@supernovaio/cli 2.0.2 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vault.service.d.ts","sourceRoot":"","sources":["../../src/services/vault.service.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AACnD,OAAO,EAA8B,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAEtE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAE/C,MAAM,WAAW,MAAM;IACrB,cAAc,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACvE,WAAW,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG,MAAM,CAAC,CAAA;IAC7E,WAAW,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;CACvF;AAED,qBAAa,WAAY,YAAW,MAAM;IAClC,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAInE,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,MAAM,CAAC;IAIzE,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAGzF;AAED,qBAAa,YAAY;IAIrB,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,KAAK;IAJxB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;gBAGvB,WAAW,GAAE,WAA+B,EAC5C,KAAK,GAAE,MAA0B;IAIvC,qBAAqB,CAAC,GAAG,EAAE,SAAS;IAUpC,kBAAkB,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IASrE,iBAAiB,CAAC,GAAG,EAAE,SAAS,GAAG,MAAM,GAAG,SAAS;IAa/C,qBAAqB,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"vault.service.d.ts","sourceRoot":"","sources":["../../src/services/vault.service.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AACnD,OAAO,EAA8B,MAAM,EAAE,MAAM,mBAAmB,CAAA;AAEtE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAE/C,MAAM,WAAW,MAAM;IACrB,cAAc,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACvE,WAAW,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,GAAG,MAAM,CAAC,CAAA;IAC7E,WAAW,EAAE,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;CACvF;AAED,qBAAa,WAAY,YAAW,MAAM;IAClC,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAInE,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,MAAM,CAAC;IAIzE,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAGzF;AAED,qBAAa,YAAY;IAIrB,OAAO,CAAC,QAAQ,CAAC,WAAW;IAC5B,OAAO,CAAC,QAAQ,CAAC,KAAK;IAJxB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;gBAGvB,WAAW,GAAE,WAA+B,EAC5C,KAAK,GAAE,MAA0B;IAIvC,qBAAqB,CAAC,GAAG,EAAE,SAAS;IAUpC,kBAAkB,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IASrE,iBAAiB,CAAC,GAAG,EAAE,SAAS,GAAG,MAAM,GAAG,SAAS;IAa/C,qBAAqB,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA+B7D,kBAAkB,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC;IAOnD,aAAa,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAkB3G,iBAAiB,CAAC,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,GAAG,MAAM;IAqBjD,kBAAkB,CAAC,EAAE,WAAW,EAAE,YAAY,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS;IAW9E,YAAY,IAAI,MAAM;IAKtB,cAAc,IAAI,MAAM;CAIhC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
|
|
2
|
-
!function(){try{var e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof self?self:{},n=(new e.Error).stack;n&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[n]="
|
|
2
|
+
!function(){try{var e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof self?self:{},n=(new e.Error).stack;n&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[n]="b76d191d-5785-5876-addc-6c88ea2103f3")}catch(e){}}();
|
|
3
3
|
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
4
4
|
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
5
5
|
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
@@ -74,7 +74,6 @@ export class VaultService {
|
|
|
74
74
|
refreshToken = (await this.vault.getPassword(this.serviceName, `${env}_refresh_token`)) ?? undefined;
|
|
75
75
|
}
|
|
76
76
|
catch {
|
|
77
|
-
console.log("Error, fall back to file storage");
|
|
78
77
|
const tokens = this.getTokensFromFile(env);
|
|
79
78
|
if (tokens) {
|
|
80
79
|
accessToken = tokens.accessToken;
|
|
@@ -196,4 +195,4 @@ __decorate([
|
|
|
196
195
|
__metadata("design:returntype", Promise)
|
|
197
196
|
], VaultService.prototype, "storeTokensToVault", null);
|
|
198
197
|
//# sourceMappingURL=vault.service.js.map
|
|
199
|
-
//# debugId=
|
|
198
|
+
//# debugId=b76d191d-5785-5876-addc-6c88ea2103f3
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vault.service.js","sources":["../../src/services/vault.service.ts"],"sourceRoot":"","sourcesContent":["import { SentryTraced } from \"@sentry/nestjs\"\nimport { jwtDecode } from \"jwt-decode\"\nimport keytar from \"keytar\"\nimport * as fs from \"node:fs\"\nimport * as os from \"node:os\"\nimport path from \"node:path\"\n\nimport { TargetEnv } from \"../types/environment.js\"\nimport { EnvTokens, EnvTokensSchema, Tokens } from \"../types/login.js\"\nimport { NotAuthorizedError } from \"../types/not-authorized.error.js\"\nimport { AuthService } from \"./auth.service.js\"\n\nexport interface IVault {\n deletePassword: (serviceName: string, account: string) => Promise<void>\n getPassword: (serviceName: string, account: string) => Promise<null | string>\n setPassword: (serviceName: string, account: string, password: string) => Promise<void>\n}\n\nexport class KeytarVault implements IVault {\n async deletePassword(serviceName: string, account: string): Promise<void> {\n await keytar.deletePassword(serviceName, account)\n }\n\n async getPassword(serviceName: string, account: string): Promise<null | string> {\n return keytar.getPassword(serviceName, account)\n }\n\n async setPassword(serviceName: string, account: string, password: string): Promise<void> {\n await keytar.setPassword(serviceName, account, password)\n }\n}\n\nexport class VaultService {\n private readonly serviceName = \"Supernova\"\n\n constructor(\n private readonly authService: AuthService = new AuthService(),\n private readonly vault: IVault = new KeytarVault(),\n ) {}\n\n @SentryTraced()\n public async deleteTokensFromVault(env: TargetEnv) {\n try {\n await this.vault.deletePassword(this.serviceName, `${env}_access_token`)\n await this.vault.deletePassword(this.serviceName, `${env}_refresh_token`)\n } catch {\n this.storeTokensInFile(env, null)\n }\n }\n\n @SentryTraced()\n public async getLoggedInUserSub(env: TargetEnv): Promise<string | undefined> {\n const tokens = await this.tryGetTokensFromVault(env)\n if (!tokens) return undefined\n\n const decoded = jwtDecode<{ sub?: string }>(tokens.accessToken)\n return decoded.sub\n }\n\n @SentryTraced()\n public getTokensFromFile(env: TargetEnv): Tokens | undefined {\n const filePath = this.tokensFilePath()\n\n if (!fs.existsSync(filePath)) {\n return undefined\n }\n\n const fileContent = fs.readFileSync(filePath, \"utf8\")\n const data = JSON.parse(fileContent)\n return data[env] ?? {}\n }\n\n @SentryTraced()\n public async tryGetTokensFromVault(env: TargetEnv): Promise<Tokens | null> {\n if (process.env.SUPERNOVA_TOKEN) {\n return { accessToken: process.env.SUPERNOVA_TOKEN }\n }\n\n let accessToken: string | undefined\n let refreshToken: string | undefined\n try {\n accessToken = (await this.vault.getPassword(this.serviceName, `${env}_access_token`)) ?? undefined\n refreshToken = (await this.vault.getPassword(this.serviceName, `${env}_refresh_token`)) ?? undefined\n } catch {\n console.log(\"Error, fall back to file storage\")\n const tokens = this.getTokensFromFile(env)\n if (tokens) {\n accessToken = tokens.accessToken\n refreshToken = tokens.refreshToken\n }\n }\n\n if (!accessToken) {\n return null\n }\n\n const freshTokens = refreshToken ? await this.refreshTokens(env, accessToken, refreshToken) : undefined\n if (freshTokens) {\n return freshTokens\n }\n\n return { accessToken, refreshToken }\n }\n\n @SentryTraced()\n public async getTokensFromVault(env: TargetEnv): Promise<Tokens> {\n const tokens = await this.tryGetTokensFromVault(env)\n if (!tokens) throw new NotAuthorizedError()\n return tokens\n }\n\n @SentryTraced()\n public async refreshTokens(env: TargetEnv, accessToken: string, refreshToken: string): Promise<Tokens | undefined> {\n const decoded = jwtDecode<{ exp?: number }>(accessToken)\n const currentTime = Math.floor(Date.now() / 1000)\n if (decoded.exp && decoded.exp < currentTime + 300) {\n const freshTokens = await this.authService.refreshToken(env, refreshToken)\n if (!freshTokens) {\n await this.deleteTokensFromVault(env)\n throw new NotAuthorizedError()\n }\n\n await this.storeTokensToVault(freshTokens, env)\n return freshTokens\n }\n\n return undefined\n }\n\n @SentryTraced()\n public storeTokensInFile(env: TargetEnv, tokens: null | Tokens) {\n const supernovaDir = this.supernovaDir()\n const filePath = path.join(supernovaDir, \"tokens.json\")\n\n if (!fs.existsSync(supernovaDir)) {\n fs.mkdirSync(supernovaDir, { recursive: true })\n }\n\n let data: EnvTokens = {}\n if (fs.existsSync(filePath)) {\n const fileContent = fs.readFileSync(filePath, \"utf8\")\n data = EnvTokensSchema.parse(JSON.parse(fileContent))\n }\n\n if (tokens) data[env] = tokens\n else delete data[env]\n\n fs.writeFileSync(filePath, JSON.stringify(data, null, 2), \"utf8\")\n }\n\n @SentryTraced()\n public async storeTokensToVault({ accessToken, refreshToken }: Tokens, env: TargetEnv) {\n try {\n await this.vault.setPassword(this.serviceName, `${env}_access_token`, accessToken)\n if (refreshToken) {\n await this.vault.setPassword(this.serviceName, `${env}_refresh_token`, refreshToken)\n }\n } catch {\n this.storeTokensInFile(env, { accessToken, refreshToken })\n }\n }\n\n public supernovaDir(): string {\n const homeDir = os.homedir()\n return path.join(homeDir, \".supernova\")\n }\n\n public tokensFilePath(): string {\n const homeDir = this.supernovaDir()\n return path.join(homeDir, \"tokens.json\")\n }\n}\n"],"names":[],"mappings":";;;;;;;;;;;AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AACtC,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,IAAI,MAAM,WAAW,CAAA;AAE5B,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AACnD,OAAO,EAAa,eAAe,EAAU,MAAM,mBAAmB,CAAA;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAQ/C,MAAM,OAAO,WAAW;IACtB,KAAK,CAAC,cAAc,CAAC,WAAmB,EAAE,OAAe;QACvD,MAAM,MAAM,CAAC,cAAc,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,WAAmB,EAAE,OAAe;QACpD,OAAO,MAAM,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;IACjD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,WAAmB,EAAE,OAAe,EAAE,QAAgB;QACtE,MAAM,MAAM,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAA;IAC1D,CAAC;CACF;AAED,MAAM,OAAO,YAAY;IAIJ;IACA;IAJF,WAAW,GAAG,WAAW,CAAA;IAE1C,YACmB,cAA2B,IAAI,WAAW,EAAE,EAC5C,QAAgB,IAAI,WAAW,EAAE;QADjC,gBAAW,GAAX,WAAW,CAAiC;QAC5C,UAAK,GAAL,KAAK,CAA4B;IACjD,CAAC;IAGS,AAAN,KAAK,CAAC,qBAAqB,CAAC,GAAc;QAC/C,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,CAAC,CAAA;YACxE,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,CAAC,CAAA;QAC3E,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;QACnC,CAAC;IACH,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,GAAc;QAC5C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAA;QACpD,IAAI,CAAC,MAAM;YAAE,OAAO,SAAS,CAAA;QAE7B,MAAM,OAAO,GAAG,SAAS,CAAmB,MAAM,CAAC,WAAW,CAAC,CAAA;QAC/D,OAAO,OAAO,CAAC,GAAG,CAAA;IACpB,CAAC;IAGM,iBAAiB,CAAC,GAAc;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;QAEtC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;QACrD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;QACpC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;IACxB,CAAC;IAGY,AAAN,KAAK,CAAC,qBAAqB,CAAC,GAAc;QAC/C,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;YAChC,OAAO,EAAE,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAA;QACrD,CAAC;QAED,IAAI,WAA+B,CAAA;QACnC,IAAI,YAAgC,CAAA;QACpC,IAAI,CAAC;YACH,WAAW,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,CAAC,CAAC,IAAI,SAAS,CAAA;YAClG,YAAY,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,CAAC,CAAC,IAAI,SAAS,CAAA;QACtG,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAA;YAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAA;YAC1C,IAAI,MAAM,EAAE,CAAC;gBACX,WAAW,GAAG,MAAM,CAAC,WAAW,CAAA;gBAChC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAA;YACpC,CAAC;QACH,CAAC;QAED,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvG,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,WAAW,CAAA;QACpB,CAAC;QAED,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAA;IACtC,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,GAAc;QAC5C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAA;QACpD,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,kBAAkB,EAAE,CAAA;QAC3C,OAAO,MAAM,CAAA;IACf,CAAC;IAGY,AAAN,KAAK,CAAC,aAAa,CAAC,GAAc,EAAE,WAAmB,EAAE,YAAoB;QAClF,MAAM,OAAO,GAAG,SAAS,CAAmB,WAAW,CAAC,CAAA;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;QACjD,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,WAAW,GAAG,GAAG,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;YAC1E,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAA;gBACrC,MAAM,IAAI,kBAAkB,EAAE,CAAA;YAChC,CAAC;YAED,MAAM,IAAI,CAAC,kBAAkB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;YAC/C,OAAO,WAAW,CAAA;QACpB,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAGM,iBAAiB,CAAC,GAAc,EAAE,MAAqB;QAC5D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,EAAE,CAAA;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,aAAa,CAAC,CAAA;QAEvD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACjC,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QACjD,CAAC;QAED,IAAI,IAAI,GAAc,EAAE,CAAA;QACxB,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;YACrD,IAAI,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAA;QACvD,CAAC;QAED,IAAI,MAAM;YAAE,IAAI,CAAC,GAAG,CAAC,GAAG,MAAM,CAAA;;YACzB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAA;QAErB,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAA;IACnE,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,YAAY,EAAU,EAAE,GAAc;QACnF,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,EAAE,WAAW,CAAC,CAAA;YAClF,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,EAAE,YAAY,CAAC,CAAA;YACtF,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAA;QAC5D,CAAC;IACH,CAAC;IAEM,YAAY;QACjB,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAA;QAC5B,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAA;IACzC,CAAC;IAEM,cAAc;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAA;QACnC,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;IAC1C,CAAC;CACF;AAlIc;IADZ,YAAY,EAAE;;;;yDAQd;AAGY;IADZ,YAAY,EAAE;;;;sDAOd;AAGM;IADN,YAAY,EAAE;;;;qDAWd;AAGY;IADZ,YAAY,EAAE;;;;yDA8Bd;AAGY;IADZ,YAAY,EAAE;;;;sDAKd;AAGY;IADZ,YAAY,EAAE;;;;iDAgBd;AAGM;IADN,YAAY,EAAE;;;;qDAmBd;AAGY;IADZ,YAAY,EAAE;;;;sDAUd","debug_id":"fe440e3f-7f1a-5a6a-b9fb-c7fd2b9a74ab"}
|
|
1
|
+
{"version":3,"file":"vault.service.js","sources":["../../src/services/vault.service.ts"],"sourceRoot":"","sourcesContent":["import { SentryTraced } from \"@sentry/nestjs\"\nimport { jwtDecode } from \"jwt-decode\"\nimport keytar from \"keytar\"\nimport * as fs from \"node:fs\"\nimport * as os from \"node:os\"\nimport path from \"node:path\"\n\nimport { TargetEnv } from \"../types/environment.js\"\nimport { EnvTokens, EnvTokensSchema, Tokens } from \"../types/login.js\"\nimport { NotAuthorizedError } from \"../types/not-authorized.error.js\"\nimport { AuthService } from \"./auth.service.js\"\n\nexport interface IVault {\n deletePassword: (serviceName: string, account: string) => Promise<void>\n getPassword: (serviceName: string, account: string) => Promise<null | string>\n setPassword: (serviceName: string, account: string, password: string) => Promise<void>\n}\n\nexport class KeytarVault implements IVault {\n async deletePassword(serviceName: string, account: string): Promise<void> {\n await keytar.deletePassword(serviceName, account)\n }\n\n async getPassword(serviceName: string, account: string): Promise<null | string> {\n return keytar.getPassword(serviceName, account)\n }\n\n async setPassword(serviceName: string, account: string, password: string): Promise<void> {\n await keytar.setPassword(serviceName, account, password)\n }\n}\n\nexport class VaultService {\n private readonly serviceName = \"Supernova\"\n\n constructor(\n private readonly authService: AuthService = new AuthService(),\n private readonly vault: IVault = new KeytarVault(),\n ) {}\n\n @SentryTraced()\n public async deleteTokensFromVault(env: TargetEnv) {\n try {\n await this.vault.deletePassword(this.serviceName, `${env}_access_token`)\n await this.vault.deletePassword(this.serviceName, `${env}_refresh_token`)\n } catch {\n this.storeTokensInFile(env, null)\n }\n }\n\n @SentryTraced()\n public async getLoggedInUserSub(env: TargetEnv): Promise<string | undefined> {\n const tokens = await this.tryGetTokensFromVault(env)\n if (!tokens) return undefined\n\n const decoded = jwtDecode<{ sub?: string }>(tokens.accessToken)\n return decoded.sub\n }\n\n @SentryTraced()\n public getTokensFromFile(env: TargetEnv): Tokens | undefined {\n const filePath = this.tokensFilePath()\n\n if (!fs.existsSync(filePath)) {\n return undefined\n }\n\n const fileContent = fs.readFileSync(filePath, \"utf8\")\n const data = JSON.parse(fileContent)\n return data[env] ?? {}\n }\n\n @SentryTraced()\n public async tryGetTokensFromVault(env: TargetEnv): Promise<Tokens | null> {\n if (process.env.SUPERNOVA_TOKEN) {\n return { accessToken: process.env.SUPERNOVA_TOKEN }\n }\n\n let accessToken: string | undefined\n let refreshToken: string | undefined\n try {\n accessToken = (await this.vault.getPassword(this.serviceName, `${env}_access_token`)) ?? undefined\n refreshToken = (await this.vault.getPassword(this.serviceName, `${env}_refresh_token`)) ?? undefined\n } catch {\n const tokens = this.getTokensFromFile(env)\n if (tokens) {\n accessToken = tokens.accessToken\n refreshToken = tokens.refreshToken\n }\n }\n\n if (!accessToken) {\n return null\n }\n\n const freshTokens = refreshToken ? await this.refreshTokens(env, accessToken, refreshToken) : undefined\n if (freshTokens) {\n return freshTokens\n }\n\n return { accessToken, refreshToken }\n }\n\n @SentryTraced()\n public async getTokensFromVault(env: TargetEnv): Promise<Tokens> {\n const tokens = await this.tryGetTokensFromVault(env)\n if (!tokens) throw new NotAuthorizedError()\n return tokens\n }\n\n @SentryTraced()\n public async refreshTokens(env: TargetEnv, accessToken: string, refreshToken: string): Promise<Tokens | undefined> {\n const decoded = jwtDecode<{ exp?: number }>(accessToken)\n const currentTime = Math.floor(Date.now() / 1000)\n if (decoded.exp && decoded.exp < currentTime + 300) {\n const freshTokens = await this.authService.refreshToken(env, refreshToken)\n if (!freshTokens) {\n await this.deleteTokensFromVault(env)\n throw new NotAuthorizedError()\n }\n\n await this.storeTokensToVault(freshTokens, env)\n return freshTokens\n }\n\n return undefined\n }\n\n @SentryTraced()\n public storeTokensInFile(env: TargetEnv, tokens: null | Tokens) {\n const supernovaDir = this.supernovaDir()\n const filePath = path.join(supernovaDir, \"tokens.json\")\n\n if (!fs.existsSync(supernovaDir)) {\n fs.mkdirSync(supernovaDir, { recursive: true })\n }\n\n let data: EnvTokens = {}\n if (fs.existsSync(filePath)) {\n const fileContent = fs.readFileSync(filePath, \"utf8\")\n data = EnvTokensSchema.parse(JSON.parse(fileContent))\n }\n\n if (tokens) data[env] = tokens\n else delete data[env]\n\n fs.writeFileSync(filePath, JSON.stringify(data, null, 2), \"utf8\")\n }\n\n @SentryTraced()\n public async storeTokensToVault({ accessToken, refreshToken }: Tokens, env: TargetEnv) {\n try {\n await this.vault.setPassword(this.serviceName, `${env}_access_token`, accessToken)\n if (refreshToken) {\n await this.vault.setPassword(this.serviceName, `${env}_refresh_token`, refreshToken)\n }\n } catch {\n this.storeTokensInFile(env, { accessToken, refreshToken })\n }\n }\n\n public supernovaDir(): string {\n const homeDir = os.homedir()\n return path.join(homeDir, \".supernova\")\n }\n\n public tokensFilePath(): string {\n const homeDir = this.supernovaDir()\n return path.join(homeDir, \"tokens.json\")\n }\n}\n"],"names":[],"mappings":";;;;;;;;;;;AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AACtC,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAA;AAC7B,OAAO,IAAI,MAAM,WAAW,CAAA;AAE5B,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AACnD,OAAO,EAAa,eAAe,EAAU,MAAM,mBAAmB,CAAA;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAA;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAQ/C,MAAM,OAAO,WAAW;IACtB,KAAK,CAAC,cAAc,CAAC,WAAmB,EAAE,OAAe;QACvD,MAAM,MAAM,CAAC,cAAc,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,WAAmB,EAAE,OAAe;QACpD,OAAO,MAAM,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;IACjD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,WAAmB,EAAE,OAAe,EAAE,QAAgB;QACtE,MAAM,MAAM,CAAC,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAA;IAC1D,CAAC;CACF;AAED,MAAM,OAAO,YAAY;IAIJ;IACA;IAJF,WAAW,GAAG,WAAW,CAAA;IAE1C,YACmB,cAA2B,IAAI,WAAW,EAAE,EAC5C,QAAgB,IAAI,WAAW,EAAE;QADjC,gBAAW,GAAX,WAAW,CAAiC;QAC5C,UAAK,GAAL,KAAK,CAA4B;IACjD,CAAC;IAGS,AAAN,KAAK,CAAC,qBAAqB,CAAC,GAAc;QAC/C,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,CAAC,CAAA;YACxE,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,CAAC,CAAA;QAC3E,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;QACnC,CAAC;IACH,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,GAAc;QAC5C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAA;QACpD,IAAI,CAAC,MAAM;YAAE,OAAO,SAAS,CAAA;QAE7B,MAAM,OAAO,GAAG,SAAS,CAAmB,MAAM,CAAC,WAAW,CAAC,CAAA;QAC/D,OAAO,OAAO,CAAC,GAAG,CAAA;IACpB,CAAC;IAGM,iBAAiB,CAAC,GAAc;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;QAEtC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;QACrD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;QACpC,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;IACxB,CAAC;IAGY,AAAN,KAAK,CAAC,qBAAqB,CAAC,GAAc;QAC/C,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;YAChC,OAAO,EAAE,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAA;QACrD,CAAC;QAED,IAAI,WAA+B,CAAA;QACnC,IAAI,YAAgC,CAAA;QACpC,IAAI,CAAC;YACH,WAAW,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,CAAC,CAAC,IAAI,SAAS,CAAA;YAClG,YAAY,GAAG,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,CAAC,CAAC,IAAI,SAAS,CAAA;QACtG,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAA;YAC1C,IAAI,MAAM,EAAE,CAAC;gBACX,WAAW,GAAG,MAAM,CAAC,WAAW,CAAA;gBAChC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAA;YACpC,CAAC;QACH,CAAC;QAED,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvG,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,WAAW,CAAA;QACpB,CAAC;QAED,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAA;IACtC,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,GAAc;QAC5C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAA;QACpD,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,kBAAkB,EAAE,CAAA;QAC3C,OAAO,MAAM,CAAA;IACf,CAAC;IAGY,AAAN,KAAK,CAAC,aAAa,CAAC,GAAc,EAAE,WAAmB,EAAE,YAAoB;QAClF,MAAM,OAAO,GAAG,SAAS,CAAmB,WAAW,CAAC,CAAA;QACxD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;QACjD,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,WAAW,GAAG,GAAG,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;YAC1E,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAA;gBACrC,MAAM,IAAI,kBAAkB,EAAE,CAAA;YAChC,CAAC;YAED,MAAM,IAAI,CAAC,kBAAkB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;YAC/C,OAAO,WAAW,CAAA;QACpB,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAGM,iBAAiB,CAAC,GAAc,EAAE,MAAqB;QAC5D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,EAAE,CAAA;QACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,aAAa,CAAC,CAAA;QAEvD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACjC,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QACjD,CAAC;QAED,IAAI,IAAI,GAAc,EAAE,CAAA;QACxB,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;YACrD,IAAI,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAA;QACvD,CAAC;QAED,IAAI,MAAM;YAAE,IAAI,CAAC,GAAG,CAAC,GAAG,MAAM,CAAA;;YACzB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAA;QAErB,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAA;IACnE,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,YAAY,EAAU,EAAE,GAAc;QACnF,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,eAAe,EAAE,WAAW,CAAC,CAAA;YAClF,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,GAAG,gBAAgB,EAAE,YAAY,CAAC,CAAA;YACtF,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAA;QAC5D,CAAC;IACH,CAAC;IAEM,YAAY;QACjB,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAA;QAC5B,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAA;IACzC,CAAC;IAEM,cAAc;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,CAAA;QACnC,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;IAC1C,CAAC;CACF;AAjIc;IADZ,YAAY,EAAE;;;;yDAQd;AAGY;IADZ,YAAY,EAAE;;;;sDAOd;AAGM;IADN,YAAY,EAAE;;;;qDAWd;AAGY;IADZ,YAAY,EAAE;;;;yDA6Bd;AAGY;IADZ,YAAY,EAAE;;;;sDAKd;AAGY;IADZ,YAAY,EAAE;;;;iDAgBd;AAGM;IADN,YAAY,EAAE;;;;qDAmBd;AAGY;IADZ,YAAY,EAAE;;;;sDAUd","debug_id":"b76d191d-5785-5876-addc-6c88ea2103f3"}
|
package/oclif.manifest.json
CHANGED