@trackunit/iris-app 0.0.659 ā†’ 0.0.660

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +2 -0
  2. package/package.json +1 -1
  3. package/src/executors/utils/authentication.js +6 -6
  4. package/src/executors/utils/authentication.js.map +1 -1
package/CHANGELOG.md CHANGED
@@ -2,6 +2,8 @@
2
2
 
3
3
  This file was generated using [@jscutlery/semver](https://github.com/jscutlery/semver).
4
4
 
5
+ ## [0.0.660](https://github.com/Trackunit/manager/compare/iris-app/0.0.659...iris-app/0.0.660) (2024-11-14)
6
+
5
7
  ## [0.0.659](https://github.com/Trackunit/manager/compare/iris-app/0.0.658...iris-app/0.0.659) (2024-11-14)
6
8
 
7
9
  ## [0.0.658](https://github.com/Trackunit/manager/compare/iris-app/0.0.657...iris-app/0.0.658) (2024-11-13)
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@trackunit/iris-app",
3
- "version": "0.0.659",
3
+ "version": "0.0.660",
4
4
  "license": "SEE LICENSE IN LICENSE.txt",
5
5
  "main": "src/index.js",
6
6
  "generators": "./generators.json",
package/src/executors/utils/authentication.js CHANGED
@@ -102,22 +102,22 @@ function getAuthSettings(env) {
102
102
  case "PROD":
103
103
  return {
104
104
  clientId: "0oamfeklvodROR2ul357",
105
- publicAuthorizationServerBaseUrl: "https://identity.iris.trackunit.com/oauth2/aus2u3jix1dWU7fwt356",
106
- internalAuthorizationServerBaseUrl: "https://identity.iris.trackunit.com/oauth2/aushbxvmpdlWrMnO6357",
105
+ publicAuthorizationServerBaseUrl: "https://trackunit-portal.okta.com/oauth2/aus2u3jix1dWU7fwt356",
106
+ internalAuthorizationServerBaseUrl: "https://trackunit-portal.okta.com/oauth2/aushbxvmpdlWrMnO6357",
107
107
  env,
108
108
  };
109
109
  case "STAGE":
110
110
  return {
111
111
  clientId: "0oa1q2vmx21NcFLOs0h8",
112
- publicAuthorizationServerBaseUrl: "https://identity.stage.iris.trackunit.com/oauth2/aus1owd7wny5YVsU00h8",
113
- internalAuthorizationServerBaseUrl: "https://identity.stage.iris.trackunit.com/oauth2/aus1o484n9xEHT7G50h8",
112
+ publicAuthorizationServerBaseUrl: "https://trackunit-portal-stage.okta.com/oauth2/aus1owd7wny5YVsU00h8",
113
+ internalAuthorizationServerBaseUrl: "https://trackunit-portal-stage.okta.com/oauth2/aus1o484n9xEHT7G50h8",
114
114
  env,
115
115
  };
116
116
  case "DEV":
117
117
  return {
118
118
  clientId: "0oamebigau4RkaqZ6357",
119
- publicAuthorizationServerBaseUrl: "https://identity.dev.iris.trackunit.com/oauth2/ausj7eh9zeiFhLk4m357",
120
- internalAuthorizationServerBaseUrl: "https://identity.dev.iris.trackunit.com/oauth2/aush09l7x4mDGKxLu357",
119
+ publicAuthorizationServerBaseUrl: "https://trackunit-portal-dev.okta.com/oauth2/ausj7eh9zeiFhLk4m357",
120
+ internalAuthorizationServerBaseUrl: "https://trackunit-portal-dev.okta.com/oauth2/aush09l7x4mDGKxLu357",
121
121
  env,
122
122
  };
123
123
  default:
package/src/executors/utils/authentication.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authentication.js","sourceRoot":"","sources":["../../../../../../../libs/iris-app-sdk/iris-app/src/executors/utils/authentication.ts"],"names":[],"mappings":";;AA4CA,wCAqFC;;AAjID,+BAA+B;AAC/B,oEAA+B;AAC/B,mDAA6B;AAC7B,6BAAsC;AAmCtC;;;;;GAKG;AACI,KAAK,UAAU,cAAc,CAAC,GAAW;IAC9C,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;IAC7D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;IACrE,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,IAAI,SAAS,GAAqB,IAAI,CAAC;IACvC,0DAA0D;IAC1D,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QACzB,SAAS,GAAG;YACV,UAAU,EAAE,QAAQ;YACpB,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;YAC9B,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;YAClC,UAAU,EAAE,CAAC;YACb,KAAK,EAAE,SAAS;SACjB,CAAC;QACF,uFAAuF;QACvF,mCAAmC;IACrC,CAAC;SAAM,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAClC,IAAI,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,2CAA2C,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;QAC7E,CAAC;QACD,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC7D,MAAM,IAAI,KAAK,CAAC,+CAA+C,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;QACjF,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,qBAAe,EAAE,CAAC;QAC1C,WAAW,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QAC1C,WAAW,CAAC,MAAM,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAClD,WAAW,CAAC,MAAM,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAC;QACvD,WAAW,CAAC,MAAM,CAAC,OAAO,EAAE,wCAAwC,CAAC,CAAC;QACtE,MAAM,aAAa,GAAG,MAAM,IAAA,oBAAK,EAAC,GAAG,QAAQ,CAAC,kCAAkC,WAAW,EAAE;YAC3F,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,WAAW;SAClB,CAAC,CAAC;QACH,SAAS,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,CAAc,CAAC;QACtD,cAAc,GAAG,IAAI,CAAC;QACtB,gDAAgD;QAChD,+CAA+C;IACjD,CAAC;SAAM,CAAC;QACN,MAAM,eAAe,GAAG,IAAI,qBAAe,EAAE,CAAC;QAC9C,eAAe,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACvD,eAAe,CAAC,MAAM,CAAC,OAAO,EAAE,2BAA2B,CAAC,CAAC;QAC7D,MAAM,iBAAiB,GAAG,MAAM,IAAA,oBAAK,EAAC,GAAG,QAAQ,CAAC,gCAAgC,sBAAsB,EAAE;YACxG,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,eAAe;SACtB,CAAC,CAAC;QACH,MAAM,aAAa,GAAG,CAAC,MAAM,iBAAiB,CAAC,IAAI,EAAE,CAAkB,CAAC;QAExE,IAAI,OAAO,IAAI,aAAa,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,mBAAmB,aAAa,CAAC,KAAK,IAAI,aAAa,CAAC,iBAAiB,EAAE,CAAC,CAAC;QAC/F,CAAC;aAAM,IAAI,CAAC,aAAa,CAAC,yBAAyB,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,OAAO,CAAC,GAAG,CACT,qOAAqO,aAAa,CAAC,yBAAyB,EAAE,CAC/Q,CAAC;QACF,IAAI,CAAC;YACH,8DAA8D;YAC9D,MAAM,CAAE,IAAY,CAAC,OAAO,CAAC,CAAC,CAAE,IAAY,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,CAAC,yBAAyB,CAAC,CAAC;QACxG,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,wEAAwE;QAC1E,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;QAChE,GAAG,CAAC;YACF,MAAM,KAAK,CAAC,aAAa,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;YAC3C,IAAI,SAAS,IAAI,OAAO,IAAI,SAAS,IAAI,SAAS,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;gBACzE,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;YACrB,CAAC;YACD,MAAM,WAAW,GAAG,IAAI,qBAAe,EAAE,CAAC;YAC1C,WAAW,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACnD,WAAW,CAAC,MAAM,CAAC,YAAY,EAAE,8CAA8C,CAAC,CAAC;YACjF,WAAW,CAAC,MAAM,CAAC,aAAa,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC;YAC7D,MAAM,aAAa,GAAG,MAAM,IAAA,oBAAK,EAAC,GAAG,QAAQ,CAAC,gCAAgC,WAAW,EAAE;gBACzF,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,WAAW;aAClB,CAAC,CAAC;YACH,SAAS,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,CAAc,CAAC;QACxD,CAAC,QACC,CAAC,CAAC,UAAU,IAAI,SAAS,CAAC;YAC1B,CAAC,CAAC,OAAO,IAAI,SAAS,IAAI,SAAS,CAAC,KAAK,KAAK,uBAAuB,IAAI,SAAS,CAAC,KAAK,KAAK,WAAW,CAAC,EACzG;IACJ,CAAC;IACD,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,GAAW;IAClC,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,MAAM;YACT,OAAO;gBACL,QAAQ,EAAE,sBAAsB;gBAChC,gCAAgC,EAAE,iEAAiE;gBACnG,kCAAkC,EAAE,iEAAiE;gBACrG,GAAG;aACJ,CAAC;QACJ,KAAK,OAAO;YACV,OAAO;gBACL,QAAQ,EAAE,sBAAsB;gBAChC,gCAAgC,EAAE,uEAAuE;gBACzG,kCAAkC,EAAE,uEAAuE;gBAC3G,GAAG;aACJ,CAAC;QACJ,KAAK,KAAK;YACR,OAAO;gBACL,QAAQ,EAAE,sBAAsB;gBAChC,gCAAgC,EAAE,qEAAqE;gBACvG,kCAAkC,EAAE,qEAAqE;gBACzG,GAAG;aACJ,CAAC;QACJ;YACE,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAC;IACnD,CAAC;AACH,CAAC;AAED,SAAS,KAAK,CAAC,IAAY;IACzB,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;AAC3D,CAAC","sourcesContent":["/* eslint-disable no-console */\nimport fetch from \"node-fetch\";\nimport * as open from \"open\";\nimport { URLSearchParams } from \"url\";\n\nexport interface AuthSettings {\n env: string;\n publicAuthorizationServerBaseUrl: string;\n internalAuthorizationServerBaseUrl: string;\n clientId: string;\n}\n\ninterface OktaError {\n error: string;\n error_description: string;\n}\n\ninterface AuthorizeDataSuccess {\n device_code: string;\n user_code: string;\n verification_uri: string;\n verification_uri_complete: string;\n expires_in: number;\n interval: number;\n}\n\ntype AuthorizeData = AuthorizeDataSuccess | OktaError;\n\nexport interface TokenDataSuccess {\n token_type: string;\n expires_in: number;\n access_token: string;\n scope: string;\n id_token: string;\n}\n\ntype TokenData = OktaError | TokenDataSuccess;\n\n/**\n * Authenticate and get access token\n *\n * @param {AuthSettings} env Settings used for authentication\n * @returns {*} {Promise<{ tokenData: TokenData; useAccessToken: boolean }>}\n */\nexport async function getAccessToken(env: string): Promise<{ tokenData: TokenData; useAccessToken: boolean }> {\n const settings = getAuthSettings(env);\n const clientId = process.env[`TU_CLIENT_ID_${settings.env}`];\n const clientSecret = process.env[`TU_CLIENT_SECRET_${settings.env}`];\n let useAccessToken = false;\n let tokenData: TokenData | null = null;\n // use token provided as environment variable if available\n if (process.env.TU_TOKEN) {\n tokenData = {\n token_type: \"Bearer\",\n id_token: process.env.TU_TOKEN,\n access_token: process.env.TU_TOKEN,\n expires_in: 0,\n scope: \"unknown\",\n };\n // use client id and secret provided as environment variables to fetch a token directly\n // This is used for CI/CD pipelines\n } else if (clientId !== undefined) {\n if (clientId.trim() === \"\") {\n throw new Error(`Missing environment value: TU_CLIENT_ID_${settings.env}`);\n }\n if (clientSecret === undefined || clientSecret.trim() === \"\") {\n throw new Error(`Missing environment value: TU_CLIENT_SECRET_${settings.env}`);\n }\n\n const tokenParams = new URLSearchParams();\n tokenParams.append(\"client_id\", clientId);\n tokenParams.append(\"client_secret\", clientSecret);\n tokenParams.append(\"grant_type\", \"client_credentials\");\n tokenParams.append(\"scope\", \"core.iris.app.publish_for_all_accounts\");\n const tokenResponse = await fetch(`${settings.internalAuthorizationServerBaseUrl}/v1/token`, {\n method: \"POST\",\n body: tokenParams,\n });\n tokenData = (await tokenResponse.json()) as TokenData;\n useAccessToken = true;\n // ask the user to authenticated using a browser\n // and fetch a token using the device code flow\n } else {\n const authorizeParams = new URLSearchParams();\n authorizeParams.append(\"client_id\", settings.clientId);\n authorizeParams.append(\"scope\", \"openid profile fms assume\");\n const authorizeResponse = await fetch(`${settings.publicAuthorizationServerBaseUrl}/v1/device/authorize`, {\n method: \"POST\",\n body: authorizeParams,\n });\n const authorizeData = (await authorizeResponse.json()) as AuthorizeData;\n\n if (\"error\" in authorizeData) {\n throw new Error(`Error occurred: ${authorizeData.error} ${authorizeData.error_description}`);\n } else if (!authorizeData.verification_uri_complete) {\n throw new Error(`Missing verification URI: ${JSON.stringify(authorizeData)}`);\n }\n\n console.log(\n `šŸ” Attempting to automatically open the Trackunit authentication page in your default browser...\\n If the browser does not open or you wish to use a different device to authorize this request, open the following URL:\\n\\n ${authorizeData.verification_uri_complete}`\n );\n try {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n await ((open as any).default ? (open as any).default : open)(authorizeData.verification_uri_complete);\n } catch (error) {\n // safe to ignore, since we ask the user to open the URL manually above.\n }\n\n console.log(\"\\nā³ Waiting for authentication in the browser...\");\n do {\n await sleep(authorizeData.interval * 1000);\n if (tokenData && \"error\" in tokenData && tokenData.error === \"slow_down\") {\n await sleep(10000);\n }\n const tokenParams = new URLSearchParams();\n tokenParams.append(\"client_id\", settings.clientId);\n tokenParams.append(\"grant_type\", \"urn:ietf:params:oauth:grant-type:device_code\");\n tokenParams.append(\"device_code\", authorizeData.device_code);\n const tokenResponse = await fetch(`${settings.publicAuthorizationServerBaseUrl}/v1/token`, {\n method: \"POST\",\n body: tokenParams,\n });\n tokenData = (await tokenResponse.json()) as TokenData;\n } while (\n !(\"id_token\" in tokenData) &&\n !(\"error\" in tokenData && tokenData.error !== \"authorization_pending\" && tokenData.error !== \"slow_down\")\n );\n }\n return { tokenData, useAccessToken };\n}\n\n/**\n *\n */\nfunction getAuthSettings(env: string): AuthSettings {\n switch (env) {\n case \"PROD\":\n return {\n clientId: \"0oamfeklvodROR2ul357\",\n publicAuthorizationServerBaseUrl: \"https://identity.iris.trackunit.com/oauth2/aus2u3jix1dWU7fwt356\",\n internalAuthorizationServerBaseUrl: \"https://identity.iris.trackunit.com/oauth2/aushbxvmpdlWrMnO6357\",\n env,\n };\n case \"STAGE\":\n return {\n clientId: \"0oa1q2vmx21NcFLOs0h8\",\n publicAuthorizationServerBaseUrl: \"https://identity.stage.iris.trackunit.com/oauth2/aus1owd7wny5YVsU00h8\",\n internalAuthorizationServerBaseUrl: \"https://identity.stage.iris.trackunit.com/oauth2/aus1o484n9xEHT7G50h8\",\n env,\n };\n case \"DEV\":\n return {\n clientId: \"0oamebigau4RkaqZ6357\",\n publicAuthorizationServerBaseUrl: \"https://identity.dev.iris.trackunit.com/oauth2/ausj7eh9zeiFhLk4m357\",\n internalAuthorizationServerBaseUrl: \"https://identity.dev.iris.trackunit.com/oauth2/aush09l7x4mDGKxLu357\",\n env,\n };\n default:\n throw new Error(`Unknown environment: ${env}`);\n }\n}\n\nfunction sleep(time: number) {\n return new Promise(resolve => setTimeout(resolve, time));\n}\n"]}
1
+ {"version":3,"file":"authentication.js","sourceRoot":"","sources":["../../../../../../../libs/iris-app-sdk/iris-app/src/executors/utils/authentication.ts"],"names":[],"mappings":";;AA4CA,wCAqFC;;AAjID,+BAA+B;AAC/B,oEAA+B;AAC/B,mDAA6B;AAC7B,6BAAsC;AAmCtC;;;;;GAKG;AACI,KAAK,UAAU,cAAc,CAAC,GAAW;IAC9C,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;IAC7D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;IACrE,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,IAAI,SAAS,GAAqB,IAAI,CAAC;IACvC,0DAA0D;IAC1D,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QACzB,SAAS,GAAG;YACV,UAAU,EAAE,QAAQ;YACpB,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;YAC9B,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;YAClC,UAAU,EAAE,CAAC;YACb,KAAK,EAAE,SAAS;SACjB,CAAC;QACF,uFAAuF;QACvF,mCAAmC;IACrC,CAAC;SAAM,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAClC,IAAI,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,2CAA2C,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;QAC7E,CAAC;QACD,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC7D,MAAM,IAAI,KAAK,CAAC,+CAA+C,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;QACjF,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,qBAAe,EAAE,CAAC;QAC1C,WAAW,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QAC1C,WAAW,CAAC,MAAM,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;QAClD,WAAW,CAAC,MAAM,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAC;QACvD,WAAW,CAAC,MAAM,CAAC,OAAO,EAAE,wCAAwC,CAAC,CAAC;QACtE,MAAM,aAAa,GAAG,MAAM,IAAA,oBAAK,EAAC,GAAG,QAAQ,CAAC,kCAAkC,WAAW,EAAE;YAC3F,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,WAAW;SAClB,CAAC,CAAC;QACH,SAAS,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,CAAc,CAAC;QACtD,cAAc,GAAG,IAAI,CAAC;QACtB,gDAAgD;QAChD,+CAA+C;IACjD,CAAC;SAAM,CAAC;QACN,MAAM,eAAe,GAAG,IAAI,qBAAe,EAAE,CAAC;QAC9C,eAAe,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACvD,eAAe,CAAC,MAAM,CAAC,OAAO,EAAE,2BAA2B,CAAC,CAAC;QAC7D,MAAM,iBAAiB,GAAG,MAAM,IAAA,oBAAK,EAAC,GAAG,QAAQ,CAAC,gCAAgC,sBAAsB,EAAE;YACxG,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,eAAe;SACtB,CAAC,CAAC;QACH,MAAM,aAAa,GAAG,CAAC,MAAM,iBAAiB,CAAC,IAAI,EAAE,CAAkB,CAAC;QAExE,IAAI,OAAO,IAAI,aAAa,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,mBAAmB,aAAa,CAAC,KAAK,IAAI,aAAa,CAAC,iBAAiB,EAAE,CAAC,CAAC;QAC/F,CAAC;aAAM,IAAI,CAAC,aAAa,CAAC,yBAAyB,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,OAAO,CAAC,GAAG,CACT,qOAAqO,aAAa,CAAC,yBAAyB,EAAE,CAC/Q,CAAC;QACF,IAAI,CAAC;YACH,8DAA8D;YAC9D,MAAM,CAAE,IAAY,CAAC,OAAO,CAAC,CAAC,CAAE,IAAY,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,CAAC,yBAAyB,CAAC,CAAC;QACxG,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,wEAAwE;QAC1E,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;QAChE,GAAG,CAAC;YACF,MAAM,KAAK,CAAC,aAAa,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;YAC3C,IAAI,SAAS,IAAI,OAAO,IAAI,SAAS,IAAI,SAAS,CAAC,KAAK,KAAK,WAAW,EAAE,CAAC;gBACzE,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;YACrB,CAAC;YACD,MAAM,WAAW,GAAG,IAAI,qBAAe,EAAE,CAAC;YAC1C,WAAW,CAAC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACnD,WAAW,CAAC,MAAM,CAAC,YAAY,EAAE,8CAA8C,CAAC,CAAC;YACjF,WAAW,CAAC,MAAM,CAAC,aAAa,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC;YAC7D,MAAM,aAAa,GAAG,MAAM,IAAA,oBAAK,EAAC,GAAG,QAAQ,CAAC,gCAAgC,WAAW,EAAE;gBACzF,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,WAAW;aAClB,CAAC,CAAC;YACH,SAAS,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,CAAc,CAAC;QACxD,CAAC,QACC,CAAC,CAAC,UAAU,IAAI,SAAS,CAAC;YAC1B,CAAC,CAAC,OAAO,IAAI,SAAS,IAAI,SAAS,CAAC,KAAK,KAAK,uBAAuB,IAAI,SAAS,CAAC,KAAK,KAAK,WAAW,CAAC,EACzG;IACJ,CAAC;IACD,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,GAAW;IAClC,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,MAAM;YACT,OAAO;gBACL,QAAQ,EAAE,sBAAsB;gBAChC,gCAAgC,EAAE,+DAA+D;gBACjG,kCAAkC,EAAE,+DAA+D;gBACnG,GAAG;aACJ,CAAC;QACJ,KAAK,OAAO;YACV,OAAO;gBACL,QAAQ,EAAE,sBAAsB;gBAChC,gCAAgC,EAAE,qEAAqE;gBACvG,kCAAkC,EAAE,qEAAqE;gBACzG,GAAG;aACJ,CAAC;QACJ,KAAK,KAAK;YACR,OAAO;gBACL,QAAQ,EAAE,sBAAsB;gBAChC,gCAAgC,EAAE,mEAAmE;gBACrG,kCAAkC,EAAE,mEAAmE;gBACvG,GAAG;aACJ,CAAC;QACJ;YACE,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAC;IACnD,CAAC;AACH,CAAC;AAED,SAAS,KAAK,CAAC,IAAY;IACzB,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;AAC3D,CAAC","sourcesContent":["/* eslint-disable no-console */\nimport fetch from \"node-fetch\";\nimport * as open from \"open\";\nimport { URLSearchParams } from \"url\";\n\nexport interface AuthSettings {\n env: string;\n publicAuthorizationServerBaseUrl: string;\n internalAuthorizationServerBaseUrl: string;\n clientId: string;\n}\n\ninterface OktaError {\n error: string;\n error_description: string;\n}\n\ninterface AuthorizeDataSuccess {\n device_code: string;\n user_code: string;\n verification_uri: string;\n verification_uri_complete: string;\n expires_in: number;\n interval: number;\n}\n\ntype AuthorizeData = AuthorizeDataSuccess | OktaError;\n\nexport interface TokenDataSuccess {\n token_type: string;\n expires_in: number;\n access_token: string;\n scope: string;\n id_token: string;\n}\n\ntype TokenData = OktaError | TokenDataSuccess;\n\n/**\n * Authenticate and get access token\n *\n * @param {AuthSettings} env Settings used for authentication\n * @returns {*} {Promise<{ tokenData: TokenData; useAccessToken: boolean }>}\n */\nexport async function getAccessToken(env: string): Promise<{ tokenData: TokenData; useAccessToken: boolean }> {\n const settings = getAuthSettings(env);\n const clientId = process.env[`TU_CLIENT_ID_${settings.env}`];\n const clientSecret = process.env[`TU_CLIENT_SECRET_${settings.env}`];\n let useAccessToken = false;\n let tokenData: TokenData | null = null;\n // use token provided as environment variable if available\n if (process.env.TU_TOKEN) {\n tokenData = {\n token_type: \"Bearer\",\n id_token: process.env.TU_TOKEN,\n access_token: process.env.TU_TOKEN,\n expires_in: 0,\n scope: \"unknown\",\n };\n // use client id and secret provided as environment variables to fetch a token directly\n // This is used for CI/CD pipelines\n } else if (clientId !== undefined) {\n if (clientId.trim() === \"\") {\n throw new Error(`Missing environment value: TU_CLIENT_ID_${settings.env}`);\n }\n if (clientSecret === undefined || clientSecret.trim() === \"\") {\n throw new Error(`Missing environment value: TU_CLIENT_SECRET_${settings.env}`);\n }\n\n const tokenParams = new URLSearchParams();\n tokenParams.append(\"client_id\", clientId);\n tokenParams.append(\"client_secret\", clientSecret);\n tokenParams.append(\"grant_type\", \"client_credentials\");\n tokenParams.append(\"scope\", \"core.iris.app.publish_for_all_accounts\");\n const tokenResponse = await fetch(`${settings.internalAuthorizationServerBaseUrl}/v1/token`, {\n method: \"POST\",\n body: tokenParams,\n });\n tokenData = (await tokenResponse.json()) as TokenData;\n useAccessToken = true;\n // ask the user to authenticated using a browser\n // and fetch a token using the device code flow\n } else {\n const authorizeParams = new URLSearchParams();\n authorizeParams.append(\"client_id\", settings.clientId);\n authorizeParams.append(\"scope\", \"openid profile fms assume\");\n const authorizeResponse = await fetch(`${settings.publicAuthorizationServerBaseUrl}/v1/device/authorize`, {\n method: \"POST\",\n body: authorizeParams,\n });\n const authorizeData = (await authorizeResponse.json()) as AuthorizeData;\n\n if (\"error\" in authorizeData) {\n throw new Error(`Error occurred: ${authorizeData.error} ${authorizeData.error_description}`);\n } else if (!authorizeData.verification_uri_complete) {\n throw new Error(`Missing verification URI: ${JSON.stringify(authorizeData)}`);\n }\n\n console.log(\n `šŸ” Attempting to automatically open the Trackunit authentication page in your default browser...\\n If the browser does not open or you wish to use a different device to authorize this request, open the following URL:\\n\\n ${authorizeData.verification_uri_complete}`\n );\n try {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n await ((open as any).default ? (open as any).default : open)(authorizeData.verification_uri_complete);\n } catch (error) {\n // safe to ignore, since we ask the user to open the URL manually above.\n }\n\n console.log(\"\\nā³ Waiting for authentication in the browser...\");\n do {\n await sleep(authorizeData.interval * 1000);\n if (tokenData && \"error\" in tokenData && tokenData.error === \"slow_down\") {\n await sleep(10000);\n }\n const tokenParams = new URLSearchParams();\n tokenParams.append(\"client_id\", settings.clientId);\n tokenParams.append(\"grant_type\", \"urn:ietf:params:oauth:grant-type:device_code\");\n tokenParams.append(\"device_code\", authorizeData.device_code);\n const tokenResponse = await fetch(`${settings.publicAuthorizationServerBaseUrl}/v1/token`, {\n method: \"POST\",\n body: tokenParams,\n });\n tokenData = (await tokenResponse.json()) as TokenData;\n } while (\n !(\"id_token\" in tokenData) &&\n !(\"error\" in tokenData && tokenData.error !== \"authorization_pending\" && tokenData.error !== \"slow_down\")\n );\n }\n return { tokenData, useAccessToken };\n}\n\n/**\n *\n */\nfunction getAuthSettings(env: string): AuthSettings {\n switch (env) {\n case \"PROD\":\n return {\n clientId: \"0oamfeklvodROR2ul357\",\n publicAuthorizationServerBaseUrl: \"https://trackunit-portal.okta.com/oauth2/aus2u3jix1dWU7fwt356\",\n internalAuthorizationServerBaseUrl: \"https://trackunit-portal.okta.com/oauth2/aushbxvmpdlWrMnO6357\",\n env,\n };\n case \"STAGE\":\n return {\n clientId: \"0oa1q2vmx21NcFLOs0h8\",\n publicAuthorizationServerBaseUrl: \"https://trackunit-portal-stage.okta.com/oauth2/aus1owd7wny5YVsU00h8\",\n internalAuthorizationServerBaseUrl: \"https://trackunit-portal-stage.okta.com/oauth2/aus1o484n9xEHT7G50h8\",\n env,\n };\n case \"DEV\":\n return {\n clientId: \"0oamebigau4RkaqZ6357\",\n publicAuthorizationServerBaseUrl: \"https://trackunit-portal-dev.okta.com/oauth2/ausj7eh9zeiFhLk4m357\",\n internalAuthorizationServerBaseUrl: \"https://trackunit-portal-dev.okta.com/oauth2/aush09l7x4mDGKxLu357\",\n env,\n };\n default:\n throw new Error(`Unknown environment: ${env}`);\n }\n}\n\nfunction sleep(time: number) {\n return new Promise(resolve => setTimeout(resolve, time));\n}\n"]}