@salesforce/b2c-tooling-sdk 1.7.0 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/auth/index.d.ts +3 -0
- package/dist/cjs/auth/index.js +2 -0
- package/dist/cjs/auth/index.js.map +1 -1
- package/dist/cjs/auth/jwt-utils.d.ts +25 -0
- package/dist/cjs/auth/jwt-utils.js +66 -0
- package/dist/cjs/auth/jwt-utils.js.map +1 -0
- package/dist/cjs/auth/oauth-implicit.js +4 -1
- package/dist/cjs/auth/oauth-implicit.js.map +1 -1
- package/dist/cjs/auth/oauth-jwt.d.ts +99 -0
- package/dist/cjs/auth/oauth-jwt.js +343 -0
- package/dist/cjs/auth/oauth-jwt.js.map +1 -0
- package/dist/cjs/auth/oauth.d.ts +42 -3
- package/dist/cjs/auth/oauth.js +90 -35
- package/dist/cjs/auth/oauth.js.map +1 -1
- package/dist/cjs/auth/stateful-oauth-strategy.js +3 -9
- package/dist/cjs/auth/stateful-oauth-strategy.js.map +1 -1
- package/dist/cjs/auth/stateful-store.js +33 -35
- package/dist/cjs/auth/stateful-store.js.map +1 -1
- package/dist/cjs/auth/types.d.ts +2 -1
- package/dist/cjs/auth/types.js +1 -1
- package/dist/cjs/auth/types.js.map +1 -1
- package/dist/cjs/cli/am-command.d.ts +1 -1
- package/dist/cjs/cli/am-command.js +3 -0
- package/dist/cjs/cli/am-command.js.map +1 -1
- package/dist/cjs/cli/base-command.js +4 -2
- package/dist/cjs/cli/base-command.js.map +1 -1
- package/dist/cjs/cli/columns.d.ts +128 -0
- package/dist/cjs/cli/columns.js +128 -0
- package/dist/cjs/cli/columns.js.map +1 -0
- package/dist/cjs/cli/config.js +4 -0
- package/dist/cjs/cli/config.js.map +1 -1
- package/dist/cjs/cli/details.d.ts +69 -0
- package/dist/cjs/cli/details.js +72 -0
- package/dist/cjs/cli/details.js.map +1 -0
- package/dist/cjs/cli/index.d.ts +4 -0
- package/dist/cjs/cli/index.js +2 -0
- package/dist/cjs/cli/index.js.map +1 -1
- package/dist/cjs/cli/instance-command.d.ts +3 -0
- package/dist/cjs/cli/oauth-command.d.ts +14 -2
- package/dist/cjs/cli/oauth-command.js +54 -3
- package/dist/cjs/cli/oauth-command.js.map +1 -1
- package/dist/cjs/cli/ods-command.d.ts +3 -0
- package/dist/cjs/cli/webdav-command.d.ts +3 -0
- package/dist/cjs/clients/cdn-zones.js +5 -2
- package/dist/cjs/clients/cdn-zones.js.map +1 -1
- package/dist/cjs/clients/cip.js +2 -1
- package/dist/cjs/clients/cip.js.map +1 -1
- package/dist/cjs/clients/custom-apis.js +5 -2
- package/dist/cjs/clients/custom-apis.js.map +1 -1
- package/dist/cjs/clients/granular-replications.js +4 -1
- package/dist/cjs/clients/granular-replications.js.map +1 -1
- package/dist/cjs/clients/mrt.generated.d.ts +1073 -41
- package/dist/cjs/clients/scapi-schemas.js +5 -2
- package/dist/cjs/clients/scapi-schemas.js.map +1 -1
- package/dist/cjs/clients/webdav.js +11 -3
- package/dist/cjs/clients/webdav.js.map +1 -1
- package/dist/cjs/config/dw-json.d.ts +10 -0
- package/dist/cjs/config/dw-json.js +4 -7
- package/dist/cjs/config/dw-json.js.map +1 -1
- package/dist/cjs/config/mapping.js +27 -0
- package/dist/cjs/config/mapping.js.map +1 -1
- package/dist/cjs/config/sources/env-source.js +13 -1
- package/dist/cjs/config/sources/env-source.js.map +1 -1
- package/dist/cjs/config/sources/package-json-source.js +1 -0
- package/dist/cjs/config/sources/package-json-source.js.map +1 -1
- package/dist/cjs/config/types.d.ts +14 -0
- package/dist/cjs/index.d.ts +2 -2
- package/dist/cjs/index.js +1 -1
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/operations/bm-users/index.d.ts +50 -0
- package/dist/cjs/operations/bm-users/index.js +55 -0
- package/dist/cjs/operations/bm-users/index.js.map +1 -0
- package/dist/cjs/operations/bm-users/users.d.ts +189 -0
- package/dist/cjs/operations/bm-users/users.js +229 -0
- package/dist/cjs/operations/bm-users/users.js.map +1 -0
- package/dist/cjs/operations/code/deploy.js +19 -10
- package/dist/cjs/operations/code/deploy.js.map +1 -1
- package/dist/cjs/operations/code/download.d.ts +17 -6
- package/dist/cjs/operations/code/download.js +224 -104
- package/dist/cjs/operations/code/download.js.map +1 -1
- package/dist/cjs/operations/code/index.d.ts +3 -1
- package/dist/cjs/operations/code/index.js +3 -1
- package/dist/cjs/operations/code/index.js.map +1 -1
- package/dist/cjs/operations/code/upload-files.d.ts +47 -0
- package/dist/cjs/operations/code/upload-files.js +116 -0
- package/dist/cjs/operations/code/upload-files.js.map +1 -0
- package/dist/cjs/operations/code/watch.js +18 -92
- package/dist/cjs/operations/code/watch.js.map +1 -1
- package/dist/cjs/operations/debug/debug-session.js +23 -8
- package/dist/cjs/operations/debug/debug-session.js.map +1 -1
- package/dist/cjs/operations/debug/index.d.ts +3 -0
- package/dist/cjs/operations/debug/index.js +2 -0
- package/dist/cjs/operations/debug/index.js.map +1 -1
- package/dist/cjs/operations/debug/projections.d.ts +72 -0
- package/dist/cjs/operations/debug/projections.js +84 -0
- package/dist/cjs/operations/debug/projections.js.map +1 -0
- package/dist/cjs/operations/debug/resolve-path.d.ts +15 -0
- package/dist/cjs/operations/debug/resolve-path.js +52 -0
- package/dist/cjs/operations/debug/resolve-path.js.map +1 -0
- package/dist/cjs/operations/mrt/certificate.d.ts +60 -0
- package/dist/cjs/operations/mrt/certificate.js +76 -0
- package/dist/cjs/operations/mrt/certificate.js.map +1 -0
- package/dist/cjs/operations/mrt/env.d.ts +79 -0
- package/dist/cjs/operations/mrt/env.js +65 -3
- package/dist/cjs/operations/mrt/env.js.map +1 -1
- package/dist/cjs/operations/mrt/index.d.ts +8 -4
- package/dist/cjs/operations/mrt/index.js +6 -2
- package/dist/cjs/operations/mrt/index.js.map +1 -1
- package/dist/cjs/operations/mrt/organization-member.d.ts +68 -0
- package/dist/cjs/operations/mrt/organization-member.js +88 -0
- package/dist/cjs/operations/mrt/organization-member.js.map +1 -0
- package/dist/cjs/operations/mrt/push.d.ts +67 -0
- package/dist/cjs/operations/mrt/push.js +63 -0
- package/dist/cjs/operations/mrt/push.js.map +1 -1
- package/dist/cjs/ux/index.d.ts +1 -0
- package/dist/cjs/ux/index.js +7 -0
- package/dist/cjs/ux/index.js.map +1 -0
- package/dist/esm/auth/index.d.ts +3 -0
- package/dist/esm/auth/index.js +2 -0
- package/dist/esm/auth/index.js.map +1 -1
- package/dist/esm/auth/jwt-utils.d.ts +25 -0
- package/dist/esm/auth/jwt-utils.js +66 -0
- package/dist/esm/auth/jwt-utils.js.map +1 -0
- package/dist/esm/auth/oauth-implicit.js +4 -1
- package/dist/esm/auth/oauth-implicit.js.map +1 -1
- package/dist/esm/auth/oauth-jwt.d.ts +99 -0
- package/dist/esm/auth/oauth-jwt.js +343 -0
- package/dist/esm/auth/oauth-jwt.js.map +1 -0
- package/dist/esm/auth/oauth.d.ts +42 -3
- package/dist/esm/auth/oauth.js +90 -35
- package/dist/esm/auth/oauth.js.map +1 -1
- package/dist/esm/auth/stateful-oauth-strategy.js +3 -9
- package/dist/esm/auth/stateful-oauth-strategy.js.map +1 -1
- package/dist/esm/auth/stateful-store.js +33 -35
- package/dist/esm/auth/stateful-store.js.map +1 -1
- package/dist/esm/auth/types.d.ts +2 -1
- package/dist/esm/auth/types.js +1 -1
- package/dist/esm/auth/types.js.map +1 -1
- package/dist/esm/cli/am-command.d.ts +1 -1
- package/dist/esm/cli/am-command.js +3 -0
- package/dist/esm/cli/am-command.js.map +1 -1
- package/dist/esm/cli/base-command.js +4 -2
- package/dist/esm/cli/base-command.js.map +1 -1
- package/dist/esm/cli/columns.d.ts +128 -0
- package/dist/esm/cli/columns.js +128 -0
- package/dist/esm/cli/columns.js.map +1 -0
- package/dist/esm/cli/config.js +4 -0
- package/dist/esm/cli/config.js.map +1 -1
- package/dist/esm/cli/details.d.ts +69 -0
- package/dist/esm/cli/details.js +72 -0
- package/dist/esm/cli/details.js.map +1 -0
- package/dist/esm/cli/index.d.ts +4 -0
- package/dist/esm/cli/index.js +2 -0
- package/dist/esm/cli/index.js.map +1 -1
- package/dist/esm/cli/instance-command.d.ts +3 -0
- package/dist/esm/cli/oauth-command.d.ts +14 -2
- package/dist/esm/cli/oauth-command.js +54 -3
- package/dist/esm/cli/oauth-command.js.map +1 -1
- package/dist/esm/cli/ods-command.d.ts +3 -0
- package/dist/esm/cli/webdav-command.d.ts +3 -0
- package/dist/esm/clients/cdn-zones.js +5 -2
- package/dist/esm/clients/cdn-zones.js.map +1 -1
- package/dist/esm/clients/cip.js +2 -1
- package/dist/esm/clients/cip.js.map +1 -1
- package/dist/esm/clients/custom-apis.js +5 -2
- package/dist/esm/clients/custom-apis.js.map +1 -1
- package/dist/esm/clients/granular-replications.js +4 -1
- package/dist/esm/clients/granular-replications.js.map +1 -1
- package/dist/esm/clients/mrt.generated.d.ts +1073 -41
- package/dist/esm/clients/scapi-schemas.js +5 -2
- package/dist/esm/clients/scapi-schemas.js.map +1 -1
- package/dist/esm/clients/webdav.js +11 -3
- package/dist/esm/clients/webdav.js.map +1 -1
- package/dist/esm/config/dw-json.d.ts +10 -0
- package/dist/esm/config/dw-json.js +4 -7
- package/dist/esm/config/dw-json.js.map +1 -1
- package/dist/esm/config/mapping.js +27 -0
- package/dist/esm/config/mapping.js.map +1 -1
- package/dist/esm/config/sources/env-source.js +13 -1
- package/dist/esm/config/sources/env-source.js.map +1 -1
- package/dist/esm/config/sources/package-json-source.js +1 -0
- package/dist/esm/config/sources/package-json-source.js.map +1 -1
- package/dist/esm/config/types.d.ts +14 -0
- package/dist/esm/index.d.ts +2 -2
- package/dist/esm/index.js +1 -1
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/operations/bm-users/index.d.ts +50 -0
- package/dist/esm/operations/bm-users/index.js +55 -0
- package/dist/esm/operations/bm-users/index.js.map +1 -0
- package/dist/esm/operations/bm-users/users.d.ts +189 -0
- package/dist/esm/operations/bm-users/users.js +229 -0
- package/dist/esm/operations/bm-users/users.js.map +1 -0
- package/dist/esm/operations/code/deploy.js +19 -10
- package/dist/esm/operations/code/deploy.js.map +1 -1
- package/dist/esm/operations/code/download.d.ts +17 -6
- package/dist/esm/operations/code/download.js +224 -104
- package/dist/esm/operations/code/download.js.map +1 -1
- package/dist/esm/operations/code/index.d.ts +3 -1
- package/dist/esm/operations/code/index.js +3 -1
- package/dist/esm/operations/code/index.js.map +1 -1
- package/dist/esm/operations/code/upload-files.d.ts +47 -0
- package/dist/esm/operations/code/upload-files.js +116 -0
- package/dist/esm/operations/code/upload-files.js.map +1 -0
- package/dist/esm/operations/code/watch.js +18 -92
- package/dist/esm/operations/code/watch.js.map +1 -1
- package/dist/esm/operations/debug/debug-session.js +23 -8
- package/dist/esm/operations/debug/debug-session.js.map +1 -1
- package/dist/esm/operations/debug/index.d.ts +3 -0
- package/dist/esm/operations/debug/index.js +2 -0
- package/dist/esm/operations/debug/index.js.map +1 -1
- package/dist/esm/operations/debug/projections.d.ts +72 -0
- package/dist/esm/operations/debug/projections.js +84 -0
- package/dist/esm/operations/debug/projections.js.map +1 -0
- package/dist/esm/operations/debug/resolve-path.d.ts +15 -0
- package/dist/esm/operations/debug/resolve-path.js +52 -0
- package/dist/esm/operations/debug/resolve-path.js.map +1 -0
- package/dist/esm/operations/mrt/certificate.d.ts +60 -0
- package/dist/esm/operations/mrt/certificate.js +76 -0
- package/dist/esm/operations/mrt/certificate.js.map +1 -0
- package/dist/esm/operations/mrt/env.d.ts +79 -0
- package/dist/esm/operations/mrt/env.js +65 -3
- package/dist/esm/operations/mrt/env.js.map +1 -1
- package/dist/esm/operations/mrt/index.d.ts +8 -4
- package/dist/esm/operations/mrt/index.js +6 -2
- package/dist/esm/operations/mrt/index.js.map +1 -1
- package/dist/esm/operations/mrt/organization-member.d.ts +68 -0
- package/dist/esm/operations/mrt/organization-member.js +88 -0
- package/dist/esm/operations/mrt/organization-member.js.map +1 -0
- package/dist/esm/operations/mrt/push.d.ts +67 -0
- package/dist/esm/operations/mrt/push.js +63 -0
- package/dist/esm/operations/mrt/push.js.map +1 -1
- package/dist/esm/ux/index.d.ts +1 -0
- package/dist/esm/ux/index.js +7 -0
- package/dist/esm/ux/index.js.map +1 -0
- package/package.json +22 -2
- package/specs/mrt-api-v1.json +2192 -48
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth-jwt.js","sourceRoot":"","sources":["../../../src/auth/oauth-jwt.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH;;;;;;;GAOG;AACH,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAC,SAAS,EAAC,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EACL,gBAAgB,EAChB,mBAAmB,EACnB,mBAAmB,EACnB,0BAA0B,EAC1B,SAAS,GACV,MAAM,YAAY,CAAC;AACpB,OAAO,EAAC,4BAA4B,EAAE,0BAA0B,EAAE,2BAA2B,EAAC,MAAM,iBAAiB,CAAC;AAgCtH;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,OAAO,gBAAgB;IACV,MAAM,CAAiB;IACvB,MAAM,GAAG,SAAS,EAAE,CAAC;IACrB,QAAQ,CAAS;IAC1B,cAAc,GAAG,KAAK,CAAC;IACd,UAAU,CAAmB;IAE9C,YAAY,MAAsB;QAChC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAC5B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,GAAG,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAElH,6DAA6D;QAC7D,MAAM,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,gBAAgB,CAAC;YACxC,GAAG,EAAE,UAAU;YACf,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,MAAsB;QAC3C,2BAA2B;QAC3B,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;QAC1D,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC/E,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;QAC9E,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACpE,CAAC;QAED,mDAAmD;QACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,mCAAmC,MAAM,CAAC,QAAQ,IAAI;gBACpD,qHAAqH,CACxH,CAAC;QACJ,CAAC;QAED,qCAAqC;QACrC,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;YAC7D,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CAAC,iCAAiC,MAAM,CAAC,QAAQ,4CAA4C,CAAC,CAAC;YAChH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,4BAA4B,CAAC,EAAE,CAAC;gBACnF,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,uCAAuC,MAAM,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC,CAAC;QACtF,CAAC;QAED,2BAA2B;QAC3B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,mCAAmC,MAAM,CAAC,OAAO,IAAI;gBACnD,6GAA6G,CAChH,CAAC;QACJ,CAAC;QAED,6CAA6C;QAC7C,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAE3D,mBAAmB;YACnB,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBACzE,MAAM,IAAI,KAAK,CACb,iCAAiC,MAAM,CAAC,OAAO,qEAAqE,CACrH,CAAC;YACJ,CAAC;YAED,+EAA+E;YAC/E,MAAM,CAAC,gBAAgB,CAAC;gBACtB,GAAG,EAAE,UAAU;gBACf,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAEvE,sCAAsC;YACtC,IAAI,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC7G,MAAM,IAAI,KAAK,CACb,qDAAqD;oBACnD,kGAAkG,CACrG,CAAC;YACJ,CAAC;YAED,sDAAsD;YACtD,IAAI,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBACpE,MAAM,IAAI,KAAK,CACb,4DAA4D;oBAC1D,wEAAwE,CAC3E,CAAC;YACJ,CAAC;YAED,oCAAoC;YACpC,IAAI,OAAO,CAAC,QAAQ,CAAC,4BAA4B,CAAC,EAAE,CAAC;gBACnD,MAAM,KAAK,CAAC;YACd,CAAC;YAED,gBAAgB;YAChB,MAAM,IAAI,KAAK,CAAC,8BAA8B,MAAM,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,KAAK,CAAC,GAAW,EAAE,OAAkB,EAAE;QAC3C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE1C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,KAAK,EAAE,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAEpD,+CAA+C;QAC/C,IAAI,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAC,GAAG,IAAI,EAAE,OAAO,EAAgB,CAAC,CAAC;QAE9D,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,gEAAgE;QAChE,4EAA4E;QAC5E,oEAAoE;QACpE,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9C,IAAI,CAAC,eAAe,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAC7C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,QAAQ,EAAE,CAAC,CAAC;YACnD,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAC,GAAG,IAAI,EAAE,OAAO,EAAgB,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,sBAAsB;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,OAAO,UAAU,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC;IAC1B,CAAC;IAED;;;;;;OAMG;IACH,oBAAoB,CAAC,gBAA0B;QAC7C,MAAM,YAAY,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,EAAE,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;QACxF,OAAO,IAAI,gBAAgB,CAAC;YAC1B,GAAG,IAAI,CAAC,MAAM;YACd,MAAM,EAAE,YAAY;SACrB,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,gBAAgB;QACpB,MAAM,MAAM,GAAG,mBAAmB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;QAE5E,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;YACpE,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,wCAAwC;QACxC,OAAO,IAAI,CAAC,eAAe,EAAE,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,eAAe;QACb,0BAA0B,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC5D,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc;QAC1B,2BAA2B;QAC3B,MAAM,MAAM,GAAG,mBAAmB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;QAC5E,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC;YACpF,OAAO,MAAM,CAAC,WAAW,CAAC;QAC5B,CAAC;QAED,4DAA4D;QAC5D,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QACnD,OAAO,aAAa,CAAC,WAAW,CAAC;IACnC,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,eAAe;QAC3B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qEAAqE,CAAC,CAAC;QAEzF,sBAAsB;QACtB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAEzC,6CAA6C;QAC7C,MAAM,QAAQ,GAAG,WAAW,IAAI,CAAC,MAAM,CAAC,kBAAkB,4BAA4B,CAAC;QAEvF,uEAAuE;QACvE,0DAA0D;QAC1D,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,UAAU,EAAE,oBAAoB;YAChC,qBAAqB,EAAE,wDAAwD;YAC/E,gBAAgB,EAAE,GAAG,EAAE,4BAA4B;SACpD,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CACf;YACE,QAAQ;YACR,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;SAC3B,EACD,qDAAqD,CACtD,CAAC;QAEF,sCAAsC;QACtC,IAAI,OAAO,GAAG,IAAI,OAAO,CAAC,QAAQ,EAAE;YAClC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;aACpD;YACD,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;SACxB,CAAC,CAAC;QAEH,2CAA2C;QAC3C,MAAM,UAAU,GAAG,4BAA4B,CAAC,aAAa,EAAE,CAAC;QAChE,OAAO,GAAG,MAAM,0BAA0B,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAEhE,IAAI,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;QAEpC,iCAAiC;QACjC,QAAQ,GAAG,MAAM,2BAA2B,CAAC,OAAO,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;QAE5E,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf;gBACE,MAAM,EAAE,QAAQ,CAAC,MAAM;gBACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,KAAK,EAAE,SAAS;aACjB,EACD,8CAA8C,CAC/C,CAAC;YAEF,mDAAmD;YACnD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,MAAM,IAAI,KAAK,CACb,sFAAsF;oBACpF,2BAA2B,IAAI,CAAC,MAAM,CAAC,QAAQ,qCAAqC,CACvF,CAAC;YACJ,CAAC;YACD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,MAAM,IAAI,KAAK,CAAC,oCAAoC,SAAS,EAAE,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,IAAI,KAAK,CAAC,8BAA8B,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC,CAAC;QACxG,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiD,CAAC;QACrF,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;QAED,+DAA+D;QAC/D,MAAM,gBAAgB,GAAG,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC;QACjD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,gBAAgB,GAAG,IAAI,CAAC,CAAC;QAElE,8DAA8D;QAC9D,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,KAAsC,CAAC;QACrE,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;QAE5F,iCAAiC;QACjC,MAAM,aAAa,GAAwB;YACzC,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,OAAO,EAAE,UAAU;YACnB,MAAM;SACP,CAAC;QACF,mBAAmB,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;QAElD,IAAI,CAAC,MAAM,CAAC,KAAK,CACf;YACE,SAAS,EAAE,gBAAgB;YAC3B,SAAS,EAAE,UAAU,CAAC,WAAW,EAAE;YACnC,MAAM;SACP,EACD,uDAAuD,CACxD,CAAC;QAEF,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,eAAe;QAC3B,MAAM,MAAM,GAAc;YACxB,GAAG,EAAE,OAAO;YACZ,GAAG,EAAE,KAAK;SACX,CAAC;QACF,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;QAC9D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,QAAQ,GAAG,WAAW,IAAI,CAAC,MAAM,CAAC,kBAAkB,4BAA4B,CAAC;QACvF,MAAM,OAAO,GAAe;YAC1B,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YACzB,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YACzB,GAAG,EAAE,QAAQ;YACb,GAAG,EAAE,GAAG,GAAG,EAAE;SACd,CAAC;QACF,MAAM,cAAc,GAAG,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAEhE,MAAM,cAAc,GAAG,GAAG,aAAa,IAAI,cAAc,EAAE,CAAC;QAC5D,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1F,MAAM,gBAAgB,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;QAEpD,MAAM,GAAG,GAAG,GAAG,aAAa,IAAI,cAAc,IAAI,gBAAgB,EAAE,CAAC;QAErE,IAAI,CAAC,MAAM,CAAC,KAAK,CACf;YACE,MAAM;YACN,OAAO,EAAE;gBACP,GAAG,OAAO;gBACV,GAAG,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;aAChD;SACF,EACD,wCAAwC,CACzC,CAAC;QAEF,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAED;;;GAGG;AACH,SAAS,eAAe,CAAC,IAAqB;IAC5C,MAAM,MAAM,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACnE,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACzC,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC"}
|
package/dist/cjs/auth/oauth.d.ts
CHANGED
|
@@ -6,13 +6,47 @@ export interface OAuthConfig {
|
|
|
6
6
|
accountManagerHost?: string;
|
|
7
7
|
}
|
|
8
8
|
/**
|
|
9
|
-
* Decodes a JWT token without verification
|
|
9
|
+
* Decodes a JWT token without verification.
|
|
10
|
+
* Exported for use by other auth strategies.
|
|
10
11
|
*/
|
|
11
|
-
declare function decodeJWT(jwt: string): DecodedJWT;
|
|
12
|
+
export declare function decodeJWT(jwt: string): DecodedJWT;
|
|
13
|
+
/**
|
|
14
|
+
* Generates a cache key for OAuth tokens.
|
|
15
|
+
* Includes auth method to distinguish between client-credentials and JWT tokens.
|
|
16
|
+
*
|
|
17
|
+
* @param clientId - OAuth client ID
|
|
18
|
+
* @param method - Authentication method (client-credentials or jwt)
|
|
19
|
+
* @param accountManagerHost - Account Manager hostname
|
|
20
|
+
* @param scopes - OAuth scopes (optional)
|
|
21
|
+
* @returns Cache key string
|
|
22
|
+
*/
|
|
23
|
+
export declare function getOAuthCacheKey(clientId: string, method: 'client-credentials' | 'jwt', accountManagerHost: string, scopes?: string[]): string;
|
|
24
|
+
/**
|
|
25
|
+
* Gets a cached OAuth token if valid.
|
|
26
|
+
*
|
|
27
|
+
* @param cacheKey - Cache key from getOAuthCacheKey()
|
|
28
|
+
* @param requiredScopes - Scopes that must be present in the cached token
|
|
29
|
+
* @returns Cached token response if valid, undefined otherwise
|
|
30
|
+
*/
|
|
31
|
+
export declare function getCachedOAuthToken(cacheKey: string, requiredScopes?: string[]): AccessTokenResponse | undefined;
|
|
32
|
+
/**
|
|
33
|
+
* Stores an OAuth token in the global cache.
|
|
34
|
+
*
|
|
35
|
+
* @param cacheKey - Cache key from getOAuthCacheKey()
|
|
36
|
+
* @param tokenResponse - Token response to cache
|
|
37
|
+
*/
|
|
38
|
+
export declare function setCachedOAuthToken(cacheKey: string, tokenResponse: AccessTokenResponse): void;
|
|
39
|
+
/**
|
|
40
|
+
* Invalidates a cached OAuth token.
|
|
41
|
+
*
|
|
42
|
+
* @param cacheKey - Cache key from getOAuthCacheKey()
|
|
43
|
+
*/
|
|
44
|
+
export declare function invalidateCachedOAuthToken(cacheKey: string): void;
|
|
12
45
|
export declare class OAuthStrategy implements AuthStrategy {
|
|
13
46
|
private config;
|
|
14
47
|
private accountManagerHost;
|
|
15
48
|
private _hasHadSuccess;
|
|
49
|
+
private cacheKey;
|
|
16
50
|
constructor(config: OAuthConfig);
|
|
17
51
|
fetch(url: string, init?: FetchInit): Promise<Response>;
|
|
18
52
|
getAuthorizationHeader(): Promise<string>;
|
|
@@ -41,9 +75,14 @@ export declare class OAuthStrategy implements AuthStrategy {
|
|
|
41
75
|
* Gets an access token, using cache if valid
|
|
42
76
|
*/
|
|
43
77
|
private getAccessToken;
|
|
78
|
+
/**
|
|
79
|
+
* Returns a fresh token, coalescing concurrent callers onto a single in-flight
|
|
80
|
+
* token request keyed by cacheKey. Prevents stampeding the AM token endpoint
|
|
81
|
+
* when many requests trigger refresh at once.
|
|
82
|
+
*/
|
|
83
|
+
private refreshTokenSingleflight;
|
|
44
84
|
/**
|
|
45
85
|
* Performs client credentials grant flow
|
|
46
86
|
*/
|
|
47
87
|
private clientCredentialsGrant;
|
|
48
88
|
}
|
|
49
|
-
export { decodeJWT };
|
package/dist/cjs/auth/oauth.js
CHANGED
|
@@ -3,10 +3,14 @@ import { DEFAULT_ACCOUNT_MANAGER_HOST } from '../defaults.js';
|
|
|
3
3
|
import { globalAuthMiddlewareRegistry, applyAuthRequestMiddleware, applyAuthResponseMiddleware } from './middleware.js';
|
|
4
4
|
// Module-level token cache to support multiple instances with same clientId
|
|
5
5
|
const ACCESS_TOKEN_CACHE = new Map();
|
|
6
|
+
// In-flight token requests, keyed by cacheKey, so concurrent callers coalesce
|
|
7
|
+
// onto a single token-endpoint round trip instead of stampeding the server.
|
|
8
|
+
const PENDING_TOKEN_REQUESTS = new Map();
|
|
6
9
|
/**
|
|
7
|
-
* Decodes a JWT token without verification
|
|
10
|
+
* Decodes a JWT token without verification.
|
|
11
|
+
* Exported for use by other auth strategies.
|
|
8
12
|
*/
|
|
9
|
-
function decodeJWT(jwt) {
|
|
13
|
+
export function decodeJWT(jwt) {
|
|
10
14
|
const parts = jwt.split('.');
|
|
11
15
|
if (parts.length !== 3) {
|
|
12
16
|
throw new Error('Invalid JWT format');
|
|
@@ -15,13 +19,66 @@ function decodeJWT(jwt) {
|
|
|
15
19
|
const payload = JSON.parse(Buffer.from(parts[1], 'base64').toString());
|
|
16
20
|
return { header, payload };
|
|
17
21
|
}
|
|
22
|
+
/**
|
|
23
|
+
* Generates a cache key for OAuth tokens.
|
|
24
|
+
* Includes auth method to distinguish between client-credentials and JWT tokens.
|
|
25
|
+
*
|
|
26
|
+
* @param clientId - OAuth client ID
|
|
27
|
+
* @param method - Authentication method (client-credentials or jwt)
|
|
28
|
+
* @param accountManagerHost - Account Manager hostname
|
|
29
|
+
* @param scopes - OAuth scopes (optional)
|
|
30
|
+
* @returns Cache key string
|
|
31
|
+
*/
|
|
32
|
+
export function getOAuthCacheKey(clientId, method, accountManagerHost, scopes) {
|
|
33
|
+
const scopesKey = scopes?.sort().join(',') || '';
|
|
34
|
+
return `${accountManagerHost}:${clientId}:${method}:${scopesKey}`;
|
|
35
|
+
}
|
|
36
|
+
/**
|
|
37
|
+
* Gets a cached OAuth token if valid.
|
|
38
|
+
*
|
|
39
|
+
* @param cacheKey - Cache key from getOAuthCacheKey()
|
|
40
|
+
* @param requiredScopes - Scopes that must be present in the cached token
|
|
41
|
+
* @returns Cached token response if valid, undefined otherwise
|
|
42
|
+
*/
|
|
43
|
+
export function getCachedOAuthToken(cacheKey, requiredScopes = []) {
|
|
44
|
+
const cached = ACCESS_TOKEN_CACHE.get(cacheKey);
|
|
45
|
+
if (!cached)
|
|
46
|
+
return undefined;
|
|
47
|
+
const now = new Date();
|
|
48
|
+
const hasAllScopes = requiredScopes.every((scope) => cached.scopes.includes(scope));
|
|
49
|
+
// Check if token is expired or missing required scopes
|
|
50
|
+
if (!hasAllScopes || now.getTime() > cached.expires.getTime()) {
|
|
51
|
+
ACCESS_TOKEN_CACHE.delete(cacheKey);
|
|
52
|
+
return undefined;
|
|
53
|
+
}
|
|
54
|
+
return cached;
|
|
55
|
+
}
|
|
56
|
+
/**
|
|
57
|
+
* Stores an OAuth token in the global cache.
|
|
58
|
+
*
|
|
59
|
+
* @param cacheKey - Cache key from getOAuthCacheKey()
|
|
60
|
+
* @param tokenResponse - Token response to cache
|
|
61
|
+
*/
|
|
62
|
+
export function setCachedOAuthToken(cacheKey, tokenResponse) {
|
|
63
|
+
ACCESS_TOKEN_CACHE.set(cacheKey, tokenResponse);
|
|
64
|
+
}
|
|
65
|
+
/**
|
|
66
|
+
* Invalidates a cached OAuth token.
|
|
67
|
+
*
|
|
68
|
+
* @param cacheKey - Cache key from getOAuthCacheKey()
|
|
69
|
+
*/
|
|
70
|
+
export function invalidateCachedOAuthToken(cacheKey) {
|
|
71
|
+
ACCESS_TOKEN_CACHE.delete(cacheKey);
|
|
72
|
+
}
|
|
18
73
|
export class OAuthStrategy {
|
|
19
74
|
config;
|
|
20
75
|
accountManagerHost;
|
|
21
76
|
_hasHadSuccess = false;
|
|
77
|
+
cacheKey;
|
|
22
78
|
constructor(config) {
|
|
23
79
|
this.config = config;
|
|
24
80
|
this.accountManagerHost = config.accountManagerHost || DEFAULT_ACCOUNT_MANAGER_HOST;
|
|
81
|
+
this.cacheKey = getOAuthCacheKey(this.config.clientId, 'client-credentials', this.accountManagerHost, this.config.scopes);
|
|
25
82
|
}
|
|
26
83
|
async fetch(url, init = {}) {
|
|
27
84
|
const token = await this.getAccessToken();
|
|
@@ -62,26 +119,18 @@ export class OAuthStrategy {
|
|
|
62
119
|
*/
|
|
63
120
|
async getTokenResponse() {
|
|
64
121
|
const logger = getLogger();
|
|
65
|
-
const cached =
|
|
122
|
+
const cached = getCachedOAuthToken(this.cacheKey, this.config.scopes || []);
|
|
66
123
|
if (cached) {
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
const hasAllScopes = requiredScopes.every((scope) => cached.scopes.includes(scope));
|
|
70
|
-
if (hasAllScopes && now.getTime() <= cached.expires.getTime()) {
|
|
71
|
-
logger.debug('Reusing cached access token');
|
|
72
|
-
return cached;
|
|
73
|
-
}
|
|
124
|
+
logger.debug('[OAuthStrategy] Reusing cached access token');
|
|
125
|
+
return cached;
|
|
74
126
|
}
|
|
75
|
-
|
|
76
|
-
const tokenResponse = await this.clientCredentialsGrant();
|
|
77
|
-
ACCESS_TOKEN_CACHE.set(this.config.clientId, tokenResponse);
|
|
78
|
-
return tokenResponse;
|
|
127
|
+
return this.refreshTokenSingleflight();
|
|
79
128
|
}
|
|
80
129
|
/**
|
|
81
130
|
* Invalidates the cached token, forcing re-authentication on next request
|
|
82
131
|
*/
|
|
83
132
|
invalidateToken() {
|
|
84
|
-
|
|
133
|
+
invalidateCachedOAuthToken(this.cacheKey);
|
|
85
134
|
}
|
|
86
135
|
/**
|
|
87
136
|
* Creates a new OAuthStrategy with additional scopes merged in.
|
|
@@ -102,29 +151,36 @@ export class OAuthStrategy {
|
|
|
102
151
|
*/
|
|
103
152
|
async getAccessToken() {
|
|
104
153
|
const logger = getLogger();
|
|
105
|
-
const cached =
|
|
154
|
+
const cached = getCachedOAuthToken(this.cacheKey, this.config.scopes || []);
|
|
106
155
|
if (cached) {
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
const hasAllScopes = requiredScopes.every((scope) => cached.scopes.includes(scope));
|
|
110
|
-
if (!hasAllScopes) {
|
|
111
|
-
logger.warn('Access token missing scopes; invalidating and re-authenticating');
|
|
112
|
-
ACCESS_TOKEN_CACHE.delete(this.config.clientId);
|
|
113
|
-
}
|
|
114
|
-
else if (now.getTime() > cached.expires.getTime()) {
|
|
115
|
-
logger.warn('Access token expired; invalidating and re-authenticating');
|
|
116
|
-
ACCESS_TOKEN_CACHE.delete(this.config.clientId);
|
|
117
|
-
}
|
|
118
|
-
else {
|
|
119
|
-
logger.debug('Reusing cached access token');
|
|
120
|
-
return cached.accessToken;
|
|
121
|
-
}
|
|
156
|
+
logger.debug('[OAuthStrategy] Reusing cached access token');
|
|
157
|
+
return cached.accessToken;
|
|
122
158
|
}
|
|
123
|
-
|
|
124
|
-
const tokenResponse = await this.clientCredentialsGrant();
|
|
125
|
-
ACCESS_TOKEN_CACHE.set(this.config.clientId, tokenResponse);
|
|
159
|
+
const tokenResponse = await this.refreshTokenSingleflight();
|
|
126
160
|
return tokenResponse.accessToken;
|
|
127
161
|
}
|
|
162
|
+
/**
|
|
163
|
+
* Returns a fresh token, coalescing concurrent callers onto a single in-flight
|
|
164
|
+
* token request keyed by cacheKey. Prevents stampeding the AM token endpoint
|
|
165
|
+
* when many requests trigger refresh at once.
|
|
166
|
+
*/
|
|
167
|
+
refreshTokenSingleflight() {
|
|
168
|
+
const existing = PENDING_TOKEN_REQUESTS.get(this.cacheKey);
|
|
169
|
+
if (existing) {
|
|
170
|
+
getLogger().debug('[OAuthStrategy] Joining in-flight token request');
|
|
171
|
+
return existing;
|
|
172
|
+
}
|
|
173
|
+
const pending = (async () => {
|
|
174
|
+
getLogger().debug('[OAuthStrategy] Requesting new access token');
|
|
175
|
+
const tokenResponse = await this.clientCredentialsGrant();
|
|
176
|
+
setCachedOAuthToken(this.cacheKey, tokenResponse);
|
|
177
|
+
return tokenResponse;
|
|
178
|
+
})().finally(() => {
|
|
179
|
+
PENDING_TOKEN_REQUESTS.delete(this.cacheKey);
|
|
180
|
+
});
|
|
181
|
+
PENDING_TOKEN_REQUESTS.set(this.cacheKey, pending);
|
|
182
|
+
return pending;
|
|
183
|
+
}
|
|
128
184
|
/**
|
|
129
185
|
* Performs client credentials grant flow
|
|
130
186
|
*/
|
|
@@ -193,5 +249,4 @@ export class OAuthStrategy {
|
|
|
193
249
|
};
|
|
194
250
|
}
|
|
195
251
|
}
|
|
196
|
-
export { decodeJWT };
|
|
197
252
|
//# sourceMappingURL=oauth.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../../src/auth/oauth.ts"],"names":[],"mappings":"AAMA,OAAO,EAAC,SAAS,EAAC,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAC,4BAA4B,EAAC,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAC,4BAA4B,EAAE,0BAA0B,EAAE,2BAA2B,EAAC,MAAM,iBAAiB,CAAC;AAEtH,4EAA4E;AAC5E,MAAM,kBAAkB,GAAqC,IAAI,GAAG,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../../src/auth/oauth.ts"],"names":[],"mappings":"AAMA,OAAO,EAAC,SAAS,EAAC,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAC,4BAA4B,EAAC,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAC,4BAA4B,EAAE,0BAA0B,EAAE,2BAA2B,EAAC,MAAM,iBAAiB,CAAC;AAEtH,4EAA4E;AAC5E,MAAM,kBAAkB,GAAqC,IAAI,GAAG,EAAE,CAAC;AAEvE,8EAA8E;AAC9E,4EAA4E;AAC5E,MAAM,sBAAsB,GAA8C,IAAI,GAAG,EAAE,CAAC;AASpF;;;GAGG;AACH,MAAM,UAAU,SAAS,CAAC,GAAW;IACnC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IACtE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IACvE,OAAO,EAAC,MAAM,EAAE,OAAO,EAAC,CAAC;AAC3B,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAC9B,QAAgB,EAChB,MAAoC,EACpC,kBAA0B,EAC1B,MAAiB;IAEjB,MAAM,SAAS,GAAG,MAAM,EAAE,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;IACjD,OAAO,GAAG,kBAAkB,IAAI,QAAQ,IAAI,MAAM,IAAI,SAAS,EAAE,CAAC;AACpE,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAgB,EAAE,iBAA2B,EAAE;IACjF,MAAM,MAAM,GAAG,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,CAAC,MAAM;QAAE,OAAO,SAAS,CAAC;IAE9B,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,YAAY,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;IAEpF,uDAAuD;IACvD,IAAI,CAAC,YAAY,IAAI,GAAG,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;QAC9D,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACpC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAgB,EAAE,aAAkC;IACtF,kBAAkB,CAAC,GAAG,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;AAClD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,0BAA0B,CAAC,QAAgB;IACzD,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;AACtC,CAAC;AAED,MAAM,OAAO,aAAa;IAKJ;IAJZ,kBAAkB,CAAS;IAC3B,cAAc,GAAG,KAAK,CAAC;IACvB,QAAQ,CAAS;IAEzB,YAAoB,MAAmB;QAAnB,WAAM,GAAN,MAAM,CAAa;QACrC,IAAI,CAAC,kBAAkB,GAAG,MAAM,CAAC,kBAAkB,IAAI,4BAA4B,CAAC;QACpF,IAAI,CAAC,QAAQ,GAAG,gBAAgB,CAC9B,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,oBAAoB,EACpB,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,MAAM,CAAC,MAAM,CACnB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,GAAW,EAAE,OAAkB,EAAE;QAC3C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE1C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,KAAK,EAAE,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAEpD,+CAA+C;QAC/C,6DAA6D;QAC7D,IAAI,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAC,GAAG,IAAI,EAAE,OAAO,EAAgB,CAAC,CAAC;QAE9D,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,4EAA4E;QAC5E,4EAA4E;QAC5E,oEAAoE;QACpE,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9C,IAAI,CAAC,eAAe,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAC7C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,QAAQ,EAAE,CAAC,CAAC;YACnD,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAC,GAAG,IAAI,EAAE,OAAO,EAAgB,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,sBAAsB;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,OAAO,UAAU,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC;IAC1B,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,gBAAgB;QACpB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,mBAAmB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;QAE5E,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;YAC5D,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,OAAO,IAAI,CAAC,wBAAwB,EAAE,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,eAAe;QACb,0BAA0B,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC5C,CAAC;IAED;;;;;;OAMG;IACH,oBAAoB,CAAC,gBAA0B;QAC7C,MAAM,YAAY,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,EAAE,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;QACxF,OAAO,IAAI,aAAa,CAAC;YACvB,GAAG,IAAI,CAAC,MAAM;YACd,MAAM,EAAE,YAAY;SACrB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc;QAC1B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,mBAAmB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;QAE5E,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;YAC5D,OAAO,MAAM,CAAC,WAAW,CAAC;QAC5B,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAC5D,OAAO,aAAa,CAAC,WAAW,CAAC;IACnC,CAAC;IAED;;;;OAIG;IACK,wBAAwB;QAC9B,MAAM,QAAQ,GAAG,sBAAsB,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC3D,IAAI,QAAQ,EAAE,CAAC;YACb,SAAS,EAAE,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,OAAO,QAAQ,CAAC;QAClB,CAAC;QACD,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;YAC1B,SAAS,EAAE,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC1D,mBAAmB,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;YAClD,OAAO,aAAa,CAAC;QACvB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE;YAChB,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;QACH,sBAAsB,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACnD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,sBAAsB;QAClC,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,WAAW,IAAI,CAAC,kBAAkB,4BAA4B,CAAC;QAC3E,MAAM,MAAM,GAAG,MAAM,CAAC;QAEtB,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,UAAU,EAAE,oBAAoB;SACjC,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACvD,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAE1G,sCAAsC;QACtC,IAAI,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE;YAC7B,MAAM;YACN,OAAO,EAAE;gBACP,aAAa,EAAE,SAAS,WAAW,EAAE;gBACrC,cAAc,EAAE,mCAAmC;aACpD;YACD,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;SACxB,CAAC,CAAC;QAEH,2CAA2C;QAC3C,MAAM,UAAU,GAAG,4BAA4B,CAAC,aAAa,EAAE,CAAC;QAChE,OAAO,GAAG,MAAM,0BAA0B,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAEhE,wCAAwC;QACxC,MAAM,cAAc,GAA2B,EAAE,CAAC;QAClD,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;YACrC,cAAc,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,KAAK,CACV,EAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAC,EAChC,2DAA2D,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAC;QACF,2BAA2B;QAC3B,MAAM,CAAC,KAAK,CAAC,EAAC,MAAM,EAAE,GAAG,EAAC,EAAE,cAAc,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;QAE3D,6BAA6B;QAC7B,MAAM,CAAC,KAAK,CAAC,EAAC,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAC,EAAE,mBAAmB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;QAElH,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,IAAI,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;QAEpC,4BAA4B;QAC5B,QAAQ,GAAG,MAAM,2BAA2B,CAAC,OAAO,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;QAE5E,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAExC,8BAA8B;QAC9B,MAAM,CAAC,KAAK,CACV,EAAC,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,QAAQ,EAAC,EAChD,eAAe,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,IAAI,QAAQ,IAAI,CAChE,CAAC;QAEF,uBAAuB;QACvB,MAAM,eAAe,GAA2B,EAAE,CAAC;QACnD,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;YACtC,eAAe,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,MAAM,CAAC,KAAK,CAAC,EAAC,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,SAAS,EAAC,EAAE,oBAAoB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;YAC5G,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,MAAM,SAAS,EAAE,CAAC,CAAC;QAC1G,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAIlC,CAAC;QAEF,8BAA8B;QAC9B,MAAM,CAAC,KAAK,CAAC,EAAC,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,IAAI,EAAC,EAAE,oBAAoB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;QAEvG,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACzC,MAAM,CAAC,KAAK,CAAC,EAAC,GAAG,EAAE,GAAG,CAAC,OAAO,EAAC,EAAE,oBAAoB,CAAC,CAAC;QAEvD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QACpE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAE5C,OAAO;YACL,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,OAAO,EAAE,UAAU;YACnB,MAAM;SACP,CAAC;IACJ,CAAC;CACF"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { getLogger } from '../logging/logger.js';
|
|
2
2
|
import { decodeJWT } from './oauth.js';
|
|
3
|
+
import { decodeJwtTokenInfo } from './jwt-utils.js';
|
|
3
4
|
import { DEFAULT_ACCOUNT_MANAGER_HOST } from '../defaults.js';
|
|
4
5
|
import { getStoredSession, setStoredSession, clearStoredSession } from './stateful-store.js';
|
|
5
6
|
import { globalAuthMiddlewareRegistry, applyAuthRequestMiddleware, applyAuthResponseMiddleware } from './middleware.js';
|
|
@@ -48,15 +49,8 @@ export class StatefulOAuthStrategy {
|
|
|
48
49
|
*/
|
|
49
50
|
async getTokenResponse() {
|
|
50
51
|
const token = await this.getAccessToken();
|
|
51
|
-
const
|
|
52
|
-
|
|
53
|
-
const scope = decoded.payload.scope;
|
|
54
|
-
const scopes = scope == null ? [] : Array.isArray(scope) ? scope : scope.split(' ');
|
|
55
|
-
return {
|
|
56
|
-
accessToken: token,
|
|
57
|
-
expires: new Date(exp * 1000),
|
|
58
|
-
scopes,
|
|
59
|
-
};
|
|
52
|
+
const { expires, scopes } = decodeJwtTokenInfo(token);
|
|
53
|
+
return { accessToken: token, expires, scopes };
|
|
60
54
|
}
|
|
61
55
|
async getJWT() {
|
|
62
56
|
const token = await this.getAccessToken();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"stateful-oauth-strategy.js","sourceRoot":"","sources":["../../../src/auth/stateful-oauth-strategy.ts"],"names":[],"mappings":"AAaA,OAAO,EAAC,SAAS,EAAC,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAC,SAAS,EAAC,MAAM,YAAY,CAAC;AACrC,OAAO,EAAC,4BAA4B,EAAC,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAC,gBAAgB,EAAE,gBAAgB,EAAE,kBAAkB,EAAuB,MAAM,qBAAqB,CAAC;AACjH,OAAO,EAAC,4BAA4B,EAAE,0BAA0B,EAAE,2BAA2B,EAAC,MAAM,iBAAiB,CAAC;AAOtH;;;;GAIG;AACH,MAAM,OAAO,qBAAqB;IACxB,kBAAkB,CAAS;IAC3B,MAAM,CAAW;IACjB,QAAQ,CAAkB;IAC1B,cAAc,GAAG,KAAK,CAAC;IAE/B,YAAY,OAAwB,EAAE,OAAqC;QACzE,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,IAAI,4BAA4B,CAAC;QACrF,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,GAAW,EAAE,OAAkB,EAAE;QAC3C,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE1C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,KAAK,EAAE,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEtD,IAAI,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAC,GAAG,IAAI,EAAE,OAAO,EAAgB,CAAC,CAAC;QAE9D,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9C,MAAM,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;YAChE,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;YAC1C,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;gBAC7C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,QAAQ,EAAE,CAAC,CAAC;gBACnD,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAC,GAAG,IAAI,EAAE,OAAO,EAAgB,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,sBAAsB;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,OAAO,UAAU,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB;QACpB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,MAAM,
|
|
1
|
+
{"version":3,"file":"stateful-oauth-strategy.js","sourceRoot":"","sources":["../../../src/auth/stateful-oauth-strategy.ts"],"names":[],"mappings":"AAaA,OAAO,EAAC,SAAS,EAAC,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAC,SAAS,EAAC,MAAM,YAAY,CAAC;AACrC,OAAO,EAAC,kBAAkB,EAAC,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAC,4BAA4B,EAAC,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAC,gBAAgB,EAAE,gBAAgB,EAAE,kBAAkB,EAAuB,MAAM,qBAAqB,CAAC;AACjH,OAAO,EAAC,4BAA4B,EAAE,0BAA0B,EAAE,2BAA2B,EAAC,MAAM,iBAAiB,CAAC;AAOtH;;;;GAIG;AACH,MAAM,OAAO,qBAAqB;IACxB,kBAAkB,CAAS;IAC3B,MAAM,CAAW;IACjB,QAAQ,CAAkB;IAC1B,cAAc,GAAG,KAAK,CAAC;IAE/B,YAAY,OAAwB,EAAE,OAAqC;QACzE,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,IAAI,4BAA4B,CAAC;QACrF,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,GAAW,EAAE,OAAkB,EAAE;QAC3C,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE1C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,KAAK,EAAE,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEtD,IAAI,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAC,GAAG,IAAI,EAAE,OAAO,EAAgB,CAAC,CAAC;QAE9D,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACvB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9C,MAAM,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;YAChE,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;YAC1C,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;gBAC7C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,QAAQ,EAAE,CAAC,CAAC;gBACnD,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAC,GAAG,IAAI,EAAE,OAAO,EAAgB,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,sBAAsB;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,OAAO,UAAU,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB;QACpB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,MAAM,EAAC,OAAO,EAAE,MAAM,EAAC,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;QACpD,OAAO,EAAC,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,EAAC,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,MAAM;QACV,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC;IAC1B,CAAC;IAED,eAAe;QACb,kBAAkB,EAAE,CAAC;QACrB,IAAI,CAAC,QAAQ,GAAG,EAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,WAAW,EAAE,EAAE,EAAC,CAAC;IACtD,CAAC;IAEO,KAAK,CAAC,cAAc;QAC1B,MAAM,OAAO,GAAG,gBAAgB,EAAE,CAAC;QACnC,IAAI,OAAO,EAAE,WAAW,EAAE,CAAC;YACzB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;YACxB,OAAO,OAAO,CAAC,WAAW,CAAC;QAC7B,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,+EAA+E,CAAC,CAAC;IACnG,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,UAAU;QACtB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,gBAAgB,EAAE,CAAC;QACnC,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,CAAC;YACxB,MAAM,CAAC,KAAK,CAAC,8EAA8E,CAAC,CAAC;YAC7F,kBAAkB,EAAE,CAAC;YACrB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,GAAG,GAAG,WAAW,IAAI,CAAC,kBAAkB,4BAA4B,CAAC;QAC3E,MAAM,YAAY,GAChB,OAAO,CAAC,YAAY,IAAI,IAAI,IAAI,OAAO,CAAC,YAAY,KAAK,EAAE;YACzD,CAAC,CAAC,EAAC,UAAU,EAAE,eAAe,EAAE,aAAa,EAAE,OAAO,CAAC,YAAY,EAAC;YACpE,CAAC,CAAC,EAAC,UAAU,EAAE,oBAAoB,EAAC,CAAC;QACzC,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,YAAY,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7C,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC1D,IAAI,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE;YAC7B,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,SAAS,OAAO,CAAC,SAAS,EAAE;gBAC3C,cAAc,EAAE,mCAAmC;aACpD;YACD,IAAI;SACL,CAAC,CAAC;QACH,MAAM,UAAU,GAAG,4BAA4B,CAAC,aAAa,EAAE,CAAC;QAChE,OAAO,GAAG,MAAM,0BAA0B,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAEhE,IAAI,QAAkB,CAAC;QACvB,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;YAChC,QAAQ,GAAG,MAAM,2BAA2B,CAAC,OAAO,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;QAC9E,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,KAAK,CAAC,EAAC,GAAG,EAAC,EAAE,uCAAuC,CAAC,CAAC;YAC7D,kBAAkB,EAAE,CAAC;YACrB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,CAAC,KAAK,CAAC,EAAC,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAC,EAAE,+BAA+B,CAAC,CAAC;YACrF,kBAAkB,EAAE,CAAC;YACrB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAKlC,CAAC;QAEF,gBAAgB,CAAC;YACf,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,YAAY,EAAE,IAAI,CAAC,aAAa,IAAI,OAAO,CAAC,YAAY,IAAI,IAAI;YAChE,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI;YACpC,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,IAAI;SAC3B,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,gBAAgB,EAAG,CAAC;QACpC,MAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC5D,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}
|
|
@@ -17,14 +17,12 @@
|
|
|
17
17
|
*
|
|
18
18
|
* @module auth/stateful-store
|
|
19
19
|
*/
|
|
20
|
-
import { existsSync, mkdirSync, readFileSync, unlinkSync, writeFileSync } from 'node:fs';
|
|
20
|
+
import { existsSync, mkdirSync, readFileSync, renameSync, unlinkSync, writeFileSync } from 'node:fs';
|
|
21
21
|
import { join } from 'node:path';
|
|
22
22
|
import { homedir, platform } from 'node:os';
|
|
23
|
-
import {
|
|
23
|
+
import { DEFAULT_EXPIRY_BUFFER_SEC, decodeJwtTokenInfo } from './jwt-utils.js';
|
|
24
24
|
import { getLogger } from '../logging/logger.js';
|
|
25
25
|
const STATEFUL_AUTH_SESSION_STORE = 'auth-session.json';
|
|
26
|
-
/** Default buffer (seconds) before token exp to consider it expired */
|
|
27
|
-
const EXPIRY_BUFFER_SEC = 60;
|
|
28
26
|
let storePath = null;
|
|
29
27
|
/**
|
|
30
28
|
* Computes the oclif-compatible data directory for @salesforce/b2c-cli.
|
|
@@ -95,7 +93,11 @@ export function setStoredSession(session) {
|
|
|
95
93
|
renewBase: session.renewBase ?? null,
|
|
96
94
|
user: session.user ?? null,
|
|
97
95
|
};
|
|
98
|
-
|
|
96
|
+
// Atomic write: write to temp file then rename so a concurrent reader (or a
|
|
97
|
+
// crashed writer) never observes a partially written JSON document.
|
|
98
|
+
const tmpPath = `${filePath}.${process.pid}.${Date.now()}.tmp`;
|
|
99
|
+
writeFileSync(tmpPath, JSON.stringify(data, null, 2), 'utf8');
|
|
100
|
+
renameSync(tmpPath, filePath);
|
|
99
101
|
}
|
|
100
102
|
/**
|
|
101
103
|
* Clears the stored session by removing the session file.
|
|
@@ -106,8 +108,8 @@ export function clearStoredSession() {
|
|
|
106
108
|
try {
|
|
107
109
|
unlinkSync(filePath);
|
|
108
110
|
}
|
|
109
|
-
catch {
|
|
110
|
-
|
|
111
|
+
catch (err) {
|
|
112
|
+
getLogger().debug({ err, filePath }, '[StatefulAuth] Failed to remove session file');
|
|
111
113
|
}
|
|
112
114
|
}
|
|
113
115
|
}
|
|
@@ -123,39 +125,35 @@ export function clearStoredSession() {
|
|
|
123
125
|
* @param requiredClientId - If provided, session clientId must match
|
|
124
126
|
* @returns true if token is present and valid for use
|
|
125
127
|
*/
|
|
126
|
-
export function isStatefulTokenValid(session, requiredScopes = [], expiryBufferSec =
|
|
128
|
+
export function isStatefulTokenValid(session, requiredScopes = [], expiryBufferSec = DEFAULT_EXPIRY_BUFFER_SEC, requiredClientId) {
|
|
127
129
|
const logger = getLogger();
|
|
130
|
+
if (requiredClientId && session.clientId !== requiredClientId) {
|
|
131
|
+
logger.debug({ storedClientId: session.clientId, requiredClientId }, '[StatefulAuth] Token client ID mismatch');
|
|
132
|
+
return false;
|
|
133
|
+
}
|
|
134
|
+
let info;
|
|
128
135
|
try {
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
}
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
if (requiredScopes.length > 0) {
|
|
145
|
-
const tokenScopes = decoded.payload.scope ?? [];
|
|
146
|
-
const scopeList = Array.isArray(tokenScopes) ? tokenScopes : tokenScopes.split(' ');
|
|
147
|
-
const hasAll = requiredScopes.every((s) => scopeList.includes(s));
|
|
148
|
-
if (!hasAll) {
|
|
149
|
-
logger.debug({ requiredScopes, tokenScopes: scopeList }, '[StatefulAuth] Token missing required scopes');
|
|
150
|
-
return false;
|
|
151
|
-
}
|
|
152
|
-
}
|
|
153
|
-
return true;
|
|
136
|
+
info = decodeJwtTokenInfo(session.accessToken);
|
|
137
|
+
}
|
|
138
|
+
catch (error) {
|
|
139
|
+
logger.debug({ err: error }, '[StatefulAuth] Token invalid (e.g. not a JWT)');
|
|
140
|
+
return false;
|
|
141
|
+
}
|
|
142
|
+
if (info.expires.getTime() === 0) {
|
|
143
|
+
logger.debug('[StatefulAuth] Token has no exp claim; treating as invalid');
|
|
144
|
+
return false;
|
|
145
|
+
}
|
|
146
|
+
const nowSec = Math.floor(Date.now() / 1000);
|
|
147
|
+
const expSec = Math.floor(info.expires.getTime() / 1000);
|
|
148
|
+
if (nowSec >= expSec - expiryBufferSec) {
|
|
149
|
+
logger.debug('[StatefulAuth] Token missing or expired');
|
|
150
|
+
return false;
|
|
154
151
|
}
|
|
155
|
-
|
|
156
|
-
logger.debug({
|
|
152
|
+
if (requiredScopes.length > 0 && !requiredScopes.every((s) => info.scopes.includes(s))) {
|
|
153
|
+
logger.debug({ requiredScopes, tokenScopes: info.scopes }, '[StatefulAuth] Token missing required scopes');
|
|
157
154
|
return false;
|
|
158
155
|
}
|
|
156
|
+
return true;
|
|
159
157
|
}
|
|
160
158
|
/**
|
|
161
159
|
* Resets the store path (for tests). After calling this, the next operation
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"stateful-store.js","sourceRoot":"","sources":["../../../src/auth/stateful-store.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH;;;;;;;;;;;;;GAaG;AACH,OAAO,EAAC,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,EAAE,aAAa,EAAC,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"stateful-store.js","sourceRoot":"","sources":["../../../src/auth/stateful-store.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH;;;;;;;;;;;;;GAaG;AACH,OAAO,EAAC,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa,EAAC,MAAM,SAAS,CAAC;AACnG,OAAO,EAAC,IAAI,EAAC,MAAM,WAAW,CAAC;AAC/B,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,MAAM,SAAS,CAAC;AAC1C,OAAO,EAAC,yBAAyB,EAAE,kBAAkB,EAAC,MAAM,gBAAgB,CAAC;AAC7E,OAAO,EAAC,SAAS,EAAC,MAAM,sBAAsB,CAAC;AAE/C,MAAM,2BAA2B,GAAG,mBAAmB,CAAC;AAExD,IAAI,SAAS,GAAkB,IAAI,CAAC;AAEpC;;;GAGG;AACH,SAAS,iBAAiB;IACxB,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;IACvB,MAAM,IAAI,GAAG,qBAAqB,CAAC;IACnC,QAAQ,QAAQ,EAAE,EAAE,CAAC;QACnB,KAAK,QAAQ;YACX,OAAO,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,qBAAqB,EAAE,IAAI,CAAC,CAAC;QAC5D,KAAK,OAAO;YACV,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;QAChF;YACE,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB;IACzB,OAAO,IAAI,CAAC,SAAS,IAAI,iBAAiB,EAAE,EAAE,2BAA2B,CAAC,CAAC;AAC7E,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,uBAAuB,CAAC,OAAe;IACrD,SAAS,GAAG,OAAO,CAAC;AACtB,CAAC;AAcD;;;GAGG;AACH,MAAM,UAAU,gBAAgB;IAC9B,MAAM,QAAQ,GAAG,kBAAkB,EAAE,CAAC;IACtC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAA6B,CAAC;QACpF,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO;YACL,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,YAAY,EAAE,IAAI,CAAC,YAAY,IAAI,IAAI;YACvC,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,IAAI;YACjC,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,IAAI;SACxB,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAwB;IACvD,MAAM,QAAQ,GAAG,kBAAkB,EAAE,CAAC;IACtC,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACjC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,SAAS,CAAC,GAAG,EAAE,EAAC,SAAS,EAAE,IAAI,EAAC,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,IAAI,GAAoB;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,YAAY,EAAE,OAAO,CAAC,YAAY,IAAI,IAAI;QAC1C,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI;QACpC,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,IAAI;KAC3B,CAAC;IACF,4EAA4E;IAC5E,oEAAoE;IACpE,MAAM,OAAO,GAAG,GAAG,QAAQ,IAAI,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC;IAC/D,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IAC9D,UAAU,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AAChC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,MAAM,QAAQ,GAAG,kBAAkB,EAAE,CAAC;IACtC,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,UAAU,CAAC,QAAQ,CAAC,CAAC;QACvB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,SAAS,EAAE,CAAC,KAAK,CAAC,EAAC,GAAG,EAAE,QAAQ,EAAC,EAAE,8CAA8C,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,oBAAoB,CAClC,OAAwB,EACxB,iBAA2B,EAAE,EAC7B,kBAA0B,yBAAyB,EACnD,gBAAyB;IAEzB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,IAAI,gBAAgB,IAAI,OAAO,CAAC,QAAQ,KAAK,gBAAgB,EAAE,CAAC;QAC9D,MAAM,CAAC,KAAK,CAAC,EAAC,cAAc,EAAE,OAAO,CAAC,QAAQ,EAAE,gBAAgB,EAAC,EAAE,yCAAyC,CAAC,CAAC;QAC9G,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,IAAuC,CAAC;IAC5C,IAAI,CAAC;QACH,IAAI,GAAG,kBAAkB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,EAAC,GAAG,EAAE,KAAK,EAAC,EAAE,+CAA+C,CAAC,CAAC;QAC5E,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,CAAC;QACjC,MAAM,CAAC,KAAK,CAAC,4DAA4D,CAAC,CAAC;QAC3E,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC7C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;IACzD,IAAI,MAAM,IAAI,MAAM,GAAG,eAAe,EAAE,CAAC;QACvC,MAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACvF,MAAM,CAAC,KAAK,CAAC,EAAC,cAAc,EAAE,WAAW,EAAE,IAAI,CAAC,MAAM,EAAC,EAAE,8CAA8C,CAAC,CAAC;QACzG,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,4BAA4B;IAC1C,SAAS,GAAG,IAAI,CAAC;AACnB,CAAC"}
|
package/dist/cjs/auth/types.d.ts
CHANGED
|
@@ -88,11 +88,12 @@ export interface DecodedJWT {
|
|
|
88
88
|
/**
|
|
89
89
|
* Available authentication methods.
|
|
90
90
|
* - 'client-credentials': OAuth client credentials flow (requires clientId + clientSecret)
|
|
91
|
+
* - 'jwt': OAuth JWT Bearer flow (requires clientId + JWT certificate/key pair)
|
|
91
92
|
* - 'implicit': Interactive browser-based OAuth (requires clientId only)
|
|
92
93
|
* - 'basic': Username/password (access key) authentication
|
|
93
94
|
* - 'api-key': API key authentication (for MRT, etc.)
|
|
94
95
|
*/
|
|
95
|
-
export type AuthMethod = 'client-credentials' | 'implicit' | 'basic' | 'api-key';
|
|
96
|
+
export type AuthMethod = 'client-credentials' | 'jwt' | 'implicit' | 'basic' | 'api-key';
|
|
96
97
|
/** All available auth methods in default priority order */
|
|
97
98
|
export declare const ALL_AUTH_METHODS: AuthMethod[];
|
|
98
99
|
/**
|
package/dist/cjs/auth/types.js
CHANGED
|
@@ -4,5 +4,5 @@
|
|
|
4
4
|
* For full license text, see the license.txt file in the repo root or http://www.apache.org/licenses/LICENSE-2.0
|
|
5
5
|
*/
|
|
6
6
|
/** All available auth methods in default priority order */
|
|
7
|
-
export const ALL_AUTH_METHODS = ['client-credentials', 'implicit', 'basic', 'api-key'];
|
|
7
|
+
export const ALL_AUTH_METHODS = ['client-credentials', 'jwt', 'implicit', 'basic', 'api-key'];
|
|
8
8
|
//# sourceMappingURL=types.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/auth/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/auth/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAgHH,2DAA2D;AAC3D,MAAM,CAAC,MAAM,gBAAgB,GAAiB,CAAC,oBAAoB,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC"}
|
|
@@ -30,7 +30,7 @@ export declare abstract class AmCommand<T extends typeof Command> extends OAuthC
|
|
|
30
30
|
/**
|
|
31
31
|
* Gets the auth method type that was used, based on the stored strategy.
|
|
32
32
|
*/
|
|
33
|
-
protected get authMethodUsed(): 'implicit' | 'client-credentials' | 'stateful' | undefined;
|
|
33
|
+
protected get authMethodUsed(): 'implicit' | 'client-credentials' | 'jwt' | 'stateful' | undefined;
|
|
34
34
|
/**
|
|
35
35
|
* Gets the unified Account Manager client, creating it if necessary.
|
|
36
36
|
* This provides direct access to all Account Manager API methods (users, roles, orgs).
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { OAuthCommand } from './oauth-command.js';
|
|
2
2
|
import { createAccountManagerClient } from '../clients/am-api.js';
|
|
3
3
|
import { ImplicitOAuthStrategy } from '../auth/oauth-implicit.js';
|
|
4
|
+
import { JwtOAuthStrategy } from '../auth/oauth-jwt.js';
|
|
4
5
|
import { StatefulOAuthStrategy } from '../auth/stateful-oauth-strategy.js';
|
|
5
6
|
import { getDefaultPublicClientId } from '../defaults.js';
|
|
6
7
|
/** Account Manager role: User Administrator */
|
|
@@ -58,6 +59,8 @@ export class AmCommand extends OAuthCommand {
|
|
|
58
59
|
return 'implicit';
|
|
59
60
|
if (this._authStrategy instanceof StatefulOAuthStrategy)
|
|
60
61
|
return 'stateful';
|
|
62
|
+
if (this._authStrategy instanceof JwtOAuthStrategy)
|
|
63
|
+
return 'jwt';
|
|
61
64
|
return 'client-credentials';
|
|
62
65
|
}
|
|
63
66
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"am-command.js","sourceRoot":"","sources":["../../../src/cli/am-command.ts"],"names":[],"mappings":"AAMA,OAAO,EAAC,YAAY,EAAC,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAC,0BAA0B,EAAC,MAAM,sBAAsB,CAAC;AAGhE,OAAO,EAAC,qBAAqB,EAAC,MAAM,2BAA2B,CAAC;AAChE,OAAO,EAAC,qBAAqB,EAAC,MAAM,oCAAoC,CAAC;AACzE,OAAO,EAAC,wBAAwB,EAAC,MAAM,gBAAgB,CAAC;AAExD,+CAA+C;AAC/C,MAAM,aAAa,GAAG,oBAAoB,CAAC;AAC3C,kDAAkD;AAClD,MAAM,gBAAgB,GAAG,uBAAuB,CAAC;AACjD,8CAA8C;AAC9C,MAAM,YAAY,GAAG,mBAAmB,CAAC;AAEzC,mEAAmE;AACnE,MAAM,mBAAmB,GAAG;IAC1B,kBAAkB;IAClB,uBAAuB;IACvB,wBAAwB;IACxB,qBAAqB;IACrB,KAAK;IACL,KAAK;IACL,4BAA4B;IAC5B,cAAc;CACf,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,OAAgB,SAAoC,SAAQ,YAAe;IAC5D,kBAAkB;QACnC,OAAO,wBAAwB,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC3D,CAAC;IAEO,qBAAqB,CAAwB;IAC7C,aAAa,
|
|
1
|
+
{"version":3,"file":"am-command.js","sourceRoot":"","sources":["../../../src/cli/am-command.ts"],"names":[],"mappings":"AAMA,OAAO,EAAC,YAAY,EAAC,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAC,0BAA0B,EAAC,MAAM,sBAAsB,CAAC;AAGhE,OAAO,EAAC,qBAAqB,EAAC,MAAM,2BAA2B,CAAC;AAChE,OAAO,EAAC,gBAAgB,EAAC,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAC,qBAAqB,EAAC,MAAM,oCAAoC,CAAC;AACzE,OAAO,EAAC,wBAAwB,EAAC,MAAM,gBAAgB,CAAC;AAExD,+CAA+C;AAC/C,MAAM,aAAa,GAAG,oBAAoB,CAAC;AAC3C,kDAAkD;AAClD,MAAM,gBAAgB,GAAG,uBAAuB,CAAC;AACjD,8CAA8C;AAC9C,MAAM,YAAY,GAAG,mBAAmB,CAAC;AAEzC,mEAAmE;AACnE,MAAM,mBAAmB,GAAG;IAC1B,kBAAkB;IAClB,uBAAuB;IACvB,wBAAwB;IACxB,qBAAqB;IACrB,KAAK;IACL,KAAK;IACL,4BAA4B;IAC5B,cAAc;CACf,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,OAAgB,SAAoC,SAAQ,YAAe;IAC5D,kBAAkB;QACnC,OAAO,wBAAwB,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC3D,CAAC;IAEO,qBAAqB,CAAwB;IAC7C,aAAa,CAAoF;IAEzG;;OAEG;IACH,IAAc,cAAc;QAC1B,IAAI,CAAC,IAAI,CAAC,aAAa;YAAE,OAAO,SAAS,CAAC;QAC1C,IAAI,IAAI,CAAC,aAAa,YAAY,qBAAqB;YAAE,OAAO,UAAU,CAAC;QAC3E,IAAI,IAAI,CAAC,aAAa,YAAY,qBAAqB;YAAE,OAAO,UAAU,CAAC;QAC3E,IAAI,IAAI,CAAC,aAAa,YAAY,gBAAgB;YAAE,OAAO,KAAK,CAAC;QACjE,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,IAAc,oBAAoB;QAChC,IAAI,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAChC,IAAI,CAAC,uBAAuB,EAAE,CAAC;YAC/B,MAAM,YAAY,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC7C,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;YAClC,IAAI,CAAC,qBAAqB,GAAG,0BAA0B,CACrD;gBACE,QAAQ,EAAE,IAAI,CAAC,kBAAkB;aAClC,EACD,YAAY,CACb,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,qBAAqB,CAAC;IACpC,CAAC;IAED;;OAEG;IACO,KAAK,CAAC,KAAK,CAAC,GAAgC;QACpD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;QACjD,MAAM,WAAW,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;QAErF,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,UAAU,GAAG,IAAI,CAAC,sBAAsB,EAAE,CAAC;YACjD,IAAI,UAAU,EAAE,CAAC;gBACf,GAAG,CAAC,OAAO,GAAG,GAAG,GAAG,CAAC,OAAO,OAAO,UAAU,EAAE,CAAC;YAClD,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IAED;;OAEG;IACK,sBAAsB;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACtC,MAAM,UAAU,GAAG,IAAI,CAAC,cAAc,CAAC;QAEvC,IAAI,CAAC,QAAQ;YAAE,OAAO,SAAS,CAAC;QAEhC,yGAAyG;QACzG,IAAI,SAAS,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,UAAU,KAAK,oBAAoB,IAAI,UAAU,KAAK,UAAU,CAAC,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAC7F,IAAI,CAAC;gBACH,+EAA+E;gBAC/E,mFAAmF;gBACnF,SAAS,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;YACrC,CAAC;YAAC,MAAM,CAAC;gBACP,uDAAuD;YACzD,CAAC;QACH,CAAC;QAED,IAAI,UAAU,KAAK,oBAAoB,IAAI,UAAU,KAAK,UAAU,EAAE,CAAC;YACrE,OAAO,IAAI,CAAC,8BAA8B,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAClE,CAAC;QAED,IAAI,UAAU,KAAK,UAAU,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAC9C,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,aAAa;QACnB,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,OAAO,SAAS,CAAC;QAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjC,0FAA0F;QAC1F,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,OAAO,IAAI,CAAC,IAAI,OAAO,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;YAC/C,OAAO,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;QAC5B,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,eAAe;QACrB,0DAA0D;QAC1D,uDAAuD;QACvD,IAAI,CAAC,IAAI,CAAC,aAAa;YAAE,OAAO,EAAE,CAAC;QAEnC,0FAA0F;QAC1F,sFAAsF;QACtF,6BAA6B;QAC7B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED;;OAEG;IACK,8BAA8B,CAAC,QAAgB,EAAE,SAAiB;QACxE,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAEjD,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,OAAO,CAAC;YACb,KAAK,OAAO;gBACV,OAAO,CACL,wBAAwB,aAAa,6BAA6B;oBAClE,0EAA0E,MAAM,EAAE,CACnF,CAAC;YACJ,KAAK,MAAM;gBACT,OAAO,CACL,mEAAmE,gBAAgB,UAAU;oBAC7F,wDAAwD,MAAM,EAAE,CACjE,CAAC;YACJ,KAAK,SAAS;gBACZ,OAAO,CACL,iEAAiE;oBACjE,IAAI,gBAAgB,SAAS,YAAY,UAAU;oBACnD,sDAAsD,MAAM,EAAE,CAC/D,CAAC;YACJ;gBACE,OAAO,sEAAsE,MAAM,EAAE,CAAC;QAC1F,CAAC;IACH,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,QAAgB;QAC5C,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,OAAO,CAAC;YACb,KAAK,OAAO;gBACV,OAAO,CACL,4CAA4C,gBAAgB,SAAS,aAAa,SAAS;oBAC3F,4BAA4B,CAC7B,CAAC;YACJ,KAAK,SAAS;gBACZ,OAAO,CACL,4CAA4C,gBAAgB,SAAS,YAAY,SAAS;oBAC1F,wBAAwB,CACzB,CAAC;YACJ,KAAK,MAAM;gBACT,OAAO,4CAA4C,gBAAgB,iCAAiC,CAAC;YACvG;gBACE,OAAO,gFAAgF,CAAC;QAC5F,CAAC;IACH,CAAC;CACF"}
|
|
@@ -128,8 +128,10 @@ export class BaseCommand extends Command {
|
|
|
128
128
|
}
|
|
129
129
|
this.configureLogging();
|
|
130
130
|
// Initialize stateful auth store with oclif's data directory so session
|
|
131
|
-
// files are stored alongside other CLI data (e.g. ~/Library/Application Support/@salesforce/b2c-cli)
|
|
132
|
-
|
|
131
|
+
// files are stored alongside other CLI data (e.g. ~/Library/Application Support/@salesforce/b2c-cli).
|
|
132
|
+
// Tests may override the path via B2C_TEST_DATA_DIR to isolate the auth-session.json
|
|
133
|
+
// file (e.g. per mocha worker) so they don't race on the developer's real session file.
|
|
134
|
+
initializeStatefulStore(process.env.B2C_TEST_DATA_DIR ?? this.config.dataDir);
|
|
133
135
|
// Set CLI User-Agent (CLI name/version only, without @salesforce/ prefix)
|
|
134
136
|
// This must happen before any API clients are created
|
|
135
137
|
setUserAgent(`${this.config.name.replace(/^@salesforce\//, '')}/${this.config.version}`);
|