@supernovaio/cli-next 2.0.10 → 2.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/services/auth.service.d.ts.map +1 -1
- package/dist/services/auth.service.js +1 -0
- package/dist/services/auth.service.js.map +1 -1
- package/dist/services/vault.service.d.ts +5 -5
- package/dist/services/vault.service.d.ts.map +1 -1
- package/dist/services/vault.service.js +11 -7
- package/dist/services/vault.service.js.map +1 -1
- package/dist/utils/api-client.d.ts +1 -1
- package/dist/utils/api-client.d.ts.map +1 -1
- package/dist/utils/api-client.js +1 -2
- package/dist/utils/api-client.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":"AAGA,OAAO,EAGL,SAAS,EACT,MAAM,EAGP,MAAM,mBAAmB,CAAA;AAE1B,qBAAa,WAAW;IAET,oBAAoB,CAAC,GAAG,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM;;;;IAkB1D,mBAAmB,CAAC,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IA+BnG,YAAY,CAAC,GAAG,EAAE,SAAS,EAAE,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IA4BtF,KAAK,CAAC,EAAE,GAAE,MAAa;IAM9B,OAAO,CAAC,WAAW;CAGpB"}
|
|
@@ -8,6 +8,7 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
8
8
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
9
|
};
|
|
10
10
|
import { SentryTraced } from "@sentry/nestjs";
|
|
11
|
+
import fetch from "node-fetch";
|
|
11
12
|
import { AuthResponseSchema, RefreshTokenResponseSchema, TokensResponseSchema, urlMap, } from "../types/login.js";
|
|
12
13
|
export class AuthService {
|
|
13
14
|
async getAuthUrlFromServer(env, codeChallenge) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;
|
|
1
|
+
{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,KAAK,MAAM,YAAY,CAAA;AAE9B,OAAO,EACL,kBAAkB,EAClB,0BAA0B,EAG1B,oBAAoB,EACpB,MAAM,GACP,MAAM,mBAAmB,CAAA;AAE1B,MAAM,OAAO,WAAW;IAET,AAAN,KAAK,CAAC,oBAAoB,CAAC,GAAc,EAAE,aAAqB;QACrE,MAAM,EACJ,MAAM,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,GAClC,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE;YACrC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,aAAa;aACd,CAAC;YACF,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;YACD,MAAM,EAAE,MAAM;SACf,CAAC;aACC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;aACvB,IAAI,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE,CAAC,kBAAkB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAA;QACrD,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,CAAA;IAClC,CAAC;IAGY,AAAN,KAAK,CAAC,mBAAmB,CAAC,GAAc,EAAE,QAAgB,EAAE,OAAe;QAChF,IAAI,OAAO,GAAG,KAAK,CAAA;QACnB,IAAI,MAA0B,CAAA;QAC9B,IAAI,YAAY,GAAG,GAAG,CAAA;QACtB,OAAO,CAAC,OAAO,IAAI,YAAY,EAAE,GAAG,CAAC,EAAE,CAAC;YAEtC,OAAO,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,aAAa,OAAO,kBAAkB,QAAQ,EAAE,CAAC;iBAC5F,IAAI,CAAC,QAAQ,CAAC,EAAE;gBACf,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;oBACjB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;gBAChD,CAAC;gBAED,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAA;YACxB,CAAC,CAAC;iBACD,IAAI,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;gBACjB,MAAM,IAAI,GAAG,oBAAoB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;gBAC7C,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBACrC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAA;oBAC3B,OAAO,IAAI,CAAA;gBACb,CAAC;gBAED,MAAM,IAAI,CAAC,KAAK,EAAE,CAAA;gBAElB,OAAO,KAAK,CAAA;YACd,CAAC,CAAC,CAAA;QACN,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;IAGY,AAAN,KAAK,CAAC,YAAY,CAAC,GAAc,EAAE,YAAqB;QAC7D,IAAI,CAAC,YAAY;YAAE,OAAO,SAAS,CAAA;QAEnC,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAA;QAChD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE;YACpC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBAEnB,UAAU,EAAE,eAAe;gBAE3B,aAAa,EAAE,YAAY;aAC5B,CAAC;YACF,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;YACD,MAAM,EAAE,MAAM;SACf,CAAC,CAAA;QAEF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,EACJ,MAAM,EAAE,EAAE,MAAM,EAAE,GACnB,GAAG,0BAA0B,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;QAC3D,OAAO,EAAE,GAAG,MAAM,EAAE,YAAY,EAAE,CAAA;IACpC,CAAC;IAGM,KAAK,CAAC,KAAa,IAAI;QAC5B,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;YAC3B,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;QACzB,CAAC,CAAC,CAAA;IACJ,CAAC;IAEO,WAAW,CAAC,MAAiB;QACnC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAA;IACvB,CAAC;CACF;AAtFc;IADZ,YAAY,EAAE;;;;uDAgBd;AAGY;IADZ,YAAY,EAAE;;;;sDA6Bd;AAGY;IADZ,YAAY,EAAE;;;;+CA0Bd;AAGM;IADN,YAAY,EAAE;;;;wCAKd","sourcesContent":["import { SentryTraced } from \"@sentry/nestjs\"\nimport fetch from \"node-fetch\"\n\nimport {\n AuthResponseSchema,\n RefreshTokenResponseSchema,\n TargetEnv,\n Tokens,\n TokensResponseSchema,\n urlMap,\n} from \"../types/login.js\"\n\nexport class AuthService {\n @SentryTraced()\n public async getAuthUrlFromServer(env: TargetEnv, codeChallenge: string) {\n const {\n result: { authorizeUrl, readKey },\n } = await fetch(this.getOAuthUrl(env), {\n body: JSON.stringify({\n codeChallenge,\n }),\n headers: {\n \"Content-Type\": \"application/json\",\n },\n method: \"POST\",\n })\n .then(res => res.json())\n .then(async data => AuthResponseSchema.parse(data))\n return { authorizeUrl, readKey }\n }\n\n @SentryTraced()\n public async getTokensFromServer(env: TargetEnv, verifier: string, readKey: string): Promise<Tokens | undefined> {\n let success = false\n let tokens: Tokens | undefined\n let repeatCounts = 300 // five minutes\n while (!success && repeatCounts-- > 0) {\n // eslint-disable-next-line no-await-in-loop\n success = await fetch(`${this.getOAuthUrl(env)}?read_key=${readKey}&code_verifier=${verifier}`)\n .then(response => {\n if (!response.ok) {\n throw new Error(\"Network response was not ok\")\n }\n\n return response.json()\n })\n .then(async data => {\n const body = TokensResponseSchema.parse(data)\n if (body.result.status === \"Success\") {\n tokens = body.result.tokens\n return true\n }\n\n await this.sleep()\n\n return false\n })\n }\n\n return tokens\n }\n\n @SentryTraced()\n public async refreshToken(env: TargetEnv, refreshToken?: string): Promise<Tokens | undefined> {\n if (!refreshToken) return undefined\n\n const authUrl = `${this.getOAuthUrl(env)}/token`\n const response = await fetch(authUrl, {\n body: JSON.stringify({\n // eslint-disable-next-line camelcase\n grant_type: \"refresh_token\",\n // eslint-disable-next-line camelcase\n refresh_token: refreshToken,\n }),\n headers: {\n \"Content-Type\": \"application/json\",\n },\n method: \"POST\",\n })\n\n if (!response.ok) {\n return undefined\n }\n\n const {\n result: { tokens },\n } = RefreshTokenResponseSchema.parse(await response.json())\n return { ...tokens, refreshToken }\n }\n\n @SentryTraced()\n public sleep(ms: number = 5000) {\n return new Promise(resolve => {\n setTimeout(resolve, ms)\n })\n }\n\n private getOAuthUrl(target: TargetEnv): string {\n return urlMap[target]\n }\n}\n"]}
|
|
@@ -15,13 +15,13 @@ export declare class VaultService {
|
|
|
15
15
|
private readonly vault;
|
|
16
16
|
private readonly serviceName;
|
|
17
17
|
constructor(authService?: AuthService, vault?: IVault);
|
|
18
|
-
deleteTokensFromVault(env
|
|
19
|
-
getLoggedInUser(env
|
|
18
|
+
deleteTokensFromVault(env: TargetEnv): Promise<void>;
|
|
19
|
+
getLoggedInUser(env: TargetEnv): Promise<string | undefined>;
|
|
20
20
|
getTokensFromFile(env: TargetEnv): Tokens | undefined;
|
|
21
|
-
getTokensFromVault(env
|
|
21
|
+
getTokensFromVault(env: TargetEnv): Promise<Tokens>;
|
|
22
22
|
refreshTokens(env: TargetEnv, accessToken: string, refreshToken: string): Promise<Tokens | undefined>;
|
|
23
|
-
storeTokensInFile(env: TargetEnv, tokens
|
|
24
|
-
storeTokensToVault({ accessToken, refreshToken }: Tokens, env
|
|
23
|
+
storeTokensInFile(env: TargetEnv, tokens: null | Tokens): void;
|
|
24
|
+
storeTokensToVault({ accessToken, refreshToken }: Tokens, env: TargetEnv): Promise<void>;
|
|
25
25
|
supernovaDir(): string;
|
|
26
26
|
tokensFilePath(): string;
|
|
27
27
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vault.service.d.ts","sourceRoot":"","sources":["../../src/services/vault.service.ts"],"names":[],"mappings":"AAOA,OAAO,
|
|
1
|
+
{"version":3,"file":"vault.service.d.ts","sourceRoot":"","sources":["../../src/services/vault.service.ts"],"names":[],"mappings":"AAOA,OAAO,EAA8B,SAAS,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAEjF,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAE/C,MAAM,WAAW,MAAM;IACrB,cAAc,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACvE,WAAW,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG,MAAM,CAAC,CAAA;IAC7E,WAAW,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;CACvF;AAED,qBAAa,WAAY,YAAW,MAAM;IAClC,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAInE,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,MAAM,CAAC;IAIzE,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAGzF;AAED,qBAAa,YAAY;IAIrB,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,KAAK;IAJxB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;gBAGvB,WAAW,GAAE,WAA+B,EAC5C,KAAK,GAAE,MAA0B;IAIvC,qBAAqB,CAAC,GAAG,EAAE,SAAS;IAUpC,eAAe,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAWlE,iBAAiB,CAAC,GAAG,EAAE,SAAS,GAAG,MAAM,GAAG,SAAS;IAa/C,kBAAkB,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC;IAgCnD,aAAa,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAkB3G,iBAAiB,CAAC,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,GAAG,MAAM;IAqBjD,kBAAkB,CAAC,EAAE,WAAW,EAAE,YAAY,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS;IAW9E,YAAY,IAAI,MAAM;IAKtB,cAAc,IAAI,MAAM;CAIhC"}
|
|
@@ -13,7 +13,7 @@ import * as keytar from "keytar";
|
|
|
13
13
|
import * as fs from "node:fs";
|
|
14
14
|
import * as os from "node:os";
|
|
15
15
|
import path from "node:path";
|
|
16
|
-
import {
|
|
16
|
+
import { EnvTokensSchema } from "../types/login.js";
|
|
17
17
|
import { NotAuthorizedError } from "../types/not-authorized.error.js";
|
|
18
18
|
import { AuthService } from "./auth.service.js";
|
|
19
19
|
export class KeytarVault {
|
|
@@ -35,16 +35,16 @@ export class VaultService {
|
|
|
35
35
|
this.authService = authService;
|
|
36
36
|
this.vault = vault;
|
|
37
37
|
}
|
|
38
|
-
async deleteTokensFromVault(env
|
|
38
|
+
async deleteTokensFromVault(env) {
|
|
39
39
|
try {
|
|
40
40
|
await this.vault.deletePassword(this.serviceName, `${env}_access_token`);
|
|
41
41
|
await this.vault.deletePassword(this.serviceName, `${env}_refresh_token`);
|
|
42
42
|
}
|
|
43
43
|
catch {
|
|
44
|
-
this.storeTokensInFile(env);
|
|
44
|
+
this.storeTokensInFile(env, null);
|
|
45
45
|
}
|
|
46
46
|
}
|
|
47
|
-
async getLoggedInUser(env
|
|
47
|
+
async getLoggedInUser(env) {
|
|
48
48
|
try {
|
|
49
49
|
const tokens = await this.getTokensFromVault(env);
|
|
50
50
|
const decoded = jwtDecode(tokens.accessToken);
|
|
@@ -63,7 +63,7 @@ export class VaultService {
|
|
|
63
63
|
const data = JSON.parse(fileContent);
|
|
64
64
|
return data[env] ?? {};
|
|
65
65
|
}
|
|
66
|
-
async getTokensFromVault(env
|
|
66
|
+
async getTokensFromVault(env) {
|
|
67
67
|
if (process.env.SUPERNOVA_TOKEN) {
|
|
68
68
|
return { accessToken: process.env.SUPERNOVA_TOKEN };
|
|
69
69
|
}
|
|
@@ -74,6 +74,7 @@ export class VaultService {
|
|
|
74
74
|
refreshToken = (await this.vault.getPassword(this.serviceName, `${env}_refresh_token`)) ?? undefined;
|
|
75
75
|
}
|
|
76
76
|
catch {
|
|
77
|
+
console.log("Error, fall back to file storage");
|
|
77
78
|
const tokens = this.getTokensFromFile(env);
|
|
78
79
|
if (tokens) {
|
|
79
80
|
accessToken = tokens.accessToken;
|
|
@@ -114,10 +115,13 @@ export class VaultService {
|
|
|
114
115
|
const fileContent = fs.readFileSync(filePath, "utf8");
|
|
115
116
|
data = EnvTokensSchema.parse(JSON.parse(fileContent));
|
|
116
117
|
}
|
|
117
|
-
|
|
118
|
+
if (tokens)
|
|
119
|
+
data[env] = tokens;
|
|
120
|
+
else
|
|
121
|
+
delete data[env];
|
|
118
122
|
fs.writeFileSync(filePath, JSON.stringify(data, null, 2), "utf8");
|
|
119
123
|
}
|
|
120
|
-
async storeTokensToVault({ accessToken, refreshToken }, env
|
|
124
|
+
async storeTokensToVault({ accessToken, refreshToken }, env) {
|
|
121
125
|
try {
|
|
122
126
|
await this.vault.setPassword(this.serviceName, `${env}_access_token`, accessToken);
|
|
123
127
|
if (refreshToken) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vault.service.js","sourceRoot":"","sources":["../../src/services/vault.service.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AACtC,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAA;AAChC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,IAAI,MAAM,WAAW,CAAA;AAE5B,OAAO,EAAE,gBAAgB,EAAa,eAAe,EAAqB,MAAM,mBAAmB,CAAA;AACnG,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAQ/C,MAAM,OAAO,WAAW;IACtB,KAAK,CAAC,cAAc,CAAC,WAAmB,EAAE,OAAe;QACvD,MAAM,MAAM,CAAC,cAAc,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,WAAmB,EAAE,OAAe;QACpD,OAAO,MAAM,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;IACjD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,WAAmB,EAAE,OAAe,EAAE,QAAgB;QACtE,MAAM,MAAM,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAA;IAC1D,CAAC;CACF;AAED,MAAM,OAAO,YAAY;IAIJ;IACA;IAJF,WAAW,GAAG,WAAW,CAAA;IAE1C,YACmB,cAA2B,IAAI,WAAW,EAAE,EAC5C,QAAgB,IAAI,WAAW,EAAE;QADjC,gBAAW,GAAX,WAAW,CAAiC;QAC5C,UAAK,GAAL,KAAK,CAA4B;IACjD,CAAC;IAGS,AAAN,KAAK,CAAC,qBAAqB,CAAC,MAAiB,gBAAgB;QAClE,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,CAAC,CAAA;YACxE,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,CAAC,CAAA;QAC3E,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAA;QAC7B,CAAC;IACH,CAAC;IAGY,AAAN,KAAK,CAAC,eAAe,CAAC,MAAiB,gBAAgB;QAC5D,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAA;YACjD,MAAM,OAAO,GAAG,SAAS,CAAmB,MAAM,CAAC,WAAW,CAAC,CAAA;YAC/D,OAAO,OAAO,CAAC,GAAG,CAAA;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAA;QAClB,CAAC;IACH,CAAC;IAGM,iBAAiB,CAAC,GAAc;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;QAEtC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;QACrD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;QACpC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;IACxB,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,MAAiB,gBAAgB;QAC/D,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;YAChC,OAAO,EAAE,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAA;QACrD,CAAC;QAED,IAAI,WAA+B,CAAA;QACnC,IAAI,YAAgC,CAAA;QACpC,IAAI,CAAC;YACH,WAAW,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,CAAC,CAAC,IAAI,SAAS,CAAA;YAClG,YAAY,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,CAAC,CAAC,IAAI,SAAS,CAAA;QACtG,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAA;YAC1C,IAAI,MAAM,EAAE,CAAC;gBACX,WAAW,GAAG,MAAM,CAAC,WAAW,CAAA;gBAChC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAA;YACpC,CAAC;QACH,CAAC;QAED,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,kBAAkB,EAAE,CAAA;QAChC,CAAC;QAED,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvG,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,WAAW,CAAA;QACpB,CAAC;QAED,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAA;IACtC,CAAC;IAGY,AAAN,KAAK,CAAC,aAAa,CAAC,GAAc,EAAE,WAAmB,EAAE,YAAoB;QAClF,MAAM,OAAO,GAAG,SAAS,CAAmB,WAAW,CAAC,CAAA;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;QACjD,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,WAAW,GAAG,GAAG,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;YAC1E,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAA;gBACrC,MAAM,IAAI,kBAAkB,EAAE,CAAA;YAChC,CAAC;YAED,MAAM,IAAI,CAAC,kBAAkB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;YAC/C,OAAO,WAAW,CAAA;QACpB,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAGM,iBAAiB,CAAC,GAAc,EAAE,MAAe;QACtD,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,EAAE,CAAA;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,aAAa,CAAC,CAAA;QAEvD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACjC,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QACjD,CAAC;QAED,IAAI,IAAI,GAAc,EAAe,CAAA;QACrC,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;YACrD,IAAI,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAA;QACvD,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,GAAG,MAAM,CAAA;QAElB,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAA;IACnE,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,YAAY,EAAU,EAAE,MAAiB,gBAAgB;QACtG,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,EAAE,WAAW,CAAC,CAAA;YAClF,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,EAAE,YAAY,CAAC,CAAA;YACtF,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAA;QAC5D,CAAC;IACH,CAAC;IAEM,YAAY;QACjB,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAA;QAC5B,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAA;IACzC,CAAC;IAEM,cAAc;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAA;QACnC,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;IAC1C,CAAC;CACF;AA3Hc;IADZ,YAAY,EAAE;;;;yDAQd;AAGY;IADZ,YAAY,EAAE;;;;mDASd;AAGM;IADN,YAAY,EAAE;;;;qDAWd;AAGY;IADZ,YAAY,EAAE;;;;sDA6Bd;AAGY;IADZ,YAAY,EAAE;;;;iDAgBd;AAGM;IADN,YAAY,EAAE;;;;qDAkBd;AAGY;IADZ,YAAY,EAAE;;;;sDAUd","sourcesContent":["import { SentryTraced } from \"@sentry/nestjs\"\nimport { jwtDecode } from \"jwt-decode\"\nimport * as keytar from \"keytar\"\nimport * as fs from \"node:fs\"\nimport * as os from \"node:os\"\nimport path from \"node:path\"\n\nimport { defaultTargetEnv, EnvTokens, EnvTokensSchema, TargetEnv, Tokens } from \"../types/login.js\"\nimport { NotAuthorizedError } from \"../types/not-authorized.error.js\"\nimport { AuthService } from \"./auth.service.js\"\n\nexport interface IVault {\n deletePassword: (serviceName: string, account: string) => Promise<void>\n getPassword: (serviceName: string, account: string) => Promise<null | string>\n setPassword: (serviceName: string, account: string, password: string) => Promise<void>\n}\n\nexport class KeytarVault implements IVault {\n async deletePassword(serviceName: string, account: string): Promise<void> {\n await keytar.deletePassword(serviceName, account)\n }\n\n async getPassword(serviceName: string, account: string): Promise<null | string> {\n return keytar.getPassword(serviceName, account)\n }\n\n async setPassword(serviceName: string, account: string, password: string): Promise<void> {\n await keytar.setPassword(serviceName, account, password)\n }\n}\n\nexport class VaultService {\n private readonly serviceName = \"Supernova\"\n\n constructor(\n private readonly authService: AuthService = new AuthService(),\n private readonly vault: IVault = new KeytarVault(),\n ) {}\n\n @SentryTraced()\n public async deleteTokensFromVault(env: TargetEnv = defaultTargetEnv) {\n try {\n await this.vault.deletePassword(this.serviceName, `${env}_access_token`)\n await this.vault.deletePassword(this.serviceName, `${env}_refresh_token`)\n } catch {\n this.storeTokensInFile(env)\n }\n }\n\n @SentryTraced()\n public async getLoggedInUser(env: TargetEnv = defaultTargetEnv): Promise<string | undefined> {\n try {\n const tokens = await this.getTokensFromVault(env)\n const decoded = jwtDecode<{ sub?: string }>(tokens.accessToken)\n return decoded.sub\n } catch {\n return undefined\n }\n }\n\n @SentryTraced()\n public getTokensFromFile(env: TargetEnv): Tokens | undefined {\n const filePath = this.tokensFilePath()\n\n if (!fs.existsSync(filePath)) {\n return undefined\n }\n\n const fileContent = fs.readFileSync(filePath, \"utf8\")\n const data = JSON.parse(fileContent)\n return data[env] ?? {}\n }\n\n @SentryTraced()\n public async getTokensFromVault(env: TargetEnv = defaultTargetEnv): Promise<Tokens> {\n if (process.env.SUPERNOVA_TOKEN) {\n return { accessToken: process.env.SUPERNOVA_TOKEN }\n }\n\n let accessToken: string | undefined\n let refreshToken: string | undefined\n try {\n accessToken = (await this.vault.getPassword(this.serviceName, `${env}_access_token`)) ?? undefined\n refreshToken = (await this.vault.getPassword(this.serviceName, `${env}_refresh_token`)) ?? undefined\n } catch {\n const tokens = this.getTokensFromFile(env)\n if (tokens) {\n accessToken = tokens.accessToken\n refreshToken = tokens.refreshToken\n }\n }\n\n if (!accessToken) {\n throw new NotAuthorizedError()\n }\n\n const freshTokens = refreshToken ? await this.refreshTokens(env, accessToken, refreshToken) : undefined\n if (freshTokens) {\n return freshTokens\n }\n\n return { accessToken, refreshToken }\n }\n\n @SentryTraced()\n public async refreshTokens(env: TargetEnv, accessToken: string, refreshToken: string): Promise<Tokens | undefined> {\n const decoded = jwtDecode<{ exp?: number }>(accessToken)\n const currentTime = Math.floor(Date.now() / 1000)\n if (decoded.exp && decoded.exp < currentTime + 300) {\n const freshTokens = await this.authService.refreshToken(env, refreshToken)\n if (!freshTokens) {\n await this.deleteTokensFromVault(env)\n throw new NotAuthorizedError()\n }\n\n await this.storeTokensToVault(freshTokens, env)\n return freshTokens\n }\n\n return undefined\n }\n\n @SentryTraced()\n public storeTokensInFile(env: TargetEnv, tokens?: Tokens) {\n const supernovaDir = this.supernovaDir()\n const filePath = path.join(supernovaDir, \"tokens.json\")\n\n if (!fs.existsSync(supernovaDir)) {\n fs.mkdirSync(supernovaDir, { recursive: true })\n }\n\n let data: EnvTokens = {} as EnvTokens\n if (fs.existsSync(filePath)) {\n const fileContent = fs.readFileSync(filePath, \"utf8\")\n data = EnvTokensSchema.parse(JSON.parse(fileContent))\n }\n\n data[env] = tokens\n\n fs.writeFileSync(filePath, JSON.stringify(data, null, 2), \"utf8\")\n }\n\n @SentryTraced()\n public async storeTokensToVault({ accessToken, refreshToken }: Tokens, env: TargetEnv = defaultTargetEnv) {\n try {\n await this.vault.setPassword(this.serviceName, `${env}_access_token`, accessToken)\n if (refreshToken) {\n await this.vault.setPassword(this.serviceName, `${env}_refresh_token`, refreshToken)\n }\n } catch {\n this.storeTokensInFile(env, { accessToken, refreshToken })\n }\n }\n\n public supernovaDir(): string {\n const homeDir = os.homedir()\n return path.join(homeDir, \".supernova\")\n }\n\n public tokensFilePath(): string {\n const homeDir = this.supernovaDir()\n return path.join(homeDir, \"tokens.json\")\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"vault.service.js","sourceRoot":"","sources":["../../src/services/vault.service.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AACtC,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAA;AAChC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,IAAI,MAAM,WAAW,CAAA;AAE5B,OAAO,EAAa,eAAe,EAAqB,MAAM,mBAAmB,CAAA;AACjF,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAQ/C,MAAM,OAAO,WAAW;IACtB,KAAK,CAAC,cAAc,CAAC,WAAmB,EAAE,OAAe;QACvD,MAAM,MAAM,CAAC,cAAc,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,WAAmB,EAAE,OAAe;QACpD,OAAO,MAAM,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;IACjD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,WAAmB,EAAE,OAAe,EAAE,QAAgB;QACtE,MAAM,MAAM,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAA;IAC1D,CAAC;CACF;AAED,MAAM,OAAO,YAAY;IAIJ;IACA;IAJF,WAAW,GAAG,WAAW,CAAA;IAE1C,YACmB,cAA2B,IAAI,WAAW,EAAE,EAC5C,QAAgB,IAAI,WAAW,EAAE;QADjC,gBAAW,GAAX,WAAW,CAAiC;QAC5C,UAAK,GAAL,KAAK,CAA4B;IACjD,CAAC;IAGS,AAAN,KAAK,CAAC,qBAAqB,CAAC,GAAc;QAC/C,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,CAAC,CAAA;YACxE,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,CAAC,CAAA;QAC3E,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;QACnC,CAAC;IACH,CAAC;IAGY,AAAN,KAAK,CAAC,eAAe,CAAC,GAAc;QACzC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAA;YACjD,MAAM,OAAO,GAAG,SAAS,CAAmB,MAAM,CAAC,WAAW,CAAC,CAAA;YAC/D,OAAO,OAAO,CAAC,GAAG,CAAA;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAA;QAClB,CAAC;IACH,CAAC;IAGM,iBAAiB,CAAC,GAAc;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;QAEtC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;QACrD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;QACpC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;IACxB,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,GAAc;QAC5C,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;YAChC,OAAO,EAAE,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAA;QACrD,CAAC;QAED,IAAI,WAA+B,CAAA;QACnC,IAAI,YAAgC,CAAA;QACpC,IAAI,CAAC;YACH,WAAW,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,CAAC,CAAC,IAAI,SAAS,CAAA;YAClG,YAAY,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,CAAC,CAAC,IAAI,SAAS,CAAA;QACtG,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAA;YAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAA;YAC1C,IAAI,MAAM,EAAE,CAAC;gBACX,WAAW,GAAG,MAAM,CAAC,WAAW,CAAA;gBAChC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAA;YACpC,CAAC;QACH,CAAC;QAED,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,kBAAkB,EAAE,CAAA;QAChC,CAAC;QAED,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvG,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,WAAW,CAAA;QACpB,CAAC;QAED,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAA;IACtC,CAAC;IAGY,AAAN,KAAK,CAAC,aAAa,CAAC,GAAc,EAAE,WAAmB,EAAE,YAAoB;QAClF,MAAM,OAAO,GAAG,SAAS,CAAmB,WAAW,CAAC,CAAA;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;QACjD,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,WAAW,GAAG,GAAG,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;YAC1E,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAA;gBACrC,MAAM,IAAI,kBAAkB,EAAE,CAAA;YAChC,CAAC;YAED,MAAM,IAAI,CAAC,kBAAkB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;YAC/C,OAAO,WAAW,CAAA;QACpB,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAGM,iBAAiB,CAAC,GAAc,EAAE,MAAqB;QAC5D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,EAAE,CAAA;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,aAAa,CAAC,CAAA;QAEvD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACjC,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QACjD,CAAC;QAED,IAAI,IAAI,GAAc,EAAe,CAAA;QACrC,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;YACrD,IAAI,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAA;QACvD,CAAC;QAED,IAAI,MAAM;YAAE,IAAI,CAAC,GAAG,CAAC,GAAG,MAAM,CAAA;;YACzB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAA;QAErB,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAA;IACnE,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,YAAY,EAAU,EAAE,GAAc;QACnF,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,EAAE,WAAW,CAAC,CAAA;YAClF,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,EAAE,YAAY,CAAC,CAAA;YACtF,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAA;QAC5D,CAAC;IACH,CAAC;IAEM,YAAY;QACjB,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAA;QAC5B,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAA;IACzC,CAAC;IAEM,cAAc;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAA;QACnC,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;IAC1C,CAAC;CACF;AA7Hc;IADZ,YAAY,EAAE;;;;yDAQd;AAGY;IADZ,YAAY,EAAE;;;;mDASd;AAGM;IADN,YAAY,EAAE;;;;qDAWd;AAGY;IADZ,YAAY,EAAE;;;;sDA8Bd;AAGY;IADZ,YAAY,EAAE;;;;iDAgBd;AAGM;IADN,YAAY,EAAE;;;;qDAmBd;AAGY;IADZ,YAAY,EAAE;;;;sDAUd","sourcesContent":["import { SentryTraced } from \"@sentry/nestjs\"\nimport { jwtDecode } from \"jwt-decode\"\nimport * as keytar from \"keytar\"\nimport * as fs from \"node:fs\"\nimport * as os from \"node:os\"\nimport path from \"node:path\"\n\nimport { EnvTokens, EnvTokensSchema, TargetEnv, Tokens } from \"../types/login.js\"\nimport { NotAuthorizedError } from \"../types/not-authorized.error.js\"\nimport { AuthService } from \"./auth.service.js\"\n\nexport interface IVault {\n deletePassword: (serviceName: string, account: string) => Promise<void>\n getPassword: (serviceName: string, account: string) => Promise<null | string>\n setPassword: (serviceName: string, account: string, password: string) => Promise<void>\n}\n\nexport class KeytarVault implements IVault {\n async deletePassword(serviceName: string, account: string): Promise<void> {\n await keytar.deletePassword(serviceName, account)\n }\n\n async getPassword(serviceName: string, account: string): Promise<null | string> {\n return keytar.getPassword(serviceName, account)\n }\n\n async setPassword(serviceName: string, account: string, password: string): Promise<void> {\n await keytar.setPassword(serviceName, account, password)\n }\n}\n\nexport class VaultService {\n private readonly serviceName = \"Supernova\"\n\n constructor(\n private readonly authService: AuthService = new AuthService(),\n private readonly vault: IVault = new KeytarVault(),\n ) {}\n\n @SentryTraced()\n public async deleteTokensFromVault(env: TargetEnv) {\n try {\n await this.vault.deletePassword(this.serviceName, `${env}_access_token`)\n await this.vault.deletePassword(this.serviceName, `${env}_refresh_token`)\n } catch {\n this.storeTokensInFile(env, null)\n }\n }\n\n @SentryTraced()\n public async getLoggedInUser(env: TargetEnv): Promise<string | undefined> {\n try {\n const tokens = await this.getTokensFromVault(env)\n const decoded = jwtDecode<{ sub?: string }>(tokens.accessToken)\n return decoded.sub\n } catch {\n return undefined\n }\n }\n\n @SentryTraced()\n public getTokensFromFile(env: TargetEnv): Tokens | undefined {\n const filePath = this.tokensFilePath()\n\n if (!fs.existsSync(filePath)) {\n return undefined\n }\n\n const fileContent = fs.readFileSync(filePath, \"utf8\")\n const data = JSON.parse(fileContent)\n return data[env] ?? {}\n }\n\n @SentryTraced()\n public async getTokensFromVault(env: TargetEnv): Promise<Tokens> {\n if (process.env.SUPERNOVA_TOKEN) {\n return { accessToken: process.env.SUPERNOVA_TOKEN }\n }\n\n let accessToken: string | undefined\n let refreshToken: string | undefined\n try {\n accessToken = (await this.vault.getPassword(this.serviceName, `${env}_access_token`)) ?? undefined\n refreshToken = (await this.vault.getPassword(this.serviceName, `${env}_refresh_token`)) ?? undefined\n } catch {\n console.log(\"Error, fall back to file storage\")\n const tokens = this.getTokensFromFile(env)\n if (tokens) {\n accessToken = tokens.accessToken\n refreshToken = tokens.refreshToken\n }\n }\n\n if (!accessToken) {\n throw new NotAuthorizedError()\n }\n\n const freshTokens = refreshToken ? await this.refreshTokens(env, accessToken, refreshToken) : undefined\n if (freshTokens) {\n return freshTokens\n }\n\n return { accessToken, refreshToken }\n }\n\n @SentryTraced()\n public async refreshTokens(env: TargetEnv, accessToken: string, refreshToken: string): Promise<Tokens | undefined> {\n const decoded = jwtDecode<{ exp?: number }>(accessToken)\n const currentTime = Math.floor(Date.now() / 1000)\n if (decoded.exp && decoded.exp < currentTime + 300) {\n const freshTokens = await this.authService.refreshToken(env, refreshToken)\n if (!freshTokens) {\n await this.deleteTokensFromVault(env)\n throw new NotAuthorizedError()\n }\n\n await this.storeTokensToVault(freshTokens, env)\n return freshTokens\n }\n\n return undefined\n }\n\n @SentryTraced()\n public storeTokensInFile(env: TargetEnv, tokens: null | Tokens) {\n const supernovaDir = this.supernovaDir()\n const filePath = path.join(supernovaDir, \"tokens.json\")\n\n if (!fs.existsSync(supernovaDir)) {\n fs.mkdirSync(supernovaDir, { recursive: true })\n }\n\n let data: EnvTokens = {} as EnvTokens\n if (fs.existsSync(filePath)) {\n const fileContent = fs.readFileSync(filePath, \"utf8\")\n data = EnvTokensSchema.parse(JSON.parse(fileContent))\n }\n\n if (tokens) data[env] = tokens\n else delete data[env]\n\n fs.writeFileSync(filePath, JSON.stringify(data, null, 2), \"utf8\")\n }\n\n @SentryTraced()\n public async storeTokensToVault({ accessToken, refreshToken }: Tokens, env: TargetEnv) {\n try {\n await this.vault.setPassword(this.serviceName, `${env}_access_token`, accessToken)\n if (refreshToken) {\n await this.vault.setPassword(this.serviceName, `${env}_refresh_token`, refreshToken)\n }\n } catch {\n this.storeTokensInFile(env, { accessToken, refreshToken })\n }\n }\n\n public supernovaDir(): string {\n const homeDir = os.homedir()\n return path.join(homeDir, \".supernova\")\n }\n\n public tokensFilePath(): string {\n const homeDir = this.supernovaDir()\n return path.join(homeDir, \"tokens.json\")\n }\n}\n"]}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
import { SupernovaApiClient } from "@supernova-studio/client";
|
|
2
2
|
import { TargetEnv } from "../types/login.js";
|
|
3
|
-
export declare const getClient: (env
|
|
3
|
+
export declare const getClient: (env: TargetEnv, version?: string) => Promise<SupernovaApiClient>;
|
|
4
4
|
//# sourceMappingURL=api-client.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api-client.d.ts","sourceRoot":"","sources":["../../src/utils/api-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAG7D,OAAO,
|
|
1
|
+
{"version":3,"file":"api-client.d.ts","sourceRoot":"","sources":["../../src/utils/api-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAG7D,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAA;AAM7C,eAAO,MAAM,SAAS,GAAU,KAAK,SAAS,EAAE,UAAU,MAAM,KAAG,OAAO,CAAC,kBAAkB,CAI5F,CAAA"}
|
package/dist/utils/api-client.js
CHANGED
|
@@ -1,9 +1,8 @@
|
|
|
1
1
|
import { SupernovaApiClient } from "@supernova-studio/client";
|
|
2
2
|
import { VaultService } from "../services/vault.service.js";
|
|
3
|
-
import { defaultTargetEnv } from "../types/login.js";
|
|
4
3
|
import { environmentAPI } from "./network.js";
|
|
5
4
|
const vaultService = new VaultService();
|
|
6
|
-
export const getClient = async (env
|
|
5
|
+
export const getClient = async (env, version) => {
|
|
7
6
|
const { accessToken } = await vaultService.getTokensFromVault(env);
|
|
8
7
|
const hostUrl = new URL(environmentAPI(env, version));
|
|
9
8
|
return new SupernovaApiClient({ accessToken, host: hostUrl.host });
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../../src/utils/api-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAE7D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAA;
|
|
1
|
+
{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../../src/utils/api-client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAA;AAE7D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAA;AAG3D,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAE7C,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAA;AAEvC,MAAM,CAAC,MAAM,SAAS,GAAG,KAAK,EAAE,GAAc,EAAE,OAAgB,EAA+B,EAAE;IAC/F,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,YAAY,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAA;IAClE,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,GAAkB,EAAE,OAAO,CAAC,CAAC,CAAA;IACpE,OAAO,IAAI,kBAAkB,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAA;AACpE,CAAC,CAAA","sourcesContent":["import { SupernovaApiClient } from \"@supernova-studio/client\"\n\nimport { VaultService } from \"../services/vault.service.js\"\nimport { TargetEnv } from \"../types/login.js\"\nimport { Environment } from \"../types/types.js\"\nimport { environmentAPI } from \"./network.js\"\n\nconst vaultService = new VaultService()\n\nexport const getClient = async (env: TargetEnv, version?: string): Promise<SupernovaApiClient> => {\n const { accessToken } = await vaultService.getTokensFromVault(env)\n const hostUrl = new URL(environmentAPI(env as Environment, version))\n return new SupernovaApiClient({ accessToken, host: hostUrl.host })\n}\n"]}
|