@salesforce/core 3.19.1 → 3.19.4

package/lib/crypto/keyChainImpl.js

@@ -317,7 +317,7 @@ const _darwinImpl = {
         }
     },
 };
-const getSecretFile = () => path.join(global_1.Global.SFDX_DIR, 'key.json');
+const getSecretFile = () => path.join(global_1.Global.DIR, 'key.json');
 var SecretField;
 (function (SecretField) {
     SecretField["SERVICE"] = "service";

package/lib/exported.d.ts

@@ -3,7 +3,7 @@ export { ConfigFile } from './config/configFile';
 export { TTLConfig } from './config/ttlConfig';
 export { envVars, EnvironmentVariable, SUPPORTED_ENV_VARS, EnvVars } from './config/envVars';
 export { BaseConfigStore, ConfigContents, ConfigEntry, ConfigStore, ConfigValue } from './config/configStore';
-export { GlobalInfo, SfEntry, SfInfo, SfInfoKeys, SfOrg, SfOrgs, SfToken, SfTokens } from './globalInfo';
+export { GlobalInfo, SfEntry, SfInfo, SfInfoKeys, SfOrg, SfOrgs, SfToken, SfTokens, StateAggregator, } from './stateAggregator';
 export { DeviceOauthService, DeviceCodeResponse, DeviceCodePollingResponse } from './deviceOauthService';
 export { OrgUsersConfig } from './config/orgUsersConfig';
 export { ConfigPropertyMeta, ConfigPropertyMetaInput, Config, SfdxPropertyKeys, SfConfigProperties, SFDX_ALLOWED_PROPERTIES, SF_ALLOWED_PROPERTIES, } from './config/config';

package/lib/exported.js

@@ -16,8 +16,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.DefaultUserFields = exports.MyDomainResolver = exports.StreamingClient = exports.CometClient = exports.PollingClient = exports.SfdxError = exports.SfError = exports.SchemaValidator = exports.SchemaPrinter = exports.SfdxProjectJson = exports.SfdxProject = exports.SfProjectJson = exports.SfProject = exports.ORG_CONFIG_ALLOWED_PROPERTIES = exports.OrgConfigProperties = exports.OrgTypes = exports.SandboxEvents = exports.Org = exports.Messages = exports.Logger = exports.LoggerLevel = exports.getJwtAudienceUrl = exports.SfdcUrl = exports.WebOAuthServer = exports.Lifecycle = exports.Global = exports.Mode = exports.SFDX_HTTP_HEADERS = exports.Connection = exports.AuthRemover = exports.AuthInfo = exports.SfdxConfigAggregator = exports.ConfigAggregator = exports.SandboxRequestCache = exports.SF_ALLOWED_PROPERTIES = exports.SFDX_ALLOWED_PROPERTIES = exports.SfConfigProperties = exports.SfdxPropertyKeys = exports.Config = exports.OrgUsersConfig = exports.DeviceOauthService = exports.SfInfoKeys = exports.GlobalInfo = exports.BaseConfigStore = exports.EnvVars = exports.SUPPORTED_ENV_VARS = exports.EnvironmentVariable = exports.envVars = exports.TTLConfig = exports.ConfigFile = void 0;
-exports.ScratchOrgCache = exports.scratchOrgLifecycleStages = exports.scratchOrgLifecycleEventName = exports.scratchOrgResume = exports.scratchOrgCreate = exports.PermissionSetAssignment = exports.User = exports.REQUIRED_FIELDS = void 0;
+exports.MyDomainResolver = exports.StreamingClient = exports.CometClient = exports.PollingClient = exports.SfdxError = exports.SfError = exports.SchemaValidator = exports.SchemaPrinter = exports.SfdxProjectJson = exports.SfdxProject = exports.SfProjectJson = exports.SfProject = exports.ORG_CONFIG_ALLOWED_PROPERTIES = exports.OrgConfigProperties = exports.OrgTypes = exports.SandboxEvents = exports.Org = exports.Messages = exports.Logger = exports.LoggerLevel = exports.getJwtAudienceUrl = exports.SfdcUrl = exports.WebOAuthServer = exports.Lifecycle = exports.Global = exports.Mode = exports.SFDX_HTTP_HEADERS = exports.Connection = exports.AuthRemover = exports.AuthInfo = exports.SfdxConfigAggregator = exports.ConfigAggregator = exports.SandboxRequestCache = exports.SF_ALLOWED_PROPERTIES = exports.SFDX_ALLOWED_PROPERTIES = exports.SfConfigProperties = exports.SfdxPropertyKeys = exports.Config = exports.OrgUsersConfig = exports.DeviceOauthService = exports.StateAggregator = exports.SfInfoKeys = exports.GlobalInfo = exports.BaseConfigStore = exports.EnvVars = exports.SUPPORTED_ENV_VARS = exports.EnvironmentVariable = exports.envVars = exports.TTLConfig = exports.ConfigFile = void 0;
+exports.ScratchOrgCache = exports.scratchOrgLifecycleStages = exports.scratchOrgLifecycleEventName = exports.scratchOrgResume = exports.scratchOrgCreate = exports.PermissionSetAssignment = exports.User = exports.REQUIRED_FIELDS = exports.DefaultUserFields = void 0;
 const messages_1 = require("./messages");
 messages_1.Messages.importMessagesDirectory(__dirname);
 var configFile_1 = require("./config/configFile");
@@ -31,9 +31,10 @@ Object.defineProperty(exports, "SUPPORTED_ENV_VARS", { enumerable: true, get: fu
 Object.defineProperty(exports, "EnvVars", { enumerable: true, get: function () { return envVars_1.EnvVars; } });
 var configStore_1 = require("./config/configStore");
 Object.defineProperty(exports, "BaseConfigStore", { enumerable: true, get: function () { return configStore_1.BaseConfigStore; } });
-var globalInfo_1 = require("./globalInfo");
-Object.defineProperty(exports, "GlobalInfo", { enumerable: true, get: function () { return globalInfo_1.GlobalInfo; } });
-Object.defineProperty(exports, "SfInfoKeys", { enumerable: true, get: function () { return globalInfo_1.SfInfoKeys; } });
+var stateAggregator_1 = require("./stateAggregator");
+Object.defineProperty(exports, "GlobalInfo", { enumerable: true, get: function () { return stateAggregator_1.GlobalInfo; } });
+Object.defineProperty(exports, "SfInfoKeys", { enumerable: true, get: function () { return stateAggregator_1.SfInfoKeys; } });
+Object.defineProperty(exports, "StateAggregator", { enumerable: true, get: function () { return stateAggregator_1.StateAggregator; } });
 var deviceOauthService_1 = require("./deviceOauthService");
 Object.defineProperty(exports, "DeviceOauthService", { enumerable: true, get: function () { return deviceOauthService_1.DeviceOauthService; } });
 var orgUsersConfig_1 = require("./config/orgUsersConfig");

package/lib/global.d.ts

@@ -28,6 +28,10 @@ export declare class Global {
      * The global folder in which sf state is stored.
      */
     static readonly SF_STATE_FOLDER = ".sf";
+    /**
+     * The peferred global folder in which state is stored.
+     */
+    static readonly STATE_FOLDER = ".sfdx";
     /**
      * The full system path to the global sfdx state folder.
      *
@@ -40,6 +44,10 @@ export declare class Global {
      * **See** {@link Global.SF_STATE_FOLDER}
      */
     static get SF_DIR(): string;
+    /**
+     * The full system path to the peferred global state folder
+     */
+    static get DIR(): string;
     /**
      * The full system path to the global log file.
      */

package/lib/global.js

@@ -44,6 +44,12 @@ class Global {
     static get SF_DIR() {
         return path.join(os.homedir(), Global.SF_STATE_FOLDER);
     }
+    /**
+     * The full system path to the peferred global state folder
+     */
+    static get DIR() {
+        return path.join(os.homedir(), Global.SFDX_STATE_FOLDER);
+    }
     /**
      * Gets the current mode environment variable as a {@link Mode} instance.
      *
@@ -80,6 +86,10 @@ Global.SFDX_STATE_FOLDER = '.sfdx';
  * The global folder in which sf state is stored.
  */
 Global.SF_STATE_FOLDER = '.sf';
+/**
+ * The peferred global folder in which state is stored.
+ */
+Global.STATE_FOLDER = Global.SFDX_STATE_FOLDER;
 /**
  * The full system path to the global log file.
  */

package/lib/org/authInfo.d.ts

@@ -126,7 +126,7 @@ export declare const DEFAULT_CONNECTED_APP_INFO: {
 export declare class AuthInfo extends AsyncOptionalCreatable<AuthInfo.Options> {
     private usingAccessToken;
     private logger;
-    private globalInfo;
+    private stateAggregator;
     private username;
     private options;
     /**
@@ -289,7 +289,8 @@ export declare class AuthInfo extends AsyncOptionalCreatable<AuthInfo.Options> {
     private loadDecryptedAuthFromConfig;
     private isTokenOptions;
     private refreshFn;
-    private buildJwtConfig;
+    private authJwt;
+    private tryJwtAuth;
     private buildRefreshTokenConfig;
     /**
      * Performs an authCode exchange but the Oauth2 feature of jsforce is extended to include a code_challenge

package/lib/org/authInfo.js

@@ -21,7 +21,7 @@ const configAggregator_1 = require("../config/configAggregator");
 const logger_1 = require("../logger");
 const sfError_1 = require("../sfError");
 const sfdc_1 = require("../util/sfdc");
-const globalInfo_1 = require("../globalInfo");
+const stateAggregator_1 = require("../stateAggregator");
 const messages_1 = require("../messages");
 const sfdcUrl_1 = require("../util/sfdcUrl");
 const connection_1 = require("./connection");
@@ -38,6 +38,7 @@ const messages = messages_1.Messages.load('@salesforce/core', 'core', [
     'jwtAuthError',
     'authCodeUsernameRetrievalError',
     'authCodeExchangeError',
+    'missingClientId',
 ]);
 // Extend OAuth2 to add JWT Bearer Token Flow support.
 class JwtOAuth2 extends jsforce_1.OAuth2 {
@@ -144,13 +145,13 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
      */
     static async listAllAuthorizations(orgAuthFilter = (orgAuth) => !!orgAuth) {
         var _a;
-        const globalInfo = await globalInfo_1.GlobalInfo.getInstance();
+        const stateAggregator = await stateAggregator_1.StateAggregator.getInstance();
         const config = (await configAggregator_1.ConfigAggregator.create()).getConfigInfo();
-        const orgs = Object.values(globalInfo.orgs.getAll());
+        const orgs = await stateAggregator.orgs.readAll();
         const final = [];
         for (const org of orgs) {
             const username = (0, ts_types_1.ensureString)(org.username);
-            const aliases = (_a = globalInfo.aliases.getAll(username)) !== null && _a !== void 0 ? _a : undefined;
+            const aliases = (_a = stateAggregator.aliases.getAll(username)) !== null && _a !== void 0 ? _a : undefined;
             // Get a list of configuration values that are set to either the username or one
             // of the aliases
             const configs = config
@@ -166,7 +167,7 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
                     instanceUrl,
                     isScratchOrg: Boolean(devHubUsername),
                     isDevHub: isDevHub || false,
-                    isSandbox: globalInfo.sandboxes.has(orgId),
+                    isSandbox: await stateAggregator.sandboxes.hasFile(orgId),
                     orgId: orgId,
                     accessToken: authInfo.getConnectionOptions().accessToken,
                     oauthMethod: authInfo.isJwt() ? 'jwt' : authInfo.isOauth() ? 'web' : 'token',
@@ -196,7 +197,7 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
      */
     static async hasAuthentications() {
         try {
-            const auths = (await globalInfo_1.GlobalInfo.getInstance()).orgs.getAll();
+            const auths = await (await stateAggregator_1.StateAggregator.getInstance()).orgs.list();
             return !(0, kit_1.isEmpty)(auths);
         }
         catch (err) {
@@ -295,7 +296,7 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
      * Find all dev hubs available in the local environment.
      */
     static async getDevHubAuthInfos() {
-        return (await AuthInfo.listAllAuthorizations()).filter((possibleHub) => possibleHub === null || possibleHub === void 0 ? void 0 : possibleHub.isDevHub);
+        return await AuthInfo.listAllAuthorizations((possibleHub) => { var _a; return (_a = possibleHub === null || possibleHub === void 0 ? void 0 : possibleHub.isDevHub) !== null && _a !== void 0 ? _a : false; });
     }
     static async queryScratchOrg(devHubUsername, scratchOrgId) {
         const devHubOrg = await org_1.Org.create({ aliasOrUsername: devHubUsername });
@@ -348,7 +349,7 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
             this.logger.debug('Username is an accesstoken. Skip saving authinfo to disk.');
             return this;
         }
-        await this.globalInfo.write();
+        await this.stateAggregator.orgs.write(username);
         this.logger.info(`Saved auth info for username: ${username}`);
         return this;
     }
@@ -359,13 +360,10 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
      * @param authData Authorization fields to update.
      */
     update(authData) {
-        // todo move into configstore
         if (authData && (0, ts_types_1.isPlainObject)(authData)) {
             this.username = authData.username || this.username;
-            const existingFields = this.globalInfo.orgs.get(this.getUsername());
-            const mergedFields = Object.assign({}, existingFields || {}, authData);
-            this.globalInfo.orgs.set(this.getUsername(), mergedFields);
-            this.logger.info(`Updated auth info for username: ${this.getUsername()}`);
+            this.stateAggregator.orgs.update(this.username, authData);
+            this.logger.info(`Updated auth info for username: ${this.username}`);
         }
         return this;
     }
@@ -423,7 +421,8 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
      * @param decrypt Decrypt the fields.
      */
     getFields(decrypt) {
-        return this.globalInfo.orgs.get(this.username, decrypt);
+        var _a;
+        return (_a = this.stateAggregator.orgs.get(this.username, decrypt)) !== null && _a !== void 0 ? _a : {};
     }
     /**
      * Get the org front door (used for web based oauth flows)
@@ -498,7 +497,7 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
             config = await config_1.Config.create({ isGlobal: true });
         }
         const username = (0, ts_types_1.ensureString)(this.getUsername());
-        const alias = this.globalInfo.aliases.get(username);
+        const alias = this.stateAggregator.aliases.get(username);
         const value = alias !== null && alias !== void 0 ? alias : username;
         if (options.org) {
             config.set(orgConfigProperties_1.OrgConfigProperties.TARGET_ORG, value);
@@ -514,14 +513,14 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
      * @param alias alias to set
      */
     async setAlias(alias) {
-        this.globalInfo.aliases.set(alias, this.getUsername());
+        this.stateAggregator.aliases.set(alias, this.getUsername());
+        await this.stateAggregator.aliases.write();
     }
     /**
      * Initializes an instance of the AuthInfo class.
      */
     async init() {
-        // We have to set the global instance here because we need synchronous access to it later
-        this.globalInfo = await globalInfo_1.GlobalInfo.getInstance();
+        this.stateAggregator = await stateAggregator_1.StateAggregator.getInstance();
         const username = this.options.username;
         const authOptions = this.options.oauth2Options || this.options.accessTokenOptions;
         // Must specify either username and/or options
@@ -531,14 +530,14 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
         // If a username AND oauth options, ensure an authorization for the username doesn't
         // already exist. Throw if it does so we don't overwrite the authorization.
         if (username && authOptions) {
-            const authExists = this.globalInfo.orgs.has(username);
-            if (authExists) {
+            if (await this.stateAggregator.orgs.hasFile(username)) {
                 throw messages.createError('authInfoOverwriteError');
             }
         }
         const oauthUsername = username || (0, ts_types_1.getString)(authOptions, 'username');
         if (oauthUsername) {
             this.username = oauthUsername;
+            await this.stateAggregator.orgs.read(oauthUsername, false, false);
         } // Else it will be set in initAuthOptions below.
         // If the username is an access token, use that for auth and don't persist
         if ((0, ts_types_1.isString)(oauthUsername) && sfdc_1.sfdc.matchesAccessToken(oauthUsername)) {
@@ -555,7 +554,7 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
             this.usingAccessToken = true;
         }
         // If a username with NO oauth options, ensure authorization already exist.
-        else if (username && !authOptions && !this.globalInfo.orgs.has(username)) {
+        else if (username && !authOptions && !(await this.stateAggregator.orgs.exists(username))) {
             throw messages.createError('namedOrgNotFound', [username]);
         }
         else {
@@ -607,7 +606,7 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
                     options.privateKey = (0, path_1.resolve)(options.privateKeyFile);
                 }
                 if (options.privateKey) {
-                    authConfig = await this.buildJwtConfig(options);
+                    authConfig = await this.authJwt(options);
                 }
                 else if (!options.authCode && options.refreshToken) {
                     // refresh token flow (from sfdxUrl or OAuth refreshFn)
@@ -624,6 +623,8 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
                 }
             }
             authConfig.isDevHub = await this.determineIfDevHub((0, ts_types_1.ensureString)(authConfig.instanceUrl), (0, ts_types_1.ensureString)(authConfig.accessToken));
+            if (authConfig.username)
+                await this.stateAggregator.orgs.read(authConfig.username, false, false);
             // Update the auth fields WITH encryption
             this.update(authConfig);
         }
@@ -631,7 +632,7 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
     }
     async loadDecryptedAuthFromConfig(username) {
         // Fetch from the persisted auth file
-        const authInfo = this.globalInfo.orgs.get(username, true);
+        const authInfo = this.stateAggregator.orgs.get(username, true);
         if (!authInfo) {
             throw messages.createError('namedOrgNotFound', [username]);
         }
@@ -667,27 +668,32 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
         }
     }
     // Build OAuth config for a JWT auth flow
-    async buildJwtConfig(options) {
+    async authJwt(options) {
+        if (!options.clientId) {
+            throw messages.createError('missingClientId');
+        }
         const privateKeyContents = await fs.promises.readFile((0, ts_types_1.ensure)(options.privateKey), 'utf8');
         const { loginUrl = sfdcUrl_1.SfdcUrl.PRODUCTION } = options;
         const url = new sfdcUrl_1.SfdcUrl(loginUrl);
         const createdOrgInstance = (0, ts_types_1.getString)(options, 'createdOrgInstance', '').trim().toLowerCase();
         const audienceUrl = await url.getJwtAudienceUrl(createdOrgInstance);
-        const jwtToken = jwt.sign({
-            iss: options.clientId,
-            sub: this.getUsername(),
-            aud: audienceUrl,
-            exp: Date.now() + 300,
-        }, privateKeyContents, {
-            algorithm: 'RS256',
-        });
-        const oauth2 = new JwtOAuth2({ loginUrl: options.loginUrl });
         let authFieldsBuilder;
-        try {
-            authFieldsBuilder = (0, ts_types_1.ensureJsonMap)(await oauth2.jwtAuthorize(jwtToken));
+        const authErrors = [];
+        // given that we can no longer depend on instance names or URls to determine audience, let's try them all
+        const loginAndAudienceUrls = (0, sfdcUrl_1.getLoginAudienceCombos)(audienceUrl, loginUrl);
+        for (const [login, audience] of loginAndAudienceUrls) {
+            try {
+                authFieldsBuilder = await this.tryJwtAuth(options.clientId, login, audience, privateKeyContents);
+                break;
+            }
+            catch (err) {
+                const error = err;
+                const message = error.message.includes('audience') ? `${error.message}-${login}:${audience}` : error.message;
+                authErrors.push(message);
+            }
         }
-        catch (err) {
-            throw messages.createError('jwtAuthError', [err.message]);
+        if (!authFieldsBuilder) {
+            throw messages.createError('jwtAuthError', [authErrors.join('\n')]);
         }
         const authFields = {
             accessToken: (0, ts_types_1.asString)(authFieldsBuilder.access_token),
@@ -709,6 +715,18 @@ class AuthInfo extends kit_1.AsyncOptionalCreatable {
         }
         return authFields;
     }
+    async tryJwtAuth(clientId, loginUrl, audienceUrl, privateKeyContents) {
+        const jwtToken = jwt.sign({
+            iss: clientId,
+            sub: this.getUsername(),
+            aud: audienceUrl,
+            exp: Date.now() + 300,
+        }, privateKeyContents, {
+            algorithm: 'RS256',
+        });
+        const oauth2 = new JwtOAuth2({ loginUrl });
+        return (0, ts_types_1.ensureJsonMap)(await oauth2.jwtAuthorize(jwtToken));
+    }
     // Build OAuth config for a refresh token auth flow
     async buildRefreshTokenConfig(options) {
         // Ideally, this would be removed at some point in the distant future when all auth files

package/lib/org/authRemover.d.ts

@@ -1,5 +1,6 @@
 import { AsyncOptionalCreatable } from '@salesforce/kit';
-import { SfOrg, SfOrgs } from '../globalInfo';
+import { JsonMap } from '@salesforce/ts-types';
+import { AuthFields } from '.';
 /**
  * Handles  the removing of authorizations, which includes deleting the auth file
  * in the global .sfdx folder, deleting any configs that are associated with the username/alias,
@@ -25,7 +26,7 @@ import { SfOrg, SfOrgs } from '../globalInfo';
  */
 export declare class AuthRemover extends AsyncOptionalCreatable {
     private config;
-    private globalInfo;
+    private stateAggregator;
     private logger;
     /**
      * Removes the authentication and any configs or aliases associated with it
@@ -45,13 +46,13 @@ export declare class AuthRemover extends AsyncOptionalCreatable {
      * @param usernameOrAlias username or alias of the auth you want to find, defaults to the configured target-org
      * @returns {Promise<SfOrg>}
      */
-    findAuth(usernameOrAlias?: string): Promise<SfOrg>;
+    findAuth(usernameOrAlias?: string): Promise<AuthFields>;
     /**
      * Finds all org authorizations in the global info file (.sf/sf.json)
      *
-     * @returns {SfOrgs}
+     * @returns {Record<string, AuthFields>}
      */
-    findAllAuths(): SfOrgs;
+    findAllAuths(): Record<string, AuthFields & JsonMap>;
     protected init(): Promise<void>;
     /**
      * Returns the username for a given alias if the alias exists.

package/lib/org/authRemover.js

@@ -11,7 +11,7 @@ const kit_1 = require("@salesforce/kit");
 const configAggregator_1 = require("../config/configAggregator");
 const logger_1 = require("../logger");
 const messages_1 = require("../messages");
-const globalInfo_1 = require("../globalInfo");
+const stateAggregator_1 = require("../stateAggregator");
 const orgConfigProperties_1 = require("./orgConfigProperties");
 messages_1.Messages.importMessagesDirectory(__dirname);
 const coreMessages = messages_1.Messages.load('@salesforce/core', 'core', ['namedOrgNotFound']);
@@ -50,9 +50,8 @@ class AuthRemover extends kit_1.AsyncOptionalCreatable {
         this.logger.debug(`Removing authorization for user ${username}`);
         await this.unsetConfigValues(username);
         await this.unsetAliases(username);
-        this.unsetTokens(username);
-        this.globalInfo.orgs.unset(username);
-        await this.globalInfo.write();
+        await this.unsetTokens(username);
+        await this.stateAggregator.orgs.remove(username);
     }
     /**
      * Removes all authentication files and any configs or aliases associated with them
@@ -73,8 +72,8 @@ class AuthRemover extends kit_1.AsyncOptionalCreatable {
      * @returns {Promise<SfOrg>}
      */
     async findAuth(usernameOrAlias) {
-        const username = usernameOrAlias ? await this.resolveUsername(usernameOrAlias) : this.getTargetOrg();
-        const auth = this.globalInfo.orgs.get(username);
+        const username = await this.resolveUsername(usernameOrAlias || this.getTargetOrg());
+        const auth = this.stateAggregator.orgs.get(username);
         if (!auth) {
             throw coreMessages.createError('namedOrgNotFound');
         }
@@ -83,15 +82,20 @@ class AuthRemover extends kit_1.AsyncOptionalCreatable {
     /**
      * Finds all org authorizations in the global info file (.sf/sf.json)
      *
-     * @returns {SfOrgs}
+     * @returns {Record<string, AuthFields>}
      */
     findAllAuths() {
-        return this.globalInfo.orgs.getAll();
+        const orgs = this.stateAggregator.orgs.getAll();
+        return orgs.reduce((x, y) => {
+            // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+            return { ...x, [y.username]: y };
+        }, {});
     }
     async init() {
         this.logger = await logger_1.Logger.child(this.constructor.name);
         this.config = await configAggregator_1.ConfigAggregator.create();
-        this.globalInfo = await globalInfo_1.GlobalInfo.getInstance();
+        this.stateAggregator = await stateAggregator_1.StateAggregator.getInstance();
+        await this.stateAggregator.orgs.readAll();
     }
     /**
      * Returns the username for a given alias if the alias exists.
@@ -100,7 +104,7 @@ class AuthRemover extends kit_1.AsyncOptionalCreatable {
      * @returns {Promise<string>}
      */
     async resolveUsername(usernameOrAlias) {
-        return this.globalInfo.aliases.resolveUsername(usernameOrAlias);
+        return this.stateAggregator.aliases.resolveUsername(usernameOrAlias);
     }
     /**
      * @returns {string}
@@ -119,7 +123,7 @@ class AuthRemover extends kit_1.AsyncOptionalCreatable {
      * @returns {Promise<string[]>}
      */
     getAliases(username) {
-        return this.globalInfo.aliases.getAll(username);
+        return this.stateAggregator.aliases.getAll(username);
     }
     /**
      * Unsets any configured values (both global and local) for provided username
@@ -158,20 +162,22 @@ class AuthRemover extends kit_1.AsyncOptionalCreatable {
      */
     async unsetAliases(username) {
         this.logger.debug(`Clearing aliases for username: ${username}`);
-        const existingAliases = this.globalInfo.aliases.getAll(username);
+        const existingAliases = this.stateAggregator.aliases.getAll(username);
         if (existingAliases.length === 0)
             return;
         this.logger.debug(`Found these aliases to remove: ${existingAliases}`);
-        existingAliases.forEach((alias) => this.globalInfo.aliases.unset(alias));
+        existingAliases.forEach((alias) => this.stateAggregator.aliases.unset(alias));
+        await this.stateAggregator.aliases.write();
     }
-    unsetTokens(username) {
+    async unsetTokens(username) {
         this.logger.debug(`Clearing tokens for username: ${username}`);
-        const tokens = this.globalInfo.tokens.getAll();
+        const tokens = this.stateAggregator.tokens.getAll();
         for (const [key, token] of Object.entries(tokens)) {
             if (token.user === username) {
-                this.globalInfo.tokens.unset(key);
+                this.stateAggregator.tokens.unset(key);
             }
         }
+        await this.stateAggregator.tokens.write();
     }
 }
 exports.AuthRemover = AuthRemover;

package/lib/org/connection.js

@@ -293,7 +293,7 @@ class Connection extends jsforce_1.Connection {
      * Getter for the AuthInfo fields.
      */
     getAuthInfoFields() {
-        // If the GlobalInfo.unsetOrg is called, the AuthFields are no longer accessible.
+        // If the StateAggregator.orgs.remove is called, the AuthFields are no longer accessible.
         return this.options.authInfo.getFields() || {};
     }
     /**

package/lib/org/org.d.ts

@@ -2,7 +2,6 @@ import { AsyncOptionalCreatable, Duration } from '@salesforce/kit';
 import { AnyJson, JsonMap, Nullable, Optional } from '@salesforce/ts-types';
 import { ConfigAggregator } from '../config/configAggregator';
 import { OrgUsersConfig } from '../config/orgUsersConfig';
-import { SfSandbox } from '../globalInfo';
 import { Connection } from './connection';
 import { AuthFields, AuthInfo } from './authInfo';
 import { ScratchOrgCreateOptions, ScratchOrgCreateResult } from './scratchOrgCreate';
@@ -70,6 +69,14 @@ export declare type ResumeSandboxRequest = {
     SandboxProcessObjId?: string;
 };
 export declare type ScratchOrgRequest = Pick<ScratchOrgCreateOptions, 'connectedAppConsumerKey' | 'durationDays' | 'nonamespace' | 'noancestors' | 'wait' | 'retry' | 'apiversion' | 'definitionjson' | 'definitionfile' | 'orgConfig' | 'clientSecret'>;
+export declare type SandboxFields = {
+    sandboxOrgId: string;
+    prodOrgUsername: string;
+    sandboxName?: string;
+    sandboxUsername?: string;
+    sandboxProcessId?: string;
+    sandboxInfoId?: string;
+};
 /**
  * Provides a way to manage a locally authenticated Org.
  *
@@ -312,15 +319,15 @@ export declare class Org extends AsyncOptionalCreatable<Org.Options> {
      * set the sandbox config related to this given org
      *
      * @param orgId {string} orgId of the sandbox
-     * @param config {SfSandbox} config of the sandbox
+     * @param config {SandboxFields} config of the sandbox
      */
-    setSandboxConfig(orgId: string, config: SfSandbox): Promise<Org>;
+    setSandboxConfig(orgId: string, config: SandboxFields): Promise<Org>;
     /**
      * get the sandbox config for the given orgId
      *
      * @param orgId {string} orgId of the sandbox
      */
-    getSandboxConfig(orgId: string): Promise<Nullable<SfSandbox>>;
+    getSandboxConfig(orgId: string): Promise<Nullable<SandboxFields>>;
     /**
      * Retrieves the highest api version that is supported by the target server instance. If the apiVersion configured for
      * Sfdx is greater than the one returned in this call an api version mismatch occurs. In the case of the CLI that
@@ -381,6 +388,7 @@ export declare class Org extends AsyncOptionalCreatable<Org.Options> {
      * **Throws** *{@link SfError}{ name: 'NotSupportedError' }* Throws an unsupported error.
      */
     protected getDefaultOptions(): Org.Options;
+    private getLocalDataDir;
     /**
      * Gets the sandboxProcessObject and then polls for it to complete.
      *