@rockcarver/frodo-lib 2.0.0-3 → 2.0.0-4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/CHANGELOG.md +5 -1
  2. package/cjs/api/AgentApi.js +64 -16
  3. package/cjs/api/AgentApi.js.map +1 -1
  4. package/cjs/api/ApiTypes.js +0 -55
  5. package/cjs/api/ApiTypes.js.map +1 -1
  6. package/cjs/api/BaseApi.js +21 -11
  7. package/cjs/api/BaseApi.js.map +1 -1
  8. package/cjs/api/cloud/SecretsApi.js +7 -14
  9. package/cjs/api/cloud/SecretsApi.js.map +1 -1
  10. package/cjs/api/cloud/SecretsApi.test.js.map +1 -1
  11. package/cjs/ops/AdminOps.js +254 -60
  12. package/cjs/ops/AdminOps.js.map +1 -1
  13. package/cjs/ops/AgentOps.js +352 -108
  14. package/cjs/ops/AgentOps.js.map +1 -1
  15. package/cjs/ops/AuthenticateOps.js +253 -60
  16. package/cjs/ops/AuthenticateOps.js.map +1 -1
  17. package/cjs/ops/CirclesOfTrustOps.js +16 -4
  18. package/cjs/ops/CirclesOfTrustOps.js.map +1 -1
  19. package/cjs/ops/ConnectionProfileOps.js +163 -40
  20. package/cjs/ops/ConnectionProfileOps.js.map +1 -1
  21. package/cjs/ops/EmailTemplateOps.js +7 -1
  22. package/cjs/ops/EmailTemplateOps.js.map +1 -1
  23. package/cjs/ops/IdpOps.js +55 -12
  24. package/cjs/ops/IdpOps.js.map +1 -1
  25. package/cjs/ops/JourneyOps.js +645 -136
  26. package/cjs/ops/JourneyOps.js.map +1 -1
  27. package/cjs/ops/NodeOps.js +96 -24
  28. package/cjs/ops/NodeOps.js.map +1 -1
  29. package/cjs/ops/OAuth2ClientOps.js +45 -11
  30. package/cjs/ops/OAuth2ClientOps.js.map +1 -1
  31. package/cjs/ops/OpsTypes.js +0 -23
  32. package/cjs/ops/OpsTypes.js.map +1 -1
  33. package/cjs/ops/OrganizationOps.js +44 -10
  34. package/cjs/ops/OrganizationOps.js.map +1 -1
  35. package/cjs/ops/PolicyOps.js +86 -24
  36. package/cjs/ops/PolicyOps.js.map +1 -1
  37. package/cjs/ops/PolicySetOps.js +72 -18
  38. package/cjs/ops/PolicySetOps.js.map +1 -1
  39. package/cjs/ops/ResourceTypeOps.js +24 -6
  40. package/cjs/ops/ResourceTypeOps.js.map +1 -1
  41. package/cjs/ops/Saml2Ops.js +120 -33
  42. package/cjs/ops/Saml2Ops.js.map +1 -1
  43. package/cjs/ops/Saml2Ops.test.js.map +1 -1
  44. package/cjs/ops/ScriptOps.js +73 -17
  45. package/cjs/ops/ScriptOps.js.map +1 -1
  46. package/cjs/ops/ServiceOps.js +152 -35
  47. package/cjs/ops/ServiceOps.js.map +1 -1
  48. package/cjs/ops/ThemeOps.js +20 -5
  49. package/cjs/ops/ThemeOps.js.map +1 -1
  50. package/cjs/ops/cloud/FeatureOps.js +4 -1
  51. package/cjs/ops/cloud/FeatureOps.js.map +1 -1
  52. package/cjs/ops/cloud/SecretsOps.js.map +1 -1
  53. package/cjs/ops/cloud/ServiceAccountOps.js +24 -6
  54. package/cjs/ops/cloud/ServiceAccountOps.js.map +1 -1
  55. package/cjs/ops/cloud/StartupOps.js +55 -11
  56. package/cjs/ops/cloud/StartupOps.js.map +1 -1
  57. package/cjs/ops/utils/Console.js +47 -22
  58. package/cjs/ops/utils/Console.js.map +1 -1
  59. package/cjs/ops/utils/DataProtection.js +12 -5
  60. package/cjs/ops/utils/DataProtection.js.map +1 -1
  61. package/cjs/ops/utils/DataProtection.test.js.map +1 -1
  62. package/cjs/ops/utils/ExportImportUtils.js +15 -8
  63. package/cjs/ops/utils/ExportImportUtils.js.map +1 -1
  64. package/cjs/ops/utils/ScriptValidationUtils.js +33 -8
  65. package/cjs/ops/utils/ScriptValidationUtils.js.map +1 -1
  66. package/cjs/ops/utils/ScriptValidationUtils.test.js.map +1 -1
  67. package/cjs/utils/SetupPollyForFrodoLib.js +67 -19
  68. package/cjs/utils/SetupPollyForFrodoLib.js.map +1 -1
  69. package/esm/api/AgentApi.mjs +64 -16
  70. package/esm/api/ApiTypes.mjs +1 -50
  71. package/esm/api/BaseApi.mjs +21 -11
  72. package/esm/api/cloud/SecretsApi.mjs +0 -5
  73. package/esm/api/cloud/SecretsApi.test.mjs +3 -3
  74. package/esm/ops/AdminOps.mjs +254 -60
  75. package/esm/ops/AgentOps.mjs +352 -104
  76. package/esm/ops/AuthenticateOps.mjs +253 -60
  77. package/esm/ops/CirclesOfTrustOps.mjs +16 -4
  78. package/esm/ops/ConnectionProfileOps.mjs +163 -40
  79. package/esm/ops/EmailTemplateOps.mjs +5 -0
  80. package/esm/ops/IdpOps.mjs +55 -12
  81. package/esm/ops/JourneyOps.mjs +639 -132
  82. package/esm/ops/NodeOps.mjs +90 -19
  83. package/esm/ops/OAuth2ClientOps.mjs +45 -11
  84. package/esm/ops/OpsTypes.mjs +1 -22
  85. package/esm/ops/OrganizationOps.mjs +44 -10
  86. package/esm/ops/PolicyOps.mjs +86 -24
  87. package/esm/ops/PolicySetOps.mjs +72 -18
  88. package/esm/ops/ResourceTypeOps.mjs +24 -6
  89. package/esm/ops/Saml2Ops.mjs +120 -33
  90. package/esm/ops/Saml2Ops.test.mjs +10 -11
  91. package/esm/ops/ScriptOps.mjs +73 -17
  92. package/esm/ops/ServiceOps.mjs +152 -35
  93. package/esm/ops/ThemeOps.mjs +20 -5
  94. package/esm/ops/cloud/FeatureOps.mjs +4 -1
  95. package/esm/ops/cloud/ServiceAccountOps.mjs +24 -6
  96. package/esm/ops/cloud/StartupOps.mjs +55 -11
  97. package/esm/ops/utils/Console.mjs +33 -9
  98. package/esm/ops/utils/DataProtection.mjs +9 -2
  99. package/esm/ops/utils/DataProtection.test.mjs +8 -2
  100. package/esm/ops/utils/ExportImportUtils.mjs +15 -8
  101. package/esm/ops/utils/ScriptValidationUtils.mjs +30 -8
  102. package/esm/ops/utils/ScriptValidationUtils.test.mjs +14 -3
  103. package/esm/utils/SetupPollyForFrodoLib.mjs +64 -18
  104. package/package.json +1 -1
  105. package/types/api/AgentApi.d.ts +6 -6
  106. package/types/api/AgentApi.d.ts.map +1 -1
  107. package/types/api/ApiTypes.d.ts +12 -49
  108. package/types/api/ApiTypes.d.ts.map +1 -1
  109. package/types/api/BaseApi.d.ts.map +1 -1
  110. package/types/api/cloud/SecretsApi.d.ts +1 -4
  111. package/types/api/cloud/SecretsApi.d.ts.map +1 -1
  112. package/types/ops/AdminOps.d.ts.map +1 -1
  113. package/types/ops/AgentOps.d.ts +3 -6
  114. package/types/ops/AgentOps.d.ts.map +1 -1
  115. package/types/ops/AuthenticateOps.d.ts.map +1 -1
  116. package/types/ops/CirclesOfTrustOps.d.ts.map +1 -1
  117. package/types/ops/ConnectionProfileOps.d.ts.map +1 -1
  118. package/types/ops/EmailTemplateOps.d.ts +4 -0
  119. package/types/ops/EmailTemplateOps.d.ts.map +1 -1
  120. package/types/ops/IdpOps.d.ts.map +1 -1
  121. package/types/ops/JourneyOps.d.ts +10 -4
  122. package/types/ops/JourneyOps.d.ts.map +1 -1
  123. package/types/ops/NodeOps.d.ts +10 -4
  124. package/types/ops/NodeOps.d.ts.map +1 -1
  125. package/types/ops/OAuth2ClientOps.d.ts.map +1 -1
  126. package/types/ops/OpsTypes.d.ts +2 -12
  127. package/types/ops/OpsTypes.d.ts.map +1 -1
  128. package/types/ops/OrganizationOps.d.ts.map +1 -1
  129. package/types/ops/PolicyOps.d.ts.map +1 -1
  130. package/types/ops/PolicySetOps.d.ts.map +1 -1
  131. package/types/ops/ResourceTypeOps.d.ts.map +1 -1
  132. package/types/ops/Saml2Ops.d.ts.map +1 -1
  133. package/types/ops/ScriptOps.d.ts.map +1 -1
  134. package/types/ops/ServiceOps.d.ts.map +1 -1
  135. package/types/ops/ThemeOps.d.ts.map +1 -1
  136. package/types/ops/cloud/FeatureOps.d.ts.map +1 -1
  137. package/types/ops/cloud/SecretsOps.d.ts +1 -1
  138. package/types/ops/cloud/SecretsOps.d.ts.map +1 -1
  139. package/types/ops/cloud/ServiceAccountOps.d.ts.map +1 -1
  140. package/types/ops/cloud/StartupOps.d.ts.map +1 -1
  141. package/types/ops/utils/Console.d.ts +34 -7
  142. package/types/ops/utils/Console.d.ts.map +1 -1
  143. package/types/ops/utils/DataProtection.d.ts +5 -1
  144. package/types/ops/utils/DataProtection.d.ts.map +1 -1
  145. package/types/ops/utils/ExportImportUtils.d.ts.map +1 -1
  146. package/types/ops/utils/ScriptValidationUtils.d.ts +14 -4
  147. package/types/ops/utils/ScriptValidationUtils.d.ts.map +1 -1
  148. package/types/utils/SetupPollyForFrodoLib.d.ts +5 -1
  149. package/types/utils/SetupPollyForFrodoLib.d.ts.map +1 -1
package/types/api/ApiTypes.d.ts CHANGED
@@ -56,30 +56,9 @@ export type ResourceTypeSkeleton = NoIdObjectSkeletonInterface & {
56
56
  uuid: string;
57
57
  name: string;
58
58
  };
59
- export declare enum PolicyConditionType {
60
- Script = "Script",
61
- AMIdentityMembership = "AMIdentityMembership",
62
- IPv6 = "IPv6",
63
- IPv4 = "IPv4",
64
- SimpleTime = "SimpleTime",
65
- LEAuthLevel = "LEAuthLevel",
66
- LDAPFilter = "LDAPFilter",
67
- AuthScheme = "AuthScheme",
68
- Session = "Session",
69
- AND = "AND",
70
- AuthenticateToRealm = "AuthenticateToRealm",
71
- ResourceEnvIP = "ResourceEnvIP",
72
- Policy = "Policy",
73
- OAuth2Scope = "OAuth2Scope",
74
- SessionProperty = "SessionProperty",
75
- OR = "OR",
76
- Transaction = "Transaction",
77
- NOT = "NOT",
78
- AuthLevel = "AuthLevel",
79
- AuthenticateToService = "AuthenticateToService"
80
- }
59
+ export type PolicyConditionType = 'Script' | 'AMIdentityMembership' | 'IPv6' | 'IPv4' | 'SimpleTime' | 'LEAuthLevel' | 'LDAPFilter' | 'AuthScheme' | 'Session' | 'AND' | 'AuthenticateToRealm' | 'ResourceEnvIP' | 'Policy' | 'OAuth2Scope' | 'SessionProperty' | 'OR' | 'Transaction' | 'NOT' | 'AuthLevel' | 'AuthenticateToService';
81
60
  export type PolicyCondition = NoIdObjectSkeletonInterface & {
82
- type: keyof typeof PolicyConditionType;
61
+ type: PolicyConditionType;
83
62
  condition?: PolicyCondition;
84
63
  conditions?: PolicyCondition[];
85
64
  };
@@ -89,6 +68,7 @@ export type PolicySkeleton = IdObjectSkeletonInterface & {
89
68
  condition?: PolicyCondition;
90
69
  resourceTypeUuid: string;
91
70
  };
71
+ export type VersionOfSecretStatus = 'DISABLED' | 'ENABLED';
92
72
  export type OAuth2ClientSkeleton = IdObjectSkeletonInterface & {
93
73
  overrideOAuth2ClientConfig?: {
94
74
  [k: string]: string | number | boolean | string[] | object | undefined;
@@ -139,6 +119,10 @@ export type AmServiceSkeleton = IdObjectSkeletonInterface & {
139
119
  _type: AmServiceType;
140
120
  [key: string]: any;
141
121
  };
122
+ export type GatewayAgentType = 'IdentityGatewayAgent';
123
+ export type JavaAgentType = 'J2EEAgent';
124
+ export type WebAgentType = 'WebAgent';
125
+ export type AgentType = GatewayAgentType | JavaAgentType | WebAgentType;
142
126
  export type AgentSkeleton = IdObjectSkeletonInterface & {
143
127
  _type: AmServiceType;
144
128
  };
@@ -160,42 +144,21 @@ export type UiThemeRealmObject = IdObjectSkeletonInterface & {
160
144
  name: string;
161
145
  realm: Map<string, ThemeSkeleton[]>;
162
146
  };
163
- export declare enum ScriptLanguage {
164
- GROOVY = 0,
165
- JAVASCRIPT = 1
166
- }
167
- export declare enum ScriptContext {
168
- OAUTH2_ACCESS_TOKEN_MODIFICATION = 0,
169
- AUTHENTICATION_CLIENT_SIDE = 1,
170
- AUTHENTICATION_TREE_DECISION_NODE = 2,
171
- AUTHENTICATION_SERVER_SIDE = 3,
172
- SOCIAL_IDP_PROFILE_TRANSFORMATION = 4,
173
- OAUTH2_VALIDATE_SCOPE = 5,
174
- CONFIG_PROVIDER_NODE = 6,
175
- OAUTH2_AUTHORIZE_ENDPOINT_DATA_PROVIDER = 7,
176
- OAUTH2_EVALUATE_SCOPE = 8,
177
- POLICY_CONDITION = 9,
178
- OIDC_CLAIMS = 10,
179
- SAML2_IDP_ADAPTER = 11,
180
- SAML2_IDP_ATTRIBUTE_MAPPER = 12,
181
- OAUTH2_MAY_ACT = 13
182
- }
147
+ export type ScriptLanguage = 'GROOVY' | 'JAVASCRIPT';
148
+ export type ScriptContext = 'OAUTH2_ACCESS_TOKEN_MODIFICATION' | 'AUTHENTICATION_CLIENT_SIDE' | 'AUTHENTICATION_TREE_DECISION_NODE' | 'AUTHENTICATION_SERVER_SIDE' | 'SOCIAL_IDP_PROFILE_TRANSFORMATION' | 'OAUTH2_VALIDATE_SCOPE' | 'CONFIG_PROVIDER_NODE' | 'OAUTH2_AUTHORIZE_ENDPOINT_DATA_PROVIDER' | 'OAUTH2_EVALUATE_SCOPE' | 'POLICY_CONDITION' | 'OIDC_CLAIMS' | 'SAML2_IDP_ADAPTER' | 'SAML2_IDP_ATTRIBUTE_MAPPER' | 'OAUTH2_MAY_ACT';
183
149
  export type ScriptSkeleton = IdObjectSkeletonInterface & {
184
150
  name: string;
185
151
  description: string;
186
152
  default: boolean;
187
153
  script: string | string[];
188
- language: keyof typeof ScriptLanguage;
189
- context: keyof typeof ScriptContext;
154
+ language: ScriptLanguage;
155
+ context: ScriptContext;
190
156
  createdBy: string;
191
157
  creationDate: number;
192
158
  lastModifiedBy: string;
193
159
  lastModifiedDate: number;
194
160
  };
195
- export declare enum Saml2ProiderLocation {
196
- HOSTED = "hosted",
197
- REMOTE = "remote"
198
- }
161
+ export type Saml2ProiderLocation = 'hosted' | 'remote';
199
162
  export type Saml2ProviderStub = IdObjectSkeletonInterface & {
200
163
  entityId: string;
201
164
  location: Saml2ProiderLocation;
package/types/api/ApiTypes.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/api/ApiTypes.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,2BAA2B;IAC1C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,CAAC,CAAC,EAAE,MAAM,GACN,MAAM,GACN,MAAM,GACN,OAAO,GACP,MAAM,EAAE,GACR,yBAAyB,GACzB,MAAM,GACN,SAAS,CAAC;CACf;AAED,MAAM,WAAW,yBAA0B,SAAQ,2BAA2B;IAC5E,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,YAAY;IAE3B,MAAM,EAAE,GAAG,EAAE,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,uBAAuB,EAAE,MAAM,CAAC;IAChC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,wBAAwB;IACvC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;CACX;AAED,MAAM,WAAW,6BAA6B;IAC5C,GAAG,EAAE,MAAM,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,MAAM,YAAY,GAAG,yBAAyB,GAAG;IACrD,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,wBAAwB,CAAC,CAAC;IAChD,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG,yBAAyB,GAAG;IACtD,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,yBAAyB,GAAG;IACrD,KAAK,EAAE,aAAa,CAAC;IACrB,KAAK,CAAC,EAAE,6BAA6B,EAAE,CAAC;IACxC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,yBAAyB,GAAG;IAC1D,KAAK,EAAE,aAAa,CAAC;IACrB,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,2BAA2B,GAAG;IAC5D,IAAI,EAAE,MAAM,CAAC;IACb,iBAAiB,EAAE,MAAM,EAAE,CAAC;CAC7B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,2BAA2B,GAAG;IAC/D,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,oBAAY,mBAAmB;IAC7B,MAAM,WAAW;IACjB,oBAAoB,yBAAyB;IAC7C,IAAI,SAAS;IACb,IAAI,SAAS;IACb,UAAU,eAAe;IACzB,WAAW,gBAAgB;IAC3B,UAAU,eAAe;IACzB,UAAU,eAAe;IACzB,OAAO,YAAY;IACnB,GAAG,QAAQ;IACX,mBAAmB,wBAAwB;IAC3C,aAAa,kBAAkB;IAC/B,MAAM,WAAW;IACjB,WAAW,gBAAgB;IAC3B,eAAe,oBAAoB;IACnC,EAAE,OAAO;IACT,WAAW,gBAAgB;IAC3B,GAAG,QAAQ;IACX,SAAS,cAAc;IACvB,qBAAqB,0BAA0B;CAChD;AAED,MAAM,MAAM,eAAe,GAAG,2BAA2B,GAAG;IAC1D,IAAI,EAAE,MAAM,OAAO,mBAAmB,CAAC;IACvC,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,UAAU,CAAC,EAAE,eAAe,EAAE,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG,yBAAyB,GAAG;IACvD,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,yBAAyB,GAAG;IAC7D,0BAA0B,CAAC,EAAE;QAC3B,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,0BAA0B,CAAC,EAAE;QAC3B,YAAY,EAAE;YACZ,SAAS,EAAE,OAAO,CAAC;YACnB,KAAK,EAAE,MAAM,EAAE,CAAC;SACjB,CAAC;QACF,UAAU,CAAC,EAAE;YACX,KAAK,EAAE,MAAM,EAAE,CAAC;YAChB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;SACxE,CAAC;QACF,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,yBAAyB,CAAC,EAAE;QAC1B,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,sBAAsB,CAAC,EAAE;QACvB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,sBAAsB,CAAC,EAAE;QACvB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,UAAU,CAAC,EAAE;YACX,SAAS,EAAE,OAAO,CAAC;YACnB,KAAK,EAAE,MAAM,EAAE,CAAC;SACjB,CAAC;QACF,mBAAmB,CAAC,EAAE;YACpB,SAAS,EAAE,OAAO,CAAC;YACnB,KAAK,EAAE,MAAM,CAAC;SACf,CAAC;QACF,MAAM,CAAC,EAAE;YACP,KAAK,EAAE,MAAM,EAAE,CAAC;YAChB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;SACxE,CAAC;QACF,aAAa,CAAC,EAAE;YACd,KAAK,EAAE,MAAM,EAAE,CAAC;YAChB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;SACxE,CAAC;QACF,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,mBAAmB,CAAC,EAAE;QACpB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,KAAK,EAAE,aAAa,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,yBAAyB,GAAG;IAC1D,KAAK,EAAE,aAAa,CAAC;IAErB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG,yBAAyB,GAAG;IACtD,KAAK,EAAE,aAAa,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,yBAAyB,GAAG;IAC9D,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG,yBAAyB,GAAG;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,OAAO,CAAC;IACnB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG,yBAAyB,GAAG;IAC3D,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC;CACrC,CAAC;AAEF,oBAAY,cAAc;IACxB,MAAM,IAAA;IACN,UAAU,IAAA;CACX;AAED,oBAAY,aAAa;IACvB,gCAAgC,IAAA;IAChC,0BAA0B,IAAA;IAC1B,iCAAiC,IAAA;IACjC,0BAA0B,IAAA;IAC1B,iCAAiC,IAAA;IACjC,qBAAqB,IAAA;IACrB,oBAAoB,IAAA;IACpB,uCAAuC,IAAA;IACvC,qBAAqB,IAAA;IACrB,gBAAgB,IAAA;IAChB,WAAW,KAAA;IACX,iBAAiB,KAAA;IACjB,0BAA0B,KAAA;IAC1B,cAAc,KAAA;CACf;AAED,MAAM,MAAM,cAAc,GAAG,yBAAyB,GAAG;IACvD,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,QAAQ,EAAE,MAAM,OAAO,cAAc,CAAC;IACtC,OAAO,EAAE,MAAM,OAAO,aAAa,CAAC;IACpC,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,oBAAY,oBAAoB;IAC9B,MAAM,WAAW;IACjB,MAAM,WAAW;CAClB;AAED,MAAM,MAAM,iBAAiB,GAAG,yBAAyB,GAAG;IAC1D,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,oBAAoB,CAAC;IAC/B,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,yBAAyB,GAAG;IAC9D,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,oBAAoB,CAAC;IACrC,eAAe,EAAE,OAAO,CAAC;IACzB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,sBAAsB,EAAE,OAAO,CAAC;IAChC,2BAA2B,EAAE,OAAO,CAAC;CACtC,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,yBAAyB,GAAG;IAC9D,KAAK,EAAE,aAAa,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,WAAW,CAAC,MAAM,IAAI;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,uBAAuB,EAAE,OAAO,CAAC;IACjC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,MAAM,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG,2BAA2B,GAAG;IAClE,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE;QACH,aAAa,EAAE,MAAM,CAAC;KACvB,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG,2BAA2B,GAAG;IAC3D,OAAO,EAAE,MAAM,GAAG,uBAAuB,CAAC;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC","file":"ApiTypes.d.ts","sourcesContent":["export interface NoIdObjectSkeletonInterface {\n _rev?: number;\n [k: string]:\n | string\n | number\n | boolean\n | string[]\n | IdObjectSkeletonInterface\n | object\n | undefined;\n}\n\nexport interface IdObjectSkeletonInterface extends NoIdObjectSkeletonInterface {\n _id: string;\n}\n\nexport interface PagedResults {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n result: any[];\n resultCount: number;\n pagedResultsCookie: string;\n totalPagedResultsPolicy: string;\n totalPagedResults: number;\n remainingPagedResults: number;\n}\n\nexport interface UiConfigInterface {\n categories: string;\n}\n\nexport interface NodeRefSkeletonInterface {\n connections: Record<string, string>;\n displayName: string;\n nodeType: string;\n x: number;\n y: number;\n}\n\nexport interface InnerNodeRefSkeletonInterface {\n _id: string;\n displayName: string;\n nodeType: string;\n}\n\nexport type TreeSkeleton = IdObjectSkeletonInterface & {\n entryNodeId: string;\n nodes: Record<string, NodeRefSkeletonInterface>;\n identityResource?: string;\n uiConfig?: UiConfigInterface;\n enabled?: boolean;\n};\n\nexport type AmServiceType = IdObjectSkeletonInterface & {\n name: string;\n};\n\nexport type NodeSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n nodes?: InnerNodeRefSkeletonInterface[];\n tree?: string;\n identityResource?: string;\n};\n\nexport type SocialIdpSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n enabled: boolean;\n};\n\nexport type PolicySetSkeleton = NoIdObjectSkeletonInterface & {\n name: string;\n resourceTypeUuids: string[];\n};\n\nexport type ResourceTypeSkeleton = NoIdObjectSkeletonInterface & {\n uuid: string;\n name: string;\n};\n\nexport enum PolicyConditionType {\n Script = 'Script',\n AMIdentityMembership = 'AMIdentityMembership',\n IPv6 = 'IPv6',\n IPv4 = 'IPv4',\n SimpleTime = 'SimpleTime',\n LEAuthLevel = 'LEAuthLevel',\n LDAPFilter = 'LDAPFilter',\n AuthScheme = 'AuthScheme',\n Session = 'Session',\n AND = 'AND',\n AuthenticateToRealm = 'AuthenticateToRealm',\n ResourceEnvIP = 'ResourceEnvIP',\n Policy = 'Policy',\n OAuth2Scope = 'OAuth2Scope',\n SessionProperty = 'SessionProperty',\n OR = 'OR',\n Transaction = 'Transaction',\n NOT = 'NOT',\n AuthLevel = 'AuthLevel',\n AuthenticateToService = 'AuthenticateToService',\n}\n\nexport type PolicyCondition = NoIdObjectSkeletonInterface & {\n type: keyof typeof PolicyConditionType;\n condition?: PolicyCondition;\n conditions?: PolicyCondition[];\n};\n\nexport type PolicySkeleton = IdObjectSkeletonInterface & {\n name: string;\n applicationName: string;\n condition?: PolicyCondition;\n resourceTypeUuid: string;\n};\n\nexport type OAuth2ClientSkeleton = IdObjectSkeletonInterface & {\n overrideOAuth2ClientConfig?: {\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n advancedOAuth2ClientConfig?: {\n descriptions: {\n inherited: boolean;\n value: string[];\n };\n grantTypes?: {\n value: string[];\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n signEncOAuth2ClientConfig?: {\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n coreOpenIDClientConfig?: {\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n coreOAuth2ClientConfig?: {\n userpassword?: string;\n clientName?: {\n inherited: boolean;\n value: string[];\n };\n accessTokenLifetime?: {\n inherited: boolean;\n value: number;\n };\n scopes?: {\n value: string[];\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n defaultScopes?: {\n value: string[];\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n coreUmaClientConfig?: {\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n _type: AmServiceType;\n};\n\nexport type AmServiceSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n [key: string]: any;\n};\n\nexport type AgentSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n};\n\nexport type EmailTemplateSkeleton = IdObjectSkeletonInterface & {\n defaultLocale?: string;\n displayName?: string;\n enabled?: boolean;\n from: string;\n subject: Record<string, string>;\n message?: Record<string, string>;\n html?: Record<string, string>;\n};\n\nexport type ThemeSkeleton = IdObjectSkeletonInterface & {\n name: string;\n isDefault: boolean;\n linkedTrees: string[];\n};\n\nexport type UiThemeRealmObject = IdObjectSkeletonInterface & {\n name: string;\n realm: Map<string, ThemeSkeleton[]>;\n};\n\nexport enum ScriptLanguage {\n GROOVY,\n JAVASCRIPT,\n}\n\nexport enum ScriptContext {\n OAUTH2_ACCESS_TOKEN_MODIFICATION,\n AUTHENTICATION_CLIENT_SIDE,\n AUTHENTICATION_TREE_DECISION_NODE,\n AUTHENTICATION_SERVER_SIDE,\n SOCIAL_IDP_PROFILE_TRANSFORMATION,\n OAUTH2_VALIDATE_SCOPE,\n CONFIG_PROVIDER_NODE,\n OAUTH2_AUTHORIZE_ENDPOINT_DATA_PROVIDER,\n OAUTH2_EVALUATE_SCOPE,\n POLICY_CONDITION,\n OIDC_CLAIMS,\n SAML2_IDP_ADAPTER,\n SAML2_IDP_ATTRIBUTE_MAPPER,\n OAUTH2_MAY_ACT,\n}\n\nexport type ScriptSkeleton = IdObjectSkeletonInterface & {\n name: string;\n description: string;\n default: boolean;\n script: string | string[];\n language: keyof typeof ScriptLanguage;\n context: keyof typeof ScriptContext;\n createdBy: string;\n creationDate: number;\n lastModifiedBy: string;\n lastModifiedDate: number;\n};\n\nexport enum Saml2ProiderLocation {\n HOSTED = 'hosted',\n REMOTE = 'remote',\n}\n\nexport type Saml2ProviderStub = IdObjectSkeletonInterface & {\n entityId: string;\n location: Saml2ProiderLocation;\n roles: string[];\n};\n\nexport type Saml2ProviderSkeleton = IdObjectSkeletonInterface & {\n entityId: string;\n entityLocation: Saml2ProiderLocation;\n serviceProvider: unknown;\n identityProvider: unknown;\n attributeQueryProvider: unknown;\n xacmlPolicyEnforcementPoint: unknown;\n};\n\nexport type CircleOfTrustSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n status: string;\n trustedProviders: string[];\n};\n\nexport type PagedResult<Result> = {\n result: Result[];\n resultCount: number;\n pagedResultsCookie: string;\n totalPagedResultsPolicy: 'EXACT';\n totalPagedResults: number;\n remainingPagedResults: number;\n};\n\nexport type LogApiKey = {\n name: string;\n api_key_id: string;\n created_at: string;\n};\n\nexport type LogEventPayloadSkeleton = NoIdObjectSkeletonInterface & {\n context: string;\n level: string;\n logger: string;\n mdc: {\n transactionId: string;\n };\n message: string;\n thread: string;\n timestamp: string;\n transactionId: string;\n};\n\nexport type LogEventSkeleton = NoIdObjectSkeletonInterface & {\n payload: string | LogEventPayloadSkeleton;\n timestamp: string;\n type: string;\n source: string;\n};\n"]}
1
+ {"version":3,"sources":["../src/api/ApiTypes.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,2BAA2B;IAC1C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,CAAC,CAAC,EAAE,MAAM,GACN,MAAM,GACN,MAAM,GACN,OAAO,GACP,MAAM,EAAE,GACR,yBAAyB,GACzB,MAAM,GACN,SAAS,CAAC;CACf;AAED,MAAM,WAAW,yBAA0B,SAAQ,2BAA2B;IAC5E,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,YAAY;IAE3B,MAAM,EAAE,GAAG,EAAE,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,uBAAuB,EAAE,MAAM,CAAC;IAChC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,wBAAwB;IACvC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;CACX;AAED,MAAM,WAAW,6BAA6B;IAC5C,GAAG,EAAE,MAAM,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,MAAM,YAAY,GAAG,yBAAyB,GAAG;IACrD,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,wBAAwB,CAAC,CAAC;IAChD,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG,yBAAyB,GAAG;IACtD,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,yBAAyB,GAAG;IACrD,KAAK,EAAE,aAAa,CAAC;IACrB,KAAK,CAAC,EAAE,6BAA6B,EAAE,CAAC;IACxC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,yBAAyB,GAAG;IAC1D,KAAK,EAAE,aAAa,CAAC;IACrB,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,2BAA2B,GAAG;IAC5D,IAAI,EAAE,MAAM,CAAC;IACb,iBAAiB,EAAE,MAAM,EAAE,CAAC;CAC7B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,2BAA2B,GAAG;IAC/D,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAC3B,QAAQ,GACR,sBAAsB,GACtB,MAAM,GACN,MAAM,GACN,YAAY,GACZ,aAAa,GACb,YAAY,GACZ,YAAY,GACZ,SAAS,GACT,KAAK,GACL,qBAAqB,GACrB,eAAe,GACf,QAAQ,GACR,aAAa,GACb,iBAAiB,GACjB,IAAI,GACJ,aAAa,GACb,KAAK,GACL,WAAW,GACX,uBAAuB,CAAC;AAE5B,MAAM,MAAM,eAAe,GAAG,2BAA2B,GAAG;IAC1D,IAAI,EAAE,mBAAmB,CAAC;IAC1B,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,UAAU,CAAC,EAAE,eAAe,EAAE,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG,yBAAyB,GAAG;IACvD,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B,gBAAgB,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,UAAU,GAAG,SAAS,CAAC;AAE3D,MAAM,MAAM,oBAAoB,GAAG,yBAAyB,GAAG;IAC7D,0BAA0B,CAAC,EAAE;QAC3B,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,0BAA0B,CAAC,EAAE;QAC3B,YAAY,EAAE;YACZ,SAAS,EAAE,OAAO,CAAC;YACnB,KAAK,EAAE,MAAM,EAAE,CAAC;SACjB,CAAC;QACF,UAAU,CAAC,EAAE;YACX,KAAK,EAAE,MAAM,EAAE,CAAC;YAChB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;SACxE,CAAC;QACF,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,yBAAyB,CAAC,EAAE;QAC1B,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,sBAAsB,CAAC,EAAE;QACvB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,sBAAsB,CAAC,EAAE;QACvB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,UAAU,CAAC,EAAE;YACX,SAAS,EAAE,OAAO,CAAC;YACnB,KAAK,EAAE,MAAM,EAAE,CAAC;SACjB,CAAC;QACF,mBAAmB,CAAC,EAAE;YACpB,SAAS,EAAE,OAAO,CAAC;YACnB,KAAK,EAAE,MAAM,CAAC;SACf,CAAC;QACF,MAAM,CAAC,EAAE;YACP,KAAK,EAAE,MAAM,EAAE,CAAC;YAChB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;SACxE,CAAC;QACF,aAAa,CAAC,EAAE;YACd,KAAK,EAAE,MAAM,EAAE,CAAC;YAChB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;SACxE,CAAC;QACF,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,mBAAmB,CAAC,EAAE;QACpB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAC;KACxE,CAAC;IACF,KAAK,EAAE,aAAa,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,iBAAiB,GAAG,yBAAyB,GAAG;IAC1D,KAAK,EAAE,aAAa,CAAC;IAErB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG,sBAAsB,CAAC;AACtD,MAAM,MAAM,aAAa,GAAG,WAAW,CAAC;AACxC,MAAM,MAAM,YAAY,GAAG,UAAU,CAAC;AACtC,MAAM,MAAM,SAAS,GAAG,gBAAgB,GAAG,aAAa,GAAG,YAAY,CAAC;AAExE,MAAM,MAAM,aAAa,GAAG,yBAAyB,GAAG;IACtD,KAAK,EAAE,aAAa,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,yBAAyB,GAAG;IAC9D,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG,yBAAyB,GAAG;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,OAAO,CAAC;IACnB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG,yBAAyB,GAAG;IAC3D,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC;CACrC,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG,QAAQ,GAAG,YAAY,CAAC;AAErD,MAAM,MAAM,aAAa,GACrB,kCAAkC,GAClC,4BAA4B,GAC5B,mCAAmC,GACnC,4BAA4B,GAC5B,mCAAmC,GACnC,uBAAuB,GACvB,sBAAsB,GACtB,yCAAyC,GACzC,uBAAuB,GACvB,kBAAkB,GAClB,aAAa,GACb,mBAAmB,GACnB,4BAA4B,GAC5B,gBAAgB,CAAC;AAErB,MAAM,MAAM,cAAc,GAAG,yBAAyB,GAAG;IACvD,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,QAAQ,EAAE,cAAc,CAAC;IACzB,OAAO,EAAE,aAAa,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEvD,MAAM,MAAM,iBAAiB,GAAG,yBAAyB,GAAG;IAC1D,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,oBAAoB,CAAC;IAC/B,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,yBAAyB,GAAG;IAC9D,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,oBAAoB,CAAC;IACrC,eAAe,EAAE,OAAO,CAAC;IACzB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,sBAAsB,EAAE,OAAO,CAAC;IAChC,2BAA2B,EAAE,OAAO,CAAC;CACtC,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,yBAAyB,GAAG;IAC9D,KAAK,EAAE,aAAa,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B,CAAC;AAEF,MAAM,MAAM,WAAW,CAAC,MAAM,IAAI;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,uBAAuB,EAAE,OAAO,CAAC;IACjC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,MAAM,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG,2BAA2B,GAAG;IAClE,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE;QACH,aAAa,EAAE,MAAM,CAAC;KACvB,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG,2BAA2B,GAAG;IAC3D,OAAO,EAAE,MAAM,GAAG,uBAAuB,CAAC;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC","file":"ApiTypes.d.ts","sourcesContent":["export interface NoIdObjectSkeletonInterface {\n _rev?: number;\n [k: string]:\n | string\n | number\n | boolean\n | string[]\n | IdObjectSkeletonInterface\n | object\n | undefined;\n}\n\nexport interface IdObjectSkeletonInterface extends NoIdObjectSkeletonInterface {\n _id: string;\n}\n\nexport interface PagedResults {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n result: any[];\n resultCount: number;\n pagedResultsCookie: string;\n totalPagedResultsPolicy: string;\n totalPagedResults: number;\n remainingPagedResults: number;\n}\n\nexport interface UiConfigInterface {\n categories: string;\n}\n\nexport interface NodeRefSkeletonInterface {\n connections: Record<string, string>;\n displayName: string;\n nodeType: string;\n x: number;\n y: number;\n}\n\nexport interface InnerNodeRefSkeletonInterface {\n _id: string;\n displayName: string;\n nodeType: string;\n}\n\nexport type TreeSkeleton = IdObjectSkeletonInterface & {\n entryNodeId: string;\n nodes: Record<string, NodeRefSkeletonInterface>;\n identityResource?: string;\n uiConfig?: UiConfigInterface;\n enabled?: boolean;\n};\n\nexport type AmServiceType = IdObjectSkeletonInterface & {\n name: string;\n};\n\nexport type NodeSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n nodes?: InnerNodeRefSkeletonInterface[];\n tree?: string;\n identityResource?: string;\n};\n\nexport type SocialIdpSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n enabled: boolean;\n};\n\nexport type PolicySetSkeleton = NoIdObjectSkeletonInterface & {\n name: string;\n resourceTypeUuids: string[];\n};\n\nexport type ResourceTypeSkeleton = NoIdObjectSkeletonInterface & {\n uuid: string;\n name: string;\n};\n\nexport type PolicyConditionType =\n | 'Script'\n | 'AMIdentityMembership'\n | 'IPv6'\n | 'IPv4'\n | 'SimpleTime'\n | 'LEAuthLevel'\n | 'LDAPFilter'\n | 'AuthScheme'\n | 'Session'\n | 'AND'\n | 'AuthenticateToRealm'\n | 'ResourceEnvIP'\n | 'Policy'\n | 'OAuth2Scope'\n | 'SessionProperty'\n | 'OR'\n | 'Transaction'\n | 'NOT'\n | 'AuthLevel'\n | 'AuthenticateToService';\n\nexport type PolicyCondition = NoIdObjectSkeletonInterface & {\n type: PolicyConditionType;\n condition?: PolicyCondition;\n conditions?: PolicyCondition[];\n};\n\nexport type PolicySkeleton = IdObjectSkeletonInterface & {\n name: string;\n applicationName: string;\n condition?: PolicyCondition;\n resourceTypeUuid: string;\n};\n\nexport type VersionOfSecretStatus = 'DISABLED' | 'ENABLED';\n\nexport type OAuth2ClientSkeleton = IdObjectSkeletonInterface & {\n overrideOAuth2ClientConfig?: {\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n advancedOAuth2ClientConfig?: {\n descriptions: {\n inherited: boolean;\n value: string[];\n };\n grantTypes?: {\n value: string[];\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n signEncOAuth2ClientConfig?: {\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n coreOpenIDClientConfig?: {\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n coreOAuth2ClientConfig?: {\n userpassword?: string;\n clientName?: {\n inherited: boolean;\n value: string[];\n };\n accessTokenLifetime?: {\n inherited: boolean;\n value: number;\n };\n scopes?: {\n value: string[];\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n defaultScopes?: {\n value: string[];\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n coreUmaClientConfig?: {\n [k: string]: string | number | boolean | string[] | object | undefined;\n };\n _type: AmServiceType;\n};\n\nexport type AmServiceSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n [key: string]: any;\n};\n\nexport type GatewayAgentType = 'IdentityGatewayAgent';\nexport type JavaAgentType = 'J2EEAgent';\nexport type WebAgentType = 'WebAgent';\nexport type AgentType = GatewayAgentType | JavaAgentType | WebAgentType;\n\nexport type AgentSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n};\n\nexport type EmailTemplateSkeleton = IdObjectSkeletonInterface & {\n defaultLocale?: string;\n displayName?: string;\n enabled?: boolean;\n from: string;\n subject: Record<string, string>;\n message?: Record<string, string>;\n html?: Record<string, string>;\n};\n\nexport type ThemeSkeleton = IdObjectSkeletonInterface & {\n name: string;\n isDefault: boolean;\n linkedTrees: string[];\n};\n\nexport type UiThemeRealmObject = IdObjectSkeletonInterface & {\n name: string;\n realm: Map<string, ThemeSkeleton[]>;\n};\n\nexport type ScriptLanguage = 'GROOVY' | 'JAVASCRIPT';\n\nexport type ScriptContext =\n | 'OAUTH2_ACCESS_TOKEN_MODIFICATION'\n | 'AUTHENTICATION_CLIENT_SIDE'\n | 'AUTHENTICATION_TREE_DECISION_NODE'\n | 'AUTHENTICATION_SERVER_SIDE'\n | 'SOCIAL_IDP_PROFILE_TRANSFORMATION'\n | 'OAUTH2_VALIDATE_SCOPE'\n | 'CONFIG_PROVIDER_NODE'\n | 'OAUTH2_AUTHORIZE_ENDPOINT_DATA_PROVIDER'\n | 'OAUTH2_EVALUATE_SCOPE'\n | 'POLICY_CONDITION'\n | 'OIDC_CLAIMS'\n | 'SAML2_IDP_ADAPTER'\n | 'SAML2_IDP_ATTRIBUTE_MAPPER'\n | 'OAUTH2_MAY_ACT';\n\nexport type ScriptSkeleton = IdObjectSkeletonInterface & {\n name: string;\n description: string;\n default: boolean;\n script: string | string[];\n language: ScriptLanguage;\n context: ScriptContext;\n createdBy: string;\n creationDate: number;\n lastModifiedBy: string;\n lastModifiedDate: number;\n};\n\nexport type Saml2ProiderLocation = 'hosted' | 'remote';\n\nexport type Saml2ProviderStub = IdObjectSkeletonInterface & {\n entityId: string;\n location: Saml2ProiderLocation;\n roles: string[];\n};\n\nexport type Saml2ProviderSkeleton = IdObjectSkeletonInterface & {\n entityId: string;\n entityLocation: Saml2ProiderLocation;\n serviceProvider: unknown;\n identityProvider: unknown;\n attributeQueryProvider: unknown;\n xacmlPolicyEnforcementPoint: unknown;\n};\n\nexport type CircleOfTrustSkeleton = IdObjectSkeletonInterface & {\n _type: AmServiceType;\n status: string;\n trustedProviders: string[];\n};\n\nexport type PagedResult<Result> = {\n result: Result[];\n resultCount: number;\n pagedResultsCookie: string;\n totalPagedResultsPolicy: 'EXACT';\n totalPagedResults: number;\n remainingPagedResults: number;\n};\n\nexport type LogApiKey = {\n name: string;\n api_key_id: string;\n created_at: string;\n};\n\nexport type LogEventPayloadSkeleton = NoIdObjectSkeletonInterface & {\n context: string;\n level: string;\n logger: string;\n mdc: {\n transactionId: string;\n };\n message: string;\n thread: string;\n timestamp: string;\n transactionId: string;\n};\n\nexport type LogEventSkeleton = NoIdObjectSkeletonInterface & {\n payload: string | LogEventPayloadSkeleton;\n timestamp: string;\n type: string;\n source: string;\n};\n"]}
package/types/api/BaseApi.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/api/BaseApi.ts"],"names":[],"mappings":"AAAA,OAAc,EAAE,aAAa,EAAoB,MAAM,OAAO,CAAC;AAY/D,OAAO,KAAK,MAAM,iBAAiB,CAAC;AAiGpC;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,EAC5B,QAAQ,EACR,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,QAAQ,MAAC;IACT,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBA+CA;AAED;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,EAChC,QAAQ,EACR,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,QAAQ,MAAC;IACT,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBA8CA;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,EAC7B,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBAiCA;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,EACjC,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBA2BA;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,EAC7B,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBAwBA;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,EAC7B,QAAQ,EACR,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,QAAQ,EAAE;QAAE,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IACjC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,KAAK,EAAE,KAAK,CAAC;CACd,GAAG,aAAa,CA6BhB;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,EACjC,OAAO,EACP,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,KAAK,EAAE,KAAK,CAAC;CACd,GAAG,aAAa,CAsBhB","file":"BaseApi.d.ts","sourcesContent":["import axios, { AxiosInstance, AxiosProxyConfig } from 'axios';\nimport Agent from 'agentkeepalive';\nimport axiosRetry from 'axios-retry';\nimport HttpsProxyAgent from 'https-proxy-agent';\nimport url from 'url';\nimport fs from 'fs';\nimport path from 'path';\nimport { fileURLToPath } from 'url';\nimport { curlirizeMessage, printMessage } from '../ops/utils/Console';\nimport _curlirize from '../ext/axios-curlirize/curlirize';\nimport { randomUUID } from 'crypto';\nimport { setupPollyForFrodoLib } from '../utils/SetupPollyForFrodoLib';\nimport State from '../shared/State';\n\nif (process.env.FRODO_MOCK) {\n setupPollyForFrodoLib();\n}\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\n\nconst pkg = JSON.parse(\n fs.readFileSync(path.resolve(__dirname, '../../package.json'), 'utf8')\n);\n\naxiosRetry(axios, {\n retries: 3,\n shouldResetTimeout: true,\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n retryCondition: (_error) => true, // retry no matter what\n});\n\n// all agents\nconst timeout = 30000;\n\n// agentkeepalive\nconst maxSockets = 100;\nconst maxFreeSockets = 10;\nconst freeSocketTimeout = 30000;\n\nconst userAgent = `${pkg.name}/${pkg.version}`;\nconst transactionId = `frodo-${randomUUID()}`;\nlet httpAgent, httpsAgent;\n\nfunction getHttpAgent() {\n if (httpAgent) return httpAgent;\n httpAgent = new Agent({\n maxSockets,\n maxFreeSockets,\n timeout,\n freeSocketTimeout,\n });\n return httpAgent;\n}\n\n/**\n * Helper method to create properly configured httpsAgent\n * @returns {Agent.HttpsAgent} appropriate httpsAgent\n */\nfunction getHttpsAgent(allowInsecureConnection: boolean): Agent.HttpsAgent {\n if (httpsAgent) return httpsAgent;\n const options = {\n rejectUnauthorized: !allowInsecureConnection,\n };\n const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;\n if (httpsProxy) {\n // https://github.com/axios/axios/issues/3459\n console.error(`Using proxy ${httpsProxy}`['yellow']);\n const parsed = url.parse(httpsProxy);\n options['host'] = parsed.hostname;\n options['port'] = parsed.port;\n options['protocol'] = parsed.protocol;\n options.rejectUnauthorized = !allowInsecureConnection;\n httpsAgent = HttpsProxyAgent(options);\n return httpsAgent;\n }\n httpsAgent = new Agent.HttpsAgent({\n ...options,\n maxSockets,\n maxFreeSockets,\n timeout,\n freeSocketTimeout,\n });\n return httpsAgent;\n}\n\n/**\n * Get Proxy config\n * @returns {AxiosProxyConfig | false} axios proxy config or false\n */\nfunction getProxy(): AxiosProxyConfig | false {\n if (process.env.HTTPS_PROXY || process.env.https_proxy) return false;\n return null;\n}\n\n/**\n * Customize curlirize output\n * @param request axios request object\n */\nfunction curlirize(request) {\n _curlirize(request, (result, err) => {\n const { command } = result;\n if (err) {\n printMessage(err, 'error');\n } else {\n curlirizeMessage(command);\n }\n });\n}\n\n/**\n * Generates an AM Axios API instance\n * @param {object} resource Takes an object takes a resource object. example:\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either\n * add on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateAmApi({\n resource,\n requestOverride = {},\n state,\n}: {\n resource;\n requestOverride?;\n state: State;\n}) {\n let headers = {\n 'User-Agent': userAgent,\n 'X-ForgeRock-TransactionId': transactionId,\n 'Content-Type': 'application/json',\n // only add API version if we have it\n ...(resource.apiVersion && { 'Accept-API-Version': resource.apiVersion }),\n // only send session cookie if we know its name and value and we are not instructed to use the bearer token for AM APIs\n ...(!state.getUseBearerTokenForAmApis() &&\n state.getCookieName() &&\n state.getCookieValue() && {\n Cookie: `${state.getCookieName()}=${state.getCookieValue()}`,\n }),\n // only add authorization header if we have a bearer token and are instructed to use it for AM APIs\n ...(state.getUseBearerTokenForAmApis() &&\n state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n };\n if (requestOverride['headers']) {\n headers = {\n ...headers,\n ...requestOverride['headers'],\n };\n }\n\n const requestDetails = {\n // baseURL: `${storage.session.getTenant()}/json`,\n timeout,\n ...requestOverride,\n headers: {\n ...headers,\n ...state.getAuthenticationHeaderOverrides(),\n },\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request);\n }\n\n return request;\n}\n\n/**\n * Generates an OAuth2 Axios API instance\n * @param {object} resource Takes an object takes a resource object. example:\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either\n * add on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateOauth2Api({\n resource,\n requestOverride = {},\n state,\n}: {\n resource;\n requestOverride?;\n state: State;\n}) {\n let headers = {\n 'User-Agent': userAgent,\n 'X-ForgeRock-TransactionId': transactionId,\n // only add API version if we have it\n ...(resource.apiVersion && { 'Accept-API-Version': resource.apiVersion }),\n // only send session cookie if we know its name and value and we are not instructed to use the bearer token for AM APIs\n ...(!state.getUseBearerTokenForAmApis() &&\n state.getCookieName() &&\n state.getCookieValue() && {\n Cookie: `${state.getCookieName()}=${state.getCookieValue()}`,\n }),\n // only add authorization header if we have a bearer token and are instructed to use it for AM APIs\n ...(state.getUseBearerTokenForAmApis() &&\n state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n };\n if (requestOverride['headers']) {\n headers = {\n ...headers,\n ...requestOverride['headers'],\n };\n }\n\n const requestDetails = {\n // baseURL: `${storage.session.getTenant()}/json${resource.path}`,\n timeout,\n ...requestOverride,\n headers: {\n ...headers,\n ...state.getAuthenticationHeaderOverrides(),\n },\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request);\n }\n\n return request;\n}\n\n/**\n * Generates an IDM Axios API instance\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateIdmApi({\n requestOverride = {},\n state,\n}: {\n requestOverride?;\n state: State;\n}) {\n const requestDetails = {\n // baseURL: getTenantURL(storage.session.getTenant()),\n timeout,\n headers: {\n 'User-Agent': userAgent,\n 'X-ForgeRock-TransactionId': transactionId,\n 'Content-Type': 'application/json',\n // only add authorization header if we have a bearer token\n ...(state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n },\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n // if (storage.session.getBearerToken()) {\n // requestDetails.headers[\n // 'Authorization'\n // ] = `Bearer ${storage.session.getBearerToken()}`;\n // }\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request);\n }\n\n return request;\n}\n\n/**\n * Generates a LogKeys API Axios instance\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateLogKeysApi({\n requestOverride = {},\n state,\n}: {\n requestOverride?;\n state: State;\n}) {\n const headers = {\n 'User-Agent': userAgent,\n 'Content-Type': 'application/json',\n // only add authorization header if we have a bearer token\n ...(state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n };\n const requestDetails = {\n // baseURL: getTenantURL(storage.session.getTenant()),\n timeout,\n headers,\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request);\n }\n\n return request;\n}\n\n/**\n * Generates a Log API Axios instance\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateLogApi({\n requestOverride = {},\n state,\n}: {\n requestOverride?;\n state: State;\n}) {\n const headers = {\n 'User-Agent': userAgent,\n 'X-API-Key': state.getLogApiKey(),\n 'X-API-Secret': state.getLogApiSecret(),\n };\n const requestDetails = {\n // baseURL: getTenantURL(storage.session.getTenant()),\n timeout,\n headers,\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request);\n }\n\n return request;\n}\n\n/**\n * Generates an Axios instance for the Identity Cloud Environment API\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateEnvApi({\n resource,\n requestOverride = {},\n state,\n}: {\n resource: { apiVersion: string };\n requestOverride?: object;\n state: State;\n}): AxiosInstance {\n const headers = {\n 'User-Agent': userAgent,\n 'Content-Type': 'application/json',\n // only add API version if we have it\n ...(resource.apiVersion && { 'Accept-API-Version': resource.apiVersion }),\n // only add authorization header if we have a bearer token\n ...(state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n };\n const requestDetails = {\n // baseURL: getTenantURL(storage.session.getTenant()),\n timeout,\n headers,\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request);\n }\n\n return request;\n}\n\n/**\n * Generates a release (Github or Npm) Axios API instance\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateReleaseApi({\n baseUrl,\n requestOverride = {},\n state,\n}: {\n baseUrl: string;\n requestOverride?: object;\n state: State;\n}): AxiosInstance {\n const requestDetails = {\n baseURL: baseUrl,\n timeout,\n headers: {\n 'User-Agent': userAgent,\n 'Content-Type': 'application/json',\n },\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request);\n }\n\n return request;\n}\n"]}
1
+ {"version":3,"sources":["../src/api/BaseApi.ts"],"names":[],"mappings":"AAAA,OAAc,EAAE,aAAa,EAAoB,MAAM,OAAO,CAAC;AAY/D,OAAO,KAAK,MAAM,iBAAiB,CAAC;AAiGpC;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,EAC5B,QAAQ,EACR,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,QAAQ,MAAC;IACT,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBA+CA;AAED;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,EAChC,QAAQ,EACR,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,QAAQ,MAAC;IACT,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBA8CA;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,EAC7B,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBAiCA;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,EACjC,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBA2BA;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,EAC7B,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,eAAe,CAAC,MAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBAwBA;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,EAC7B,QAAQ,EACR,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,QAAQ,EAAE;QAAE,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC;IACjC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,KAAK,EAAE,KAAK,CAAC;CACd,GAAG,aAAa,CA6BhB;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,EACjC,OAAO,EACP,eAAoB,EACpB,KAAK,GACN,EAAE;IACD,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,KAAK,EAAE,KAAK,CAAC;CACd,GAAG,aAAa,CAsBhB","file":"BaseApi.d.ts","sourcesContent":["import axios, { AxiosInstance, AxiosProxyConfig } from 'axios';\nimport Agent from 'agentkeepalive';\nimport axiosRetry from 'axios-retry';\nimport HttpsProxyAgent from 'https-proxy-agent';\nimport url from 'url';\nimport fs from 'fs';\nimport path from 'path';\nimport { fileURLToPath } from 'url';\nimport { curlirizeMessage, printMessage } from '../ops/utils/Console';\nimport _curlirize from '../ext/axios-curlirize/curlirize';\nimport { randomUUID } from 'crypto';\nimport { setupPollyForFrodoLib } from '../utils/SetupPollyForFrodoLib';\nimport State from '../shared/State';\n\nif (process.env.FRODO_MOCK) {\n setupPollyForFrodoLib({ state: new State({}) });\n}\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\n\nconst pkg = JSON.parse(\n fs.readFileSync(path.resolve(__dirname, '../../package.json'), 'utf8')\n);\n\naxiosRetry(axios, {\n retries: 3,\n shouldResetTimeout: true,\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n retryCondition: (_error) => true, // retry no matter what\n});\n\n// all agents\nconst timeout = 30000;\n\n// agentkeepalive\nconst maxSockets = 100;\nconst maxFreeSockets = 10;\nconst freeSocketTimeout = 30000;\n\nconst userAgent = `${pkg.name}/${pkg.version}`;\nconst transactionId = `frodo-${randomUUID()}`;\nlet httpAgent, httpsAgent;\n\nfunction getHttpAgent() {\n if (httpAgent) return httpAgent;\n httpAgent = new Agent({\n maxSockets,\n maxFreeSockets,\n timeout,\n freeSocketTimeout,\n });\n return httpAgent;\n}\n\n/**\n * Helper method to create properly configured httpsAgent\n * @returns {Agent.HttpsAgent} appropriate httpsAgent\n */\nfunction getHttpsAgent(allowInsecureConnection: boolean): Agent.HttpsAgent {\n if (httpsAgent) return httpsAgent;\n const options = {\n rejectUnauthorized: !allowInsecureConnection,\n };\n const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;\n if (httpsProxy) {\n // https://github.com/axios/axios/issues/3459\n console.error(`Using proxy ${httpsProxy}`['yellow']);\n const parsed = url.parse(httpsProxy);\n options['host'] = parsed.hostname;\n options['port'] = parsed.port;\n options['protocol'] = parsed.protocol;\n options.rejectUnauthorized = !allowInsecureConnection;\n httpsAgent = HttpsProxyAgent(options);\n return httpsAgent;\n }\n httpsAgent = new Agent.HttpsAgent({\n ...options,\n maxSockets,\n maxFreeSockets,\n timeout,\n freeSocketTimeout,\n });\n return httpsAgent;\n}\n\n/**\n * Get Proxy config\n * @returns {AxiosProxyConfig | false} axios proxy config or false\n */\nfunction getProxy(): AxiosProxyConfig | false {\n if (process.env.HTTPS_PROXY || process.env.https_proxy) return false;\n return null;\n}\n\n/**\n * Customize curlirize output\n * @param request axios request object\n */\nfunction curlirize(request, state: State) {\n _curlirize(request, (result, err) => {\n const { command } = result;\n if (err) {\n printMessage({ message: err, type: 'error', state });\n } else {\n curlirizeMessage({ message: command, state });\n }\n });\n}\n\n/**\n * Generates an AM Axios API instance\n * @param {object} resource Takes an object takes a resource object. example:\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either\n * add on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateAmApi({\n resource,\n requestOverride = {},\n state,\n}: {\n resource;\n requestOverride?;\n state: State;\n}) {\n let headers = {\n 'User-Agent': userAgent,\n 'X-ForgeRock-TransactionId': transactionId,\n 'Content-Type': 'application/json',\n // only add API version if we have it\n ...(resource.apiVersion && { 'Accept-API-Version': resource.apiVersion }),\n // only send session cookie if we know its name and value and we are not instructed to use the bearer token for AM APIs\n ...(!state.getUseBearerTokenForAmApis() &&\n state.getCookieName() &&\n state.getCookieValue() && {\n Cookie: `${state.getCookieName()}=${state.getCookieValue()}`,\n }),\n // only add authorization header if we have a bearer token and are instructed to use it for AM APIs\n ...(state.getUseBearerTokenForAmApis() &&\n state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n };\n if (requestOverride['headers']) {\n headers = {\n ...headers,\n ...requestOverride['headers'],\n };\n }\n\n const requestDetails = {\n // baseURL: `${storage.session.getTenant()}/json`,\n timeout,\n ...requestOverride,\n headers: {\n ...headers,\n ...state.getAuthenticationHeaderOverrides(),\n },\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request, state);\n }\n\n return request;\n}\n\n/**\n * Generates an OAuth2 Axios API instance\n * @param {object} resource Takes an object takes a resource object. example:\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either\n * add on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateOauth2Api({\n resource,\n requestOverride = {},\n state,\n}: {\n resource;\n requestOverride?;\n state: State;\n}) {\n let headers = {\n 'User-Agent': userAgent,\n 'X-ForgeRock-TransactionId': transactionId,\n // only add API version if we have it\n ...(resource.apiVersion && { 'Accept-API-Version': resource.apiVersion }),\n // only send session cookie if we know its name and value and we are not instructed to use the bearer token for AM APIs\n ...(!state.getUseBearerTokenForAmApis() &&\n state.getCookieName() &&\n state.getCookieValue() && {\n Cookie: `${state.getCookieName()}=${state.getCookieValue()}`,\n }),\n // only add authorization header if we have a bearer token and are instructed to use it for AM APIs\n ...(state.getUseBearerTokenForAmApis() &&\n state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n };\n if (requestOverride['headers']) {\n headers = {\n ...headers,\n ...requestOverride['headers'],\n };\n }\n\n const requestDetails = {\n // baseURL: `${storage.session.getTenant()}/json${resource.path}`,\n timeout,\n ...requestOverride,\n headers: {\n ...headers,\n ...state.getAuthenticationHeaderOverrides(),\n },\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request, state);\n }\n\n return request;\n}\n\n/**\n * Generates an IDM Axios API instance\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateIdmApi({\n requestOverride = {},\n state,\n}: {\n requestOverride?;\n state: State;\n}) {\n const requestDetails = {\n // baseURL: getTenantURL(storage.session.getTenant()),\n timeout,\n headers: {\n 'User-Agent': userAgent,\n 'X-ForgeRock-TransactionId': transactionId,\n 'Content-Type': 'application/json',\n // only add authorization header if we have a bearer token\n ...(state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n },\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n // if (storage.session.getBearerToken()) {\n // requestDetails.headers[\n // 'Authorization'\n // ] = `Bearer ${storage.session.getBearerToken()}`;\n // }\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request, state);\n }\n\n return request;\n}\n\n/**\n * Generates a LogKeys API Axios instance\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateLogKeysApi({\n requestOverride = {},\n state,\n}: {\n requestOverride?;\n state: State;\n}) {\n const headers = {\n 'User-Agent': userAgent,\n 'Content-Type': 'application/json',\n // only add authorization header if we have a bearer token\n ...(state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n };\n const requestDetails = {\n // baseURL: getTenantURL(storage.session.getTenant()),\n timeout,\n headers,\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request, state);\n }\n\n return request;\n}\n\n/**\n * Generates a Log API Axios instance\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateLogApi({\n requestOverride = {},\n state,\n}: {\n requestOverride?;\n state: State;\n}) {\n const headers = {\n 'User-Agent': userAgent,\n 'X-API-Key': state.getLogApiKey(),\n 'X-API-Secret': state.getLogApiSecret(),\n };\n const requestDetails = {\n // baseURL: getTenantURL(storage.session.getTenant()),\n timeout,\n headers,\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request, state);\n }\n\n return request;\n}\n\n/**\n * Generates an Axios instance for the Identity Cloud Environment API\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateEnvApi({\n resource,\n requestOverride = {},\n state,\n}: {\n resource: { apiVersion: string };\n requestOverride?: object;\n state: State;\n}): AxiosInstance {\n const headers = {\n 'User-Agent': userAgent,\n 'Content-Type': 'application/json',\n // only add API version if we have it\n ...(resource.apiVersion && { 'Accept-API-Version': resource.apiVersion }),\n // only add authorization header if we have a bearer token\n ...(state.getBearerToken() && {\n Authorization: `Bearer ${state.getBearerToken()}`,\n }),\n };\n const requestDetails = {\n // baseURL: getTenantURL(storage.session.getTenant()),\n timeout,\n headers,\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request, state);\n }\n\n return request;\n}\n\n/**\n * Generates a release (Github or Npm) Axios API instance\n * @param {object} requestOverride Takes an object of AXIOS parameters that can be used to either add\n * on extra information or override default properties https://github.com/axios/axios#request-config\n *\n * @returns {AxiosInstance}\n */\nexport function generateReleaseApi({\n baseUrl,\n requestOverride = {},\n state,\n}: {\n baseUrl: string;\n requestOverride?: object;\n state: State;\n}): AxiosInstance {\n const requestDetails = {\n baseURL: baseUrl,\n timeout,\n headers: {\n 'User-Agent': userAgent,\n 'Content-Type': 'application/json',\n },\n ...requestOverride,\n httpAgent: getHttpAgent(),\n httpsAgent: getHttpsAgent(state.getAllowInsecureConnection()),\n proxy: getProxy(),\n };\n\n const request = axios.create(requestDetails);\n\n // enable curlirizer output in debug mode\n if (state.getCurlirize()) {\n curlirize(request, state);\n }\n\n return request;\n}\n"]}
package/types/api/cloud/SecretsApi.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import State from '../../shared/State';
2
+ import { VersionOfSecretStatus } from '../ApiTypes';
2
3
  /**
3
4
  * Get all secrets
4
5
  * @returns {Promise<unknown[]>} a promise that resolves to an array of secrets
@@ -83,10 +84,6 @@ export declare function getVersionOfSecret({ secretId, version, state, }: {
83
84
  version: string;
84
85
  state: State;
85
86
  }): Promise<any>;
86
- export declare enum VersionOfSecretStatus {
87
- DISABLED = "DISABLED",
88
- ENABLED = "ENABLED"
89
- }
90
87
  /**
91
88
  * Update the status of a version of a secret
92
89
  * @param {string} secretId secret id/name
package/types/api/cloud/SecretsApi.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/api/cloud/SecretsApi.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,MAAM,oBAAoB,CAAC;AAgBvC;;;GAGG;AACH,wBAAsB,UAAU,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,KAAK,CAAA;CAAE,gBAY3D;AAED;;;;GAIG;AACH,wBAAsB,SAAS,CAAC,EAC9B,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,gBAaA;AAED;;;;;;;;GAQG;AACH,wBAAsB,SAAS,CAAC,EAC9B,QAAQ,EACR,KAAK,EACL,WAAW,EACX,QAAoB,EACpB,iBAAwB,EACxB,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,KAAK,EAAE,KAAK,CAAC;CACd,gBAqBA;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,CAAC,EACzC,QAAQ,EACR,WAAW,EACX,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,KAAK,CAAC;CACd,gBAWA;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,EACjC,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,gBAaA;AAED;;;;GAIG;AACH,wBAAsB,iBAAiB,CAAC,EACtC,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,gBAaA;AAED;;;;;GAKG;AACH,wBAAsB,wBAAwB,CAAC,EAC7C,QAAQ,EACR,KAAK,EACL,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,KAAK,CAAC;CACd,gBAWA;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CAAC,EACvC,QAAQ,EACR,OAAO,EACP,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,gBAcA;AAED,oBAAY,qBAAqB;IAC/B,QAAQ,aAAa;IACrB,OAAO,YAAY;CACpB;AAED;;;;;;GAMG;AACH,wBAAsB,0BAA0B,CAAC,EAC/C,QAAQ,EACR,OAAO,EACP,MAAM,EACN,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,qBAAqB,CAAC;IAC9B,KAAK,EAAE,KAAK,CAAC;CACd,gBAYA;AAED;;;;;GAKG;AACH,wBAAsB,qBAAqB,CAAC,EAC1C,QAAQ,EACR,OAAO,EACP,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,gBAcA","file":"SecretsApi.d.ts","sourcesContent":["import util from 'util';\nimport { encode } from '../utils/Base64';\nimport { getTenantURL } from '../utils/ApiUtils';\nimport { generateEnvApi } from '../BaseApi';\nimport State from '../../shared/State';\n\nconst secretsListURLTemplate = '%s/environment/secrets';\nconst secretListVersionsURLTemplate = '%s/environment/secrets/%s/versions';\nconst secretCreateNewVersionURLTemplate = `${secretListVersionsURLTemplate}?_action=create`;\nconst secretGetVersionURLTemplate = `${secretListVersionsURLTemplate}/%s`;\nconst secretVersionStatusURLTemplate = `${secretGetVersionURLTemplate}?_action=changestatus`;\nconst secretURLTemplate = '%s/environment/secrets/%s';\nconst secretSetDescriptionURLTemplate = `${secretURLTemplate}?_action=setDescription`;\n\nconst apiVersion = 'protocol=1.0,resource=1.0';\nconst getApiConfig = () => ({\n path: `/environment/secrets`,\n apiVersion,\n});\n\n/**\n * Get all secrets\n * @returns {Promise<unknown[]>} a promise that resolves to an array of secrets\n */\nexport async function getSecrets({ state }: { state: State }) {\n const urlString = util.format(\n secretsListURLTemplate,\n getTenantURL(state.getHost())\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).get(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Get secret\n * @param secretId secret id/name\n * @returns {Promise<unknown>} a promise that resolves to a secret\n */\nexport async function getSecret({\n secretId,\n state,\n}: {\n secretId: string;\n state: State;\n}) {\n const urlString = util.format(\n secretURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).get(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Create secret\n * @param {string} secretId secret id/name\n * @param {string} value secret value\n * @param {string} description secret description\n * @param {string} encoding secret encoding (only `generic` is supported)\n * @param {boolean} useInPlaceholders flag indicating if the secret can be used in placeholders\n * @returns {Promise<unknown>} a promise that resolves to a secret\n */\nexport async function putSecret({\n secretId,\n value,\n description,\n encoding = 'generic',\n useInPlaceholders = true,\n state,\n}: {\n secretId: string;\n value: string;\n description: string;\n encoding?: string;\n useInPlaceholders?: boolean;\n state: State;\n}) {\n if (encoding !== 'generic')\n throw new Error(`Unsupported encoding: ${encoding}`);\n const secretData = {\n valueBase64: encode(value),\n description,\n encoding,\n useInPlaceholders,\n };\n const urlString = util.format(\n secretURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).put(urlString, secretData, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Set secret description\n * @param {string} secretId secret id/name\n * @param {string} description secret description\n * @returns {Promise<unknown>} a promise that resolves to a status object\n */\nexport async function setSecretDescription({\n secretId,\n description,\n state,\n}: {\n secretId: string;\n description: string;\n state: State;\n}) {\n const urlString = util.format(\n secretSetDescriptionURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).post(urlString, { description }, { withCredentials: true });\n return data;\n}\n\n/**\n * Delete secret\n * @param {string} secretId secret id/name\n * @returns {Promise<unknown>} a promise that resolves to a secret object\n */\nexport async function deleteSecret({\n secretId,\n state,\n}: {\n secretId: string;\n state: State;\n}) {\n const urlString = util.format(\n secretURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).delete(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Get secret versions\n * @param {string} secretId secret id/name\n * @returns {Promise<unknown>} a promise that resolves to an array of secret versions\n */\nexport async function getSecretVersions({\n secretId,\n state,\n}: {\n secretId: string;\n state: State;\n}) {\n const urlString = util.format(\n secretListVersionsURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).get(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Create new secret version\n * @param {string} secretId secret id/name\n * @param {string} value secret value\n * @returns {Promise<unknown>} a promise that resolves to a version object\n */\nexport async function createNewVersionOfSecret({\n secretId,\n value,\n state,\n}: {\n secretId: string;\n value: string;\n state: State;\n}) {\n const urlString = util.format(\n secretCreateNewVersionURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).post(urlString, { valueBase64: encode(value) }, { withCredentials: true });\n return data;\n}\n\n/**\n * Get version of secret\n * @param {string} secretId secret id/name\n * @param {string} version secret version\n * @returns {Promise<unknown>} a promise that resolves to a version object\n */\nexport async function getVersionOfSecret({\n secretId,\n version,\n state,\n}: {\n secretId: string;\n version: string;\n state: State;\n}) {\n const urlString = util.format(\n secretGetVersionURLTemplate,\n getTenantURL(state.getHost()),\n secretId,\n version\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).get(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\nexport enum VersionOfSecretStatus {\n DISABLED = 'DISABLED',\n ENABLED = 'ENABLED',\n}\n\n/**\n * Update the status of a version of a secret\n * @param {string} secretId secret id/name\n * @param {string} version secret version\n * @param {VersionOfSecretStatus} status status\n * @returns {Promise<unknown>} a promise that resolves to a status object\n */\nexport async function setStatusOfVersionOfSecret({\n secretId,\n version,\n status,\n state,\n}: {\n secretId: string;\n version: string;\n status: VersionOfSecretStatus;\n state: State;\n}) {\n const urlString = util.format(\n secretVersionStatusURLTemplate,\n getTenantURL(state.getHost()),\n secretId,\n version\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).post(urlString, { status }, { withCredentials: true });\n return data;\n}\n\n/**\n * Delete version of secret\n * @param {string} secretId secret id/name\n * @param {string} version secret version\n * @returns {Promise<unknown>} a promise that resolves to a version object\n */\nexport async function deleteVersionOfSecret({\n secretId,\n version,\n state,\n}: {\n secretId: string;\n version: string;\n state: State;\n}) {\n const urlString = util.format(\n secretGetVersionURLTemplate,\n getTenantURL(state.getHost()),\n secretId,\n version\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).delete(urlString, {\n withCredentials: true,\n });\n return data;\n}\n"]}
1
+ {"version":3,"sources":["../src/api/cloud/SecretsApi.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,MAAM,oBAAoB,CAAC;AACvC,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAgBpD;;;GAGG;AACH,wBAAsB,UAAU,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,KAAK,CAAA;CAAE,gBAY3D;AAED;;;;GAIG;AACH,wBAAsB,SAAS,CAAC,EAC9B,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,gBAaA;AAED;;;;;;;;GAQG;AACH,wBAAsB,SAAS,CAAC,EAC9B,QAAQ,EACR,KAAK,EACL,WAAW,EACX,QAAoB,EACpB,iBAAwB,EACxB,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,KAAK,EAAE,KAAK,CAAC;CACd,gBAqBA;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,CAAC,EACzC,QAAQ,EACR,WAAW,EACX,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,KAAK,CAAC;CACd,gBAWA;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,EACjC,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,gBAaA;AAED;;;;GAIG;AACH,wBAAsB,iBAAiB,CAAC,EACtC,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,gBAaA;AAED;;;;;GAKG;AACH,wBAAsB,wBAAwB,CAAC,EAC7C,QAAQ,EACR,KAAK,EACL,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,KAAK,CAAC;CACd,gBAWA;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CAAC,EACvC,QAAQ,EACR,OAAO,EACP,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,gBAcA;AAED;;;;;;GAMG;AACH,wBAAsB,0BAA0B,CAAC,EAC/C,QAAQ,EACR,OAAO,EACP,MAAM,EACN,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,qBAAqB,CAAC;IAC9B,KAAK,EAAE,KAAK,CAAC;CACd,gBAYA;AAED;;;;;GAKG;AACH,wBAAsB,qBAAqB,CAAC,EAC1C,QAAQ,EACR,OAAO,EACP,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,gBAcA","file":"SecretsApi.d.ts","sourcesContent":["import util from 'util';\nimport { encode } from '../utils/Base64';\nimport { getTenantURL } from '../utils/ApiUtils';\nimport { generateEnvApi } from '../BaseApi';\nimport State from '../../shared/State';\nimport { VersionOfSecretStatus } from '../ApiTypes';\n\nconst secretsListURLTemplate = '%s/environment/secrets';\nconst secretListVersionsURLTemplate = '%s/environment/secrets/%s/versions';\nconst secretCreateNewVersionURLTemplate = `${secretListVersionsURLTemplate}?_action=create`;\nconst secretGetVersionURLTemplate = `${secretListVersionsURLTemplate}/%s`;\nconst secretVersionStatusURLTemplate = `${secretGetVersionURLTemplate}?_action=changestatus`;\nconst secretURLTemplate = '%s/environment/secrets/%s';\nconst secretSetDescriptionURLTemplate = `${secretURLTemplate}?_action=setDescription`;\n\nconst apiVersion = 'protocol=1.0,resource=1.0';\nconst getApiConfig = () => ({\n path: `/environment/secrets`,\n apiVersion,\n});\n\n/**\n * Get all secrets\n * @returns {Promise<unknown[]>} a promise that resolves to an array of secrets\n */\nexport async function getSecrets({ state }: { state: State }) {\n const urlString = util.format(\n secretsListURLTemplate,\n getTenantURL(state.getHost())\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).get(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Get secret\n * @param secretId secret id/name\n * @returns {Promise<unknown>} a promise that resolves to a secret\n */\nexport async function getSecret({\n secretId,\n state,\n}: {\n secretId: string;\n state: State;\n}) {\n const urlString = util.format(\n secretURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).get(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Create secret\n * @param {string} secretId secret id/name\n * @param {string} value secret value\n * @param {string} description secret description\n * @param {string} encoding secret encoding (only `generic` is supported)\n * @param {boolean} useInPlaceholders flag indicating if the secret can be used in placeholders\n * @returns {Promise<unknown>} a promise that resolves to a secret\n */\nexport async function putSecret({\n secretId,\n value,\n description,\n encoding = 'generic',\n useInPlaceholders = true,\n state,\n}: {\n secretId: string;\n value: string;\n description: string;\n encoding?: string;\n useInPlaceholders?: boolean;\n state: State;\n}) {\n if (encoding !== 'generic')\n throw new Error(`Unsupported encoding: ${encoding}`);\n const secretData = {\n valueBase64: encode(value),\n description,\n encoding,\n useInPlaceholders,\n };\n const urlString = util.format(\n secretURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).put(urlString, secretData, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Set secret description\n * @param {string} secretId secret id/name\n * @param {string} description secret description\n * @returns {Promise<unknown>} a promise that resolves to a status object\n */\nexport async function setSecretDescription({\n secretId,\n description,\n state,\n}: {\n secretId: string;\n description: string;\n state: State;\n}) {\n const urlString = util.format(\n secretSetDescriptionURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).post(urlString, { description }, { withCredentials: true });\n return data;\n}\n\n/**\n * Delete secret\n * @param {string} secretId secret id/name\n * @returns {Promise<unknown>} a promise that resolves to a secret object\n */\nexport async function deleteSecret({\n secretId,\n state,\n}: {\n secretId: string;\n state: State;\n}) {\n const urlString = util.format(\n secretURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).delete(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Get secret versions\n * @param {string} secretId secret id/name\n * @returns {Promise<unknown>} a promise that resolves to an array of secret versions\n */\nexport async function getSecretVersions({\n secretId,\n state,\n}: {\n secretId: string;\n state: State;\n}) {\n const urlString = util.format(\n secretListVersionsURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).get(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Create new secret version\n * @param {string} secretId secret id/name\n * @param {string} value secret value\n * @returns {Promise<unknown>} a promise that resolves to a version object\n */\nexport async function createNewVersionOfSecret({\n secretId,\n value,\n state,\n}: {\n secretId: string;\n value: string;\n state: State;\n}) {\n const urlString = util.format(\n secretCreateNewVersionURLTemplate,\n getTenantURL(state.getHost()),\n secretId\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).post(urlString, { valueBase64: encode(value) }, { withCredentials: true });\n return data;\n}\n\n/**\n * Get version of secret\n * @param {string} secretId secret id/name\n * @param {string} version secret version\n * @returns {Promise<unknown>} a promise that resolves to a version object\n */\nexport async function getVersionOfSecret({\n secretId,\n version,\n state,\n}: {\n secretId: string;\n version: string;\n state: State;\n}) {\n const urlString = util.format(\n secretGetVersionURLTemplate,\n getTenantURL(state.getHost()),\n secretId,\n version\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).get(urlString, {\n withCredentials: true,\n });\n return data;\n}\n\n/**\n * Update the status of a version of a secret\n * @param {string} secretId secret id/name\n * @param {string} version secret version\n * @param {VersionOfSecretStatus} status status\n * @returns {Promise<unknown>} a promise that resolves to a status object\n */\nexport async function setStatusOfVersionOfSecret({\n secretId,\n version,\n status,\n state,\n}: {\n secretId: string;\n version: string;\n status: VersionOfSecretStatus;\n state: State;\n}) {\n const urlString = util.format(\n secretVersionStatusURLTemplate,\n getTenantURL(state.getHost()),\n secretId,\n version\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).post(urlString, { status }, { withCredentials: true });\n return data;\n}\n\n/**\n * Delete version of secret\n * @param {string} secretId secret id/name\n * @param {string} version secret version\n * @returns {Promise<unknown>} a promise that resolves to a version object\n */\nexport async function deleteVersionOfSecret({\n secretId,\n version,\n state,\n}: {\n secretId: string;\n version: string;\n state: State;\n}) {\n const urlString = util.format(\n secretGetVersionURLTemplate,\n getTenantURL(state.getHost()),\n secretId,\n version\n );\n const { data } = await generateEnvApi({\n resource: getApiConfig(),\n state,\n }).delete(urlString, {\n withCredentials: true,\n });\n return data;\n}\n"]}
package/types/ops/AdminOps.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/ops/AdminOps.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,MAAM,iBAAiB,CAAC;AAGpC,MAAM,CAAC,OAAO,OAAO,QAAQ;IAC3B,KAAK,EAAE,KAAK,CAAC;gBACD,KAAK,EAAE,KAAK;IA6BlB,uBAAuB;IA0BvB,sBAAsB;IA6CtB,oCAAoC,CAAC,aAAa,EAAE,OAAO;IA4B3D,0BAA0B;IAI1B,gCAAgC,CAAC,QAAQ,EAAE,MAAM;IAIjD,iCAAiC,CAAC,QAAQ,EAAE,MAAM;IAIlD,qCAAqC,CACzC,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM;IAShB,oBAAoB,CACxB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,GAAG,OAAO,EACxB,QAAQ,EAAE,MAAM;IAYZ,uBAAuB,CAAC,OAAO,EAAE,MAAM;IAIvC,8BAA8B,CAClC,iBAAiB,EAAE,OAAO,EAC1B,MAAM,EAAE,OAAO;IASX,8BAA8B,CAClC,iBAAiB,EAAE,OAAO,EAC1B,MAAM,EAAE,OAAO;IASX,cAAc,CAClB,iBAAiB,EAAE,OAAO,EAC1B,iBAAiB,EAAE,OAAO,EAC1B,MAAM,EAAE,OAAO;CASlB;AAuED,wBAAsB,uBAAuB,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,KAAK,CAAA;CAAE,gBAcxE;AAwBD,wBAAsB,sBAAsB,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,KAAK,CAAA;CAAE,gBAoCvE;AA2CD,wBAAsB,oCAAoC,CAAC,EACzD,aAAa,EACb,KAAK,GACN,EAAE;IACD,aAAa,EAAE,OAAO,CAAC;IACvB,KAAK,EAAE,KAAK,CAAC;CACd,gBA+BA;AAiMD,wBAAsB,0BAA0B,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,KAAK,CAAA;CAAE,iBAsD3E;AAED,wBAAsB,gCAAgC,CAAC,EACrD,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBAsBA;AA+ID,wBAAsB,iCAAiC,CAAC,EACtD,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBAsBA;AAED,wBAAsB,qCAAqC,CAAC,EAC1D,QAAQ,EACR,YAAY,EACZ,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,KAAK,CAAC;CACd,iBAcA;AAED,wBAAsB,oBAAoB,CAAC,EACzC,QAAQ,EACR,YAAY,EACZ,KAAK,EACL,MAAM,EACN,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,gBAwDA;AAED,wBAAsB,uBAAuB,CAAC,EAC5C,OAAO,EACP,KAAK,GACN,EAAE;IACD,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,iBAgCA;AAED,wBAAsB,8BAA8B,CAAC,EACnD,iBAAiB,EACjB,MAAM,EACN,KAAK,GACN,EAAE;IACD,iBAAiB,EAAE,OAAO,CAAC;IAC3B,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,iBA6CA;AAED,wBAAsB,8BAA8B,CAAC,EACnD,iBAAiB,EACjB,MAAM,EACN,KAAK,GACN,EAAE;IACD,iBAAiB,EAAE,OAAO,CAAC;IAC3B,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,iBA6CA;AA4GD,wBAAsB,cAAc,CAAC,EACnC,iBAAiB,EACjB,iBAAiB,EACjB,MAAM,EACN,KAAK,GACN,EAAE;IACD,iBAAiB,EAAE,OAAO,CAAC;IAC3B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,iBAgBA","file":"AdminOps.d.ts","sourcesContent":["import fs from 'fs';\nimport _ from 'lodash';\nimport {\n getOAuth2Clients,\n getOAuth2Client,\n putOAuth2Client,\n} from '../ops/OAuth2ClientOps';\nimport { getConfigEntity, putConfigEntity } from '../api/IdmConfigApi';\nimport { isEqualJson, getRealmManagedUser } from './utils/OpsUtils';\nimport { getRealmManagedOrganization } from './OrganizationOps';\nimport { getOAuth2Provider } from '../ops/OAuth2ProviderOps';\nimport { putSecret } from '../api/cloud/SecretsApi';\nimport { clientCredentialsGrant } from '../api/OAuth2OIDCApi';\nimport { printMessage } from './utils/Console';\nimport path from 'path';\nimport { fileURLToPath } from 'url';\nimport State from '../shared/State';\nimport { OAuth2ClientSkeleton } from '../api/ApiTypes';\n\nexport default class AdminOps {\n state: State;\n constructor(state: State) {\n this.state = state;\n }\n\n /*\n * List all oauth2 clients, which have a corresponding staticUserMapping\n * in the IDM authentication.json:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n }\n ]\n }\n }\n */\n async listOAuth2CustomClients() {\n return listOAuth2CustomClients({ state: this.state });\n }\n\n /*\n * List all oauth2 clients, which have the fr:idm:* scope and a \n * corresponding staticUserMapping in the IDM authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\n async listOAuth2AdminClients() {\n return listOAuth2AdminClients({ state: this.state });\n }\n\n /*\n * List all static user mappings that are not oauth2 clients in authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"amadmin\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"idm-provisioning\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n },\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\n async listNonOAuth2AdminStaticUserMappings(showProtected: boolean) {\n return listNonOAuth2AdminStaticUserMappings({\n showProtected,\n state: this.state,\n });\n }\n\n /*\n * Add AutoId static user mapping to authentication.json to enable dashboards and other AutoId-based functionality.\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n ...\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\n async addAutoIdStaticUserMapping() {\n return addAutoIdStaticUserMapping({ state: this.state });\n }\n\n async grantOAuth2ClientAdminPrivileges(clientId: string) {\n return grantOAuth2ClientAdminPrivileges({ clientId, state: this.state });\n }\n\n async revokeOAuth2ClientAdminPrivileges(clientId: string) {\n return revokeOAuth2ClientAdminPrivileges({ clientId, state: this.state });\n }\n\n async createOAuth2ClientWithAdminPrivileges(\n clientId: string,\n clientSecret: string\n ) {\n return createOAuth2ClientWithAdminPrivileges({\n clientId,\n clientSecret,\n state: this.state,\n });\n }\n\n async createLongLivedToken(\n clientId: string,\n clientSecret: string,\n scope: string,\n secret: string | boolean,\n lifetime: number\n ) {\n return createLongLivedToken({\n clientId,\n clientSecret,\n scope,\n secret,\n lifetime,\n state: this.state,\n });\n }\n\n async removeStaticUserMapping(subject: string) {\n return removeStaticUserMapping({ subject, state: this.state });\n }\n\n async hideGenericExtensionAttributes(\n includeCustomized: boolean,\n dryRun: boolean\n ) {\n return hideGenericExtensionAttributes({\n includeCustomized,\n dryRun,\n state: this.state,\n });\n }\n\n async showGenericExtensionAttributes(\n includeCustomized: boolean,\n dryRun: boolean\n ) {\n return showGenericExtensionAttributes({\n includeCustomized,\n dryRun,\n state: this.state,\n });\n }\n\n async repairOrgModel(\n excludeCustomized: boolean,\n extendPermissions: boolean,\n dryRun: boolean\n ) {\n return repairOrgModel({\n excludeCustomized,\n extendPermissions,\n dryRun,\n state: this.state,\n });\n }\n}\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\n\nconst OAUTH2_CLIENT = JSON.parse(\n fs.readFileSync(\n path.resolve(__dirname, './templates/OAuth2ClientTemplate.json'),\n 'utf8'\n )\n);\nconst GENERIC_EXTENSION_ATTRIBUTES = JSON.parse(\n fs.readFileSync(\n path.resolve(\n __dirname,\n './templates/cloud/GenericExtensionAttributesTemplate.json'\n ),\n 'utf8'\n )\n);\n\nconst protectedClients = ['ui', 'idm-provisioning'];\nconst protectedSubjects = ['amadmin', 'autoid-resource-server'];\n\nconst privilegedScopes = [\n 'am-introspect-all-tokens',\n 'fr:idm:*',\n 'fr:idc:esv:*',\n];\n// const privilegedUsers = ['openidm-admin'];\nconst privilegedRoles = [\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\n\nconst adminScopes = ['fr:idm:*', 'fr:idc:esv:*'];\nconst adminDefaultScopes = ['fr:idm:*'];\nconst adminRoles = [\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\nconst autoIdRoles = [\n 'internal/role/platform-provisioning',\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\n\n/*\n * List all oauth2 clients, which have a corresponding staticUserMapping\n * in the IDM authentication.json:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n }\n ]\n }\n }\n */\nexport async function listOAuth2CustomClients({ state }: { state: State }) {\n let clients = await getOAuth2Clients({ state });\n clients = clients\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n const subjects = authentication.rsFilter.staticUserMapping\n .map((mapping) => mapping.subject)\n .filter((subject) => !protectedSubjects.includes(subject));\n const adminClients = subjects.filter((subject) => clients.includes(subject));\n return adminClients;\n}\n\n/*\n * List all oauth2 clients, which have the fr:idm:* scope and a \n * corresponding staticUserMapping in the IDM authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function listOAuth2AdminClients({ state }: { state: State }) {\n let clients = await getOAuth2Clients({ state });\n clients = clients\n .filter((client) => {\n let isPrivileged = false;\n if (client.coreOAuth2ClientConfig.scopes) {\n client.coreOAuth2ClientConfig.scopes.forEach((scope) => {\n if (privilegedScopes.includes(scope)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n const subjects = authentication.rsFilter.staticUserMapping\n .filter((mapping) => {\n let isPrivileged = false;\n if (mapping.roles) {\n mapping.roles.forEach((role) => {\n if (privilegedRoles.includes(role)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((mapping) => mapping.subject)\n .filter((subject) => !protectedSubjects.includes(subject));\n const adminClients = subjects.filter((subject) => clients.includes(subject));\n return adminClients;\n}\n\n/*\n * List all static user mappings that are not oauth2 clients in authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"amadmin\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"idm-provisioning\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n },\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function listNonOAuth2AdminStaticUserMappings({\n showProtected,\n state,\n}: {\n showProtected: boolean;\n state: State;\n}) {\n let clients = await getOAuth2Clients({ state });\n clients = clients\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n let subjects = authentication.rsFilter.staticUserMapping\n .filter((mapping) => {\n let isPrivileged = false;\n if (mapping.roles) {\n mapping.roles.forEach((role) => {\n if (privilegedRoles.includes(role)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((mapping) => mapping.subject);\n if (!showProtected) {\n subjects = subjects.filter(\n (subject) => !protectedSubjects.includes(subject)\n );\n }\n const adminSubjects = subjects.filter(\n (subject) => !clients.includes(subject)\n );\n return adminSubjects;\n}\n\nasync function getDynamicClientRegistrationScope({ state }: { state: State }) {\n const provider = await getOAuth2Provider({ state });\n return provider.clientDynamicRegistrationConfig\n .dynamicClientRegistrationScope;\n}\n\nasync function addAdminScopes({\n clientId,\n client,\n state,\n}: {\n clientId: string;\n client: OAuth2ClientSkeleton;\n state: State;\n}) {\n const modClient = client;\n const allAdminScopes = adminScopes.concat([\n await getDynamicClientRegistrationScope({ state }),\n ]);\n let addScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.scopes &&\n modClient.coreOAuth2ClientConfig.scopes.value\n ) {\n addScopes = allAdminScopes.filter((scope) => {\n let add = false;\n if (!modClient.coreOAuth2ClientConfig.scopes.value.includes(scope)) {\n add = true;\n }\n return add;\n });\n modClient.coreOAuth2ClientConfig.scopes.value =\n modClient.coreOAuth2ClientConfig.scopes.value.concat(addScopes);\n } else {\n modClient.coreOAuth2ClientConfig.scopes.value = allAdminScopes;\n }\n let addDefaultScope = false;\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes &&\n modClient.coreOAuth2ClientConfig.defaultScopes.value\n ) {\n if (modClient.coreOAuth2ClientConfig.defaultScopes.value.length === 0) {\n addDefaultScope = true;\n modClient.coreOAuth2ClientConfig.defaultScopes.value = adminDefaultScopes;\n } else {\n printMessage(\n `Client \"${clientId}\" already has default scopes configured, not adding admin default scope.`\n );\n }\n }\n if (addScopes.length > 0 || addDefaultScope) {\n printMessage(`Adding admin scopes to client \"${clientId}\"...`);\n } else {\n printMessage(`Client \"${clientId}\" already has admin scopes.`);\n }\n return modClient;\n}\n\nfunction addClientCredentialsGrantType({\n clientId,\n client,\n}: {\n clientId: string;\n client: OAuth2ClientSkeleton;\n}) {\n const modClient = client;\n let modified = false;\n if (\n modClient.advancedOAuth2ClientConfig.grantTypes &&\n modClient.advancedOAuth2ClientConfig.grantTypes.value\n ) {\n if (\n !modClient.advancedOAuth2ClientConfig.grantTypes.value.includes(\n 'client_credentials'\n )\n ) {\n modified = true;\n modClient.advancedOAuth2ClientConfig.grantTypes.value.push(\n 'client_credentials'\n );\n }\n } else {\n modClient.advancedOAuth2ClientConfig.grantTypes.value = [\n 'client_credentials',\n ];\n }\n modClient.advancedOAuth2ClientConfig.grantTypes.inherited = false;\n if (modified) {\n printMessage(\n `Adding client credentials grant type to client \"${clientId}\"...`\n );\n } else {\n printMessage(\n `Client \"${clientId}\" already has client credentials grant type.`\n );\n }\n return modClient;\n}\n\nasync function addAdminStaticUserMapping({\n name,\n state,\n}: {\n name: string;\n state: State;\n}) {\n let authentication = {};\n try {\n authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n } catch (error) {\n printMessage(\n `Error reading IDM authentication configuration: ${error.message}`,\n 'error'\n );\n }\n let needsAdminMapping = true;\n let addRoles = [];\n const mappings = authentication['rsFilter']['staticUserMapping'].map(\n (mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n needsAdminMapping = false;\n addRoles = adminRoles.filter((role) => {\n let add = false;\n if (!mapping.roles.includes(role)) {\n add = true;\n }\n return add;\n });\n const newMapping = mapping;\n newMapping.roles = newMapping.roles.concat(addRoles);\n return newMapping;\n }\n );\n if (needsAdminMapping) {\n printMessage(`Creating static user mapping for client \"${name}\"...`);\n mappings.push({\n subject: name,\n localUser: 'internal/user/openidm-admin',\n userRoles: 'authzRoles/*',\n roles: adminRoles,\n });\n }\n authentication['rsFilter']['staticUserMapping'] = mappings;\n if (addRoles.length > 0 || needsAdminMapping) {\n printMessage(\n `Adding admin roles to static user mapping for client \"${name}\"...`\n );\n try {\n await putConfigEntity({\n entityId: 'authentication',\n entityData: authentication,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(\n `Static user mapping for client \"${name}\" already has admin roles.`\n );\n }\n}\n\n/*\n * Add AutoId static user mapping to authentication.json to enable dashboards and other AutoId-based functionality.\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n ...\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function addAutoIdStaticUserMapping({ state }: { state: State }) {\n const name = 'autoid-resource-server';\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n let needsAdminMapping = true;\n let addRoles = [];\n const mappings = authentication.rsFilter.staticUserMapping.map((mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n needsAdminMapping = false;\n addRoles = autoIdRoles.filter((role) => {\n let add = false;\n if (!mapping.roles.includes(role)) {\n add = true;\n }\n return add;\n });\n const newMapping = mapping;\n newMapping.roles = newMapping.roles.concat(addRoles);\n return newMapping;\n });\n if (needsAdminMapping) {\n printMessage(`Creating static user mapping for AutoId client \"${name}\"...`);\n mappings.push({\n subject: name,\n localUser: 'internal/user/idm-provisioning',\n userRoles: 'authzRoles/*',\n roles: autoIdRoles,\n });\n }\n authentication.rsFilter.staticUserMapping = mappings;\n if (addRoles.length > 0 || needsAdminMapping) {\n printMessage(\n `Adding required roles to static user mapping for AutoId client \"${name}\"...`\n );\n try {\n await putConfigEntity({\n entityId: 'authentication',\n entityData: authentication,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(\n `Static user mapping for AutoId client \"${name}\" already has all required roles.`\n );\n }\n}\n\nexport async function grantOAuth2ClientAdminPrivileges({\n clientId,\n state,\n}: {\n clientId: string;\n state: State;\n}) {\n let client = await getOAuth2Client({ clientId, state });\n if (client.coreOAuth2ClientConfig.clientName.value.length === 0) {\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n }\n if (\n client.advancedOAuth2ClientConfig.descriptions.value.length === 0 ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Modified by Frodo'\n ) ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Created by Frodo'\n )\n ) {\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Modified by Frodo on ${new Date().toLocaleString()}`,\n ];\n }\n client = await addAdminScopes({ clientId, client, state });\n client = addClientCredentialsGrantType({ clientId, client });\n await putOAuth2Client({ clientId, clientData: client, state });\n await addAdminStaticUserMapping({ name: clientId, state });\n}\n\nasync function removeAdminScopes({\n name,\n client,\n state,\n}: {\n name: string;\n client: OAuth2ClientSkeleton;\n state: State;\n}) {\n const modClient = client;\n const allAdminScopes = adminScopes.concat([\n await getDynamicClientRegistrationScope({ state }),\n ]);\n let finalScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.scopes &&\n modClient.coreOAuth2ClientConfig.scopes.value\n ) {\n finalScopes = modClient.coreOAuth2ClientConfig.scopes.value.filter(\n (scope) => !allAdminScopes.includes(scope)\n );\n }\n if (\n modClient.coreOAuth2ClientConfig.scopes.value.length > finalScopes.length\n ) {\n printMessage(`Removing admin scopes from client \"${name}\"...`);\n modClient.coreOAuth2ClientConfig.scopes.value = finalScopes;\n } else {\n printMessage(`Client \"${name}\" has no admin scopes.`);\n }\n let finalDefaultScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes &&\n modClient.coreOAuth2ClientConfig.defaultScopes.value\n ) {\n finalDefaultScopes =\n modClient.coreOAuth2ClientConfig.defaultScopes.value.filter(\n (scope) => !adminDefaultScopes.includes(scope)\n );\n }\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes.value.length >\n finalDefaultScopes.length\n ) {\n printMessage(`Removing admin default scopes from client \"${name}\"...`);\n modClient.coreOAuth2ClientConfig.defaultScopes.value = finalDefaultScopes;\n } else {\n printMessage(`Client \"${name}\" has no admin default scopes.`);\n }\n return modClient;\n}\n\nfunction removeClientCredentialsGrantType({\n clientId,\n client,\n}: {\n clientId: string;\n client: OAuth2ClientSkeleton;\n}) {\n const modClient = client;\n let modified = false;\n let finalGrantTypes = [];\n if (\n modClient.advancedOAuth2ClientConfig.grantTypes &&\n modClient.advancedOAuth2ClientConfig.grantTypes.value\n ) {\n finalGrantTypes =\n modClient.advancedOAuth2ClientConfig.grantTypes.value.filter(\n (grantType) => grantType !== 'client_credentials'\n );\n modified =\n modClient.advancedOAuth2ClientConfig.grantTypes.value.length >\n finalGrantTypes.length;\n }\n if (modified) {\n printMessage(\n `Removing client credentials grant type from client \"${clientId}\"...`\n );\n modClient.advancedOAuth2ClientConfig.grantTypes.value = finalGrantTypes;\n } else {\n printMessage(\n `Client \"${clientId}\" does not allow client credentials grant type.`\n );\n }\n return modClient;\n}\n\nasync function removeAdminStaticUserMapping({\n name,\n state,\n}: {\n name: string;\n state: State;\n}) {\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n let finalRoles = [];\n let removeMapping = false;\n let modified = false;\n const mappings = authentication.rsFilter.staticUserMapping\n .map((mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n finalRoles = mapping.roles.filter((role) => !adminRoles.includes(role));\n const newMapping = mapping;\n removeMapping = finalRoles.length === 0; // if there are no more roles left on this mapping, flag it for removal\n modified = mapping.roles.length > finalRoles.length; // if there were roles removed, set modified flag\n newMapping.roles = finalRoles;\n return newMapping;\n })\n .filter((mapping) => mapping.subject !== name || !removeMapping);\n authentication.rsFilter.staticUserMapping = mappings;\n if (modified || removeMapping) {\n if (removeMapping) {\n printMessage(`Removing static user mapping for client \"${name}\"...`);\n } else {\n printMessage(\n `Removing admin roles from static user mapping for client \"${name}\"...`\n );\n }\n try {\n await putConfigEntity({\n entityId: 'authentication',\n entityData: authentication,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(\n `Static user mapping for client \"${name}\" has no admin roles.`\n );\n }\n}\n\nexport async function revokeOAuth2ClientAdminPrivileges({\n clientId,\n state,\n}: {\n clientId: string;\n state: State;\n}) {\n let client = await getOAuth2Client({ clientId, state });\n if (client.coreOAuth2ClientConfig.clientName.value.length === 0) {\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n }\n if (\n client.advancedOAuth2ClientConfig.descriptions.value.length === 0 ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Modified by Frodo'\n ) ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Created by Frodo'\n )\n ) {\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Modified by Frodo on ${new Date().toLocaleString()}`,\n ];\n }\n client = await removeAdminScopes({ name: clientId, client, state });\n client = removeClientCredentialsGrantType({ clientId, client });\n await putOAuth2Client({ clientId, clientData: client, state });\n await removeAdminStaticUserMapping({ name: clientId, state });\n}\n\nexport async function createOAuth2ClientWithAdminPrivileges({\n clientId,\n clientSecret,\n state,\n}: {\n clientId: string;\n clientSecret: string;\n state: State;\n}) {\n let client = OAUTH2_CLIENT;\n client.coreOAuth2ClientConfig.userpassword = clientSecret;\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Created by Frodo on ${new Date().toLocaleString()}`,\n ];\n try {\n client = await addAdminScopes({ clientId, client, state });\n await putOAuth2Client({ clientId, clientData: client, state });\n await addAdminStaticUserMapping({ name: clientId, state });\n } catch (error) {\n printMessage(`Error creating oauth2 client: ${error.message}`, 'error');\n }\n}\n\nexport async function createLongLivedToken({\n clientId,\n clientSecret,\n scope,\n secret,\n lifetime,\n state,\n}: {\n clientId: string;\n clientSecret: string;\n scope: string;\n secret: string | boolean;\n lifetime: number;\n state: State;\n}) {\n // get oauth2 client\n const client = await getOAuth2Client({ clientId, state });\n client.userpassword = clientSecret;\n // remember current lifetime\n const rememberedLifetime =\n client.coreOAuth2ClientConfig.accessTokenLifetime.value || 3600;\n // set long token lifetime\n client.coreOAuth2ClientConfig.accessTokenLifetime.value = lifetime;\n await putOAuth2Client({ clientId, clientData: client, state });\n const response = await clientCredentialsGrant({\n amBaseUrl: state.getHost(),\n clientId,\n clientSecret,\n scope,\n state,\n });\n const expires = new Date().getTime() + 1000 * response.expires_in;\n response.expires_on = new Date(expires).toLocaleString();\n // reset token lifetime\n client.coreOAuth2ClientConfig.accessTokenLifetime.value = rememberedLifetime;\n await putOAuth2Client({ clientId, clientData: client, state });\n // create secret with token as value\n if (secret) {\n const description = 'Long-lived admin token';\n try {\n await putSecret({\n secretId: secret as string,\n value: response.access_token,\n description,\n state,\n });\n response.secret = secret;\n } catch (error) {\n if (\n _.get(error, 'response.data.code') === 400 &&\n _.get(error, 'response.data.message') ===\n 'Failed to create secret, the secret already exists'\n ) {\n const newSecret = `${secret}-${expires}`;\n printMessage(\n `esv '${secret}' already exists, using ${newSecret}`,\n 'warn'\n );\n await putSecret({\n secretId: newSecret,\n value: response.access_token,\n description,\n state,\n });\n response.secret = newSecret;\n }\n }\n delete response.access_token;\n }\n return response;\n}\n\nexport async function removeStaticUserMapping({\n subject,\n state,\n}: {\n subject: string;\n state: State;\n}) {\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n let removeMapping = false;\n const mappings = authentication.rsFilter.staticUserMapping.filter(\n (mapping) => {\n // find the subject and flag it\n if (mapping.subject === subject) {\n removeMapping = true;\n }\n // ignore mappings for other subjects\n return mapping.subject !== subject;\n }\n );\n authentication.rsFilter.staticUserMapping = mappings;\n if (removeMapping) {\n printMessage(`Removing static user mapping for subject \"${subject}\"...`);\n try {\n await putConfigEntity({\n entityId: 'authentication',\n entityData: authentication,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(`No static user mapping for subject \"${subject}\" found.`);\n }\n}\n\nexport async function hideGenericExtensionAttributes({\n includeCustomized,\n dryRun,\n state,\n}: {\n includeCustomized: boolean;\n dryRun: boolean;\n state: State;\n}) {\n const managed = await getConfigEntity({ entityId: 'managed', state });\n const propertyNames = Object.keys(GENERIC_EXTENSION_ATTRIBUTES);\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser({ state })) {\n return object;\n }\n propertyNames.forEach((name) => {\n if (\n isEqualJson(\n GENERIC_EXTENSION_ATTRIBUTES[name],\n object.schema.properties[name],\n ['viewable', 'usageDescription']\n ) ||\n includeCustomized\n ) {\n if (object.schema.properties[name].viewable) {\n printMessage(`${name}: hide`);\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].viewable = false;\n } else {\n printMessage(`${name}: ignore (already hidden)`);\n }\n } else {\n printMessage(`${name}: skip (customized)`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (dryRun) {\n printMessage('Dry-run only. Changes are not saved.');\n } else {\n try {\n await putConfigEntity({\n entityId: 'managed',\n entityData: managed,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n}\n\nexport async function showGenericExtensionAttributes({\n includeCustomized,\n dryRun,\n state,\n}: {\n includeCustomized: boolean;\n dryRun: boolean;\n state: State;\n}) {\n const managed = await getConfigEntity({ entityId: 'managed', state });\n const propertyNames = Object.keys(GENERIC_EXTENSION_ATTRIBUTES);\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser({ state })) {\n return object;\n }\n propertyNames.forEach((name) => {\n if (\n isEqualJson(\n GENERIC_EXTENSION_ATTRIBUTES[name],\n object.schema.properties[name],\n ['viewable', 'usageDescription']\n ) ||\n includeCustomized\n ) {\n if (!object.schema.properties[name].viewable) {\n printMessage(`${name}: show`);\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].viewable = true;\n } else {\n printMessage(`${name}: ignore (already showing)`);\n }\n } else {\n printMessage(`${name}: skip (customized)`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (dryRun) {\n printMessage('Dry-run only. Changes are not saved.');\n } else {\n try {\n await putConfigEntity({\n entityId: 'managed',\n entityData: managed,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n}\n\nasync function repairOrgModelUser({\n dryRun,\n state,\n}: {\n dryRun: boolean;\n state: State;\n}) {\n const managed = await getConfigEntity({ entityId: 'managed', state });\n const RDVPs = ['memberOfOrgIDs'];\n let repairData = false;\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser({ state })) {\n return object;\n }\n printMessage(`${object.name}: checking...`);\n RDVPs.forEach((name) => {\n if (!object.schema.properties[name].queryConfig.flattenProperties) {\n printMessage(`- ${name}: repairing - needs flattening`, 'warn');\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].queryConfig.flattenProperties = true;\n repairData = true;\n } else {\n printMessage(`- ${name}: OK`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (!dryRun) {\n try {\n await putConfigEntity({\n entityId: 'managed',\n entityData: managed,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n return repairData;\n}\n\nasync function repairOrgModelOrg({\n dryRun,\n state,\n}: {\n dryRun: boolean;\n state: State;\n}) {\n const managed = await getConfigEntity({ entityId: 'managed', state });\n const RDVPs = [\n 'adminIDs',\n 'ownerIDs',\n 'parentAdminIDs',\n 'parentOwnerIDs',\n 'parentIDs',\n ];\n let repairData = false;\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedOrganization({ state })) {\n return object;\n }\n printMessage(`${object.name}: checking...`);\n RDVPs.forEach((name) => {\n if (!object.schema.properties[name].queryConfig.flattenProperties) {\n printMessage(`- ${name}: repairing - needs flattening`, 'warn');\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].queryConfig.flattenProperties = true;\n repairData = true;\n } else {\n printMessage(`- ${name}: OK`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (!dryRun) {\n try {\n await putConfigEntity({\n entityId: 'managed',\n entityData: managed,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n return repairData;\n}\n\nasync function repairOrgModelData(dryRun = false) {\n if (!dryRun) {\n // const rootOrgs = await findRootOrganizations();\n }\n}\n\nasync function extendOrgModelPermissins(dryRun = false) {\n if (!dryRun) {\n // const rootOrgs = await findRootOrganizations();\n }\n}\n\nexport async function repairOrgModel({\n excludeCustomized,\n extendPermissions,\n dryRun,\n state,\n}: {\n excludeCustomized: boolean;\n extendPermissions: boolean;\n dryRun: boolean;\n state: State;\n}) {\n let repairData = false;\n repairData = repairData || (await repairOrgModelUser({ dryRun, state }));\n repairData = repairData || (await repairOrgModelOrg({ dryRun, state }));\n if (excludeCustomized) {\n //\n }\n if (repairData) {\n await repairOrgModelData(dryRun);\n }\n if (extendPermissions) {\n await extendOrgModelPermissins(dryRun);\n }\n if (dryRun) {\n printMessage('Dry-run only. Changes are not saved.', 'warn');\n }\n}\n\n// suggested by John K.\n// export async function removeRealmNameFromManagedObjectLabels() {}\n// export async function addRealmNameToManagedObjectLabels() {}\n// export async function cleanUpPostmanArtifacts() {}\n// export async function createSampleThemes() {}\n"]}
1
+ {"version":3,"sources":["../src/ops/AdminOps.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,MAAM,iBAAiB,CAAC;AAGpC,MAAM,CAAC,OAAO,OAAO,QAAQ;IAC3B,KAAK,EAAE,KAAK,CAAC;gBACD,KAAK,EAAE,KAAK;IA6BlB,uBAAuB;IA0BvB,sBAAsB;IA6CtB,oCAAoC,CAAC,aAAa,EAAE,OAAO;IA4B3D,0BAA0B;IAI1B,gCAAgC,CAAC,QAAQ,EAAE,MAAM;IAIjD,iCAAiC,CAAC,QAAQ,EAAE,MAAM;IAIlD,qCAAqC,CACzC,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM;IAShB,oBAAoB,CACxB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,GAAG,OAAO,EACxB,QAAQ,EAAE,MAAM;IAYZ,uBAAuB,CAAC,OAAO,EAAE,MAAM;IAIvC,8BAA8B,CAClC,iBAAiB,EAAE,OAAO,EAC1B,MAAM,EAAE,OAAO;IASX,8BAA8B,CAClC,iBAAiB,EAAE,OAAO,EAC1B,MAAM,EAAE,OAAO;IASX,cAAc,CAClB,iBAAiB,EAAE,OAAO,EAC1B,iBAAiB,EAAE,OAAO,EAC1B,MAAM,EAAE,OAAO;CASlB;AAuED,wBAAsB,uBAAuB,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,KAAK,CAAA;CAAE,gBAcxE;AAwBD,wBAAsB,sBAAsB,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,KAAK,CAAA;CAAE,gBAoCvE;AA2CD,wBAAsB,oCAAoC,CAAC,EACzD,aAAa,EACb,KAAK,GACN,EAAE;IACD,aAAa,EAAE,OAAO,CAAC;IACvB,KAAK,EAAE,KAAK,CAAC;CACd,gBA+BA;AAsND,wBAAsB,0BAA0B,CAAC,EAAE,KAAK,EAAE,EAAE;IAAE,KAAK,EAAE,KAAK,CAAA;CAAE,iBA+D3E;AAED,wBAAsB,gCAAgC,CAAC,EACrD,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBAsBA;AAqKD,wBAAsB,iCAAiC,CAAC,EACtD,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,iBAsBA;AAED,wBAAsB,qCAAqC,CAAC,EAC1D,QAAQ,EACR,YAAY,EACZ,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,KAAK,CAAC;CACd,iBAkBA;AAED,wBAAsB,oBAAoB,CAAC,EACzC,QAAQ,EACR,YAAY,EACZ,KAAK,EACL,MAAM,EACN,QAAQ,EACR,KAAK,GACN,EAAE;IACD,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,KAAK,CAAC;CACd,gBAyDA;AAED,wBAAsB,uBAAuB,CAAC,EAC5C,OAAO,EACP,KAAK,GACN,EAAE;IACD,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,iBA0CA;AAED,wBAAsB,8BAA8B,CAAC,EACnD,iBAAiB,EACjB,MAAM,EACN,KAAK,GACN,EAAE;IACD,iBAAiB,EAAE,OAAO,CAAC;IAC3B,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,iBAiDA;AAED,wBAAsB,8BAA8B,CAAC,EACnD,iBAAiB,EACjB,MAAM,EACN,KAAK,GACN,EAAE;IACD,iBAAiB,EAAE,OAAO,CAAC;IAC3B,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,iBAiDA;AA4HD,wBAAsB,cAAc,CAAC,EACnC,iBAAiB,EACjB,iBAAiB,EACjB,MAAM,EACN,KAAK,GACN,EAAE;IACD,iBAAiB,EAAE,OAAO,CAAC;IAC3B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,KAAK,CAAC;CACd,iBAoBA","file":"AdminOps.d.ts","sourcesContent":["import fs from 'fs';\nimport _ from 'lodash';\nimport {\n getOAuth2Clients,\n getOAuth2Client,\n putOAuth2Client,\n} from '../ops/OAuth2ClientOps';\nimport { getConfigEntity, putConfigEntity } from '../api/IdmConfigApi';\nimport { isEqualJson, getRealmManagedUser } from './utils/OpsUtils';\nimport { getRealmManagedOrganization } from './OrganizationOps';\nimport { getOAuth2Provider } from '../ops/OAuth2ProviderOps';\nimport { putSecret } from '../api/cloud/SecretsApi';\nimport { clientCredentialsGrant } from '../api/OAuth2OIDCApi';\nimport { printMessage } from './utils/Console';\nimport path from 'path';\nimport { fileURLToPath } from 'url';\nimport State from '../shared/State';\nimport { OAuth2ClientSkeleton } from '../api/ApiTypes';\n\nexport default class AdminOps {\n state: State;\n constructor(state: State) {\n this.state = state;\n }\n\n /*\n * List all oauth2 clients, which have a corresponding staticUserMapping\n * in the IDM authentication.json:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n }\n ]\n }\n }\n */\n async listOAuth2CustomClients() {\n return listOAuth2CustomClients({ state: this.state });\n }\n\n /*\n * List all oauth2 clients, which have the fr:idm:* scope and a \n * corresponding staticUserMapping in the IDM authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\n async listOAuth2AdminClients() {\n return listOAuth2AdminClients({ state: this.state });\n }\n\n /*\n * List all static user mappings that are not oauth2 clients in authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"amadmin\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"idm-provisioning\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n },\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\n async listNonOAuth2AdminStaticUserMappings(showProtected: boolean) {\n return listNonOAuth2AdminStaticUserMappings({\n showProtected,\n state: this.state,\n });\n }\n\n /*\n * Add AutoId static user mapping to authentication.json to enable dashboards and other AutoId-based functionality.\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n ...\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\n async addAutoIdStaticUserMapping() {\n return addAutoIdStaticUserMapping({ state: this.state });\n }\n\n async grantOAuth2ClientAdminPrivileges(clientId: string) {\n return grantOAuth2ClientAdminPrivileges({ clientId, state: this.state });\n }\n\n async revokeOAuth2ClientAdminPrivileges(clientId: string) {\n return revokeOAuth2ClientAdminPrivileges({ clientId, state: this.state });\n }\n\n async createOAuth2ClientWithAdminPrivileges(\n clientId: string,\n clientSecret: string\n ) {\n return createOAuth2ClientWithAdminPrivileges({\n clientId,\n clientSecret,\n state: this.state,\n });\n }\n\n async createLongLivedToken(\n clientId: string,\n clientSecret: string,\n scope: string,\n secret: string | boolean,\n lifetime: number\n ) {\n return createLongLivedToken({\n clientId,\n clientSecret,\n scope,\n secret,\n lifetime,\n state: this.state,\n });\n }\n\n async removeStaticUserMapping(subject: string) {\n return removeStaticUserMapping({ subject, state: this.state });\n }\n\n async hideGenericExtensionAttributes(\n includeCustomized: boolean,\n dryRun: boolean\n ) {\n return hideGenericExtensionAttributes({\n includeCustomized,\n dryRun,\n state: this.state,\n });\n }\n\n async showGenericExtensionAttributes(\n includeCustomized: boolean,\n dryRun: boolean\n ) {\n return showGenericExtensionAttributes({\n includeCustomized,\n dryRun,\n state: this.state,\n });\n }\n\n async repairOrgModel(\n excludeCustomized: boolean,\n extendPermissions: boolean,\n dryRun: boolean\n ) {\n return repairOrgModel({\n excludeCustomized,\n extendPermissions,\n dryRun,\n state: this.state,\n });\n }\n}\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\n\nconst OAUTH2_CLIENT = JSON.parse(\n fs.readFileSync(\n path.resolve(__dirname, './templates/OAuth2ClientTemplate.json'),\n 'utf8'\n )\n);\nconst GENERIC_EXTENSION_ATTRIBUTES = JSON.parse(\n fs.readFileSync(\n path.resolve(\n __dirname,\n './templates/cloud/GenericExtensionAttributesTemplate.json'\n ),\n 'utf8'\n )\n);\n\nconst protectedClients = ['ui', 'idm-provisioning'];\nconst protectedSubjects = ['amadmin', 'autoid-resource-server'];\n\nconst privilegedScopes = [\n 'am-introspect-all-tokens',\n 'fr:idm:*',\n 'fr:idc:esv:*',\n];\n// const privilegedUsers = ['openidm-admin'];\nconst privilegedRoles = [\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\n\nconst adminScopes = ['fr:idm:*', 'fr:idc:esv:*'];\nconst adminDefaultScopes = ['fr:idm:*'];\nconst adminRoles = [\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\nconst autoIdRoles = [\n 'internal/role/platform-provisioning',\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\n\n/*\n * List all oauth2 clients, which have a corresponding staticUserMapping\n * in the IDM authentication.json:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n }\n ]\n }\n }\n */\nexport async function listOAuth2CustomClients({ state }: { state: State }) {\n let clients = await getOAuth2Clients({ state });\n clients = clients\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n const subjects = authentication.rsFilter.staticUserMapping\n .map((mapping) => mapping.subject)\n .filter((subject) => !protectedSubjects.includes(subject));\n const adminClients = subjects.filter((subject) => clients.includes(subject));\n return adminClients;\n}\n\n/*\n * List all oauth2 clients, which have the fr:idm:* scope and a \n * corresponding staticUserMapping in the IDM authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function listOAuth2AdminClients({ state }: { state: State }) {\n let clients = await getOAuth2Clients({ state });\n clients = clients\n .filter((client) => {\n let isPrivileged = false;\n if (client.coreOAuth2ClientConfig.scopes) {\n client.coreOAuth2ClientConfig.scopes.forEach((scope) => {\n if (privilegedScopes.includes(scope)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n const subjects = authentication.rsFilter.staticUserMapping\n .filter((mapping) => {\n let isPrivileged = false;\n if (mapping.roles) {\n mapping.roles.forEach((role) => {\n if (privilegedRoles.includes(role)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((mapping) => mapping.subject)\n .filter((subject) => !protectedSubjects.includes(subject));\n const adminClients = subjects.filter((subject) => clients.includes(subject));\n return adminClients;\n}\n\n/*\n * List all static user mappings that are not oauth2 clients in authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"amadmin\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"idm-provisioning\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n },\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function listNonOAuth2AdminStaticUserMappings({\n showProtected,\n state,\n}: {\n showProtected: boolean;\n state: State;\n}) {\n let clients = await getOAuth2Clients({ state });\n clients = clients\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n let subjects = authentication.rsFilter.staticUserMapping\n .filter((mapping) => {\n let isPrivileged = false;\n if (mapping.roles) {\n mapping.roles.forEach((role) => {\n if (privilegedRoles.includes(role)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((mapping) => mapping.subject);\n if (!showProtected) {\n subjects = subjects.filter(\n (subject) => !protectedSubjects.includes(subject)\n );\n }\n const adminSubjects = subjects.filter(\n (subject) => !clients.includes(subject)\n );\n return adminSubjects;\n}\n\nasync function getDynamicClientRegistrationScope({ state }: { state: State }) {\n const provider = await getOAuth2Provider({ state });\n return provider.clientDynamicRegistrationConfig\n .dynamicClientRegistrationScope;\n}\n\nasync function addAdminScopes({\n clientId,\n client,\n state,\n}: {\n clientId: string;\n client: OAuth2ClientSkeleton;\n state: State;\n}) {\n const modClient = client;\n const allAdminScopes = adminScopes.concat([\n await getDynamicClientRegistrationScope({ state }),\n ]);\n let addScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.scopes &&\n modClient.coreOAuth2ClientConfig.scopes.value\n ) {\n addScopes = allAdminScopes.filter((scope) => {\n let add = false;\n if (!modClient.coreOAuth2ClientConfig.scopes.value.includes(scope)) {\n add = true;\n }\n return add;\n });\n modClient.coreOAuth2ClientConfig.scopes.value =\n modClient.coreOAuth2ClientConfig.scopes.value.concat(addScopes);\n } else {\n modClient.coreOAuth2ClientConfig.scopes.value = allAdminScopes;\n }\n let addDefaultScope = false;\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes &&\n modClient.coreOAuth2ClientConfig.defaultScopes.value\n ) {\n if (modClient.coreOAuth2ClientConfig.defaultScopes.value.length === 0) {\n addDefaultScope = true;\n modClient.coreOAuth2ClientConfig.defaultScopes.value = adminDefaultScopes;\n } else {\n printMessage({\n message: `Client \"${clientId}\" already has default scopes configured, not adding admin default scope.`,\n state,\n });\n }\n }\n if (addScopes.length > 0 || addDefaultScope) {\n printMessage({\n message: `Adding admin scopes to client \"${clientId}\"...`,\n state,\n });\n } else {\n printMessage({\n message: `Client \"${clientId}\" already has admin scopes.`,\n state,\n });\n }\n return modClient;\n}\n\nfunction addClientCredentialsGrantType({\n clientId,\n client,\n state,\n}: {\n clientId: string;\n client: OAuth2ClientSkeleton;\n state: State;\n}) {\n const modClient = client;\n let modified = false;\n if (\n modClient.advancedOAuth2ClientConfig.grantTypes &&\n modClient.advancedOAuth2ClientConfig.grantTypes.value\n ) {\n if (\n !modClient.advancedOAuth2ClientConfig.grantTypes.value.includes(\n 'client_credentials'\n )\n ) {\n modified = true;\n modClient.advancedOAuth2ClientConfig.grantTypes.value.push(\n 'client_credentials'\n );\n }\n } else {\n modClient.advancedOAuth2ClientConfig.grantTypes.value = [\n 'client_credentials',\n ];\n }\n modClient.advancedOAuth2ClientConfig.grantTypes.inherited = false;\n if (modified) {\n printMessage({\n message: `Adding client credentials grant type to client \"${clientId}\"...`,\n state,\n });\n } else {\n printMessage({\n message: `Client \"${clientId}\" already has client credentials grant type.`,\n state,\n });\n }\n return modClient;\n}\n\nasync function addAdminStaticUserMapping({\n name,\n state,\n}: {\n name: string;\n state: State;\n}) {\n let authentication = {};\n try {\n authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n } catch (error) {\n printMessage({\n message: `Error reading IDM authentication configuration: ${error.message}`,\n type: 'error',\n state,\n });\n }\n let needsAdminMapping = true;\n let addRoles = [];\n const mappings = authentication['rsFilter']['staticUserMapping'].map(\n (mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n needsAdminMapping = false;\n addRoles = adminRoles.filter((role) => {\n let add = false;\n if (!mapping.roles.includes(role)) {\n add = true;\n }\n return add;\n });\n const newMapping = mapping;\n newMapping.roles = newMapping.roles.concat(addRoles);\n return newMapping;\n }\n );\n if (needsAdminMapping) {\n printMessage({\n message: `Creating static user mapping for client \"${name}\"...`,\n state,\n });\n mappings.push({\n subject: name,\n localUser: 'internal/user/openidm-admin',\n userRoles: 'authzRoles/*',\n roles: adminRoles,\n });\n }\n authentication['rsFilter']['staticUserMapping'] = mappings;\n if (addRoles.length > 0 || needsAdminMapping) {\n printMessage({\n message: `Adding admin roles to static user mapping for client \"${name}\"...`,\n state,\n });\n try {\n await putConfigEntity({\n entityId: 'authentication',\n entityData: authentication,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage({ message: putConfigEntityError, type: 'error', state });\n printMessage({\n message: `Error: ${putConfigEntityError}`,\n type: 'error',\n state,\n });\n }\n } else {\n printMessage({\n message: `Static user mapping for client \"${name}\" already has admin roles.`,\n state,\n });\n }\n}\n\n/*\n * Add AutoId static user mapping to authentication.json to enable dashboards and other AutoId-based functionality.\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n ...\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function addAutoIdStaticUserMapping({ state }: { state: State }) {\n const name = 'autoid-resource-server';\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n let needsAdminMapping = true;\n let addRoles = [];\n const mappings = authentication.rsFilter.staticUserMapping.map((mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n needsAdminMapping = false;\n addRoles = autoIdRoles.filter((role) => {\n let add = false;\n if (!mapping.roles.includes(role)) {\n add = true;\n }\n return add;\n });\n const newMapping = mapping;\n newMapping.roles = newMapping.roles.concat(addRoles);\n return newMapping;\n });\n if (needsAdminMapping) {\n printMessage({\n message: `Creating static user mapping for AutoId client \"${name}\"...`,\n state,\n });\n mappings.push({\n subject: name,\n localUser: 'internal/user/idm-provisioning',\n userRoles: 'authzRoles/*',\n roles: autoIdRoles,\n });\n }\n authentication.rsFilter.staticUserMapping = mappings;\n if (addRoles.length > 0 || needsAdminMapping) {\n printMessage({\n message: `Adding required roles to static user mapping for AutoId client \"${name}\"...`,\n state,\n });\n try {\n await putConfigEntity({\n entityId: 'authentication',\n entityData: authentication,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage({ message: putConfigEntityError, type: 'error', state });\n printMessage({\n message: `Error: ${putConfigEntityError}`,\n type: 'error',\n state,\n });\n }\n } else {\n printMessage({\n message: `Static user mapping for AutoId client \"${name}\" already has all required roles.`,\n state,\n });\n }\n}\n\nexport async function grantOAuth2ClientAdminPrivileges({\n clientId,\n state,\n}: {\n clientId: string;\n state: State;\n}) {\n let client = await getOAuth2Client({ clientId, state });\n if (client.coreOAuth2ClientConfig.clientName.value.length === 0) {\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n }\n if (\n client.advancedOAuth2ClientConfig.descriptions.value.length === 0 ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Modified by Frodo'\n ) ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Created by Frodo'\n )\n ) {\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Modified by Frodo on ${new Date().toLocaleString()}`,\n ];\n }\n client = await addAdminScopes({ clientId, client, state });\n client = addClientCredentialsGrantType({ clientId, client, state });\n await putOAuth2Client({ clientId, clientData: client, state });\n await addAdminStaticUserMapping({ name: clientId, state });\n}\n\nasync function removeAdminScopes({\n name,\n client,\n state,\n}: {\n name: string;\n client: OAuth2ClientSkeleton;\n state: State;\n}) {\n const modClient = client;\n const allAdminScopes = adminScopes.concat([\n await getDynamicClientRegistrationScope({ state }),\n ]);\n let finalScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.scopes &&\n modClient.coreOAuth2ClientConfig.scopes.value\n ) {\n finalScopes = modClient.coreOAuth2ClientConfig.scopes.value.filter(\n (scope) => !allAdminScopes.includes(scope)\n );\n }\n if (\n modClient.coreOAuth2ClientConfig.scopes.value.length > finalScopes.length\n ) {\n printMessage({\n message: `Removing admin scopes from client \"${name}\"...`,\n state,\n });\n modClient.coreOAuth2ClientConfig.scopes.value = finalScopes;\n } else {\n printMessage({ message: `Client \"${name}\" has no admin scopes.`, state });\n }\n let finalDefaultScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes &&\n modClient.coreOAuth2ClientConfig.defaultScopes.value\n ) {\n finalDefaultScopes =\n modClient.coreOAuth2ClientConfig.defaultScopes.value.filter(\n (scope) => !adminDefaultScopes.includes(scope)\n );\n }\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes.value.length >\n finalDefaultScopes.length\n ) {\n printMessage({\n message: `Removing admin default scopes from client \"${name}\"...`,\n state,\n });\n modClient.coreOAuth2ClientConfig.defaultScopes.value = finalDefaultScopes;\n } else {\n printMessage({\n message: `Client \"${name}\" has no admin default scopes.`,\n state,\n });\n }\n return modClient;\n}\n\nfunction removeClientCredentialsGrantType({\n clientId,\n client,\n state,\n}: {\n clientId: string;\n client: OAuth2ClientSkeleton;\n state: State;\n}) {\n const modClient = client;\n let modified = false;\n let finalGrantTypes = [];\n if (\n modClient.advancedOAuth2ClientConfig.grantTypes &&\n modClient.advancedOAuth2ClientConfig.grantTypes.value\n ) {\n finalGrantTypes =\n modClient.advancedOAuth2ClientConfig.grantTypes.value.filter(\n (grantType) => grantType !== 'client_credentials'\n );\n modified =\n modClient.advancedOAuth2ClientConfig.grantTypes.value.length >\n finalGrantTypes.length;\n }\n if (modified) {\n printMessage({\n message: `Removing client credentials grant type from client \"${clientId}\"...`,\n state,\n });\n modClient.advancedOAuth2ClientConfig.grantTypes.value = finalGrantTypes;\n } else {\n printMessage({\n message: `Client \"${clientId}\" does not allow client credentials grant type.`,\n state,\n });\n }\n return modClient;\n}\n\nasync function removeAdminStaticUserMapping({\n name,\n state,\n}: {\n name: string;\n state: State;\n}) {\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n let finalRoles = [];\n let removeMapping = false;\n let modified = false;\n const mappings = authentication.rsFilter.staticUserMapping\n .map((mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n finalRoles = mapping.roles.filter((role) => !adminRoles.includes(role));\n const newMapping = mapping;\n removeMapping = finalRoles.length === 0; // if there are no more roles left on this mapping, flag it for removal\n modified = mapping.roles.length > finalRoles.length; // if there were roles removed, set modified flag\n newMapping.roles = finalRoles;\n return newMapping;\n })\n .filter((mapping) => mapping.subject !== name || !removeMapping);\n authentication.rsFilter.staticUserMapping = mappings;\n if (modified || removeMapping) {\n if (removeMapping) {\n printMessage({\n message: `Removing static user mapping for client \"${name}\"...`,\n state,\n });\n } else {\n printMessage({\n message: `Removing admin roles from static user mapping for client \"${name}\"...`,\n state,\n });\n }\n try {\n await putConfigEntity({\n entityId: 'authentication',\n entityData: authentication,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage({ message: putConfigEntityError, type: 'error', state });\n printMessage({\n message: `Error: ${putConfigEntityError}`,\n type: 'error',\n state,\n });\n }\n } else {\n printMessage({\n message: `Static user mapping for client \"${name}\" has no admin roles.`,\n state,\n });\n }\n}\n\nexport async function revokeOAuth2ClientAdminPrivileges({\n clientId,\n state,\n}: {\n clientId: string;\n state: State;\n}) {\n let client = await getOAuth2Client({ clientId, state });\n if (client.coreOAuth2ClientConfig.clientName.value.length === 0) {\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n }\n if (\n client.advancedOAuth2ClientConfig.descriptions.value.length === 0 ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Modified by Frodo'\n ) ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Created by Frodo'\n )\n ) {\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Modified by Frodo on ${new Date().toLocaleString()}`,\n ];\n }\n client = await removeAdminScopes({ name: clientId, client, state });\n client = removeClientCredentialsGrantType({ clientId, client, state });\n await putOAuth2Client({ clientId, clientData: client, state });\n await removeAdminStaticUserMapping({ name: clientId, state });\n}\n\nexport async function createOAuth2ClientWithAdminPrivileges({\n clientId,\n clientSecret,\n state,\n}: {\n clientId: string;\n clientSecret: string;\n state: State;\n}) {\n let client = OAUTH2_CLIENT;\n client.coreOAuth2ClientConfig.userpassword = clientSecret;\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Created by Frodo on ${new Date().toLocaleString()}`,\n ];\n try {\n client = await addAdminScopes({ clientId, client, state });\n await putOAuth2Client({ clientId, clientData: client, state });\n await addAdminStaticUserMapping({ name: clientId, state });\n } catch (error) {\n printMessage({\n message: `Error creating oauth2 client: ${error.message}`,\n state,\n type: 'error',\n });\n }\n}\n\nexport async function createLongLivedToken({\n clientId,\n clientSecret,\n scope,\n secret,\n lifetime,\n state,\n}: {\n clientId: string;\n clientSecret: string;\n scope: string;\n secret: string | boolean;\n lifetime: number;\n state: State;\n}) {\n // get oauth2 client\n const client = await getOAuth2Client({ clientId, state });\n client.userpassword = clientSecret;\n // remember current lifetime\n const rememberedLifetime =\n client.coreOAuth2ClientConfig.accessTokenLifetime.value || 3600;\n // set long token lifetime\n client.coreOAuth2ClientConfig.accessTokenLifetime.value = lifetime;\n await putOAuth2Client({ clientId, clientData: client, state });\n const response = await clientCredentialsGrant({\n amBaseUrl: state.getHost(),\n clientId,\n clientSecret,\n scope,\n state,\n });\n const expires = new Date().getTime() + 1000 * response.expires_in;\n response.expires_on = new Date(expires).toLocaleString();\n // reset token lifetime\n client.coreOAuth2ClientConfig.accessTokenLifetime.value = rememberedLifetime;\n await putOAuth2Client({ clientId, clientData: client, state });\n // create secret with token as value\n if (secret) {\n const description = 'Long-lived admin token';\n try {\n await putSecret({\n secretId: secret as string,\n value: response.access_token,\n description,\n state,\n });\n response.secret = secret;\n } catch (error) {\n if (\n _.get(error, 'response.data.code') === 400 &&\n _.get(error, 'response.data.message') ===\n 'Failed to create secret, the secret already exists'\n ) {\n const newSecret = `${secret}-${expires}`;\n printMessage({\n message: `esv '${secret}' already exists, using ${newSecret}`,\n type: 'warn',\n state,\n });\n await putSecret({\n secretId: newSecret,\n value: response.access_token,\n description,\n state,\n });\n response.secret = newSecret;\n }\n }\n delete response.access_token;\n }\n return response;\n}\n\nexport async function removeStaticUserMapping({\n subject,\n state,\n}: {\n subject: string;\n state: State;\n}) {\n const authentication = await getConfigEntity({\n entityId: 'authentication',\n state,\n });\n let removeMapping = false;\n const mappings = authentication.rsFilter.staticUserMapping.filter(\n (mapping) => {\n // find the subject and flag it\n if (mapping.subject === subject) {\n removeMapping = true;\n }\n // ignore mappings for other subjects\n return mapping.subject !== subject;\n }\n );\n authentication.rsFilter.staticUserMapping = mappings;\n if (removeMapping) {\n printMessage({\n message: `Removing static user mapping for subject \"${subject}\"...`,\n state,\n });\n try {\n await putConfigEntity({\n entityId: 'authentication',\n entityData: authentication,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage({ message: putConfigEntityError, type: 'error', state });\n printMessage({\n message: `Error: ${putConfigEntityError}`,\n type: 'error',\n state,\n });\n }\n } else {\n printMessage({\n message: `No static user mapping for subject \"${subject}\" found.`,\n state,\n });\n }\n}\n\nexport async function hideGenericExtensionAttributes({\n includeCustomized,\n dryRun,\n state,\n}: {\n includeCustomized: boolean;\n dryRun: boolean;\n state: State;\n}) {\n const managed = await getConfigEntity({ entityId: 'managed', state });\n const propertyNames = Object.keys(GENERIC_EXTENSION_ATTRIBUTES);\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser({ state })) {\n return object;\n }\n propertyNames.forEach((name) => {\n if (\n isEqualJson(\n GENERIC_EXTENSION_ATTRIBUTES[name],\n object.schema.properties[name],\n ['viewable', 'usageDescription']\n ) ||\n includeCustomized\n ) {\n if (object.schema.properties[name].viewable) {\n printMessage({ message: `${name}: hide`, state });\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].viewable = false;\n } else {\n printMessage({ message: `${name}: ignore (already hidden)`, state });\n }\n } else {\n printMessage({ message: `${name}: skip (customized)`, state });\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (dryRun) {\n printMessage({ message: 'Dry-run only. Changes are not saved.', state });\n } else {\n try {\n await putConfigEntity({\n entityId: 'managed',\n entityData: managed,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage({ message: putConfigEntityError, type: 'error', state });\n printMessage({\n message: `Error: ${putConfigEntityError}`,\n type: 'error',\n state,\n });\n }\n }\n}\n\nexport async function showGenericExtensionAttributes({\n includeCustomized,\n dryRun,\n state,\n}: {\n includeCustomized: boolean;\n dryRun: boolean;\n state: State;\n}) {\n const managed = await getConfigEntity({ entityId: 'managed', state });\n const propertyNames = Object.keys(GENERIC_EXTENSION_ATTRIBUTES);\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser({ state })) {\n return object;\n }\n propertyNames.forEach((name) => {\n if (\n isEqualJson(\n GENERIC_EXTENSION_ATTRIBUTES[name],\n object.schema.properties[name],\n ['viewable', 'usageDescription']\n ) ||\n includeCustomized\n ) {\n if (!object.schema.properties[name].viewable) {\n printMessage({ message: `${name}: show`, state });\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].viewable = true;\n } else {\n printMessage({ message: `${name}: ignore (already showing)`, state });\n }\n } else {\n printMessage({ message: `${name}: skip (customized)`, state });\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (dryRun) {\n printMessage({ message: 'Dry-run only. Changes are not saved.', state });\n } else {\n try {\n await putConfigEntity({\n entityId: 'managed',\n entityData: managed,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage({ message: putConfigEntityError, type: 'error', state });\n printMessage({\n message: `Error: ${putConfigEntityError}`,\n type: 'error',\n state,\n });\n }\n }\n}\n\nasync function repairOrgModelUser({\n dryRun,\n state,\n}: {\n dryRun: boolean;\n state: State;\n}) {\n const managed = await getConfigEntity({ entityId: 'managed', state });\n const RDVPs = ['memberOfOrgIDs'];\n let repairData = false;\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser({ state })) {\n return object;\n }\n printMessage({ message: `${object.name}: checking...`, state });\n RDVPs.forEach((name) => {\n if (!object.schema.properties[name].queryConfig.flattenProperties) {\n printMessage({\n message: `- ${name}: repairing - needs flattening`,\n type: 'warn',\n state,\n });\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].queryConfig.flattenProperties = true;\n repairData = true;\n } else {\n printMessage({ message: `- ${name}: OK`, state });\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (!dryRun) {\n try {\n await putConfigEntity({\n entityId: 'managed',\n entityData: managed,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage({ message: putConfigEntityError, type: 'error', state });\n printMessage({\n message: `Error: ${putConfigEntityError}`,\n type: 'error',\n state,\n });\n }\n }\n return repairData;\n}\n\nasync function repairOrgModelOrg({\n dryRun,\n state,\n}: {\n dryRun: boolean;\n state: State;\n}) {\n const managed = await getConfigEntity({ entityId: 'managed', state });\n const RDVPs = [\n 'adminIDs',\n 'ownerIDs',\n 'parentAdminIDs',\n 'parentOwnerIDs',\n 'parentIDs',\n ];\n let repairData = false;\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedOrganization({ state })) {\n return object;\n }\n printMessage({ message: `${object.name}: checking...`, state });\n RDVPs.forEach((name) => {\n if (!object.schema.properties[name].queryConfig.flattenProperties) {\n printMessage({\n message: `- ${name}: repairing - needs flattening`,\n type: 'warn',\n state,\n });\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].queryConfig.flattenProperties = true;\n repairData = true;\n } else {\n printMessage({ message: `- ${name}: OK`, state });\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (!dryRun) {\n try {\n await putConfigEntity({\n entityId: 'managed',\n entityData: managed,\n state,\n });\n } catch (putConfigEntityError) {\n printMessage({ message: putConfigEntityError, type: 'error', state });\n printMessage({\n message: `Error: ${putConfigEntityError}`,\n type: 'error',\n state,\n });\n }\n }\n return repairData;\n}\n\nasync function repairOrgModelData(dryRun = false) {\n if (!dryRun) {\n // const rootOrgs = await findRootOrganizations();\n }\n}\n\nasync function extendOrgModelPermissins(dryRun = false) {\n if (!dryRun) {\n // const rootOrgs = await findRootOrganizations();\n }\n}\n\nexport async function repairOrgModel({\n excludeCustomized,\n extendPermissions,\n dryRun,\n state,\n}: {\n excludeCustomized: boolean;\n extendPermissions: boolean;\n dryRun: boolean;\n state: State;\n}) {\n let repairData = false;\n repairData = repairData || (await repairOrgModelUser({ dryRun, state }));\n repairData = repairData || (await repairOrgModelOrg({ dryRun, state }));\n if (excludeCustomized) {\n //\n }\n if (repairData) {\n await repairOrgModelData(dryRun);\n }\n if (extendPermissions) {\n await extendOrgModelPermissins(dryRun);\n }\n if (dryRun) {\n printMessage({\n message: 'Dry-run only. Changes are not saved.',\n type: 'warn',\n state,\n });\n }\n}\n\n// suggested by John K.\n// export async function removeRealmNameFromManagedObjectLabels() {}\n// export async function addRealmNameToManagedObjectLabels() {}\n// export async function cleanUpPostmanArtifacts() {}\n// export async function createSampleThemes() {}\n"]}
package/types/ops/AgentOps.d.ts CHANGED
@@ -1,9 +1,6 @@
1
- import { AgentSkeleton } from '../api/ApiTypes';
1
+ import { AgentSkeleton, AgentType } from '../api/ApiTypes';
2
2
  import { AgentExportInterface } from './OpsTypes';
3
3
  import State from '../shared/State';
4
- export declare const AGENT_TYPE_IG = "IdentityGatewayAgent";
5
- export declare const AGENT_TYPE_JAVA = "J2EEAgent";
6
- export declare const AGENT_TYPE_WEB = "WebAgent";
7
4
  export default class AgentOps {
8
5
  state: State;
9
6
  constructor(state: State);
@@ -29,7 +26,7 @@ export default class AgentOps {
29
26
  * @param {string} agentId agent id/name
30
27
  * @returns {Promise} a promise that resolves to an agent object
31
28
  */
32
- getAgentByTypeAndId(agentType: string, agentId: string): Promise<any>;
29
+ getAgentByTypeAndId(agentType: AgentType, agentId: string): Promise<any>;
33
30
  /**
34
31
  * Get identity gateway agents
35
32
  * @returns {Promise} a promise that resolves to an array of IdentityGatewayAgent objects
@@ -241,7 +238,7 @@ export declare function getAgent({ agentId, state, }: {
241
238
  * @returns {Promise} a promise that resolves to an agent object
242
239
  */
243
240
  export declare function getAgentByTypeAndId({ agentType, agentId, state, }: {
244
- agentType: string;
241
+ agentType: AgentType;
245
242
  agentId: string;
246
243
  state: State;
247
244
  }): Promise<any>;