npm - @rockcarver/frodo-lib - Versions diffs - 2.0.0-71 → 2.0.0-72 - Mend

@rockcarver/frodo-lib 2.0.0-71 → 2.0.0-72

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (227) hide show

package/build.zip CHANGED Viewed

Binary file

package/cjs/FrodoError.js ADDED Viewed

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.FrodoError = void 0;
+function _defineProperty(obj, key, value) { key = _toPropertyKey(key); if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
+function _toPropertyKey(t) { var i = _toPrimitive(t, "string"); return "symbol" == typeof i ? i : String(i); }
+function _toPrimitive(t, r) { if ("object" != typeof t || !t) return t; var e = t[Symbol.toPrimitive]; if (void 0 !== e) { var i = e.call(t, r || "default"); if ("object" != typeof i) return i; throw new TypeError("@@toPrimitive must return a primitive value."); } return ("string" === r ? String : Number)(t); }
+class FrodoError extends Error {
+  constructor(message) {
+    var originalErrors = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : null;
+    super(message);
+    _defineProperty(this, "originalErrors", []);
+    this.name = 'FrodoError';
+    if (originalErrors && Array.isArray(originalErrors)) {
+      this.originalErrors = originalErrors;
+    } else if (originalErrors) {
+      this.originalErrors = [originalErrors];
+    }
+  }
+  getOriginalErrors() {
+    return this.originalErrors;
+  }
+  getCombinedMessage() {
+    var combinedMessage = this.message;
+    this.originalErrors.forEach(error => {
+      combinedMessage += '\n  ' + error.message;
+    });
+    return combinedMessage;
+  }
+}
+exports.FrodoError = FrodoError;
+//# sourceMappingURL=FrodoError.js.map

package/cjs/FrodoError.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"FrodoError.js","names":["FrodoError","Error","constructor","message","originalErrors","arguments","length","undefined","_defineProperty","name","Array","isArray","getOriginalErrors","getCombinedMessage","combinedMessage","forEach","error","exports"],"sources":["../src/FrodoError.ts"],"sourcesContent":["export class FrodoError extends Error {\n originalErrors: Error[] = [];\n constructor(message: string, originalErrors: Error | Error[] = null) {\n super(message);\n this.name = 'FrodoError';\n if (originalErrors && Array.isArray(originalErrors)) {\n this.originalErrors = originalErrors;\n } else if (originalErrors) {\n this.originalErrors = [originalErrors as Error];\n }\n }\n\n getOriginalErrors(): Error[] {\n return this.originalErrors;\n }\n\n getCombinedMessage(): string {\n let combinedMessage = this.message;\n this.originalErrors.forEach((error) => {\n combinedMessage += '\\n ' + error.message;\n });\n return combinedMessage;\n }\n}\n"],"mappings":";;;;;;;;;AAAO,MAAMA,UAAU,SAASC,KAAK,CAAC;EAEpCC,WAAWA,CAACC,OAAe,EAA0C;IAAA,IAAxCC,cAA+B,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,IAAI;IACjE,KAAK,CAACF,OAAO,CAAC;IAACK,eAAA,yBAFS,EAAE;IAG1B,IAAI,CAACC,IAAI,GAAG,YAAY;IACxB,IAAIL,cAAc,IAAIM,KAAK,CAACC,OAAO,CAACP,cAAc,CAAC,EAAE;MACnD,IAAI,CAACA,cAAc,GAAGA,cAAc;IACtC,CAAC,MAAM,IAAIA,cAAc,EAAE;MACzB,IAAI,CAACA,cAAc,GAAG,CAACA,cAAc,CAAU;IACjD;EACF;EAEAQ,iBAAiBA,CAAA,EAAY;IAC3B,OAAO,IAAI,CAACR,cAAc;EAC5B;EAEAS,kBAAkBA,CAAA,EAAW;IAC3B,IAAIC,eAAe,GAAG,IAAI,CAACX,OAAO;IAClC,IAAI,CAACC,cAAc,CAACW,OAAO,CAAEC,KAAK,IAAK;MACrCF,eAAe,IAAI,MAAM,GAAGE,KAAK,CAACb,OAAO;IAC3C,CAAC,CAAC;IACF,OAAOW,eAAe;EACxB;AACF;AAACG,OAAA,CAAAjB,UAAA,GAAAA,UAAA"}

package/cjs/ops/AuthenticateOps.js CHANGED Viewed

@@ -8,11 +8,11 @@ exports.getFreshSaBearerToken = getFreshSaBearerToken;
 exports.getSaBearerToken = getSaBearerToken;
 exports.getTokens = getTokens;
 var _crypto = require("crypto");
-var _readlineSync = _interopRequireDefault(require("readline-sync"));
 var _url = _interopRequireDefault(require("url"));
 var _uuid = require("uuid");
 var _AuthenticateApi = require("../api/AuthenticateApi.js");
 var _ServerInfoApi = require("../api/ServerInfoApi.js");
+var _FrodoError = require("../FrodoError.js");
 var _Constants = _interopRequireDefault(require("../shared/Constants.js"));
 var _Base64Utils = require("../utils/Base64Utils.js");
 var _Console = require("../utils/Console.js");
@@ -33,9 +33,11 @@ var _default = state => {
       return _asyncToGenerator(function* () {
         var forceLoginAsUser = _arguments.length > 0 && _arguments[0] !== undefined ? _arguments[0] : false;
         var autoRefresh = _arguments.length > 1 && _arguments[1] !== undefined ? _arguments[1] : true;
+        var callbackHandler = _arguments.length > 2 && _arguments[2] !== undefined ? _arguments[2] : null;
         return getTokens({
           forceLoginAsUser,
           autoRefresh,
+          callbackHandler,
           state
         });
       })();
@@ -95,7 +97,12 @@ function _determineCookieName() {
   });
   return _determineCookieName.apply(this, arguments);
 }
-function checkAndHandle2FA(payload, state) {
+function checkAndHandle2FA(_ref) {
+  var {
+    payload,
+    otpCallbackHandler,
+    state
+  } = _ref;
   (0, _Console.debugMessage)({
     message: "AuthenticateOps.checkAndHandle2FA: start",
     state
@@ -169,12 +176,8 @@ function checkAndHandle2FA(payload, state) {
             message: "AuthenticateOps.checkAndHandle2FA: need2fa=true, skippable=false",
             state
           });
-          (0, _Console.printMessage)({
-            message: '2FA is enabled and required for this user...',
-            state
-          });
-          var code = _readlineSync.default.question("".concat(callback.output[0].value, ": "));
-          callback.input[0].value = code;
+          if (!otpCallbackHandler) throw new _FrodoError.FrodoError("2fa required but no otpCallback function provided.");
+          callback = otpCallbackHandler(callback);
           (0, _Console.debugMessage)({
             message: "AuthenticateOps.checkAndHandle2FA: end [need2fa=true, skippable=false, factor=Code]",
             state
@@ -348,10 +351,11 @@ function getFreshUserSessionToken(_x3) {
  * @returns {Promise<UserSessionMetaType>} session token or null
  */
 function _getFreshUserSessionToken() {
-  _getFreshUserSessionToken = _asyncToGenerator(function* (_ref) {
+  _getFreshUserSessionToken = _asyncToGenerator(function* (_ref2) {
     var {
+      otpCallbackHandler,
       state
-    } = _ref;
+    } = _ref2;
     (0, _Console.debugMessage)({
       message: "AuthenticateOps.getFreshUserSessionToken: start",
       state
@@ -371,7 +375,11 @@ function _getFreshUserSessionToken() {
     var steps = 0;
     var maxSteps = 3;
     do {
-      skip2FA = checkAndHandle2FA(response, state);
+      skip2FA = checkAndHandle2FA({
+        payload: response,
+        otpCallbackHandler: otpCallbackHandler,
+        state
+      });
       // throw exception if 2fa required but factor not supported by frodo (e.g. WebAuthN)
       if (!skip2FA.supported) {
@@ -411,7 +419,7 @@ function _getFreshUserSessionToken() {
   });
   return _getFreshUserSessionToken.apply(this, arguments);
 }
-function getUserSessionToken(_x4) {
+function getUserSessionToken(_x4, _x5) {
   return _getUserSessionToken.apply(this, arguments);
 }
 /**
@@ -423,7 +431,7 @@ function getUserSessionToken(_x4) {
  * @returns {string} oauth2 authorization code or null
  */
 function _getUserSessionToken() {
-  _getUserSessionToken = _asyncToGenerator(function* (state) {
+  _getUserSessionToken = _asyncToGenerator(function* (otpCallback, state) {
     (0, _Console.debugMessage)({
       message: "AuthenticateOps.getUserSessionToken: start",
       state
@@ -450,6 +458,7 @@ function _getUserSessionToken() {
     }
     if (!token) {
       token = yield getFreshUserSessionToken({
+        otpCallbackHandler: otpCallback,
         state
       });
       token.from_cache = false;
@@ -472,7 +481,7 @@ function _getUserSessionToken() {
   });
   return _getUserSessionToken.apply(this, arguments);
 }
-function getAuthCode(_x5, _x6, _x7, _x8) {
+function getAuthCode(_x6, _x7, _x8, _x9) {
   return _getAuthCode.apply(this, arguments);
 }
 /**
@@ -502,17 +511,7 @@ function _getAuthCode() {
       } catch (error) {
         response = error.response;
         if (response.status < 200 || response.status > 399) {
-          (0, _Console.printMessage)({
-            message: 'error getting auth code',
-            type: 'error',
-            state
-          });
-          (0, _Console.printMessage)({
-            message: response.data,
-            type: 'error',
-            state
-          });
-          return null;
+          throw error;
         }
       }
       var redirectLocationURL = (_response$headers = response.headers) === null || _response$headers === void 0 ? void 0 : _response$headers.location;
@@ -520,34 +519,14 @@ function _getAuthCode() {
       if ('code' in queryObject) {
         return queryObject.code;
       }
-      (0, _Console.printMessage)({
-        message: 'auth code not found',
-        type: 'error',
-        state
-      });
-      return null;
+      throw new _FrodoError.FrodoError("Authz code not found");
     } catch (error) {
-      var _error$response;
-      (0, _Console.printMessage)({
-        message: "error getting auth code - ".concat(error.message),
-        type: 'error',
-        state
-      });
-      (0, _Console.printMessage)({
-        message: (_error$response = error.response) === null || _error$response === void 0 ? void 0 : _error$response.data,
-        type: 'error',
-        state
-      });
-      (0, _Console.debugMessage)({
-        message: error.stack,
-        state
-      });
-      return null;
+      throw new _FrodoError.FrodoError("Error getting authz code", error);
     }
   });
   return _getAuthCode.apply(this, arguments);
 }
-function getFreshUserBearerToken(_x9) {
+function getFreshUserBearerToken(_x10) {
   return _getFreshUserBearerToken.apply(this, arguments);
 }
 /**
@@ -556,10 +535,10 @@ function getFreshUserBearerToken(_x9) {
  * @returns {Promise<AccessTokenMetaType>} access token or null
  */
 function _getFreshUserBearerToken() {
-  _getFreshUserBearerToken = _asyncToGenerator(function* (_ref2) {
+  _getFreshUserBearerToken = _asyncToGenerator(function* (_ref3) {
     var {
       state
-    } = _ref2;
+    } = _ref3;
     (0, _Console.debugMessage)({
       message: "AuthenticateOps.getAccessTokenForUser: start",
       state
@@ -570,14 +549,6 @@ function _getFreshUserBearerToken() {
       var challengeMethod = 'S256';
       var redirectURL = _url.default.resolve(state.getHost(), redirectUrlTemplate);
       var authCode = yield getAuthCode(redirectURL, challenge, challengeMethod, state);
-      if (authCode == null) {
-        (0, _Console.printMessage)({
-          message: 'error getting auth code',
-          type: 'error',
-          state
-        });
-        return null;
-      }
       var response = null;
       if (state.getDeploymentType() === _Constants.default.CLOUD_DEPLOYMENT_TYPE_KEY) {
         var config = {
@@ -609,31 +580,14 @@ function _getFreshUserBearerToken() {
         });
         return response;
       }
-      (0, _Console.printMessage)({
-        message: 'No access token in response.',
-        type: 'error',
-        state
-      });
+      throw new _FrodoError.FrodoError("No access token in response");
     } catch (error) {
-      var _error$response2;
-      (0, _Console.debugMessage)({
-        message: "Error getting access token for user: ".concat(error),
-        state
-      });
-      (0, _Console.debugMessage)({
-        message: (_error$response2 = error.response) === null || _error$response2 === void 0 ? void 0 : _error$response2.data,
-        state
-      });
+      throw new _FrodoError.FrodoError("Error getting access token for user", error);
     }
-    (0, _Console.debugMessage)({
-      message: "AuthenticateOps.getAccessTokenForUser: end without token",
-      state
-    });
-    return null;
   });
   return _getFreshUserBearerToken.apply(this, arguments);
 }
-function getUserBearerToken(_x10) {
+function getUserBearerToken(_x11) {
   return _getUserBearerToken.apply(this, arguments);
 }
 function _getUserBearerToken() {
@@ -710,7 +664,7 @@ function createPayload(serviceAccountId, host) {
  * @param {State} state library state
  * @returns {Promise<AccessTokenResponseType>} response object containg token, scope, type, and expiration in seconds
  */
-function getFreshSaBearerToken(_x11) {
+function getFreshSaBearerToken(_x12) {
   return _getFreshSaBearerToken.apply(this, arguments);
 }
 /**
@@ -719,12 +673,12 @@ function getFreshSaBearerToken(_x11) {
  * @returns {Promise<AccessTokenResponseType>} response object containg token, scope, type, and expiration in seconds
  */
 function _getFreshSaBearerToken() {
-  _getFreshSaBearerToken = _asyncToGenerator(function* (_ref3) {
+  _getFreshSaBearerToken = _asyncToGenerator(function* (_ref4) {
     var {
       saId = undefined,
       saJwk = undefined,
       state
-    } = _ref3;
+    } = _ref4;
     (0, _Console.debugMessage)({
       message: "AuthenticateOps.getFreshSaBearerToken: start",
       state
@@ -755,7 +709,7 @@ function _getFreshSaBearerToken() {
   });
   return _getFreshSaBearerToken.apply(this, arguments);
 }
-function getSaBearerToken(_x12) {
+function getSaBearerToken(_x13) {
   return _getSaBearerToken.apply(this, arguments);
 }
 /**
@@ -763,10 +717,10 @@ function getSaBearerToken(_x12) {
  * @param state library state
  */
 function _getSaBearerToken() {
-  _getSaBearerToken = _asyncToGenerator(function* (_ref4) {
+  _getSaBearerToken = _asyncToGenerator(function* (_ref5) {
     var {
       state
-    } = _ref4;
+    } = _ref5;
     (0, _Console.debugMessage)({
       message: "AuthenticateOps.getSaBearerToken: start",
       state
@@ -811,7 +765,7 @@ function _getSaBearerToken() {
   });
   return _getSaBearerToken.apply(this, arguments);
 }
-function determineDeploymentTypeAndDefaultRealmAndVersion(_x13) {
+function determineDeploymentTypeAndDefaultRealmAndVersion(_x14) {
   return _determineDeploymentTypeAndDefaultRealmAndVersion.apply(this, arguments);
 }
 /**
@@ -849,7 +803,7 @@ function _determineDeploymentTypeAndDefaultRealmAndVersion() {
   });
   return _determineDeploymentTypeAndDefaultRealmAndVersion.apply(this, arguments);
 }
-function getLoggedInSubject(_x14) {
+function getLoggedInSubject(_x15) {
   return _getLoggedInSubject.apply(this, arguments);
 }
 /**
@@ -912,35 +866,30 @@ function scheduleAutoRefresh(forceLoginAsUser, autoRefresh, state) {
     timer.unref();
   }
 }
 /**
  * Get tokens
  * @param {boolean} forceLoginAsUser true to force login as user even if a service account is available (default: false)
  * @param {boolean} autoRefresh true to automatically refresh tokens before they expire (default: true)
  * @param {State} state library state
- * @returns {Promise<boolean>} true if tokens were successfully obtained, false otherwise
+ * @returns {Promise<Tokens>} object containing the tokens
  */
-function getTokens(_x15) {
+function getTokens(_x16) {
   return _getTokens.apply(this, arguments);
 }
 function _getTokens() {
-  _getTokens = _asyncToGenerator(function* (_ref5) {
+  _getTokens = _asyncToGenerator(function* (_ref6) {
     var {
       forceLoginAsUser = false,
       autoRefresh = true,
+      callbackHandler = null,
       state
-    } = _ref5;
+    } = _ref6;
     (0, _Console.debugMessage)({
       message: "AuthenticateOps.getTokens: start",
       state
     });
     if (!state.getHost()) {
-      (0, _Console.printMessage)({
-        message: "No host specified and FRODO_HOST env variable not set!",
-        type: 'error',
-        state
-      });
-      return false;
+      throw new _FrodoError.FrodoError("No host specified");
     }
     try {
       // if username/password on cli are empty, try to read from connections.json
@@ -958,7 +907,7 @@ function _getTokens() {
           state.setServiceAccountId(conn.svcacctId);
           state.setServiceAccountJwk(conn.svcacctJwk);
         } else {
-          return false;
+          throw new _FrodoError.FrodoError("No credentials specified and no connection profile found for ".concat(state.getHost()));
         }
       }
@@ -971,7 +920,7 @@ function _getTokens() {
           state.setHost(_conn.tenant);
           state.setDeploymentType(_conn.deploymentType);
         } else {
-          return false;
+          throw new _FrodoError.FrodoError("No connection profile found for ".concat(state.getHost()));
         }
       }
@@ -992,7 +941,7 @@ function _getTokens() {
           state.setUseBearerTokenForAmApis(true);
           yield determineDeploymentTypeAndDefaultRealmAndVersion(state);
         } catch (saErr) {
-          var _saErr$response, _saErr$response2, _saErr$response3;
+          var _saErr$response;
           (0, _Console.debugMessage)({
             message: ((_saErr$response = saErr.response) === null || _saErr$response === void 0 ? void 0 : _saErr$response.data) || saErr,
             state
@@ -1001,7 +950,7 @@ function _getTokens() {
             message: state.getState(),
             state
           });
-          throw new Error("Service account login error: ".concat(((_saErr$response2 = saErr.response) === null || _saErr$response2 === void 0 || (_saErr$response2 = _saErr$response2.data) === null || _saErr$response2 === void 0 ? void 0 : _saErr$response2.error_description) || ((_saErr$response3 = saErr.response) === null || _saErr$response3 === void 0 || (_saErr$response3 = _saErr$response3.data) === null || _saErr$response3 === void 0 ? void 0 : _saErr$response3.message) || saErr));
+          throw new _FrodoError.FrodoError("Service account login error", saErr);
         }
       }
       // use user account to login
@@ -1010,7 +959,7 @@ function _getTokens() {
           message: "AuthenticateOps.getTokens: Authenticating with user account ".concat(state.getUsername()),
           state
         });
-        var _token = yield getUserSessionToken(state);
+        var _token = yield getUserSessionToken(callbackHandler, state);
         if (_token) state.setUserSessionTokenMeta(_token);
         yield determineDeploymentTypeAndDefaultRealmAndVersion(state);
         if (state.getCookieValue() && (
@@ -1022,12 +971,7 @@ function _getTokens() {
       }
       // incomplete or no credentials
       else {
-        (0, _Console.printMessage)({
-          message: "Incomplete or no credentials!",
-          type: 'error',
-          state
-        });
-        return false;
+        throw new _FrodoError.FrodoError("Incomplete or no credentials");
       }
       if (state.getCookieValue() || state.getUseBearerTokenForAmApis() && state.getBearerToken()) {
         var _state$getBearerToken3, _state$getUserSession3;
@@ -1043,54 +987,24 @@ function _getTokens() {
             state
           });
         }
-        (0, _Console.printMessage)({
-          message: "Connected to ".concat(state.getHost(), " [").concat(state.getRealm() ? state.getRealm() : 'root', "] as ").concat(yield getLoggedInSubject(state)),
-          type: 'info',
-          state
-        });
         scheduleAutoRefresh(forceLoginAsUser, autoRefresh, state);
+        var tokens = {
+          bearerToken: state.getBearerTokenMeta(),
+          userSessionToken: state.getUserSessionTokenMeta(),
+          subject: yield getLoggedInSubject(state),
+          host: state.getHost(),
+          realm: state.getRealm() ? state.getRealm() : 'root'
+        };
         (0, _Console.debugMessage)({
           message: "AuthenticateOps.getTokens: end with tokens",
           state
         });
-        return true;
+        // `Connected to ${state.getHost()} [${state.getRealm() ? state.getRealm() : 'root'}] as ${await getLoggedInSubject(state)}`
+        return tokens;
       }
     } catch (error) {
-      var _error$response3, _error$response4, _error$response5;
-      // regular error
-      (0, _Console.printMessage)({
-        message: error.message,
-        type: 'error',
-        state
-      });
-      // axios error am api
-      (0, _Console.printMessage)({
-        message: (_error$response3 = error.response) === null || _error$response3 === void 0 || (_error$response3 = _error$response3.data) === null || _error$response3 === void 0 ? void 0 : _error$response3.message,
-        type: 'error',
-        state
-      });
-      // axios error am oauth2 api
-      (0, _Console.printMessage)({
-        message: (_error$response4 = error.response) === null || _error$response4 === void 0 || (_error$response4 = _error$response4.data) === null || _error$response4 === void 0 ? void 0 : _error$response4.error_description,
-        type: 'error',
-        state
-      });
-      // axios error data
-      (0, _Console.debugMessage)({
-        message: (_error$response5 = error.response) === null || _error$response5 === void 0 ? void 0 : _error$response5.data,
-        state
-      });
-      // stack trace
-      (0, _Console.debugMessage)({
-        message: error.stack || new Error().stack,
-        state
-      });
+      throw new _FrodoError.FrodoError("Error getting tokens", error);
     }
-    (0, _Console.debugMessage)({
-      message: "AuthenticateOps.getTokens: end without tokens",
-      state
-    });
-    return false;
   });
   return _getTokens.apply(this, arguments);
 }