {string} the URL to get the metadata from\n */\nexport function getProviderMetadataUrl(entityId: string): string {\n return _getProviderMetadataUrl(entityId);\n}\n\n/**\n * Get a SAML2 entity provider's metadata by entity id\n * @param {string} entityId SAML2 entity id\n * @returns {Promise<object>} a promise that resolves to an object containing a SAML2 metadata\n */\nexport async function getProviderMetadata(entityId) {\n return _getProviderMetadata(entityId);\n}\n\n/**\n * Include dependencies in the export file\n * @param {object} providerData Object representing a SAML entity provider\n * @param {object} fileData File data object to add dependencies to\n */\nasync function exportDependencies(providerData, fileData) {\n const attrMapperScriptId = _.get(providerData, [\n 'identityProvider',\n 'assertionProcessing',\n 'attributeMapper',\n 'attributeMapperScript',\n ]);\n if (attrMapperScriptId && attrMapperScriptId !== '[Empty]') {\n const scriptData = await getScript(attrMapperScriptId);\n scriptData.script = convertBase64TextToArray(scriptData.script);\n // eslint-disable-next-line no-param-reassign\n fileData.script[attrMapperScriptId] = scriptData;\n }\n const idpAdapterScriptId = _.get(providerData, [\n 'identityProvider',\n 'advanced',\n 'idpAdapter',\n 'idpAdapterScript',\n ]);\n if (idpAdapterScriptId && idpAdapterScriptId !== '[Empty]') {\n const scriptData = await getScript(idpAdapterScriptId);\n scriptData.script = convertBase64TextToArray(scriptData.script);\n // eslint-disable-next-line no-param-reassign\n fileData.script[idpAdapterScriptId] = scriptData;\n }\n const metaDataResponse = await getProviderMetadata(providerData.entityId);\n // eslint-disable-next-line no-param-reassign\n fileData.saml.metadata[providerData._id] = convertBase64UrlTextToArray(\n encodeBase64Url(metaDataResponse)\n );\n}\n\n/**\n *\n * @param {string} entityId Provider entity id\n * @returns {Promise<Saml2ProviderStub>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function getSaml2ProviderStub(\n entityId: string\n): Promise<Saml2ProviderStub> {\n debugMessage(`Saml2Ops.getSaml2ProviderStub: start [entityId=${entityId}]`);\n const found = await findProviders(`entityId eq '${entityId}'`);\n switch (found.resultCount) {\n case 0:\n throw new Error(`No provider with entity id '${entityId}' found`);\n case 1: {\n debugMessage(`Saml2Ops.getSaml2ProviderStub: end [entityId=${entityId}]`);\n return found.result[0];\n }\n default:\n throw new Error(`Multiple providers with entity id '${entityId}' found`);\n }\n}\n\n/**\n * Export a single entity provider. The response can be saved to file as is.\n * @param {string} entityId Provider entity id\n * @returns {Promise<Saml2ProviderSkeleton>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function getSaml2Provider(\n entityId: string\n): Promise<Saml2ProviderSkeleton> {\n debugMessage(`Saml2Ops.getSaml2Provider: start [entityId=${entityId}]`);\n const stub = await getSaml2ProviderStub(entityId);\n const { location } = stub;\n const id = stub._id;\n const providerData = await getProviderByLocationAndId(location, id);\n debugMessage(`Saml2Ops.getSaml2Provider: end [entityId=${entityId}]`);\n return providerData;\n}\n\n/**\n * Delete an entity provider. The response can be saved to file as is.\n * @param {string} entityId Provider entity id\n * @returns {Promise<Saml2ProviderSkeleton>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function deleteSaml2Provider(\n entityId: string\n): Promise<Saml2ProviderSkeleton> {\n debugMessage(`Saml2Ops.deleteSaml2Provider: start [entityId=${entityId}]`);\n const stub = await getSaml2ProviderStub(entityId);\n const { location } = stub;\n const id = stub._id;\n const providerData = await deleteProviderByLocationAndId(location, id);\n debugMessage(`Saml2Ops.deleteSaml2Provider: end [entityId=${entityId}]`);\n return providerData;\n}\n\n/**\n * Delete all entity providers.\n * @returns {Promise<Saml2ProviderSkeleton[]>} Promise resolving to an array of Saml2ProviderSkeleton objects.\n */\nexport async function deleteSaml2Providers(): Promise<Saml2ProviderSkeleton[]> {\n debugMessage(`Saml2Ops.deleteSaml2Providers: start`);\n const providers: Saml2ProviderSkeleton[] = [];\n const stubs = await getSaml2ProviderStubs();\n for (const stub of stubs) {\n const provider = await deleteProviderByLocationAndId(\n stub.location,\n stub._id\n );\n providers.push(provider);\n }\n debugMessage(\n `Saml2Ops.deleteSaml2Providers: end [deleted ${providers.length} providers]`\n );\n return providers;\n}\n\n/**\n * Export a single entity provider. The response can be saved to file as is.\n * @param {string} entityId Provider entity id\n * @returns {Promise<Saml2ExportInterface>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function exportSaml2Provider(\n entityId: string\n): Promise<Saml2ExportInterface> {\n debugMessage(`Saml2Ops.exportSaml2Provider: start [entityId=${entityId}]`);\n const exportData = createSaml2ExportTemplate();\n const stub = await getSaml2ProviderStub(entityId);\n const { location } = stub;\n const id = stub._id;\n const providerData = await getProviderByLocationAndId(location, id);\n exportData.saml[stub.location][providerData._id] = providerData;\n await exportDependencies(providerData, exportData);\n debugMessage(`Saml2Ops.exportSaml2Provider: end [entityId=${entityId}]`);\n return exportData;\n}\n\n/**\n * Export all entity providers. The response can be saved to file as is.\n * @returns {Promise<Saml2ExportInterface>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function exportSaml2Providers(): Promise<Saml2ExportInterface> {\n const fileData = createSaml2ExportTemplate();\n const stubs = await getSaml2ProviderStubs();\n for (const stub of stubs) {\n const providerData = await getProviderByLocationAndId(\n stub.location,\n stub._id\n );\n await exportDependencies(providerData, fileData);\n fileData.saml[stub.location][providerData._id] = providerData;\n }\n return fileData;\n}\n\n/**\n * Include dependencies from the import file\n * @param {object} providerData Object representing a SAML entity provider\n * @param {object} fileData File data object to read dependencies from\n */\nasync function importDependencies(providerData, fileData) {\n debugMessage(`Saml2Ops.importDependencies: start`);\n const attrMapperScriptId = _.get(providerData, [\n 'identityProvider',\n 'assertionProcessing',\n 'attributeMapper',\n 'attributeMapperScript',\n ]);\n if (attrMapperScriptId && attrMapperScriptId !== '[Empty]') {\n debugMessage(\n `Saml2Ops.importDependencies: attributeMapperScript=${attrMapperScriptId}`\n );\n const scriptData = _.get(fileData, ['script', attrMapperScriptId]);\n scriptData.script = convertTextArrayToBase64(scriptData.script);\n await putScript(attrMapperScriptId, scriptData);\n }\n const idpAdapterScriptId = _.get(providerData, [\n 'identityProvider',\n 'advanced',\n 'idpAdapter',\n 'idpAdapterScript',\n ]);\n if (idpAdapterScriptId && idpAdapterScriptId !== '[Empty]') {\n debugMessage(\n `Saml2Ops.importDependencies: idpAdapterScript=${idpAdapterScriptId}`\n );\n const scriptData = _.get(fileData, ['script', idpAdapterScriptId]);\n scriptData.script = convertTextArrayToBase64(scriptData.script);\n await putScript(idpAdapterScriptId, scriptData);\n }\n debugMessage(`Saml2Ops.importDependencies: end`);\n}\n\n/**\n * Find provider in import file and return its location\n * @param {string} entityId64 Base64-encoded provider entity id\n * @param {Saml2ExportInterface} data Import file json data\n * @returns {string} 'hosted' or 'remote' if found, undefined otherwise\n */\nfunction getLocation(\n entityId64: string,\n data: Saml2ExportInterface\n): Saml2ProiderLocation {\n if (data.saml.hosted[entityId64]) {\n return Saml2ProiderLocation.HOSTED;\n }\n if (data.saml.remote[entityId64]) {\n return Saml2ProiderLocation.REMOTE;\n }\n return undefined;\n}\n\n/**\n * Import a SAML entity provider\n * @param {string} entityId Provider entity id\n * @param {Saml2ExportInterface} importData Import data\n */\nexport async function importSaml2Provider(\n entityId: string,\n importData: Saml2ExportInterface\n): Promise<boolean> {\n debugMessage(`Saml2Ops.importSaml2Provider: start`);\n const entityId64 = encode(entityId, false);\n const location = getLocation(entityId64, importData);\n debugMessage(\n `Saml2Ops.importSaml2Provider: entityId=${entityId}, entityId64=${entityId64}, location=${location}`\n );\n if (location) {\n const providerData = importData.saml[location][entityId64];\n await importDependencies(providerData, importData);\n let metaData = null;\n if (location === Saml2ProiderLocation.REMOTE) {\n metaData = convertTextArrayToBase64Url(\n importData.saml.metadata[entityId64]\n );\n }\n try {\n await createProvider(location, providerData, metaData);\n } catch (error) {\n await updateProvider(location, providerData);\n }\n } else {\n throw new Error(`Provider ${entityId} not found in import data!`);\n }\n debugMessage(`Saml2Ops.importSaml2Provider: end`);\n return true;\n}\n\n/**\n * Import SAML entity providers\n * @param {Saml2ExportInterface} importData Import data\n */\nexport async function importSaml2Providers(\n importData: Saml2ExportInterface\n): Promise<MultiOpStatusInterface> {\n debugMessage(`Saml2Ops.importSaml2Providers: start`);\n const myStatus: MultiOpStatusInterface = {\n total: 0,\n successes: 0,\n warnings: 0,\n failures: 0,\n };\n try {\n // find providers in hosted and in remote and map locations\n const hostedIds = Object.keys(importData.saml.hosted);\n const remoteIds = Object.keys(importData.saml.remote);\n const providerIds = hostedIds.concat(remoteIds);\n myStatus.total = providerIds.length;\n for (const entityId64 of providerIds) {\n debugMessage(\n `Saml2Ops.importSaml2Providers: entityId=${decodeBase64Url(entityId64)}`\n );\n const location = hostedIds.includes(entityId64)\n ? Saml2ProiderLocation.HOSTED\n : Saml2ProiderLocation.REMOTE;\n const entityId = decode(entityId64);\n const providerData = importData.saml[location][entityId64];\n try {\n await importDependencies(providerData, importData);\n } catch (importDependenciesErr) {\n myStatus.warnings += 1;\n printMessage(\n `\\nWarning importing dependencies for ${entityId}`,\n 'warn'\n );\n printMessage(importDependenciesErr.response.data, 'error');\n }\n let metaData = null;\n if (location === Saml2ProiderLocation.REMOTE) {\n metaData = convertTextArrayToBase64Url(\n importData.saml.metadata[entityId64]\n );\n }\n try {\n await createProvider(location, providerData, metaData);\n myStatus.successes += 1;\n } catch (createProviderErr) {\n try {\n await updateProvider(location, providerData);\n myStatus.successes += 1;\n } catch (updateProviderError) {\n myStatus.failures += 1;\n printMessage(\n `\\nError importing provider ${entityId}: ${updateProviderError.message}`,\n 'error'\n );\n printMessage(updateProviderError.response?.data, 'error');\n }\n }\n }\n myStatus.message = `${myStatus.successes}/${myStatus.total} providers imported.`;\n } catch (error) {\n myStatus.failures += 1;\n printMessage(`\\nError importing providers ${error.message}`, 'error');\n }\n debugMessage(`Saml2Ops.importSaml2Providers: end`);\n return myStatus;\n}\n\n// Contributions using legacy APIs. Need to investigate if those will be deprecated in the future\n\n/**\n * Deletes entity provider\n * @param {string} entityId The entity id for the entity to be deleted\n * @returns {Promise<Saml2ProviderSkeleton>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function deleteRawSaml2Provider(\n entityId: string\n): Promise<Saml2ProviderSkeleton> {\n debugMessage(`Saml2Ops.deleteSaml2Provider: start [entityId=${entityId}]`);\n const response = await deleteRawProvider(entityId);\n debugMessage(`Saml2Ops.deleteSaml2Provider: end [entityId=${entityId}]`);\n return response;\n}\n\n/**\n * Deletes all entity providers.\n */\nexport async function deleteRawSaml2Providers(): Promise<\n Saml2ProviderSkeleton[]\n> {\n const applicationList = (await getRawSaml2Providers()).result;\n const deleteApplicationPromises = [];\n applicationList.forEach((item) => {\n printMessage(`Deleting Application ${item._id}`, 'error');\n deleteApplicationPromises.push(deleteRawProvider(item._id));\n });\n const deleteApplicationResult = await Promise.all(deleteApplicationPromises);\n if (deleteApplicationResult.length == applicationList.length) {\n printMessage('SAML Entity cleanup done', 'info');\n }\n return deleteApplicationResult;\n}\n\n/**\n * Retrieves all entity providers using the legacy federation enpoints.\n * @returns {Promise} a promise that resolves to an object containing an array of providers\n */\nexport async function getRawSaml2Providers() {\n return _getRawProviders();\n}\n\n/**\n * Retrieves all entity providers using the legacy federation enpoints.\n * @param {string} entityId The entity provider id\n * @returns {Promise} a promise that resolves to an object containing an array of providers\n */\nexport async function getRawSaml2Provider(entityId: string) {\n return _getRawProvider(entityId);\n}\n\n/**\n * Stores a new SAML2 entity provider\n * @param {string} entityId The entity provider id\n * @param {string} entityData The actual data containing the entity provider configuration\n * @returns {Promise} Promise that resolves to a provider object\n */\nexport async function putRawSaml2Provider(entityId: string, entityData) {\n return _putRawProvider(entityId, entityData);\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA;AACA;AAKA;AAcA;AACA;AAOA;AACA;AACA;AAMmC;AAAA;AAAA;AAE5B,IAAMA,OAAO,GAAG;EACrBC,gBAAgB,EAAE,KAAK;EACvBC,eAAe,EAAE,IAAI;EACrBC,sBAAsB,EAAE,WAAW;EACnCC,2BAA2B,EAAE;AAC/B,CAAC;;AAED;AAAA;AACO,SAASC,yBAAyB,GAAyB;EAChE,OAAO;IACLC,IAAI,EAAE,IAAAC,8BAAW,GAAE;IACnBC,MAAM,EAAE,CAAC,CAAC;IACVC,IAAI,EAAE;MACJC,MAAM,EAAE,CAAC,CAAC;MACVC,MAAM,EAAE,CAAC,CAAC;MACVC,QAAQ,EAAE,CAAC;IACb;EACF,CAAC;AACH;;AAEA;AACA;AACA;AACA;AAHA,SAIsBC,qBAAqB;EAAA;AAAA;AAK3C;AACA;AACA;AACA;AACA;AACA;AALA;EAAA,2CALO,aAAqE;IAC1E,IAAM;MAAEC;IAAO,CAAC,SAAS,IAAAC,sBAAY,GAAE;IACvC,OAAOD,MAAM;EACf,CAAC;EAAA;AAAA;AAAA,SAQqBE,0BAA0B;EAAA;AAAA;AAOhD;AACA;AACA;AACA;AACA;AAJA;EAAA,iDAPO,WACLC,QAAgB,EAChBC,UAAkB,EAClB;IACA,OAAO,IAAAC,oCAA2B,EAACF,QAAQ,EAAEC,UAAU,CAAC;EAC1D,CAAC;EAAA;AAAA;AAOM,SAASE,sBAAsB,CAACC,QAAgB,EAAU;EAC/D,OAAO,IAAAC,gCAAuB,EAACD,QAAQ,CAAC;AAC1C;;AAEA;AACA;AACA;AACA;AACA;AAJA,SAKsBE,mBAAmB;EAAA;AAAA;AAIzC;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAJO,WAAmCF,QAAQ,EAAE;IAClD,OAAO,IAAAG,6BAAoB,EAACH,QAAQ,CAAC;EACvC,CAAC;EAAA;AAAA;AAAA,SAOcI,kBAAkB;EAAA;AAAA;AAgCjC;AACA;AACA;AACA;AACA;AAJA;EAAA,wCAhCA,WAAkCC,YAAY,EAAEC,QAAQ,EAAE;IACxD,IAAMC,kBAAkB,GAAGC,eAAC,CAACC,GAAG,CAACJ,YAAY,EAAE,CAC7C,kBAAkB,EAClB,qBAAqB,EACrB,iBAAiB,EACjB,uBAAuB,CACxB,CAAC;IACF,IAAIE,kBAAkB,IAAIA,kBAAkB,KAAK,SAAS,EAAE;MAC1D,IAAMG,UAAU,SAAS,IAAAC,oBAAS,EAACJ,kBAAkB,CAAC;MACtDG,UAAU,CAACvB,MAAM,GAAG,IAAAyB,2CAAwB,EAACF,UAAU,CAACvB,MAAM,CAAC;MAC/D;MACAmB,QAAQ,CAACnB,MAAM,CAACoB,kBAAkB,CAAC,GAAGG,UAAU;IAClD;IACA,IAAMG,kBAAkB,GAAGL,eAAC,CAACC,GAAG,CAACJ,YAAY,EAAE,CAC7C,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACF,IAAIQ,kBAAkB,IAAIA,kBAAkB,KAAK,SAAS,EAAE;MAC1D,IAAMH,WAAU,SAAS,IAAAC,oBAAS,EAACE,kBAAkB,CAAC;MACtDH,WAAU,CAACvB,MAAM,GAAG,IAAAyB,2CAAwB,EAACF,WAAU,CAACvB,MAAM,CAAC;MAC/D;MACAmB,QAAQ,CAACnB,MAAM,CAAC0B,kBAAkB,CAAC,GAAGH,WAAU;IAClD;IACA,IAAMI,gBAAgB,SAASZ,mBAAmB,CAACG,YAAY,CAACL,QAAQ,CAAC;IACzE;IACAM,QAAQ,CAAClB,IAAI,CAACG,QAAQ,CAACc,YAAY,CAACU,GAAG,CAAC,GAAG,IAAAC,8CAA2B,EACpE,IAAAC,qBAAe,EAACH,gBAAgB,CAAC,CAClC;EACH,CAAC;EAAA;AAAA;AAAA,SAOqBI,oBAAoB;EAAA;AAAA;AAiB1C;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAjBO,WACLlB,QAAgB,EACY;IAC5B,IAAAmB,qBAAY,2DAAmDnB,QAAQ,OAAI;IAC3E,IAAMoB,KAAK,SAAS,IAAAC,uBAAa,yBAAiBrB,QAAQ,OAAI;IAC9D,QAAQoB,KAAK,CAACE,WAAW;MACvB,KAAK,CAAC;QACJ,MAAM,IAAIC,KAAK,uCAAgCvB,QAAQ,aAAU;MACnE,KAAK,CAAC;QAAE;UACN,IAAAmB,qBAAY,yDAAiDnB,QAAQ,OAAI;UACzE,OAAOoB,KAAK,CAAC3B,MAAM,CAAC,CAAC,CAAC;QACxB;MACA;QACE,MAAM,IAAI8B,KAAK,8CAAuCvB,QAAQ,aAAU;IAAC;EAE/E,CAAC;EAAA;AAAA;AAAA,SAOqBwB,gBAAgB;EAAA;AAAA;AAYtC;AACA;AACA;AACA;AACA;AAJA;EAAA,sCAZO,WACLxB,QAAgB,EACgB;IAChC,IAAAmB,qBAAY,uDAA+CnB,QAAQ,OAAI;IACvE,IAAMyB,IAAI,SAASP,oBAAoB,CAAClB,QAAQ,CAAC;IACjD,IAAM;MAAEJ;IAAS,CAAC,GAAG6B,IAAI;IACzB,IAAMC,EAAE,GAAGD,IAAI,CAACV,GAAG;IACnB,IAAMV,YAAY,SAASV,0BAA0B,CAACC,QAAQ,EAAE8B,EAAE,CAAC;IACnE,IAAAP,qBAAY,qDAA6CnB,QAAQ,OAAI;IACrE,OAAOK,YAAY;EACrB,CAAC;EAAA;AAAA;AAAA,SAOqBsB,mBAAmB;EAAA;AAAA;AAYzC;AACA;AACA;AACA;AAHA;EAAA,yCAZO,WACL3B,QAAgB,EACgB;IAChC,IAAAmB,qBAAY,0DAAkDnB,QAAQ,OAAI;IAC1E,IAAMyB,IAAI,SAASP,oBAAoB,CAAClB,QAAQ,CAAC;IACjD,IAAM;MAAEJ;IAAS,CAAC,GAAG6B,IAAI;IACzB,IAAMC,EAAE,GAAGD,IAAI,CAACV,GAAG;IACnB,IAAMV,YAAY,SAAS,IAAAuB,uCAA6B,EAAChC,QAAQ,EAAE8B,EAAE,CAAC;IACtE,IAAAP,qBAAY,wDAAgDnB,QAAQ,OAAI;IACxE,OAAOK,YAAY;EACrB,CAAC;EAAA;AAAA;AAAA,SAMqBwB,oBAAoB;EAAA;AAAA;AAiB1C;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAjBO,aAAwE;IAC7E,IAAAV,qBAAY,yCAAwC;IACpD,IAAMW,SAAkC,GAAG,EAAE;IAC7C,IAAMC,KAAK,SAASvC,qBAAqB,EAAE;IAC3C,KAAK,IAAMiC,IAAI,IAAIM,KAAK,EAAE;MACxB,IAAMC,QAAQ,SAAS,IAAAJ,uCAA6B,EAClDH,IAAI,CAAC7B,QAAQ,EACb6B,IAAI,CAACV,GAAG,CACT;MACDe,SAAS,CAACG,IAAI,CAACD,QAAQ,CAAC;IAC1B;IACA,IAAAb,qBAAY,wDACqCW,SAAS,CAACI,MAAM,iBAChE;IACD,OAAOJ,SAAS;EAClB,CAAC;EAAA;AAAA;AAAA,SAOqBK,mBAAmB;EAAA;AAAA;AAezC;AACA;AACA;AACA;AAHA;EAAA,yCAfO,WACLnC,QAAgB,EACe;IAC/B,IAAAmB,qBAAY,0DAAkDnB,QAAQ,OAAI;IAC1E,IAAMoC,UAAU,GAAGpD,yBAAyB,EAAE;IAC9C,IAAMyC,IAAI,SAASP,oBAAoB,CAAClB,QAAQ,CAAC;IACjD,IAAM;MAAEJ;IAAS,CAAC,GAAG6B,IAAI;IACzB,IAAMC,EAAE,GAAGD,IAAI,CAACV,GAAG;IACnB,IAAMV,YAAY,SAASV,0BAA0B,CAACC,QAAQ,EAAE8B,EAAE,CAAC;IACnEU,UAAU,CAAChD,IAAI,CAACqC,IAAI,CAAC7B,QAAQ,CAAC,CAACS,YAAY,CAACU,GAAG,CAAC,GAAGV,YAAY;IAC/D,MAAMD,kBAAkB,CAACC,YAAY,EAAE+B,UAAU,CAAC;IAClD,IAAAjB,qBAAY,wDAAgDnB,QAAQ,OAAI;IACxE,OAAOoC,UAAU;EACnB,CAAC;EAAA;AAAA;AAAA,SAMqBC,oBAAoB;EAAA;AAAA;AAc1C;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAdO,aAAqE;IAC1E,IAAM/B,QAAQ,GAAGtB,yBAAyB,EAAE;IAC5C,IAAM+C,KAAK,SAASvC,qBAAqB,EAAE;IAC3C,KAAK,IAAMiC,IAAI,IAAIM,KAAK,EAAE;MACxB,IAAM1B,YAAY,SAASV,0BAA0B,CACnD8B,IAAI,CAAC7B,QAAQ,EACb6B,IAAI,CAACV,GAAG,CACT;MACD,MAAMX,kBAAkB,CAACC,YAAY,EAAEC,QAAQ,CAAC;MAChDA,QAAQ,CAAClB,IAAI,CAACqC,IAAI,CAAC7B,QAAQ,CAAC,CAACS,YAAY,CAACU,GAAG,CAAC,GAAGV,YAAY;IAC/D;IACA,OAAOC,QAAQ;EACjB,CAAC;EAAA;AAAA;AAAA,SAOcgC,kBAAkB;EAAA;AAAA;AAiCjC;AACA;AACA;AACA;AACA;AACA;AALA;EAAA,wCAjCA,WAAkCjC,YAAY,EAAEC,QAAQ,EAAE;IACxD,IAAAa,qBAAY,uCAAsC;IAClD,IAAMZ,kBAAkB,GAAGC,eAAC,CAACC,GAAG,CAACJ,YAAY,EAAE,CAC7C,kBAAkB,EAClB,qBAAqB,EACrB,iBAAiB,EACjB,uBAAuB,CACxB,CAAC;IACF,IAAIE,kBAAkB,IAAIA,kBAAkB,KAAK,SAAS,EAAE;MAC1D,IAAAY,qBAAY,+DAC4CZ,kBAAkB,EACzE;MACD,IAAMG,UAAU,GAAGF,eAAC,CAACC,GAAG,CAACH,QAAQ,EAAE,CAAC,QAAQ,EAAEC,kBAAkB,CAAC,CAAC;MAClEG,UAAU,CAACvB,MAAM,GAAG,IAAAoD,2CAAwB,EAAC7B,UAAU,CAACvB,MAAM,CAAC;MAC/D,MAAM,IAAAqD,oBAAS,EAACjC,kBAAkB,EAAEG,UAAU,CAAC;IACjD;IACA,IAAMG,kBAAkB,GAAGL,eAAC,CAACC,GAAG,CAACJ,YAAY,EAAE,CAC7C,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACF,IAAIQ,kBAAkB,IAAIA,kBAAkB,KAAK,SAAS,EAAE;MAC1D,IAAAM,qBAAY,0DACuCN,kBAAkB,EACpE;MACD,IAAMH,YAAU,GAAGF,eAAC,CAACC,GAAG,CAACH,QAAQ,EAAE,CAAC,QAAQ,EAAEO,kBAAkB,CAAC,CAAC;MAClEH,YAAU,CAACvB,MAAM,GAAG,IAAAoD,2CAAwB,EAAC7B,YAAU,CAACvB,MAAM,CAAC;MAC/D,MAAM,IAAAqD,oBAAS,EAAC3B,kBAAkB,EAAEH,YAAU,CAAC;IACjD;IACA,IAAAS,qBAAY,qCAAoC;EAClD,CAAC;EAAA;AAAA;AAQD,SAASsB,WAAW,CAClB5C,UAAkB,EAClB6C,IAA0B,EACJ;EACtB,IAAIA,IAAI,CAACtD,IAAI,CAACC,MAAM,CAACQ,UAAU,CAAC,EAAE;IAChC,OAAO8C,8BAAoB,CAACC,MAAM;EACpC;EACA,IAAIF,IAAI,CAACtD,IAAI,CAACE,MAAM,CAACO,UAAU,CAAC,EAAE;IAChC,OAAO8C,8BAAoB,CAACE,MAAM;EACpC;EACA,OAAOC,SAAS;AAClB;;AAEA;AACA;AACA;AACA;AACA;AAJA,SAKsBC,mBAAmB;EAAA;AAAA;AA+BzC;AACA;AACA;AACA;AAHA;EAAA,yCA/BO,WACL/C,QAAgB,EAChBgD,UAAgC,EACd;IAClB,IAAA7B,qBAAY,wCAAuC;IACnD,IAAMtB,UAAU,GAAG,IAAAoD,YAAM,EAACjD,QAAQ,EAAE,KAAK,CAAC;IAC1C,IAAMJ,QAAQ,GAAG6C,WAAW,CAAC5C,UAAU,EAAEmD,UAAU,CAAC;IACpD,IAAA7B,qBAAY,mDACgCnB,QAAQ,0BAAgBH,UAAU,wBAAcD,QAAQ,EACnG;IACD,IAAIA,QAAQ,EAAE;MACZ,IAAMS,YAAY,GAAG2C,UAAU,CAAC5D,IAAI,CAACQ,QAAQ,CAAC,CAACC,UAAU,CAAC;MAC1D,MAAMyC,kBAAkB,CAACjC,YAAY,EAAE2C,UAAU,CAAC;MAClD,IAAIE,QAAQ,GAAG,IAAI;MACnB,IAAItD,QAAQ,KAAK+C,8BAAoB,CAACE,MAAM,EAAE;QAC5CK,QAAQ,GAAG,IAAAC,8CAA2B,EACpCH,UAAU,CAAC5D,IAAI,CAACG,QAAQ,CAACM,UAAU,CAAC,CACrC;MACH;MACA,IAAI;QACF,MAAM,IAAAuD,wBAAc,EAACxD,QAAQ,EAAES,YAAY,EAAE6C,QAAQ,CAAC;MACxD,CAAC,CAAC,OAAOG,KAAK,EAAE;QACd,MAAM,IAAAC,wBAAc,EAAC1D,QAAQ,EAAES,YAAY,CAAC;MAC9C;IACF,CAAC,MAAM;MACL,MAAM,IAAIkB,KAAK,oBAAavB,QAAQ,gCAA6B;IACnE;IACA,IAAAmB,qBAAY,sCAAqC;IACjD,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAAA,SAMqBoC,oBAAoB;EAAA;AAAA,EAmE1C;AAEA;AACA;AACA;AACA;AACA;AAJA;EAAA,0CArEO,WACLP,UAAgC,EACC;IACjC,IAAA7B,qBAAY,yCAAwC;IACpD,IAAMqC,QAAgC,GAAG;MACvCC,KAAK,EAAE,CAAC;MACRC,SAAS,EAAE,CAAC;MACZC,QAAQ,EAAE,CAAC;MACXC,QAAQ,EAAE;IACZ,CAAC;IACD,IAAI;MACF;MACA,IAAMC,SAAS,GAAGC,MAAM,CAACC,IAAI,CAACf,UAAU,CAAC5D,IAAI,CAACC,MAAM,CAAC;MACrD,IAAM2E,SAAS,GAAGF,MAAM,CAACC,IAAI,CAACf,UAAU,CAAC5D,IAAI,CAACE,MAAM,CAAC;MACrD,IAAM2E,WAAW,GAAGJ,SAAS,CAACK,MAAM,CAACF,SAAS,CAAC;MAC/CR,QAAQ,CAACC,KAAK,GAAGQ,WAAW,CAAC/B,MAAM;MACnC,KAAK,IAAMrC,UAAU,IAAIoE,WAAW,EAAE;QACpC,IAAA9C,qBAAY,oDACiC,IAAAgD,qBAAe,EAACtE,UAAU,CAAC,EACvE;QACD,IAAMD,QAAQ,GAAGiE,SAAS,CAACO,QAAQ,CAACvE,UAAU,CAAC,GAC3C8C,8BAAoB,CAACC,MAAM,GAC3BD,8BAAoB,CAACE,MAAM;QAC/B,IAAM7C,QAAQ,GAAG,IAAAqE,YAAM,EAACxE,UAAU,CAAC;QACnC,IAAMQ,YAAY,GAAG2C,UAAU,CAAC5D,IAAI,CAACQ,QAAQ,CAAC,CAACC,UAAU,CAAC;QAC1D,IAAI;UACF,MAAMyC,kBAAkB,CAACjC,YAAY,EAAE2C,UAAU,CAAC;QACpD,CAAC,CAAC,OAAOsB,qBAAqB,EAAE;UAC9Bd,QAAQ,CAACG,QAAQ,IAAI,CAAC;UACtB,IAAAY,qBAAY,iDAC8BvE,QAAQ,GAChD,MAAM,CACP;UACD,IAAAuE,qBAAY,EAACD,qBAAqB,CAACE,QAAQ,CAAC9B,IAAI,EAAE,OAAO,CAAC;QAC5D;QACA,IAAIQ,QAAQ,GAAG,IAAI;QACnB,IAAItD,QAAQ,KAAK+C,8BAAoB,CAACE,MAAM,EAAE;UAC5CK,QAAQ,GAAG,IAAAC,8CAA2B,EACpCH,UAAU,CAAC5D,IAAI,CAACG,QAAQ,CAACM,UAAU,CAAC,CACrC;QACH;QACA,IAAI;UACF,MAAM,IAAAuD,wBAAc,EAACxD,QAAQ,EAAES,YAAY,EAAE6C,QAAQ,CAAC;UACtDM,QAAQ,CAACE,SAAS,IAAI,CAAC;QACzB,CAAC,CAAC,OAAOe,iBAAiB,EAAE;UAC1B,IAAI;YACF,MAAM,IAAAnB,wBAAc,EAAC1D,QAAQ,EAAES,YAAY,CAAC;YAC5CmD,QAAQ,CAACE,SAAS,IAAI,CAAC;UACzB,CAAC,CAAC,OAAOgB,mBAAmB,EAAE;YAAA;YAC5BlB,QAAQ,CAACI,QAAQ,IAAI,CAAC;YACtB,IAAAW,qBAAY,uCACoBvE,QAAQ,eAAK0E,mBAAmB,CAACC,OAAO,GACtE,OAAO,CACR;YACD,IAAAJ,qBAAY,2BAACG,mBAAmB,CAACF,QAAQ,0DAA5B,sBAA8B9B,IAAI,EAAE,OAAO,CAAC;UAC3D;QACF;MACF;MACAc,QAAQ,CAACmB,OAAO,aAAMnB,QAAQ,CAACE,SAAS,cAAIF,QAAQ,CAACC,KAAK,yBAAsB;IAClF,CAAC,CAAC,OAAOJ,KAAK,EAAE;MACdG,QAAQ,CAACI,QAAQ,IAAI,CAAC;MACtB,IAAAW,qBAAY,wCAAgClB,KAAK,CAACsB,OAAO,GAAI,OAAO,CAAC;IACvE;IACA,IAAAxD,qBAAY,uCAAsC;IAClD,OAAOqC,QAAQ;EACjB,CAAC;EAAA;AAAA;AAAA,SASqBoB,sBAAsB;EAAA;AAAA;AAS5C;AACA;AACA;AAFA;EAAA,4CATO,WACL5E,QAAgB,EACgB;IAChC,IAAAmB,qBAAY,0DAAkDnB,QAAQ,OAAI;IAC1E,IAAMwE,QAAQ,SAAS,IAAAK,2BAAiB,EAAC7E,QAAQ,CAAC;IAClD,IAAAmB,qBAAY,wDAAgDnB,QAAQ,OAAI;IACxE,OAAOwE,QAAQ;EACjB,CAAC;EAAA;AAAA;AAAA,SAKqBM,uBAAuB;EAAA;AAAA;AAgB7C;AACA;AACA;AACA;AAHA;EAAA,6CAhBO,aAEL;IACA,IAAMC,eAAe,GAAG,OAAOC,oBAAoB,EAAE,EAAEvF,MAAM;IAC7D,IAAMwF,yBAAyB,GAAG,EAAE;IACpCF,eAAe,CAACG,OAAO,CAAEC,IAAI,IAAK;MAChC,IAAAZ,qBAAY,iCAAyBY,IAAI,CAACpE,GAAG,GAAI,OAAO,CAAC;MACzDkE,yBAAyB,CAAChD,IAAI,CAAC,IAAA4C,2BAAiB,EAACM,IAAI,CAACpE,GAAG,CAAC,CAAC;IAC7D,CAAC,CAAC;IACF,IAAMqE,uBAAuB,SAASC,OAAO,CAACC,GAAG,CAACL,yBAAyB,CAAC;IAC5E,IAAIG,uBAAuB,CAAClD,MAAM,IAAI6C,eAAe,CAAC7C,MAAM,EAAE;MAC5D,IAAAqC,qBAAY,EAAC,0BAA0B,EAAE,MAAM,CAAC;IAClD;IACA,OAAOa,uBAAuB;EAChC,CAAC;EAAA;AAAA;AAAA,SAMqBJ,oBAAoB;EAAA;AAAA;AAI1C;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAJO,aAAsC;IAC3C,OAAO,IAAAO,yBAAgB,GAAE;EAC3B,CAAC;EAAA;AAAA;AAAA,SAOqBC,mBAAmB;EAAA;AAAA;AAIzC;AACA;AACA;AACA;AACA;AACA;AALA;EAAA,yCAJO,WAAmCxF,QAAgB,EAAE;IAC1D,OAAO,IAAAyF,wBAAe,EAACzF,QAAQ,CAAC;EAClC,CAAC;EAAA;AAAA;AAAA,SAQqB0F,mBAAmB;EAAA;AAAA;AAAA;EAAA,yCAAlC,WAAmC1F,QAAgB,EAAE2F,UAAU,EAAE;IACtE,OAAO,IAAAC,wBAAe,EAAC5F,QAAQ,EAAE2F,UAAU,CAAC;EAC9C,CAAC;EAAA;AAAA"}
|
|
1
|
+
{"version":3,"file":"Saml2Ops.js","names":["roleMap","identityProvider","serviceProvider","attributeQueryProvider","xacmlPolicyEnforcementPoint","createSaml2ExportTemplate","meta","getMetadata","script","saml","hosted","remote","metadata","getSaml2ProviderStubs","result","getProviders","getProviderByLocationAndId","location","entityId64","_getProviderByLocationAndId","getProviderMetadataUrl","entityId","_getProviderMetadataUrl","getProviderMetadata","_getProviderMetadata","exportDependencies","providerData","fileData","attrMapperScriptId","_","get","scriptData","getScript","convertBase64TextToArray","idpAdapterScriptId","metaDataResponse","Error","_id","convertBase64UrlTextToArray","encodeBase64Url","getSaml2ProviderStub","debugMessage","found","findProviders","resultCount","getSaml2Provider","stub","id","deleteSaml2Provider","deleteProviderByLocationAndId","deleteSaml2Providers","providers","stubs","provider","push","length","exportSaml2Provider","exportData","error","printMessage","message","exportSaml2Providers","importDependencies","convertTextArrayToBase64","putScript","getLocation","data","Saml2ProiderLocation","HOSTED","REMOTE","undefined","importSaml2Provider","importData","encode","metaData","convertTextArrayToBase64Url","createProvider","updateProvider","importSaml2Providers","myStatus","total","successes","warnings","failures","hostedIds","Object","keys","remoteIds","providerIds","concat","decodeBase64Url","includes","decode","importDependenciesErr","response","createProviderErr","updateProviderError","deleteRawSaml2Provider","deleteRawProvider","deleteRawSaml2Providers","applicationList","getRawSaml2Providers","deleteApplicationPromises","forEach","item","deleteApplicationResult","Promise","all","_getRawProviders","getRawSaml2Provider","_getRawProvider","putRawSaml2Provider","entityData","_putRawProvider"],"sources":["ops/Saml2Ops.ts"],"sourcesContent":["import _ from 'lodash';\nimport {\n Saml2ProiderLocation,\n Saml2ProviderSkeleton,\n Saml2ProviderStub,\n} from '../api/ApiTypes';\nimport {\n createProvider,\n updateProvider,\n deleteRawProvider,\n findProviders,\n getProviderByLocationAndId as _getProviderByLocationAndId,\n getProviderMetadata as _getProviderMetadata,\n getProviderMetadataUrl as _getProviderMetadataUrl,\n getRawProvider as _getRawProvider,\n getProviders,\n getRawProviders as _getRawProviders,\n putRawProvider as _putRawProvider,\n deleteProviderByLocationAndId,\n} from '../api/Saml2Api';\nimport { getScript } from '../api/ScriptApi';\nimport {\n decode,\n decodeBase64Url,\n encode,\n encodeBase64Url,\n} from '../api/utils/Base64';\nimport { MultiOpStatusInterface, Saml2ExportInterface } from './OpsTypes';\nimport { putScript } from './ScriptOps';\nimport { debugMessage, printMessage } from './utils/Console';\nimport {\n convertBase64TextToArray,\n convertBase64UrlTextToArray,\n convertTextArrayToBase64,\n convertTextArrayToBase64Url,\n getMetadata,\n} from './utils/ExportImportUtils';\n\nexport const roleMap = {\n identityProvider: 'IDP',\n serviceProvider: 'SP',\n attributeQueryProvider: 'AttrQuery',\n xacmlPolicyEnforcementPoint: 'XACML PEP',\n};\n\n// use a function vs a template variable to avoid problems in loops\nexport function createSaml2ExportTemplate(): Saml2ExportInterface {\n return {\n meta: getMetadata(),\n script: {},\n saml: {\n hosted: {},\n remote: {},\n metadata: {},\n },\n } as Saml2ExportInterface;\n}\n\n/**\n * Get SAML2 entity provider stubs\n * @returns {Promise<Saml2ProviderStub[]>} a promise that resolves to an array of saml2 entity stubs\n */\nexport async function getSaml2ProviderStubs(): Promise<Saml2ProviderStub[]> {\n const { result } = await getProviders();\n return result;\n}\n\n/**\n * Geta SAML2 entity provider by location and id\n * @param {string} location Entity provider location (hosted or remote)\n * @param {string} entityId64 Base64-encoded-without-padding provider entity id\n * @returns {Promise} a promise that resolves to a saml2 entity provider object\n */\nexport async function getProviderByLocationAndId(\n location: string,\n entityId64: string\n) {\n return _getProviderByLocationAndId(location, entityId64);\n}\n\n/**\n * Get a SAML2 entity provider's metadata URL by entity id\n * @param {string} entityId SAML2 entity id\n * @returns {string} the URL to get the metadata from\n */\nexport function getProviderMetadataUrl(entityId: string): string {\n return _getProviderMetadataUrl(entityId);\n}\n\n/**\n * Get a SAML2 entity provider's metadata by entity id\n * @param {string} entityId SAML2 entity id\n * @returns {Promise<object>} a promise that resolves to an object containing a SAML2 metadata\n */\nexport async function getProviderMetadata(entityId) {\n return _getProviderMetadata(entityId);\n}\n\n/**\n * Include dependencies in the export file\n * @param {object} providerData Object representing a SAML entity provider\n * @param {object} fileData File data object to add dependencies to\n */\nasync function exportDependencies(providerData, fileData) {\n const attrMapperScriptId = _.get(providerData, [\n 'identityProvider',\n 'assertionProcessing',\n 'attributeMapper',\n 'attributeMapperScript',\n ]);\n if (attrMapperScriptId && attrMapperScriptId !== '[Empty]') {\n const scriptData = await getScript(attrMapperScriptId);\n scriptData.script = convertBase64TextToArray(scriptData.script);\n fileData.script[attrMapperScriptId] = scriptData;\n }\n const idpAdapterScriptId = _.get(providerData, [\n 'identityProvider',\n 'advanced',\n 'idpAdapter',\n 'idpAdapterScript',\n ]);\n if (idpAdapterScriptId && idpAdapterScriptId !== '[Empty]') {\n const scriptData = await getScript(idpAdapterScriptId);\n scriptData.script = convertBase64TextToArray(scriptData.script);\n fileData.script[idpAdapterScriptId] = scriptData;\n }\n const metaDataResponse = await getProviderMetadata(providerData.entityId);\n if (!metaDataResponse) {\n throw new Error(\n `Unable to obtain metadata from ${getProviderMetadataUrl(\n providerData.entityId\n )}`\n );\n }\n fileData.saml.metadata[providerData._id] = convertBase64UrlTextToArray(\n encodeBase64Url(metaDataResponse)\n );\n}\n\n/**\n *\n * @param {string} entityId Provider entity id\n * @returns {Promise<Saml2ProviderStub>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function getSaml2ProviderStub(\n entityId: string\n): Promise<Saml2ProviderStub> {\n debugMessage(`Saml2Ops.getSaml2ProviderStub: start [entityId=${entityId}]`);\n const found = await findProviders(`entityId eq '${entityId}'`);\n switch (found.resultCount) {\n case 0:\n throw new Error(`No provider with entity id '${entityId}' found`);\n case 1: {\n debugMessage(`Saml2Ops.getSaml2ProviderStub: end [entityId=${entityId}]`);\n return found.result[0];\n }\n default:\n throw new Error(`Multiple providers with entity id '${entityId}' found`);\n }\n}\n\n/**\n * Export a single entity provider. The response can be saved to file as is.\n * @param {string} entityId Provider entity id\n * @returns {Promise<Saml2ProviderSkeleton>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function getSaml2Provider(\n entityId: string\n): Promise<Saml2ProviderSkeleton> {\n debugMessage(`Saml2Ops.getSaml2Provider: start [entityId=${entityId}]`);\n const stub = await getSaml2ProviderStub(entityId);\n const { location } = stub;\n const id = stub._id;\n const providerData = await getProviderByLocationAndId(location, id);\n debugMessage(`Saml2Ops.getSaml2Provider: end [entityId=${entityId}]`);\n return providerData;\n}\n\n/**\n * Delete an entity provider. The response can be saved to file as is.\n * @param {string} entityId Provider entity id\n * @returns {Promise<Saml2ProviderSkeleton>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function deleteSaml2Provider(\n entityId: string\n): Promise<Saml2ProviderSkeleton> {\n debugMessage(`Saml2Ops.deleteSaml2Provider: start [entityId=${entityId}]`);\n const stub = await getSaml2ProviderStub(entityId);\n const { location } = stub;\n const id = stub._id;\n const providerData = await deleteProviderByLocationAndId(location, id);\n debugMessage(`Saml2Ops.deleteSaml2Provider: end [entityId=${entityId}]`);\n return providerData;\n}\n\n/**\n * Delete all entity providers.\n * @returns {Promise<Saml2ProviderSkeleton[]>} Promise resolving to an array of Saml2ProviderSkeleton objects.\n */\nexport async function deleteSaml2Providers(): Promise<Saml2ProviderSkeleton[]> {\n debugMessage(`Saml2Ops.deleteSaml2Providers: start`);\n const providers: Saml2ProviderSkeleton[] = [];\n const stubs = await getSaml2ProviderStubs();\n for (const stub of stubs) {\n const provider = await deleteProviderByLocationAndId(\n stub.location,\n stub._id\n );\n providers.push(provider);\n }\n debugMessage(\n `Saml2Ops.deleteSaml2Providers: end [deleted ${providers.length} providers]`\n );\n return providers;\n}\n\n/**\n * Export a single entity provider. The response can be saved to file as is.\n * @param {string} entityId Provider entity id\n * @returns {Promise<Saml2ExportInterface>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function exportSaml2Provider(\n entityId: string\n): Promise<Saml2ExportInterface> {\n debugMessage(`Saml2Ops.exportSaml2Provider: start [entityId=${entityId}]`);\n const exportData = createSaml2ExportTemplate();\n const stub = await getSaml2ProviderStub(entityId);\n const { location } = stub;\n const id = stub._id;\n const providerData = await getProviderByLocationAndId(location, id);\n exportData.saml[stub.location][providerData._id] = providerData;\n try {\n await exportDependencies(providerData, exportData);\n } catch (error) {\n printMessage(error.message, 'error');\n }\n debugMessage(`Saml2Ops.exportSaml2Provider: end [entityId=${entityId}]`);\n return exportData;\n}\n\n/**\n * Export all entity providers. The response can be saved to file as is.\n * @returns {Promise<Saml2ExportInterface>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function exportSaml2Providers(): Promise<Saml2ExportInterface> {\n const fileData = createSaml2ExportTemplate();\n const stubs = await getSaml2ProviderStubs();\n for (const stub of stubs) {\n const providerData = await getProviderByLocationAndId(\n stub.location,\n stub._id\n );\n try {\n await exportDependencies(providerData, fileData);\n } catch (error) {\n printMessage(error, 'error');\n }\n fileData.saml[stub.location][providerData._id] = providerData;\n }\n return fileData;\n}\n\n/**\n * Include dependencies from the import file\n * @param {object} providerData Object representing a SAML entity provider\n * @param {object} fileData File data object to read dependencies from\n */\nasync function importDependencies(providerData, fileData) {\n debugMessage(`Saml2Ops.importDependencies: start`);\n const attrMapperScriptId = _.get(providerData, [\n 'identityProvider',\n 'assertionProcessing',\n 'attributeMapper',\n 'attributeMapperScript',\n ]);\n if (attrMapperScriptId && attrMapperScriptId !== '[Empty]') {\n debugMessage(\n `Saml2Ops.importDependencies: attributeMapperScript=${attrMapperScriptId}`\n );\n const scriptData = _.get(fileData, ['script', attrMapperScriptId]);\n scriptData.script = convertTextArrayToBase64(scriptData.script);\n await putScript(attrMapperScriptId, scriptData);\n }\n const idpAdapterScriptId = _.get(providerData, [\n 'identityProvider',\n 'advanced',\n 'idpAdapter',\n 'idpAdapterScript',\n ]);\n if (idpAdapterScriptId && idpAdapterScriptId !== '[Empty]') {\n debugMessage(\n `Saml2Ops.importDependencies: idpAdapterScript=${idpAdapterScriptId}`\n );\n const scriptData = _.get(fileData, ['script', idpAdapterScriptId]);\n scriptData.script = convertTextArrayToBase64(scriptData.script);\n await putScript(idpAdapterScriptId, scriptData);\n }\n debugMessage(`Saml2Ops.importDependencies: end`);\n}\n\n/**\n * Find provider in import file and return its location\n * @param {string} entityId64 Base64-encoded provider entity id\n * @param {Saml2ExportInterface} data Import file json data\n * @returns {string} 'hosted' or 'remote' if found, undefined otherwise\n */\nfunction getLocation(\n entityId64: string,\n data: Saml2ExportInterface\n): Saml2ProiderLocation {\n if (data.saml.hosted[entityId64]) {\n return Saml2ProiderLocation.HOSTED;\n }\n if (data.saml.remote[entityId64]) {\n return Saml2ProiderLocation.REMOTE;\n }\n return undefined;\n}\n\n/**\n * Import a SAML entity provider\n * @param {string} entityId Provider entity id\n * @param {Saml2ExportInterface} importData Import data\n */\nexport async function importSaml2Provider(\n entityId: string,\n importData: Saml2ExportInterface\n): Promise<boolean> {\n debugMessage(`Saml2Ops.importSaml2Provider: start`);\n const entityId64 = encode(entityId, false);\n const location = getLocation(entityId64, importData);\n debugMessage(\n `Saml2Ops.importSaml2Provider: entityId=${entityId}, entityId64=${entityId64}, location=${location}`\n );\n if (location) {\n const providerData = importData.saml[location][entityId64];\n await importDependencies(providerData, importData);\n let metaData = null;\n if (location === Saml2ProiderLocation.REMOTE) {\n metaData = convertTextArrayToBase64Url(\n importData.saml.metadata[entityId64]\n );\n }\n try {\n await createProvider(location, providerData, metaData);\n } catch (error) {\n await updateProvider(location, providerData);\n }\n } else {\n throw new Error(`Provider ${entityId} not found in import data!`);\n }\n debugMessage(`Saml2Ops.importSaml2Provider: end`);\n return true;\n}\n\n/**\n * Import SAML entity providers\n * @param {Saml2ExportInterface} importData Import data\n */\nexport async function importSaml2Providers(\n importData: Saml2ExportInterface\n): Promise<MultiOpStatusInterface> {\n debugMessage(`Saml2Ops.importSaml2Providers: start`);\n const myStatus: MultiOpStatusInterface = {\n total: 0,\n successes: 0,\n warnings: 0,\n failures: 0,\n };\n try {\n // find providers in hosted and in remote and map locations\n const hostedIds = Object.keys(importData.saml.hosted);\n const remoteIds = Object.keys(importData.saml.remote);\n const providerIds = hostedIds.concat(remoteIds);\n myStatus.total = providerIds.length;\n for (const entityId64 of providerIds) {\n debugMessage(\n `Saml2Ops.importSaml2Providers: entityId=${decodeBase64Url(entityId64)}`\n );\n const location = hostedIds.includes(entityId64)\n ? Saml2ProiderLocation.HOSTED\n : Saml2ProiderLocation.REMOTE;\n const entityId = decode(entityId64);\n const providerData = importData.saml[location][entityId64];\n try {\n await importDependencies(providerData, importData);\n } catch (importDependenciesErr) {\n myStatus.warnings += 1;\n printMessage(\n `\\nWarning importing dependencies for ${entityId}`,\n 'warn'\n );\n printMessage(importDependenciesErr.response.data, 'error');\n }\n let metaData = null;\n if (location === Saml2ProiderLocation.REMOTE) {\n metaData = convertTextArrayToBase64Url(\n importData.saml.metadata[entityId64]\n );\n }\n try {\n await createProvider(location, providerData, metaData);\n myStatus.successes += 1;\n } catch (createProviderErr) {\n try {\n await updateProvider(location, providerData);\n myStatus.successes += 1;\n } catch (updateProviderError) {\n myStatus.failures += 1;\n printMessage(\n `\\nError importing provider ${entityId}: ${updateProviderError.message}`,\n 'error'\n );\n printMessage(updateProviderError.response?.data, 'error');\n }\n }\n }\n myStatus.message = `${myStatus.successes}/${myStatus.total} providers imported.`;\n } catch (error) {\n myStatus.failures += 1;\n printMessage(`\\nError importing providers ${error.message}`, 'error');\n }\n debugMessage(`Saml2Ops.importSaml2Providers: end`);\n return myStatus;\n}\n\n// Contributions using legacy APIs. Need to investigate if those will be deprecated in the future\n\n/**\n * Deletes entity provider\n * @param {string} entityId The entity id for the entity to be deleted\n * @returns {Promise<Saml2ProviderSkeleton>} Promise resolving to a Saml2ExportInterface object.\n */\nexport async function deleteRawSaml2Provider(\n entityId: string\n): Promise<Saml2ProviderSkeleton> {\n debugMessage(`Saml2Ops.deleteSaml2Provider: start [entityId=${entityId}]`);\n const response = await deleteRawProvider(entityId);\n debugMessage(`Saml2Ops.deleteSaml2Provider: end [entityId=${entityId}]`);\n return response;\n}\n\n/**\n * Deletes all entity providers.\n */\nexport async function deleteRawSaml2Providers(): Promise<\n Saml2ProviderSkeleton[]\n> {\n const applicationList = (await getRawSaml2Providers()).result;\n const deleteApplicationPromises = [];\n applicationList.forEach((item) => {\n printMessage(`Deleting Application ${item._id}`, 'error');\n deleteApplicationPromises.push(deleteRawProvider(item._id));\n });\n const deleteApplicationResult = await Promise.all(deleteApplicationPromises);\n if (deleteApplicationResult.length == applicationList.length) {\n printMessage('SAML Entity cleanup done', 'info');\n }\n return deleteApplicationResult;\n}\n\n/**\n * Retrieves all entity providers using the legacy federation enpoints.\n * @returns {Promise} a promise that resolves to an object containing an array of providers\n */\nexport async function getRawSaml2Providers() {\n return _getRawProviders();\n}\n\n/**\n * Retrieves all entity providers using the legacy federation enpoints.\n * @param {string} entityId The entity provider id\n * @returns {Promise} a promise that resolves to an object containing an array of providers\n */\nexport async function getRawSaml2Provider(entityId: string) {\n return _getRawProvider(entityId);\n}\n\n/**\n * Stores a new SAML2 entity provider\n * @param {string} entityId The entity provider id\n * @param {string} entityData The actual data containing the entity provider configuration\n * @returns {Promise} Promise that resolves to a provider object\n */\nexport async function putRawSaml2Provider(entityId: string, entityData) {\n return _putRawProvider(entityId, entityData);\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA;AACA;AAKA;AAcA;AACA;AAOA;AACA;AACA;AAMmC;AAAA;AAAA;AAE5B,IAAMA,OAAO,GAAG;EACrBC,gBAAgB,EAAE,KAAK;EACvBC,eAAe,EAAE,IAAI;EACrBC,sBAAsB,EAAE,WAAW;EACnCC,2BAA2B,EAAE;AAC/B,CAAC;;AAED;AAAA;AACO,SAASC,yBAAyB,GAAyB;EAChE,OAAO;IACLC,IAAI,EAAE,IAAAC,8BAAW,GAAE;IACnBC,MAAM,EAAE,CAAC,CAAC;IACVC,IAAI,EAAE;MACJC,MAAM,EAAE,CAAC,CAAC;MACVC,MAAM,EAAE,CAAC,CAAC;MACVC,QAAQ,EAAE,CAAC;IACb;EACF,CAAC;AACH;;AAEA;AACA;AACA;AACA;AAHA,SAIsBC,qBAAqB;EAAA;AAAA;AAK3C;AACA;AACA;AACA;AACA;AACA;AALA;EAAA,2CALO,aAAqE;IAC1E,IAAM;MAAEC;IAAO,CAAC,SAAS,IAAAC,sBAAY,GAAE;IACvC,OAAOD,MAAM;EACf,CAAC;EAAA;AAAA;AAAA,SAQqBE,0BAA0B;EAAA;AAAA;AAOhD;AACA;AACA;AACA;AACA;AAJA;EAAA,iDAPO,WACLC,QAAgB,EAChBC,UAAkB,EAClB;IACA,OAAO,IAAAC,oCAA2B,EAACF,QAAQ,EAAEC,UAAU,CAAC;EAC1D,CAAC;EAAA;AAAA;AAOM,SAASE,sBAAsB,CAACC,QAAgB,EAAU;EAC/D,OAAO,IAAAC,gCAAuB,EAACD,QAAQ,CAAC;AAC1C;;AAEA;AACA;AACA;AACA;AACA;AAJA,SAKsBE,mBAAmB;EAAA;AAAA;AAIzC;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAJO,WAAmCF,QAAQ,EAAE;IAClD,OAAO,IAAAG,6BAAoB,EAACH,QAAQ,CAAC;EACvC,CAAC;EAAA;AAAA;AAAA,SAOcI,kBAAkB;EAAA;AAAA;AAoCjC;AACA;AACA;AACA;AACA;AAJA;EAAA,wCApCA,WAAkCC,YAAY,EAAEC,QAAQ,EAAE;IACxD,IAAMC,kBAAkB,GAAGC,eAAC,CAACC,GAAG,CAACJ,YAAY,EAAE,CAC7C,kBAAkB,EAClB,qBAAqB,EACrB,iBAAiB,EACjB,uBAAuB,CACxB,CAAC;IACF,IAAIE,kBAAkB,IAAIA,kBAAkB,KAAK,SAAS,EAAE;MAC1D,IAAMG,UAAU,SAAS,IAAAC,oBAAS,EAACJ,kBAAkB,CAAC;MACtDG,UAAU,CAACvB,MAAM,GAAG,IAAAyB,2CAAwB,EAACF,UAAU,CAACvB,MAAM,CAAC;MAC/DmB,QAAQ,CAACnB,MAAM,CAACoB,kBAAkB,CAAC,GAAGG,UAAU;IAClD;IACA,IAAMG,kBAAkB,GAAGL,eAAC,CAACC,GAAG,CAACJ,YAAY,EAAE,CAC7C,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACF,IAAIQ,kBAAkB,IAAIA,kBAAkB,KAAK,SAAS,EAAE;MAC1D,IAAMH,WAAU,SAAS,IAAAC,oBAAS,EAACE,kBAAkB,CAAC;MACtDH,WAAU,CAACvB,MAAM,GAAG,IAAAyB,2CAAwB,EAACF,WAAU,CAACvB,MAAM,CAAC;MAC/DmB,QAAQ,CAACnB,MAAM,CAAC0B,kBAAkB,CAAC,GAAGH,WAAU;IAClD;IACA,IAAMI,gBAAgB,SAASZ,mBAAmB,CAACG,YAAY,CAACL,QAAQ,CAAC;IACzE,IAAI,CAACc,gBAAgB,EAAE;MACrB,MAAM,IAAIC,KAAK,0CACqBhB,sBAAsB,CACtDM,YAAY,CAACL,QAAQ,CACtB,EACF;IACH;IACAM,QAAQ,CAAClB,IAAI,CAACG,QAAQ,CAACc,YAAY,CAACW,GAAG,CAAC,GAAG,IAAAC,8CAA2B,EACpE,IAAAC,qBAAe,EAACJ,gBAAgB,CAAC,CAClC;EACH,CAAC;EAAA;AAAA;AAAA,SAOqBK,oBAAoB;EAAA;AAAA;AAiB1C;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAjBO,WACLnB,QAAgB,EACY;IAC5B,IAAAoB,qBAAY,2DAAmDpB,QAAQ,OAAI;IAC3E,IAAMqB,KAAK,SAAS,IAAAC,uBAAa,yBAAiBtB,QAAQ,OAAI;IAC9D,QAAQqB,KAAK,CAACE,WAAW;MACvB,KAAK,CAAC;QACJ,MAAM,IAAIR,KAAK,uCAAgCf,QAAQ,aAAU;MACnE,KAAK,CAAC;QAAE;UACN,IAAAoB,qBAAY,yDAAiDpB,QAAQ,OAAI;UACzE,OAAOqB,KAAK,CAAC5B,MAAM,CAAC,CAAC,CAAC;QACxB;MACA;QACE,MAAM,IAAIsB,KAAK,8CAAuCf,QAAQ,aAAU;IAAC;EAE/E,CAAC;EAAA;AAAA;AAAA,SAOqBwB,gBAAgB;EAAA;AAAA;AAYtC;AACA;AACA;AACA;AACA;AAJA;EAAA,sCAZO,WACLxB,QAAgB,EACgB;IAChC,IAAAoB,qBAAY,uDAA+CpB,QAAQ,OAAI;IACvE,IAAMyB,IAAI,SAASN,oBAAoB,CAACnB,QAAQ,CAAC;IACjD,IAAM;MAAEJ;IAAS,CAAC,GAAG6B,IAAI;IACzB,IAAMC,EAAE,GAAGD,IAAI,CAACT,GAAG;IACnB,IAAMX,YAAY,SAASV,0BAA0B,CAACC,QAAQ,EAAE8B,EAAE,CAAC;IACnE,IAAAN,qBAAY,qDAA6CpB,QAAQ,OAAI;IACrE,OAAOK,YAAY;EACrB,CAAC;EAAA;AAAA;AAAA,SAOqBsB,mBAAmB;EAAA;AAAA;AAYzC;AACA;AACA;AACA;AAHA;EAAA,yCAZO,WACL3B,QAAgB,EACgB;IAChC,IAAAoB,qBAAY,0DAAkDpB,QAAQ,OAAI;IAC1E,IAAMyB,IAAI,SAASN,oBAAoB,CAACnB,QAAQ,CAAC;IACjD,IAAM;MAAEJ;IAAS,CAAC,GAAG6B,IAAI;IACzB,IAAMC,EAAE,GAAGD,IAAI,CAACT,GAAG;IACnB,IAAMX,YAAY,SAAS,IAAAuB,uCAA6B,EAAChC,QAAQ,EAAE8B,EAAE,CAAC;IACtE,IAAAN,qBAAY,wDAAgDpB,QAAQ,OAAI;IACxE,OAAOK,YAAY;EACrB,CAAC;EAAA;AAAA;AAAA,SAMqBwB,oBAAoB;EAAA;AAAA;AAiB1C;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAjBO,aAAwE;IAC7E,IAAAT,qBAAY,yCAAwC;IACpD,IAAMU,SAAkC,GAAG,EAAE;IAC7C,IAAMC,KAAK,SAASvC,qBAAqB,EAAE;IAC3C,KAAK,IAAMiC,IAAI,IAAIM,KAAK,EAAE;MACxB,IAAMC,QAAQ,SAAS,IAAAJ,uCAA6B,EAClDH,IAAI,CAAC7B,QAAQ,EACb6B,IAAI,CAACT,GAAG,CACT;MACDc,SAAS,CAACG,IAAI,CAACD,QAAQ,CAAC;IAC1B;IACA,IAAAZ,qBAAY,wDACqCU,SAAS,CAACI,MAAM,iBAChE;IACD,OAAOJ,SAAS;EAClB,CAAC;EAAA;AAAA;AAAA,SAOqBK,mBAAmB;EAAA;AAAA;AAmBzC;AACA;AACA;AACA;AAHA;EAAA,yCAnBO,WACLnC,QAAgB,EACe;IAC/B,IAAAoB,qBAAY,0DAAkDpB,QAAQ,OAAI;IAC1E,IAAMoC,UAAU,GAAGpD,yBAAyB,EAAE;IAC9C,IAAMyC,IAAI,SAASN,oBAAoB,CAACnB,QAAQ,CAAC;IACjD,IAAM;MAAEJ;IAAS,CAAC,GAAG6B,IAAI;IACzB,IAAMC,EAAE,GAAGD,IAAI,CAACT,GAAG;IACnB,IAAMX,YAAY,SAASV,0BAA0B,CAACC,QAAQ,EAAE8B,EAAE,CAAC;IACnEU,UAAU,CAAChD,IAAI,CAACqC,IAAI,CAAC7B,QAAQ,CAAC,CAACS,YAAY,CAACW,GAAG,CAAC,GAAGX,YAAY;IAC/D,IAAI;MACF,MAAMD,kBAAkB,CAACC,YAAY,EAAE+B,UAAU,CAAC;IACpD,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd,IAAAC,qBAAY,EAACD,KAAK,CAACE,OAAO,EAAE,OAAO,CAAC;IACtC;IACA,IAAAnB,qBAAY,wDAAgDpB,QAAQ,OAAI;IACxE,OAAOoC,UAAU;EACnB,CAAC;EAAA;AAAA;AAAA,SAMqBI,oBAAoB;EAAA;AAAA;AAkB1C;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAlBO,aAAqE;IAC1E,IAAMlC,QAAQ,GAAGtB,yBAAyB,EAAE;IAC5C,IAAM+C,KAAK,SAASvC,qBAAqB,EAAE;IAC3C,KAAK,IAAMiC,IAAI,IAAIM,KAAK,EAAE;MACxB,IAAM1B,YAAY,SAASV,0BAA0B,CACnD8B,IAAI,CAAC7B,QAAQ,EACb6B,IAAI,CAACT,GAAG,CACT;MACD,IAAI;QACF,MAAMZ,kBAAkB,CAACC,YAAY,EAAEC,QAAQ,CAAC;MAClD,CAAC,CAAC,OAAO+B,KAAK,EAAE;QACd,IAAAC,qBAAY,EAACD,KAAK,EAAE,OAAO,CAAC;MAC9B;MACA/B,QAAQ,CAAClB,IAAI,CAACqC,IAAI,CAAC7B,QAAQ,CAAC,CAACS,YAAY,CAACW,GAAG,CAAC,GAAGX,YAAY;IAC/D;IACA,OAAOC,QAAQ;EACjB,CAAC;EAAA;AAAA;AAAA,SAOcmC,kBAAkB;EAAA;AAAA;AAiCjC;AACA;AACA;AACA;AACA;AACA;AALA;EAAA,wCAjCA,WAAkCpC,YAAY,EAAEC,QAAQ,EAAE;IACxD,IAAAc,qBAAY,uCAAsC;IAClD,IAAMb,kBAAkB,GAAGC,eAAC,CAACC,GAAG,CAACJ,YAAY,EAAE,CAC7C,kBAAkB,EAClB,qBAAqB,EACrB,iBAAiB,EACjB,uBAAuB,CACxB,CAAC;IACF,IAAIE,kBAAkB,IAAIA,kBAAkB,KAAK,SAAS,EAAE;MAC1D,IAAAa,qBAAY,+DAC4Cb,kBAAkB,EACzE;MACD,IAAMG,UAAU,GAAGF,eAAC,CAACC,GAAG,CAACH,QAAQ,EAAE,CAAC,QAAQ,EAAEC,kBAAkB,CAAC,CAAC;MAClEG,UAAU,CAACvB,MAAM,GAAG,IAAAuD,2CAAwB,EAAChC,UAAU,CAACvB,MAAM,CAAC;MAC/D,MAAM,IAAAwD,oBAAS,EAACpC,kBAAkB,EAAEG,UAAU,CAAC;IACjD;IACA,IAAMG,kBAAkB,GAAGL,eAAC,CAACC,GAAG,CAACJ,YAAY,EAAE,CAC7C,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,kBAAkB,CACnB,CAAC;IACF,IAAIQ,kBAAkB,IAAIA,kBAAkB,KAAK,SAAS,EAAE;MAC1D,IAAAO,qBAAY,0DACuCP,kBAAkB,EACpE;MACD,IAAMH,YAAU,GAAGF,eAAC,CAACC,GAAG,CAACH,QAAQ,EAAE,CAAC,QAAQ,EAAEO,kBAAkB,CAAC,CAAC;MAClEH,YAAU,CAACvB,MAAM,GAAG,IAAAuD,2CAAwB,EAAChC,YAAU,CAACvB,MAAM,CAAC;MAC/D,MAAM,IAAAwD,oBAAS,EAAC9B,kBAAkB,EAAEH,YAAU,CAAC;IACjD;IACA,IAAAU,qBAAY,qCAAoC;EAClD,CAAC;EAAA;AAAA;AAQD,SAASwB,WAAW,CAClB/C,UAAkB,EAClBgD,IAA0B,EACJ;EACtB,IAAIA,IAAI,CAACzD,IAAI,CAACC,MAAM,CAACQ,UAAU,CAAC,EAAE;IAChC,OAAOiD,8BAAoB,CAACC,MAAM;EACpC;EACA,IAAIF,IAAI,CAACzD,IAAI,CAACE,MAAM,CAACO,UAAU,CAAC,EAAE;IAChC,OAAOiD,8BAAoB,CAACE,MAAM;EACpC;EACA,OAAOC,SAAS;AAClB;;AAEA;AACA;AACA;AACA;AACA;AAJA,SAKsBC,mBAAmB;EAAA;AAAA;AA+BzC;AACA;AACA;AACA;AAHA;EAAA,yCA/BO,WACLlD,QAAgB,EAChBmD,UAAgC,EACd;IAClB,IAAA/B,qBAAY,wCAAuC;IACnD,IAAMvB,UAAU,GAAG,IAAAuD,YAAM,EAACpD,QAAQ,EAAE,KAAK,CAAC;IAC1C,IAAMJ,QAAQ,GAAGgD,WAAW,CAAC/C,UAAU,EAAEsD,UAAU,CAAC;IACpD,IAAA/B,qBAAY,mDACgCpB,QAAQ,0BAAgBH,UAAU,wBAAcD,QAAQ,EACnG;IACD,IAAIA,QAAQ,EAAE;MACZ,IAAMS,YAAY,GAAG8C,UAAU,CAAC/D,IAAI,CAACQ,QAAQ,CAAC,CAACC,UAAU,CAAC;MAC1D,MAAM4C,kBAAkB,CAACpC,YAAY,EAAE8C,UAAU,CAAC;MAClD,IAAIE,QAAQ,GAAG,IAAI;MACnB,IAAIzD,QAAQ,KAAKkD,8BAAoB,CAACE,MAAM,EAAE;QAC5CK,QAAQ,GAAG,IAAAC,8CAA2B,EACpCH,UAAU,CAAC/D,IAAI,CAACG,QAAQ,CAACM,UAAU,CAAC,CACrC;MACH;MACA,IAAI;QACF,MAAM,IAAA0D,wBAAc,EAAC3D,QAAQ,EAAES,YAAY,EAAEgD,QAAQ,CAAC;MACxD,CAAC,CAAC,OAAOhB,KAAK,EAAE;QACd,MAAM,IAAAmB,wBAAc,EAAC5D,QAAQ,EAAES,YAAY,CAAC;MAC9C;IACF,CAAC,MAAM;MACL,MAAM,IAAIU,KAAK,oBAAaf,QAAQ,gCAA6B;IACnE;IACA,IAAAoB,qBAAY,sCAAqC;IACjD,OAAO,IAAI;EACb,CAAC;EAAA;AAAA;AAAA,SAMqBqC,oBAAoB;EAAA;AAAA,EAmE1C;AAEA;AACA;AACA;AACA;AACA;AAJA;EAAA,0CArEO,WACLN,UAAgC,EACC;IACjC,IAAA/B,qBAAY,yCAAwC;IACpD,IAAMsC,QAAgC,GAAG;MACvCC,KAAK,EAAE,CAAC;MACRC,SAAS,EAAE,CAAC;MACZC,QAAQ,EAAE,CAAC;MACXC,QAAQ,EAAE;IACZ,CAAC;IACD,IAAI;MACF;MACA,IAAMC,SAAS,GAAGC,MAAM,CAACC,IAAI,CAACd,UAAU,CAAC/D,IAAI,CAACC,MAAM,CAAC;MACrD,IAAM6E,SAAS,GAAGF,MAAM,CAACC,IAAI,CAACd,UAAU,CAAC/D,IAAI,CAACE,MAAM,CAAC;MACrD,IAAM6E,WAAW,GAAGJ,SAAS,CAACK,MAAM,CAACF,SAAS,CAAC;MAC/CR,QAAQ,CAACC,KAAK,GAAGQ,WAAW,CAACjC,MAAM;MACnC,KAAK,IAAMrC,UAAU,IAAIsE,WAAW,EAAE;QACpC,IAAA/C,qBAAY,oDACiC,IAAAiD,qBAAe,EAACxE,UAAU,CAAC,EACvE;QACD,IAAMD,QAAQ,GAAGmE,SAAS,CAACO,QAAQ,CAACzE,UAAU,CAAC,GAC3CiD,8BAAoB,CAACC,MAAM,GAC3BD,8BAAoB,CAACE,MAAM;QAC/B,IAAMhD,QAAQ,GAAG,IAAAuE,YAAM,EAAC1E,UAAU,CAAC;QACnC,IAAMQ,YAAY,GAAG8C,UAAU,CAAC/D,IAAI,CAACQ,QAAQ,CAAC,CAACC,UAAU,CAAC;QAC1D,IAAI;UACF,MAAM4C,kBAAkB,CAACpC,YAAY,EAAE8C,UAAU,CAAC;QACpD,CAAC,CAAC,OAAOqB,qBAAqB,EAAE;UAC9Bd,QAAQ,CAACG,QAAQ,IAAI,CAAC;UACtB,IAAAvB,qBAAY,iDAC8BtC,QAAQ,GAChD,MAAM,CACP;UACD,IAAAsC,qBAAY,EAACkC,qBAAqB,CAACC,QAAQ,CAAC5B,IAAI,EAAE,OAAO,CAAC;QAC5D;QACA,IAAIQ,QAAQ,GAAG,IAAI;QACnB,IAAIzD,QAAQ,KAAKkD,8BAAoB,CAACE,MAAM,EAAE;UAC5CK,QAAQ,GAAG,IAAAC,8CAA2B,EACpCH,UAAU,CAAC/D,IAAI,CAACG,QAAQ,CAACM,UAAU,CAAC,CACrC;QACH;QACA,IAAI;UACF,MAAM,IAAA0D,wBAAc,EAAC3D,QAAQ,EAAES,YAAY,EAAEgD,QAAQ,CAAC;UACtDK,QAAQ,CAACE,SAAS,IAAI,CAAC;QACzB,CAAC,CAAC,OAAOc,iBAAiB,EAAE;UAC1B,IAAI;YACF,MAAM,IAAAlB,wBAAc,EAAC5D,QAAQ,EAAES,YAAY,CAAC;YAC5CqD,QAAQ,CAACE,SAAS,IAAI,CAAC;UACzB,CAAC,CAAC,OAAOe,mBAAmB,EAAE;YAAA;YAC5BjB,QAAQ,CAACI,QAAQ,IAAI,CAAC;YACtB,IAAAxB,qBAAY,uCACoBtC,QAAQ,eAAK2E,mBAAmB,CAACpC,OAAO,GACtE,OAAO,CACR;YACD,IAAAD,qBAAY,2BAACqC,mBAAmB,CAACF,QAAQ,0DAA5B,sBAA8B5B,IAAI,EAAE,OAAO,CAAC;UAC3D;QACF;MACF;MACAa,QAAQ,CAACnB,OAAO,aAAMmB,QAAQ,CAACE,SAAS,cAAIF,QAAQ,CAACC,KAAK,yBAAsB;IAClF,CAAC,CAAC,OAAOtB,KAAK,EAAE;MACdqB,QAAQ,CAACI,QAAQ,IAAI,CAAC;MACtB,IAAAxB,qBAAY,wCAAgCD,KAAK,CAACE,OAAO,GAAI,OAAO,CAAC;IACvE;IACA,IAAAnB,qBAAY,uCAAsC;IAClD,OAAOsC,QAAQ;EACjB,CAAC;EAAA;AAAA;AAAA,SASqBkB,sBAAsB;EAAA;AAAA;AAS5C;AACA;AACA;AAFA;EAAA,4CATO,WACL5E,QAAgB,EACgB;IAChC,IAAAoB,qBAAY,0DAAkDpB,QAAQ,OAAI;IAC1E,IAAMyE,QAAQ,SAAS,IAAAI,2BAAiB,EAAC7E,QAAQ,CAAC;IAClD,IAAAoB,qBAAY,wDAAgDpB,QAAQ,OAAI;IACxE,OAAOyE,QAAQ;EACjB,CAAC;EAAA;AAAA;AAAA,SAKqBK,uBAAuB;EAAA;AAAA;AAgB7C;AACA;AACA;AACA;AAHA;EAAA,6CAhBO,aAEL;IACA,IAAMC,eAAe,GAAG,OAAOC,oBAAoB,EAAE,EAAEvF,MAAM;IAC7D,IAAMwF,yBAAyB,GAAG,EAAE;IACpCF,eAAe,CAACG,OAAO,CAAEC,IAAI,IAAK;MAChC,IAAA7C,qBAAY,iCAAyB6C,IAAI,CAACnE,GAAG,GAAI,OAAO,CAAC;MACzDiE,yBAAyB,CAAChD,IAAI,CAAC,IAAA4C,2BAAiB,EAACM,IAAI,CAACnE,GAAG,CAAC,CAAC;IAC7D,CAAC,CAAC;IACF,IAAMoE,uBAAuB,SAASC,OAAO,CAACC,GAAG,CAACL,yBAAyB,CAAC;IAC5E,IAAIG,uBAAuB,CAAClD,MAAM,IAAI6C,eAAe,CAAC7C,MAAM,EAAE;MAC5D,IAAAI,qBAAY,EAAC,0BAA0B,EAAE,MAAM,CAAC;IAClD;IACA,OAAO8C,uBAAuB;EAChC,CAAC;EAAA;AAAA;AAAA,SAMqBJ,oBAAoB;EAAA;AAAA;AAI1C;AACA;AACA;AACA;AACA;AAJA;EAAA,0CAJO,aAAsC;IAC3C,OAAO,IAAAO,yBAAgB,GAAE;EAC3B,CAAC;EAAA;AAAA;AAAA,SAOqBC,mBAAmB;EAAA;AAAA;AAIzC;AACA;AACA;AACA;AACA;AACA;AALA;EAAA,yCAJO,WAAmCxF,QAAgB,EAAE;IAC1D,OAAO,IAAAyF,wBAAe,EAACzF,QAAQ,CAAC;EAClC,CAAC;EAAA;AAAA;AAAA,SAQqB0F,mBAAmB;EAAA;AAAA;AAAA;EAAA,yCAAlC,WAAmC1F,QAAgB,EAAE2F,UAAU,EAAE;IACtE,OAAO,IAAAC,wBAAe,EAAC5F,QAAQ,EAAE2F,UAAU,CAAC;EAC9C,CAAC;EAAA;AAAA"}
|
package/cjs/ops/cloud/LogOps.js
CHANGED
|
@@ -138,27 +138,29 @@ function _provisionCreds() {
|
|
|
138
138
|
_provisionCreds = _asyncToGenerator(function* () {
|
|
139
139
|
try {
|
|
140
140
|
var keyName = "frodo-".concat(state.getUsername());
|
|
141
|
-
|
|
142
|
-
response.
|
|
141
|
+
try {
|
|
142
|
+
var response = yield (0, LogApi.getAPIKeys)();
|
|
143
|
+
for (var k of response.result) {
|
|
143
144
|
if (k.name === keyName) {
|
|
144
145
|
// append current timestamp to name if the named key already exists
|
|
145
146
|
keyName = "".concat(keyName, "-").concat((0, _ExportImportUtils.getCurrentTimestamp)());
|
|
146
147
|
}
|
|
147
|
-
}
|
|
148
|
-
|
|
148
|
+
}
|
|
149
|
+
try {
|
|
150
|
+
var resp = yield (0, LogApi.createAPIKeyAndSecret)(keyName);
|
|
149
151
|
if (resp.data.name !== keyName) {
|
|
150
152
|
(0, _Console.printMessage)("create keys ERROR: could not create log API key ".concat(keyName), 'error');
|
|
151
153
|
return null;
|
|
152
154
|
}
|
|
153
|
-
(0, _Console.
|
|
155
|
+
(0, _Console.verboseMessage)("Created a new log API key [".concat(keyName, "] in ").concat(state.getHost()));
|
|
154
156
|
return resp.data;
|
|
155
|
-
}
|
|
157
|
+
} catch (error) {
|
|
156
158
|
(0, _Console.printMessage)("create keys ERROR: create keys call returned ".concat(error), 'error');
|
|
157
159
|
return null;
|
|
158
|
-
}
|
|
159
|
-
}
|
|
160
|
+
}
|
|
161
|
+
} catch (error) {
|
|
160
162
|
(0, _Console.printMessage)("get keys ERROR: get keys call returned ".concat(error), 'error');
|
|
161
|
-
}
|
|
163
|
+
}
|
|
162
164
|
} catch (e) {
|
|
163
165
|
(0, _Console.printMessage)("create keys ERROR: create keys data error - ".concat(e), 'error');
|
|
164
166
|
return null;
|