auth0-deploy-cli 7.22.1 → 7.23.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.circleci/config.yml +5 -5
- package/.nyc_output/747e9b9b-46b5-4186-9626-5f44b7913b36.json +1 -0
- package/.nyc_output/processinfo/049a2787-df3f-4b58-bae0-3cf3b50d1cc3.json +1 -0
- package/.nyc_output/processinfo/747e9b9b-46b5-4186-9626-5f44b7913b36.json +1 -0
- package/.nyc_output/processinfo/91928ebf-9b67-4586-9ed6-5290c652cdcf.json +1 -0
- package/.nyc_output/processinfo/index.json +1 -1
- package/CHANGELOG.md +17 -1
- package/coverage/lcov-report/index.html +24 -24
- package/coverage/lcov.info +437 -131
- package/lib/commands/export.js +11 -0
- package/lib/commands/export.js.map +1 -1
- package/lib/commands/import.js +11 -0
- package/lib/commands/import.js.map +1 -1
- package/lib/tools/auth0/handlers/connections.d.ts +28 -0
- package/lib/tools/auth0/handlers/connections.js +28 -1
- package/lib/tools/auth0/handlers/connections.js.map +1 -1
- package/lib/tools/auth0/handlers/scimHandler.d.ts +93 -0
- package/lib/tools/auth0/handlers/scimHandler.js +312 -0
- package/lib/tools/auth0/handlers/scimHandler.js.map +1 -0
- package/package.json +1 -1
- package/.nyc_output/94f439c5-82c1-4677-911b-acfe6df86ed0.json +0 -1
- package/.nyc_output/processinfo/6902374f-0779-4fc5-9fb2-330ecb20b4f1.json +0 -1
- package/.nyc_output/processinfo/733605a0-5795-4855-9eb1-766bf48b40e8.json +0 -1
- package/.nyc_output/processinfo/94f439c5-82c1-4677-911b-acfe6df86ed0.json +0 -1
- /package/.nyc_output/{6902374f-0779-4fc5-9fb2-330ecb20b4f1.json → 049a2787-df3f-4b58-bae0-3cf3b50d1cc3.json} +0 -0
- /package/.nyc_output/{733605a0-5795-4855-9eb1-766bf48b40e8.json → 91928ebf-9b67-4586-9ed6-5290c652cdcf.json} +0 -0
package/lib/commands/export.js
CHANGED
|
@@ -50,6 +50,17 @@ function exportCMD(params) {
|
|
|
50
50
|
const context = yield (0, index_1.setupContext)(nconf_1.default.get(), 'export');
|
|
51
51
|
yield context.dump();
|
|
52
52
|
logger_1.default.info('Export Successful');
|
|
53
|
+
logger_1.default.info(`
|
|
54
|
+
================================================
|
|
55
|
+
======= Help us improve Auth0 Deploy CLI =======
|
|
56
|
+
================================================
|
|
57
|
+
We're on a mission to make Auth0 Deploy CLI the best it can be, and we need YOUR help.
|
|
58
|
+
We've put together a brief survey to understand how you use Deploy CLI, what you love about it, and where you think we can do better.
|
|
59
|
+
|
|
60
|
+
===> https://www.surveymonkey.com/r/LZKMPFN <===
|
|
61
|
+
|
|
62
|
+
Thank you for helping us make Auth0 Deploy CLI better for everyone!
|
|
63
|
+
================================================`);
|
|
53
64
|
});
|
|
54
65
|
}
|
|
55
66
|
exports.default = exportCMD;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"export.js","sourceRoot":"","sources":["../../src/commands/export.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AAAA,gDAAwB;AACxB,kDAA0B;AAC1B,oDAA4B;AAE5B,uDAA4B;AAC5B,oCAAuC;AACvC,4CAAgD;AAIhD,SAA8B,SAAS,CAAC,MAAoB;;QAC1D,MAAM,EACJ,aAAa,EAAE,YAAY,EAC3B,SAAS,EAAE,QAAQ,EACnB,WAAW,EAAE,UAAU,EACvB,MAAM,EAAE,SAAS,EACjB,UAAU,EAAE,SAAS,EACrB,MAAM,EAAE,YAAY,EACpB,GAAG,EAAE,gBAAgB,GAAG,KAAK,GAC9B,GAAG,MAAM,CAAC;QAEX,IAAI,gBAAgB,EAAE;YACpB,eAAK,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;SAC3B;QAED,IAAI,UAAU,EAAE;YACd,eAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;SACxB;QAED,MAAM,SAAS,mBACb,gBAAgB,EAAE,YAAY,EAC9B,eAAe,EAAE,QAAQ,IACtB,CAAC,SAAS,IAAI,EAAE,CAAC,CACrB,CAAC;QAEF,sGAAsG;QACtG,wDAAwD;QACxD,IAAI,YAAY,EAAE;YAChB,SAAS,CAAC,mBAAmB,GAAG,YAAY,CAAC;SAC9C;QAED,4DAA4D;QAC5D,IAAI,SAAS,EAAE;YACb,SAAS,CAAC,wBAAwB,GAAG,SAAS,CAAC;SAChD;QAED,sBAAsB;QACtB,IAAI,CAAC,IAAA,mBAAW,EAAC,YAAY,CAAC,EAAE;YAC9B,gBAAG,CAAC,IAAI,CAAC,YAAY,YAAY,EAAE,CAAC,CAAC;YACrC,gBAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;SAC3B;QAED,IAAI,MAAM,CAAC,MAAM,KAAK,MAAM,EAAE;YAC5B,SAAS,CAAC,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;SACrE;QAED,eAAK,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE3B,yBAAyB;QACzB,MAAM,OAAO,GAAG,MAAM,IAAA,oBAAY,EAAC,eAAK,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC1D,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QACrB,gBAAG,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"export.js","sourceRoot":"","sources":["../../src/commands/export.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AAAA,gDAAwB;AACxB,kDAA0B;AAC1B,oDAA4B;AAE5B,uDAA4B;AAC5B,oCAAuC;AACvC,4CAAgD;AAIhD,SAA8B,SAAS,CAAC,MAAoB;;QAC1D,MAAM,EACJ,aAAa,EAAE,YAAY,EAC3B,SAAS,EAAE,QAAQ,EACnB,WAAW,EAAE,UAAU,EACvB,MAAM,EAAE,SAAS,EACjB,UAAU,EAAE,SAAS,EACrB,MAAM,EAAE,YAAY,EACpB,GAAG,EAAE,gBAAgB,GAAG,KAAK,GAC9B,GAAG,MAAM,CAAC;QAEX,IAAI,gBAAgB,EAAE;YACpB,eAAK,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;SAC3B;QAED,IAAI,UAAU,EAAE;YACd,eAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;SACxB;QAED,MAAM,SAAS,mBACb,gBAAgB,EAAE,YAAY,EAC9B,eAAe,EAAE,QAAQ,IACtB,CAAC,SAAS,IAAI,EAAE,CAAC,CACrB,CAAC;QAEF,sGAAsG;QACtG,wDAAwD;QACxD,IAAI,YAAY,EAAE;YAChB,SAAS,CAAC,mBAAmB,GAAG,YAAY,CAAC;SAC9C;QAED,4DAA4D;QAC5D,IAAI,SAAS,EAAE;YACb,SAAS,CAAC,wBAAwB,GAAG,SAAS,CAAC;SAChD;QAED,sBAAsB;QACtB,IAAI,CAAC,IAAA,mBAAW,EAAC,YAAY,CAAC,EAAE;YAC9B,gBAAG,CAAC,IAAI,CAAC,YAAY,YAAY,EAAE,CAAC,CAAC;YACrC,gBAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;SAC3B;QAED,IAAI,MAAM,CAAC,MAAM,KAAK,MAAM,EAAE;YAC5B,SAAS,CAAC,gBAAgB,GAAG,cAAI,CAAC,IAAI,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;SACrE;QAED,eAAK,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE3B,yBAAyB;QACzB,MAAM,OAAO,GAAG,MAAM,IAAA,oBAAY,EAAC,eAAK,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC1D,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QACrB,gBAAG,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAE9B,gBAAG,CAAC,IAAI,CAAC;;;;;;;;;;mDAUwC,CAAC,CAAC;IACrD,CAAC;CAAA;AAhED,4BAgEC"}
|
package/lib/commands/import.js
CHANGED
|
@@ -43,6 +43,17 @@ function importCMD(params) {
|
|
|
43
43
|
//@ts-ignore because context and assets still need to be typed TODO: type assets and type context
|
|
44
44
|
yield (0, tools_1.deploy)(context.assets, context.mgmtClient, config);
|
|
45
45
|
logger_1.default.info('Import Successful');
|
|
46
|
+
logger_1.default.info(`
|
|
47
|
+
================================================
|
|
48
|
+
======= Help us improve Auth0 Deploy CLI =======
|
|
49
|
+
================================================
|
|
50
|
+
We're on a mission to make Auth0 Deploy CLI the best it can be, and we need YOUR help.
|
|
51
|
+
We've put together a brief survey to understand how you use Deploy CLI, what you love about it, and where you think we can do better.
|
|
52
|
+
|
|
53
|
+
===> https://www.surveymonkey.com/r/LZKMPFN <===
|
|
54
|
+
|
|
55
|
+
Thank you for helping us make Auth0 Deploy CLI better for everyone!
|
|
56
|
+
================================================`);
|
|
46
57
|
});
|
|
47
58
|
}
|
|
48
59
|
exports.default = importCMD;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"import.js","sourceRoot":"","sources":["../../src/commands/import.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AAAA,kDAA0B;AAC1B,oDAAiD;AACjD,oCAAiD;AACjD,uDAA4B;AAC5B,wCAA0C;AAG1C,SAA8B,SAAS,CAAC,MAAoB;;QAC1D,MAAM,EACJ,UAAU,EAAE,SAAS,EACrB,SAAS,EAAE,QAAQ,EACnB,WAAW,EAAE,UAAU,EACvB,MAAM,EAAE,SAAS,EACjB,GAAG,EAAE,gBAAgB,GAAG,KAAK,EAC7B,MAAM,EAAE,YAAY,GACrB,GAAG,MAAM,CAAC;QAEX,IAAI,gBAAgB,EAAE;YACpB,eAAK,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAE1B,MAAM,QAAQ,GAAG,eAAK,CAAC,GAAG,CAAC,gCAAgC,CAAC,IAAI,EAAE,CAAC;YACnE,eAAK,CAAC,GAAG,CAAC,gCAAgC,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;SACnF;QAED,IAAI,UAAU,EAAE;YACd,eAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;SACxB;QAED,MAAM,SAAS,mBACb,gBAAgB,EAAE,SAAS,EAC3B,eAAe,EAAE,QAAQ,EACzB,8BAA8B,EAAE,EAAE,IAC/B,CAAC,SAAS,IAAI,EAAE,CAAC,CACrB,CAAC;QAEF,sGAAsG;QACtG,wDAAwD;QACxD,IAAI,YAAY,EAAE;YAChB,SAAS,CAAC,mBAAmB,GAAG,YAAY,CAAC;SAC9C;QAED,eAAK,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE3B,yBAAyB;QACzB,MAAM,OAAO,GAAG,MAAM,IAAA,sBAAY,EAAC,eAAK,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC1D,MAAM,OAAO,CAAC,mBAAmB,EAAE,CAAC;QAEpC,MAAM,MAAM,GAAG,IAAA,6BAAa,GAAE,CAAC;QAC/B,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QAE5C,iGAAiG;QACjG,MAAM,IAAA,cAAW,EAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QAE9D,gBAAG,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"import.js","sourceRoot":"","sources":["../../src/commands/import.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AAAA,kDAA0B;AAC1B,oDAAiD;AACjD,oCAAiD;AACjD,uDAA4B;AAC5B,wCAA0C;AAG1C,SAA8B,SAAS,CAAC,MAAoB;;QAC1D,MAAM,EACJ,UAAU,EAAE,SAAS,EACrB,SAAS,EAAE,QAAQ,EACnB,WAAW,EAAE,UAAU,EACvB,MAAM,EAAE,SAAS,EACjB,GAAG,EAAE,gBAAgB,GAAG,KAAK,EAC7B,MAAM,EAAE,YAAY,GACrB,GAAG,MAAM,CAAC;QAEX,IAAI,gBAAgB,EAAE;YACpB,eAAK,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAE1B,MAAM,QAAQ,GAAG,eAAK,CAAC,GAAG,CAAC,gCAAgC,CAAC,IAAI,EAAE,CAAC;YACnE,eAAK,CAAC,GAAG,CAAC,gCAAgC,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;SACnF;QAED,IAAI,UAAU,EAAE;YACd,eAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;SACxB;QAED,MAAM,SAAS,mBACb,gBAAgB,EAAE,SAAS,EAC3B,eAAe,EAAE,QAAQ,EACzB,8BAA8B,EAAE,EAAE,IAC/B,CAAC,SAAS,IAAI,EAAE,CAAC,CACrB,CAAC;QAEF,sGAAsG;QACtG,wDAAwD;QACxD,IAAI,YAAY,EAAE;YAChB,SAAS,CAAC,mBAAmB,GAAG,YAAY,CAAC;SAC9C;QAED,eAAK,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE3B,yBAAyB;QACzB,MAAM,OAAO,GAAG,MAAM,IAAA,sBAAY,EAAC,eAAK,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC1D,MAAM,OAAO,CAAC,mBAAmB,EAAE,CAAC;QAEpC,MAAM,MAAM,GAAG,IAAA,6BAAa,GAAE,CAAC;QAC/B,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QAE5C,iGAAiG;QACjG,MAAM,IAAA,cAAW,EAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QAE9D,gBAAG,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAE9B,gBAAG,CAAC,IAAI,CAAC;;;;;;;;;;mDAUwC,CAAC,CAAC;IACrD,CAAC;CAAA;AA3DD,4BA2DC"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import DefaultAPIHandler from './default';
|
|
2
2
|
import { CalculatedChanges, Asset, Assets } from '../../../types';
|
|
3
3
|
import { ConfigFunction } from '../../../configFactory';
|
|
4
|
+
import ScimHandler from './scimHandler';
|
|
4
5
|
export declare const schema: {
|
|
5
6
|
type: string;
|
|
6
7
|
items: {
|
|
@@ -30,6 +31,32 @@ export declare const schema: {
|
|
|
30
31
|
metadata: {
|
|
31
32
|
type: string;
|
|
32
33
|
};
|
|
34
|
+
scim_configuration: {
|
|
35
|
+
type: string;
|
|
36
|
+
properties: {
|
|
37
|
+
connection_name: {
|
|
38
|
+
type: string;
|
|
39
|
+
};
|
|
40
|
+
mapping: {
|
|
41
|
+
type: string;
|
|
42
|
+
items: {
|
|
43
|
+
type: string;
|
|
44
|
+
properties: {
|
|
45
|
+
scim: {
|
|
46
|
+
type: string;
|
|
47
|
+
};
|
|
48
|
+
auth0: {
|
|
49
|
+
type: string;
|
|
50
|
+
};
|
|
51
|
+
};
|
|
52
|
+
};
|
|
53
|
+
};
|
|
54
|
+
user_id_attribute: {
|
|
55
|
+
type: string;
|
|
56
|
+
};
|
|
57
|
+
};
|
|
58
|
+
required: string[];
|
|
59
|
+
};
|
|
33
60
|
};
|
|
34
61
|
required: string[];
|
|
35
62
|
};
|
|
@@ -41,6 +68,7 @@ export declare const addExcludedConnectionPropertiesToChanges: ({ proposedChange
|
|
|
41
68
|
}) => CalculatedChanges;
|
|
42
69
|
export default class ConnectionsHandler extends DefaultAPIHandler {
|
|
43
70
|
existing: Asset[] | null;
|
|
71
|
+
scimHandler: ScimHandler;
|
|
44
72
|
constructor(config: DefaultAPIHandler);
|
|
45
73
|
objString(connection: any): string;
|
|
46
74
|
getFormattedOptions(connection: any, clients: any): {
|
|
@@ -46,6 +46,7 @@ const dot_prop_1 = __importDefault(require("dot-prop"));
|
|
|
46
46
|
const lodash_1 = __importDefault(require("lodash"));
|
|
47
47
|
const default_1 = __importStar(require("./default"));
|
|
48
48
|
const utils_1 = require("../../utils");
|
|
49
|
+
const scimHandler_1 = __importDefault(require("./scimHandler"));
|
|
49
50
|
exports.schema = {
|
|
50
51
|
type: 'array',
|
|
51
52
|
items: {
|
|
@@ -57,6 +58,15 @@ exports.schema = {
|
|
|
57
58
|
enabled_clients: { type: 'array', items: { type: 'string' } },
|
|
58
59
|
realms: { type: 'array', items: { type: 'string' } },
|
|
59
60
|
metadata: { type: 'object' },
|
|
61
|
+
scim_configuration: {
|
|
62
|
+
type: 'object',
|
|
63
|
+
properties: {
|
|
64
|
+
connection_name: { type: 'string' },
|
|
65
|
+
mapping: { type: 'array', items: { type: 'object', properties: { scim: { type: 'string' }, auth0: { type: 'string' } } } },
|
|
66
|
+
user_id_attribute: { type: 'string' }
|
|
67
|
+
},
|
|
68
|
+
required: ['mapping', 'user_id_attribute'],
|
|
69
|
+
}
|
|
60
70
|
},
|
|
61
71
|
required: ['name', 'strategy'],
|
|
62
72
|
},
|
|
@@ -95,7 +105,16 @@ const addExcludedConnectionPropertiesToChanges = ({ proposedChanges, existingCon
|
|
|
95
105
|
exports.addExcludedConnectionPropertiesToChanges = addExcludedConnectionPropertiesToChanges;
|
|
96
106
|
class ConnectionsHandler extends default_1.default {
|
|
97
107
|
constructor(config) {
|
|
98
|
-
super(Object.assign(Object.assign({}, config), { type: 'connections', stripUpdateFields: ['strategy', 'name']
|
|
108
|
+
super(Object.assign(Object.assign({}, config), { type: 'connections', stripUpdateFields: ['strategy', 'name'], functions: {
|
|
109
|
+
// When `connections` is updated, it can result in `update`,`create` or `delete` action on SCIM.
|
|
110
|
+
// Because, `scim_configuration` is inside `connections`.
|
|
111
|
+
update: (requestParams, bodyParams) => __awaiter(this, void 0, void 0, function* () { return yield this.scimHandler.updateOverride(requestParams, bodyParams); }),
|
|
112
|
+
// When a new `connection` is created. We can perform only `create` option on SCIM.
|
|
113
|
+
// When a connection is `deleted`. `scim_configuration` is also deleted along with it; no action on SCIM is required.
|
|
114
|
+
create: (bodyParams) => __awaiter(this, void 0, void 0, function* () { return yield this.scimHandler.createOverride(bodyParams); })
|
|
115
|
+
} }));
|
|
116
|
+
// @ts-ignore
|
|
117
|
+
this.scimHandler = new scimHandler_1.default(this.config, this.client.tokenProvider, this.client.connections);
|
|
99
118
|
}
|
|
100
119
|
objString(connection) {
|
|
101
120
|
return super.objString({ name: connection.name, id: connection.id });
|
|
@@ -122,6 +141,8 @@ class ConnectionsHandler extends default_1.default {
|
|
|
122
141
|
this.existing = connections.filter((c) => c.strategy !== 'auth0');
|
|
123
142
|
if (this.existing === null)
|
|
124
143
|
return [];
|
|
144
|
+
// Apply `scim_configuration` to all the relevant `SCIM` connections. This method mutates `this.existing`.
|
|
145
|
+
yield this.scimHandler.applyScimConfiguration(this.existing);
|
|
125
146
|
return this.existing;
|
|
126
147
|
});
|
|
127
148
|
}
|
|
@@ -145,6 +166,8 @@ class ConnectionsHandler extends default_1.default {
|
|
|
145
166
|
paginate: true,
|
|
146
167
|
include_totals: true,
|
|
147
168
|
});
|
|
169
|
+
// Prepare an id map. We'll use this map later to get the `strategy` and SCIM enable status of the connections.
|
|
170
|
+
yield this.scimHandler.createIdMap(existingConnections);
|
|
148
171
|
const formatted = connections.map((connection) => (Object.assign(Object.assign(Object.assign({}, connection), this.getFormattedOptions(connection, clients)), { enabled_clients: (0, utils_1.getEnabledClients)(assets, connection, existingConnections, clients) })));
|
|
149
172
|
const proposedChanges = yield _super.calcChanges.call(this, Object.assign(Object.assign({}, assets), { connections: formatted }));
|
|
150
173
|
const proposedChangesWithExcludedProperties = (0, exports.addExcludedConnectionPropertiesToChanges)({
|
|
@@ -152,6 +175,10 @@ class ConnectionsHandler extends default_1.default {
|
|
|
152
175
|
existingConnections,
|
|
153
176
|
config: this.config,
|
|
154
177
|
});
|
|
178
|
+
// We add the expected changes to the scimHandler so it can track the progress of the SCIM changes.
|
|
179
|
+
// This is necessary because import / deploy actions are concurrent and we need to know when all updates are complete.
|
|
180
|
+
const { update, create, conflicts } = proposedChangesWithExcludedProperties;
|
|
181
|
+
this.scimHandler.expectedChanges = update.length + create.length + conflicts.length;
|
|
155
182
|
return proposedChangesWithExcludedProperties;
|
|
156
183
|
});
|
|
157
184
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"connections.js","sourceRoot":"","sources":["../../../../src/tools/auth0/handlers/connections.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wDAA+B;AAC/B,oDAAuB;AACvB,qDAAqD;AACrD,uCAAuF;
|
|
1
|
+
{"version":3,"file":"connections.js","sourceRoot":"","sources":["../../../../src/tools/auth0/handlers/connections.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wDAA+B;AAC/B,oDAAuB;AACvB,qDAAqD;AACrD,uCAAuF;AAGvF,gEAAwC;AAE3B,QAAA,MAAM,GAAG;IACpB,IAAI,EAAE,OAAO;IACb,KAAK,EAAE;QACL,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;YACxB,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;YAC5B,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;YAC3B,eAAe,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;YAC7D,MAAM,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;YACpD,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;YAC5B,kBAAkB,EAAE;gBAClB,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,eAAe,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACnC,OAAO,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,EAAE;oBAC1H,iBAAiB,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;iBACtC;gBACD,QAAQ,EAAE,CAAC,SAAS,EAAE,mBAAmB,CAAC;aAC3C;SACF;QACD,QAAQ,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;KAC/B;CACF,CAAC;AAEF,mHAAmH;AACnH,gLAAgL;AAChL,8IAA8I;AAC9I,0CAA0C;AACnC,MAAM,wCAAwC,GAAG,CAAC,EACvD,eAAe,EACf,mBAAmB,EACnB,MAAM,GAKP,EAAE,EAAE;;IACH,IAAI,eAAe,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,eAAe,CAAC;IAEhE,0DAA0D;IAC1D,MAAM,cAAc,GAAG,CAAA,MAAA,MAAA,MAAM,EAAE,0CAAE,cAAc,0CAAE,WAAW,KAAI,EAAE,CAAC;IACnE,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,eAAe,CAAC;IAExD,MAAM,sBAAsB,GAAG,gBAAC,CAAC,KAAK,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAC;IAClE,MAAM,eAAe,GAAG,cAAc,CAAC,MAAM;IAC3C,8CAA8C;IAC9C,CAAC,aAAa,EAAE,EAAE,CAAC,aAAa,CAAC,UAAU,CAAC,SAAS,CAAC,CACvD,CAAC;IAEF,MAAM,kBAAkB,GAAG,eAAe,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE;QAC3E,MAAM,cAAc,GAAG,sBAAsB,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACrE,MAAM,6BAA6B,GAAG,eAAe,CAAC,MAAM,CAC1D,CAAC,GAAG,EAAE,aAAa,EAAE,EAAE;YACrB,IAAI,CAAC,kBAAO,CAAC,GAAG,CAAC,cAAc,EAAE,aAAa,CAAC;gBAAE,OAAO,GAAG,CAAC;YAE5D,MAAM,yBAAyB,GAAG,kBAAO,CAAC,GAAG,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;YAE7E,kBAAO,CAAC,GAAG,CAAC,GAAG,EAAE,aAAa,EAAE,yBAAyB,CAAC,CAAC;YAC3D,OAAO,GAAG,CAAC;QACb,CAAC,EACD;YACE,OAAO,EAAE,EAAE;SACZ,CACF,CAAC;QAEF,uCACK,kBAAkB,KACrB,OAAO,kCACF,kBAAkB,CAAC,OAAO,GAC1B,6BAA6B,CAAC,OAAO,KAE1C;IACJ,CAAC,CAAC,CAAC;IAEH,uCACK,eAAe,KAClB,MAAM,EAAE,kBAAkB,IAC1B;AACJ,CAAC,CAAC;AAlDW,QAAA,wCAAwC,4CAkDnD;AAEF,MAAqB,kBAAmB,SAAQ,iBAAiB;IAI/D,YAAY,MAAyB;QACnC,KAAK,iCACA,MAAM,KACT,IAAI,EAAE,aAAa,EACnB,iBAAiB,EAAE,CAAC,UAAU,EAAE,MAAM,CAAC,EACvC,SAAS,EAAE;gBACT,gGAAgG;gBAChG,yDAAyD;gBACzD,MAAM,EAAE,CAAO,aAAa,EAAE,UAAU,EAAE,EAAE,gDAAC,OAAA,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,aAAa,EAAE,UAAU,CAAC,CAAA,GAAA;gBAE7G,mFAAmF;gBACnF,qHAAqH;gBACrH,MAAM,EAAE,CAAO,UAAU,EAAE,EAAE,gDAAC,OAAA,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,UAAU,CAAC,CAAA,GAAA;aAChF,IACD,CAAC;QAEH,aAAa;QACb,IAAI,CAAC,WAAW,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACtG,CAAC;IAED,SAAS,CAAC,UAAU;QAClB,OAAO,KAAK,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;IACvE,CAAC;IAED,mBAAmB,CAAC,UAAU,EAAE,OAAO;QACrC,IAAI;YACF,OAAO;gBACL,OAAO,kCACF,UAAU,CAAC,OAAO,KACrB,YAAY,kCACP,UAAU,CAAC,OAAO,CAAC,YAAY,KAClC,SAAS,EAAE,IAAA,6BAAqB,EAAC,UAAU,CAAC,OAAO,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,MAEvF;aACF,CAAC;SACH;QAAC,OAAO,CAAC,EAAE;YACV,OAAO,EAAE,CAAC;SACX;IACH,CAAC;IAEK,OAAO;;YACX,IAAI,IAAI,CAAC,QAAQ;gBAAE,OAAO,IAAI,CAAC,QAAQ,CAAC;YACxC,MAAM,WAAW,GAAY,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC;gBAChE,QAAQ,EAAE,IAAI;gBACd,cAAc,EAAE,IAAI;aACrB,CAAC,CAAC;YAEH,kCAAkC;YAClC,IAAI,CAAC,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;YAClE,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI;gBAAE,OAAO,EAAE,CAAC;YAEtC,0GAA0G;YAC1G,MAAM,IAAI,CAAC,WAAW,CAAC,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAE7D,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;KAAA;IAEK,WAAW,CAAC,MAAc;;;;;YAC9B,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,CAAC;YAE/B,wBAAwB;YACxB,IAAI,CAAC,WAAW;gBACd,OAAO;oBACL,GAAG,EAAE,EAAE;oBACP,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,EAAE;oBACV,SAAS,EAAE,EAAE;iBACd,CAAC;YAEJ,4CAA4C;YAC5C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC;YAC3F,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC;gBAC/D,QAAQ,EAAE,IAAI;gBACd,cAAc,EAAE,IAAI;aACrB,CAAC,CAAC;YAEH,+GAA+G;YAC/G,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,mBAAmB,CAAC,CAAC;YAExD,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,+CAC7C,UAAU,GACV,IAAI,CAAC,mBAAmB,CAAC,UAAU,EAAE,OAAO,CAAC,KAChD,eAAe,EAAE,IAAA,yBAAiB,EAAC,MAAM,EAAE,UAAU,EAAE,mBAAmB,EAAE,OAAO,CAAC,IACpF,CAAC,CAAC;YACJ,MAAM,eAAe,GAAG,MAAM,OAAM,WAAW,4CAAM,MAAM,KAAE,WAAW,EAAE,SAAS,IAAG,CAAC;YAEvF,MAAM,qCAAqC,GAAG,IAAA,gDAAwC,EAAC;gBACrF,eAAe;gBACf,mBAAmB;gBACnB,MAAM,EAAE,IAAI,CAAC,MAAM;aACpB,CAAC,CAAC;YAEH,mGAAmG;YACnG,sHAAsH;YACtH,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,qCAAqC,CAAC;YAC5E,IAAI,CAAC,WAAW,CAAC,eAAe,GAAG,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;YAEpF,OAAO,qCAAqC,CAAC;QAC/C,CAAC;KAAA;IAED,wFAAwF;IAElF,cAAc,CAAC,MAAc;;;;;YACjC,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,CAAC;YAE/B,wBAAwB;YACxB,IAAI,CAAC,WAAW;gBAAE,OAAO;YAEzB,MAAM,mBAAmB,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YAEjF,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YAE/C,MAAM,OAAM,cAAc,YAAC,MAAM,EAAE,IAAA,sBAAc,EAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC,CAAC;QACnF,CAAC;KAAA;CACF;AAZO;IADL,IAAA,eAAK,EAAC,IAAI,CAAC;wDAYX;AArHH,qCAsHC"}
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
import { Asset } from '../../../types';
|
|
2
|
+
import { AxiosResponse } from 'axios';
|
|
3
|
+
interface scimRequestParams {
|
|
4
|
+
id: string;
|
|
5
|
+
}
|
|
6
|
+
interface scimBodyParams {
|
|
7
|
+
user_id_attribute: string;
|
|
8
|
+
mapping: {
|
|
9
|
+
scim: string;
|
|
10
|
+
auth0: string;
|
|
11
|
+
}[];
|
|
12
|
+
}
|
|
13
|
+
/**
|
|
14
|
+
* The current version of this sdk use `node-auth0` v3. But `SCIM` features are not natively supported by v3.
|
|
15
|
+
* This is a workaround to make this SDK support SCIM without `node-auth0` upgrade.
|
|
16
|
+
*/
|
|
17
|
+
export default class ScimHandler {
|
|
18
|
+
private idMap;
|
|
19
|
+
private readonly scimStrategies;
|
|
20
|
+
private tokenProvider;
|
|
21
|
+
private config;
|
|
22
|
+
private connectionsManager;
|
|
23
|
+
private updateQueue;
|
|
24
|
+
private isExecuting;
|
|
25
|
+
private scimScopes;
|
|
26
|
+
private scopeMethodMap;
|
|
27
|
+
expectedChanges: number;
|
|
28
|
+
completedChanges: number;
|
|
29
|
+
constructor(config: any, tokenProvider: any, connectionsManager: any);
|
|
30
|
+
/**
|
|
31
|
+
* Check if the connection strategy is SCIM supported.
|
|
32
|
+
* Only few of the enterprise connections are SCIM supported.
|
|
33
|
+
*/
|
|
34
|
+
isScimStrategy(strategy: string): boolean;
|
|
35
|
+
/**
|
|
36
|
+
* Creates connection_id -> { strategy, hasConfig } map.
|
|
37
|
+
* Store only the SCIM ids available on the existing / remote config.
|
|
38
|
+
* Payload received on `create` and `update` methods has the property `strategy` stripped.
|
|
39
|
+
* So, we need this map to perform `create`, `update` or `delete` actions on SCIM.
|
|
40
|
+
* @param connections
|
|
41
|
+
*/
|
|
42
|
+
createIdMap(connections: Asset[]): Promise<void>;
|
|
43
|
+
/**
|
|
44
|
+
* Iterate through all the connections and add property `scim_configuration` to only `SCIM` connections.
|
|
45
|
+
* The following conditions should be met to have `scim_configuration` set to a `connection`.
|
|
46
|
+
* 1. Connection `strategy` should be one of `scimStrategies`
|
|
47
|
+
* 2. Connection should have `SCIM` enabled.
|
|
48
|
+
*
|
|
49
|
+
* This method mutates the incoming `connections`.
|
|
50
|
+
*/
|
|
51
|
+
applyScimConfiguration(connections: Asset[]): Promise<Asset[] | undefined>;
|
|
52
|
+
/**
|
|
53
|
+
* HTTP request wrapper on axios.
|
|
54
|
+
*/
|
|
55
|
+
private scimHttpRequest;
|
|
56
|
+
/**
|
|
57
|
+
* Error handler wrapper.
|
|
58
|
+
*/
|
|
59
|
+
withErrorHandling(callback: any, method: string, url: string): Promise<any>;
|
|
60
|
+
/**
|
|
61
|
+
* Returns formatted endpoint url.
|
|
62
|
+
*/
|
|
63
|
+
private getScimEndpoint;
|
|
64
|
+
/**
|
|
65
|
+
* Creates a new `SCIM` configuration.
|
|
66
|
+
*/
|
|
67
|
+
createScimConfiguration({ id: connection_id }: scimRequestParams, { user_id_attribute, mapping }: scimBodyParams): Promise<AxiosResponse>;
|
|
68
|
+
/**
|
|
69
|
+
* Retrieves `SCIM` configuration of an enterprise connection.
|
|
70
|
+
*/
|
|
71
|
+
getScimConfiguration({ id: connection_id }: scimRequestParams): Promise<scimBodyParams>;
|
|
72
|
+
/**
|
|
73
|
+
* Updates an existing `SCIM` configuration.
|
|
74
|
+
*/
|
|
75
|
+
updateScimConfiguration({ id: connection_id }: scimRequestParams, { user_id_attribute, mapping }: scimBodyParams): Promise<AxiosResponse>;
|
|
76
|
+
/**
|
|
77
|
+
* Deletes an existing `SCIM` configuration.
|
|
78
|
+
*/
|
|
79
|
+
deleteScimConfiguration({ id: connection_id }: scimRequestParams): Promise<AxiosResponse>;
|
|
80
|
+
updateOverride(requestParams: scimRequestParams, bodyParams: Asset): Promise<any>;
|
|
81
|
+
createOverride(bodyParams: Asset): Promise<any>;
|
|
82
|
+
/**
|
|
83
|
+
* If we perform `connectionsManager.update` and `updateScimConfiguration` together, they may result in rate limit error.
|
|
84
|
+
* The reason is that both of them make API requests to the same `api/v2/connections` endpoint.
|
|
85
|
+
* We cannot control it with delay because both `updateOverride` and `createOverride` are async functions. And being called concurrently by `PromisePoolExecutor`.
|
|
86
|
+
* To avoid this, we are queuing the `SCIM` actions and executing them one by one separately, only after `connectionsManager.update` is completed.
|
|
87
|
+
*
|
|
88
|
+
* This is true for both `create` and `update` actions.
|
|
89
|
+
* @returns {Promise<void>}
|
|
90
|
+
*/
|
|
91
|
+
executeQueue(): Promise<void>;
|
|
92
|
+
}
|
|
93
|
+
export {};
|
|
@@ -0,0 +1,312 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
12
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
|
+
};
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
const axios_1 = __importDefault(require("axios"));
|
|
16
|
+
const logger_1 = __importDefault(require("../../../logger"));
|
|
17
|
+
const utils_1 = require("../../utils");
|
|
18
|
+
/**
|
|
19
|
+
* The current version of this sdk use `node-auth0` v3. But `SCIM` features are not natively supported by v3.
|
|
20
|
+
* This is a workaround to make this SDK support SCIM without `node-auth0` upgrade.
|
|
21
|
+
*/
|
|
22
|
+
class ScimHandler {
|
|
23
|
+
constructor(config, tokenProvider, connectionsManager) {
|
|
24
|
+
this.scimStrategies = ['samlp', 'oidc', 'okta', 'waad'];
|
|
25
|
+
this.updateQueue = [];
|
|
26
|
+
this.isExecuting = false;
|
|
27
|
+
this.scimScopes = { read: true, create: true, update: true, delete: true };
|
|
28
|
+
this.scopeMethodMap = {
|
|
29
|
+
get: 'read',
|
|
30
|
+
post: 'create',
|
|
31
|
+
patch: 'update',
|
|
32
|
+
delete: 'delete'
|
|
33
|
+
};
|
|
34
|
+
this.expectedChanges = 0;
|
|
35
|
+
this.completedChanges = 0;
|
|
36
|
+
this.config = config;
|
|
37
|
+
this.tokenProvider = tokenProvider;
|
|
38
|
+
this.connectionsManager = connectionsManager;
|
|
39
|
+
this.idMap = new Map();
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Check if the connection strategy is SCIM supported.
|
|
43
|
+
* Only few of the enterprise connections are SCIM supported.
|
|
44
|
+
*/
|
|
45
|
+
isScimStrategy(strategy) {
|
|
46
|
+
return this.scimStrategies.includes(strategy.toLowerCase());
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* Creates connection_id -> { strategy, hasConfig } map.
|
|
50
|
+
* Store only the SCIM ids available on the existing / remote config.
|
|
51
|
+
* Payload received on `create` and `update` methods has the property `strategy` stripped.
|
|
52
|
+
* So, we need this map to perform `create`, `update` or `delete` actions on SCIM.
|
|
53
|
+
* @param connections
|
|
54
|
+
*/
|
|
55
|
+
createIdMap(connections) {
|
|
56
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
57
|
+
this.idMap.clear();
|
|
58
|
+
for (let connection of connections) {
|
|
59
|
+
if (!this.scimScopes.read)
|
|
60
|
+
return;
|
|
61
|
+
if (!this.isScimStrategy(connection.strategy))
|
|
62
|
+
continue;
|
|
63
|
+
// To avoid rate limiter error, we making API requests with a small delay.
|
|
64
|
+
// TODO: However, this logic needs to be re-worked.
|
|
65
|
+
yield (0, utils_1.sleep)(250);
|
|
66
|
+
this.idMap.set(connection.id, { strategy: connection.strategy, hasConfig: false });
|
|
67
|
+
const scimConfiguration = yield this.getScimConfiguration({ id: connection.id });
|
|
68
|
+
if (!scimConfiguration)
|
|
69
|
+
continue;
|
|
70
|
+
this.idMap.set(connection.id, Object.assign(Object.assign({}, this.idMap.get(connection.id)), { hasConfig: true }));
|
|
71
|
+
}
|
|
72
|
+
});
|
|
73
|
+
}
|
|
74
|
+
/**
|
|
75
|
+
* Iterate through all the connections and add property `scim_configuration` to only `SCIM` connections.
|
|
76
|
+
* The following conditions should be met to have `scim_configuration` set to a `connection`.
|
|
77
|
+
* 1. Connection `strategy` should be one of `scimStrategies`
|
|
78
|
+
* 2. Connection should have `SCIM` enabled.
|
|
79
|
+
*
|
|
80
|
+
* This method mutates the incoming `connections`.
|
|
81
|
+
*/
|
|
82
|
+
applyScimConfiguration(connections) {
|
|
83
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
84
|
+
for (let connection of connections) {
|
|
85
|
+
if (!this.scimScopes.read)
|
|
86
|
+
return connections;
|
|
87
|
+
if (!this.isScimStrategy(connection.strategy))
|
|
88
|
+
continue;
|
|
89
|
+
// To avoid rate limiter error, we making API requests with a small delay.
|
|
90
|
+
// TODO: However, this logic needs to be re-worked.
|
|
91
|
+
yield (0, utils_1.sleep)(250);
|
|
92
|
+
const scimConfiguration = yield this.getScimConfiguration({ id: connection.id });
|
|
93
|
+
if (!scimConfiguration)
|
|
94
|
+
continue;
|
|
95
|
+
const { user_id_attribute, mapping } = scimConfiguration;
|
|
96
|
+
connection.scim_configuration = { user_id_attribute, mapping };
|
|
97
|
+
}
|
|
98
|
+
});
|
|
99
|
+
}
|
|
100
|
+
/**
|
|
101
|
+
* HTTP request wrapper on axios.
|
|
102
|
+
*/
|
|
103
|
+
scimHttpRequest(method, options) {
|
|
104
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
105
|
+
return yield this.withErrorHandling(() => __awaiter(this, void 0, void 0, function* () {
|
|
106
|
+
var _a;
|
|
107
|
+
// @ts-ignore
|
|
108
|
+
const accessToken = yield ((_a = this.tokenProvider) === null || _a === void 0 ? void 0 : _a.getAccessToken());
|
|
109
|
+
const headers = {
|
|
110
|
+
'Accept': 'application/json',
|
|
111
|
+
'Authorization': `Bearer ${accessToken}`
|
|
112
|
+
};
|
|
113
|
+
options = [...options, { headers }];
|
|
114
|
+
return yield axios_1.default[method](...options);
|
|
115
|
+
}), method, options[0]);
|
|
116
|
+
});
|
|
117
|
+
}
|
|
118
|
+
/**
|
|
119
|
+
* Error handler wrapper.
|
|
120
|
+
*/
|
|
121
|
+
withErrorHandling(callback, method, url) {
|
|
122
|
+
var _a, _b, _c, _d, _e;
|
|
123
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
124
|
+
try {
|
|
125
|
+
return yield callback();
|
|
126
|
+
}
|
|
127
|
+
catch (error) {
|
|
128
|
+
// Extract connection_id from the url.
|
|
129
|
+
const regex = /api\/v2\/connections\/(.*?)\/scim-configuration/;
|
|
130
|
+
const match = url.match(regex);
|
|
131
|
+
const connectionId = match ? match[1] : null;
|
|
132
|
+
// Extract error data
|
|
133
|
+
const errorData = (_a = error === null || error === void 0 ? void 0 : error.response) === null || _a === void 0 ? void 0 : _a.data;
|
|
134
|
+
// Skip the connection if it returns 404. This can happen if `SCIM` is not enabled on a `SCIM` connection.
|
|
135
|
+
if ((errorData === null || errorData === void 0 ? void 0 : errorData.statusCode) === 404) {
|
|
136
|
+
const warningMessage = `SCIM configuration is not enabled on connection \"${connectionId}\".`;
|
|
137
|
+
logger_1.default.warn(warningMessage);
|
|
138
|
+
return { data: null };
|
|
139
|
+
}
|
|
140
|
+
;
|
|
141
|
+
// Skip the connection if it returns 403. Looks like "scim_config" permissions are not enabled on Management API.
|
|
142
|
+
if ((errorData === null || errorData === void 0 ? void 0 : errorData.statusCode) === 403) {
|
|
143
|
+
const scope = this.scopeMethodMap[method];
|
|
144
|
+
this.scimScopes[scope] = false;
|
|
145
|
+
const warningMessage = `Insufficient scope, "${scope}:scim_config". Looks like "scim_config" permissions are not enabled your application.`;
|
|
146
|
+
logger_1.default.warn(warningMessage);
|
|
147
|
+
return { data: null };
|
|
148
|
+
}
|
|
149
|
+
// Skip the connection if it returns 400. This can happen if `SCIM` configuration already exists on a `SCIM` connection.
|
|
150
|
+
// When `read:scim_config` is disabled and `create:scim_config` is enabled, we cannot check if `SCIM` configuration exists on a connection.
|
|
151
|
+
// So, it'll run into 400 error.
|
|
152
|
+
if ((errorData === null || errorData === void 0 ? void 0 : errorData.statusCode) === 400 && ((_b = errorData === null || errorData === void 0 ? void 0 : errorData.message) === null || _b === void 0 ? void 0 : _b.includes('already exists'))) {
|
|
153
|
+
const warningMessage = `SCIM configuration already exists on connection \"${connectionId}\".`;
|
|
154
|
+
logger_1.default.warn(warningMessage);
|
|
155
|
+
return { data: null };
|
|
156
|
+
}
|
|
157
|
+
const statusCode = (errorData === null || errorData === void 0 ? void 0 : errorData.statusCode) || ((_c = error === null || error === void 0 ? void 0 : error.response) === null || _c === void 0 ? void 0 : _c.status);
|
|
158
|
+
const errorCode = (errorData === null || errorData === void 0 ? void 0 : errorData.errorCode) || (errorData === null || errorData === void 0 ? void 0 : errorData.error) || ((_d = error === null || error === void 0 ? void 0 : error.response) === null || _d === void 0 ? void 0 : _d.statusText);
|
|
159
|
+
const errorMessage = (errorData === null || errorData === void 0 ? void 0 : errorData.message) || ((_e = error === null || error === void 0 ? void 0 : error.response) === null || _e === void 0 ? void 0 : _e.statusText);
|
|
160
|
+
const message = `SCIM request failed with statusCode ${statusCode} (${errorCode}). ${errorMessage}.`;
|
|
161
|
+
logger_1.default.error(message);
|
|
162
|
+
throw error;
|
|
163
|
+
}
|
|
164
|
+
});
|
|
165
|
+
}
|
|
166
|
+
/**
|
|
167
|
+
* Returns formatted endpoint url.
|
|
168
|
+
*/
|
|
169
|
+
getScimEndpoint(connection_id) {
|
|
170
|
+
// Call `scim-configuration` endpoint directly to support `SCIM` features.
|
|
171
|
+
return `https://${this.config('AUTH0_DOMAIN')}/api/v2/connections/${connection_id}/scim-configuration`;
|
|
172
|
+
}
|
|
173
|
+
/**
|
|
174
|
+
* Creates a new `SCIM` configuration.
|
|
175
|
+
*/
|
|
176
|
+
createScimConfiguration({ id: connection_id }, { user_id_attribute, mapping }) {
|
|
177
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
178
|
+
logger_1.default.debug(`Creating SCIM configuration on connection ${connection_id}`);
|
|
179
|
+
const url = this.getScimEndpoint(connection_id);
|
|
180
|
+
return (yield this.scimHttpRequest('post', [url, { user_id_attribute, mapping }])).data;
|
|
181
|
+
});
|
|
182
|
+
}
|
|
183
|
+
/**
|
|
184
|
+
* Retrieves `SCIM` configuration of an enterprise connection.
|
|
185
|
+
*/
|
|
186
|
+
getScimConfiguration({ id: connection_id }) {
|
|
187
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
188
|
+
logger_1.default.debug(`Getting SCIM configuration from connection ${connection_id}`);
|
|
189
|
+
const url = this.getScimEndpoint(connection_id);
|
|
190
|
+
return (yield this.scimHttpRequest('get', [url])).data;
|
|
191
|
+
});
|
|
192
|
+
}
|
|
193
|
+
/**
|
|
194
|
+
* Updates an existing `SCIM` configuration.
|
|
195
|
+
*/
|
|
196
|
+
updateScimConfiguration({ id: connection_id }, { user_id_attribute, mapping }) {
|
|
197
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
198
|
+
logger_1.default.debug(`Updating SCIM configuration on connection ${connection_id}`);
|
|
199
|
+
const url = this.getScimEndpoint(connection_id);
|
|
200
|
+
return (yield this.scimHttpRequest('patch', [url, { user_id_attribute, mapping }])).data;
|
|
201
|
+
});
|
|
202
|
+
}
|
|
203
|
+
/**
|
|
204
|
+
* Deletes an existing `SCIM` configuration.
|
|
205
|
+
*/
|
|
206
|
+
deleteScimConfiguration({ id: connection_id }) {
|
|
207
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
208
|
+
logger_1.default.debug(`Deleting SCIM configuration on connection ${connection_id}`);
|
|
209
|
+
const url = this.getScimEndpoint(connection_id);
|
|
210
|
+
return (yield this.scimHttpRequest('delete', [url])).data;
|
|
211
|
+
});
|
|
212
|
+
}
|
|
213
|
+
updateOverride(requestParams, bodyParams) {
|
|
214
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
215
|
+
// Extract `scim_configuration` from `bodyParams`.
|
|
216
|
+
// Remove `scim_configuration` from `bodyParams`, because `connections.update` doesn't accept it.
|
|
217
|
+
const { scim_configuration: scimBodyParams } = bodyParams;
|
|
218
|
+
delete bodyParams.scim_configuration;
|
|
219
|
+
// First, update `connections`.
|
|
220
|
+
const updated = yield this.connectionsManager.update(requestParams, bodyParams);
|
|
221
|
+
const idMapEntry = this.idMap.get(requestParams.id);
|
|
222
|
+
this.completedChanges++;
|
|
223
|
+
// Now, update `scim_configuration` inside the updated connection.
|
|
224
|
+
// If `scim_configuration` exists in both local and remote -> updateScimConfiguration(...)
|
|
225
|
+
// If `scim_configuration` exists in remote but local -> deleteScimConfiguration(...)
|
|
226
|
+
// If `scim_configuration` exists in local but remote -> createScimConfiguration(...)
|
|
227
|
+
if (idMapEntry === null || idMapEntry === void 0 ? void 0 : idMapEntry.hasConfig) {
|
|
228
|
+
if (scimBodyParams) {
|
|
229
|
+
this.updateQueue.push({ action: 'update', requestParams, scimBodyParams });
|
|
230
|
+
}
|
|
231
|
+
else {
|
|
232
|
+
if (this.config('AUTH0_ALLOW_DELETE')) {
|
|
233
|
+
this.updateQueue.push({ action: 'delete', requestParams });
|
|
234
|
+
}
|
|
235
|
+
else {
|
|
236
|
+
logger_1.default.warn('Skipping DELETE scim_configuration. Enable deletes by setting AUTH0_ALLOW_DELETE to true in your config.');
|
|
237
|
+
}
|
|
238
|
+
}
|
|
239
|
+
}
|
|
240
|
+
else if (scimBodyParams) {
|
|
241
|
+
this.updateQueue.push({ action: 'create', requestParams, scimBodyParams });
|
|
242
|
+
}
|
|
243
|
+
// Execute the queue.
|
|
244
|
+
if (this.completedChanges >= this.expectedChanges) {
|
|
245
|
+
yield this.executeQueue();
|
|
246
|
+
}
|
|
247
|
+
// Return response from connections.update(...).
|
|
248
|
+
return updated;
|
|
249
|
+
});
|
|
250
|
+
}
|
|
251
|
+
createOverride(bodyParams) {
|
|
252
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
253
|
+
// Extract `scim_configuration` from `bodyParams`.
|
|
254
|
+
// Remove `scim_configuration` from `bodyParams`, because `connections.create` doesn't accept it.
|
|
255
|
+
const { scim_configuration: scimBodyParams } = bodyParams;
|
|
256
|
+
delete bodyParams.scim_configuration;
|
|
257
|
+
// First, create the new `connection`.
|
|
258
|
+
const created = yield this.connectionsManager.create(bodyParams);
|
|
259
|
+
this.completedChanges++;
|
|
260
|
+
if (scimBodyParams) {
|
|
261
|
+
// Now, create the `scim_configuration` for newly created `connection`.
|
|
262
|
+
this.updateQueue.push({ action: 'create', requestParams: { id: created.id }, scimBodyParams });
|
|
263
|
+
}
|
|
264
|
+
// Execute the queue.
|
|
265
|
+
if (this.completedChanges >= this.expectedChanges) {
|
|
266
|
+
yield this.executeQueue();
|
|
267
|
+
}
|
|
268
|
+
// Return response from connections.create(...).
|
|
269
|
+
return created;
|
|
270
|
+
});
|
|
271
|
+
}
|
|
272
|
+
/**
|
|
273
|
+
* If we perform `connectionsManager.update` and `updateScimConfiguration` together, they may result in rate limit error.
|
|
274
|
+
* The reason is that both of them make API requests to the same `api/v2/connections` endpoint.
|
|
275
|
+
* We cannot control it with delay because both `updateOverride` and `createOverride` are async functions. And being called concurrently by `PromisePoolExecutor`.
|
|
276
|
+
* To avoid this, we are queuing the `SCIM` actions and executing them one by one separately, only after `connectionsManager.update` is completed.
|
|
277
|
+
*
|
|
278
|
+
* This is true for both `create` and `update` actions.
|
|
279
|
+
* @returns {Promise<void>}
|
|
280
|
+
*/
|
|
281
|
+
executeQueue() {
|
|
282
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
283
|
+
if (this.isExecuting)
|
|
284
|
+
return;
|
|
285
|
+
this.isExecuting = true;
|
|
286
|
+
while (this.updateQueue.length > 0) {
|
|
287
|
+
// Rate limit error handling
|
|
288
|
+
yield (0, utils_1.sleep)(250);
|
|
289
|
+
const { action, requestParams, scimBodyParams } = this.updateQueue.shift();
|
|
290
|
+
switch (action) {
|
|
291
|
+
case 'create':
|
|
292
|
+
if (this.scimScopes.create)
|
|
293
|
+
yield this.createScimConfiguration(requestParams, scimBodyParams);
|
|
294
|
+
break;
|
|
295
|
+
case 'update':
|
|
296
|
+
if (this.scimScopes.update)
|
|
297
|
+
yield this.updateScimConfiguration(requestParams, scimBodyParams);
|
|
298
|
+
break;
|
|
299
|
+
case 'delete':
|
|
300
|
+
if (this.scimScopes.delete)
|
|
301
|
+
yield this.deleteScimConfiguration(requestParams);
|
|
302
|
+
break;
|
|
303
|
+
}
|
|
304
|
+
}
|
|
305
|
+
this.isExecuting = false;
|
|
306
|
+
this.expectedChanges = 0;
|
|
307
|
+
this.completedChanges = 0;
|
|
308
|
+
});
|
|
309
|
+
}
|
|
310
|
+
}
|
|
311
|
+
exports.default = ScimHandler;
|
|
312
|
+
//# sourceMappingURL=scimHandler.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scimHandler.js","sourceRoot":"","sources":["../../../../src/tools/auth0/handlers/scimHandler.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AACA,kDAA6C;AAC7C,6DAAkC;AAClC,uCAAoC;AAkBpC;;;GAGG;AACH,MAAqB,WAAW;IAmB/B,YAAY,MAAM,EAAE,aAAa,EAAE,kBAAkB;QAjBpC,mBAAc,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QAI5D,gBAAW,GAAU,EAAE,CAAC;QACxB,gBAAW,GAAG,KAAK,CAAC;QACpB,eAAU,GAAe,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;QAClF,mBAAc,GAAG;YACxB,GAAG,EAAE,MAAM;YACX,IAAI,EAAE,QAAQ;YACd,KAAK,EAAE,QAAQ;YACf,MAAM,EAAE,QAAQ;SAChB,CAAA;QAED,oBAAe,GAAW,CAAC,CAAC;QAC5B,qBAAgB,GAAW,CAAC,CAAC;QAG5B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;QAC7C,IAAI,CAAC,KAAK,GAAG,IAAI,GAAG,EAAsB,CAAC;IAC5C,CAAC;IAED;;;OAGG;IACH,cAAc,CAAC,QAAgB;QAC9B,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED;;;;;;OAMG;IACG,WAAW,CAAC,WAAoB;;YACrC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YAEnB,KAAK,IAAI,UAAU,IAAI,WAAW,EAAE;gBACnC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI;oBAAE,OAAO;gBAClC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,QAAQ,CAAC;oBAAE,SAAS;gBAErD,0EAA0E;gBAC1E,mDAAmD;gBACtD,MAAM,IAAA,aAAK,EAAC,GAAG,CAAC,CAAC;gBAEd,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,UAAU,CAAC,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;gBACnF,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;gBACjF,IAAI,CAAC,iBAAiB;oBAAE,SAAS;gBAEjC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,kCAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAE,KAAE,SAAS,EAAE,IAAI,IAAG,CAAC;aACzF;QACF,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,sBAAsB,CAAC,WAAoB;;YAChD,KAAK,IAAI,UAAU,IAAI,WAAW,EAAE;gBACnC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI;oBAAE,OAAO,WAAW,CAAC;gBAC9C,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,QAAQ,CAAC;oBAAE,SAAS;gBAExD,0EAA0E;gBAC1E,mDAAmD;gBACnD,MAAM,IAAA,aAAK,EAAC,GAAG,CAAC,CAAC;gBAEjB,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;gBACjF,IAAI,CAAC,iBAAiB;oBAAE,SAAS;gBAEjC,MAAM,EAAE,iBAAiB,EAAE,OAAO,EAAE,GAAG,iBAAiB,CAAC;gBACzD,UAAU,CAAC,kBAAkB,GAAG,EAAE,iBAAiB,EAAE,OAAO,EAAE,CAAC;aAC/D;QACF,CAAC;KAAA;IAED;;IAEG;IACW,eAAe,CAAC,MAAc,EAAE,OAA2C;;YACvF,OAAO,MAAM,IAAI,CAAC,iBAAiB,CAAC,GAAS,EAAE;;gBAC/C,aAAa;gBACb,MAAM,WAAW,GAAG,MAAM,CAAA,MAAA,IAAI,CAAC,aAAa,0CAAE,cAAc,EAAE,CAAA,CAAC;gBAC/D,MAAM,OAAO,GAAG;oBACf,QAAQ,EAAE,kBAAkB;oBAC5B,eAAe,EAAE,UAAW,WAAY,EAAE;iBAC1C,CAAA;gBACD,OAAO,GAAG,CAAC,GAAG,OAAO,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;gBACpC,OAAO,MAAM,eAAK,CAAC,MAAM,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;YACxC,CAAC,CAAA,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;QACxB,CAAC;KAAA;IAED;;OAEG;IACG,iBAAiB,CAAC,QAAQ,EAAE,MAAc,EAAE,GAAW;;;YAC5D,IAAI;gBACH,OAAO,MAAM,QAAQ,EAAE,CAAC;aACxB;YAAC,OAAO,KAAK,EAAE;gBACf,sCAAsC;gBACtC,MAAM,KAAK,GAAG,iDAAiD,CAAC;gBAChE,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBAC/B,MAAM,YAAY,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;gBAE7C,qBAAqB;gBACrB,MAAM,SAAS,GAAG,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,0CAAE,IAAI,CAAC;gBAErC,0GAA0G;gBAC7G,IAAI,CAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,UAAU,MAAK,GAAG,EAAE;oBAC9B,MAAM,cAAc,GAAG,qDAAsD,YAAa,KAAK,CAAC;oBAChG,gBAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;oBACzB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;iBACvB;gBAAA,CAAC;gBAEF,kHAAkH;gBACrH,IAAI,CAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,UAAU,MAAK,GAAG,EAAE;oBAClC,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;oBAC1C,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;oBAC3B,MAAM,cAAc,GAAG,wBAAyB,KAAM,uFAAuF,CAAC;oBAC9I,gBAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;oBACzB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;iBACvB;gBAEJ,wHAAwH;gBACxH,2IAA2I;gBAC3I,gCAAgC;gBAChC,IAAI,CAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,UAAU,MAAK,GAAG,KAAI,MAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,OAAO,0CAAE,QAAQ,CAAC,gBAAgB,CAAC,CAAA,EAAE;oBACpF,MAAM,cAAc,GAAG,qDAAsD,YAAa,KAAK,CAAC;oBAChG,gBAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;oBACzB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;iBACtB;gBAED,MAAM,UAAU,GAAG,CAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,UAAU,MAAI,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,0CAAE,MAAM,CAAA,CAAC;gBACpE,MAAM,SAAS,GAAG,CAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,SAAS,MAAI,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,KAAK,CAAA,KAAI,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,0CAAE,UAAU,CAAA,CAAC;gBAC1F,MAAM,YAAY,GAAG,CAAA,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,OAAO,MAAI,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,QAAQ,0CAAE,UAAU,CAAA,CAAC;gBACvE,MAAM,OAAO,GAAG,uCAAwC,UAAW,KAAM,SAAU,MAAO,YAAa,GAAG,CAAC;gBAE3G,gBAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBACnB,MAAM,KAAK,CAAC;aACZ;;KACD;IAED;;OAEG;IACK,eAAe,CAAC,aAAqB;QAC5C,0EAA0E;QAC1E,OAAO,WAAY,IAAI,CAAC,MAAM,CAAC,cAAc,CAAE,uBAAwB,aAAc,qBAAqB,CAAC;IAC5G,CAAC;IAED;;OAEG;IACG,uBAAuB,CAAC,EAAE,EAAE,EAAE,aAAa,EAAqB,EAAE,EAAE,iBAAiB,EAAE,OAAO,EAAkB;;YACrH,gBAAG,CAAC,KAAK,CAAC,6CAA8C,aAAc,EAAE,CAAC,CAAC;YAC1E,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;YAChD,OAAO,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,CAAE,GAAG,EAAE,EAAE,iBAAiB,EAAE,OAAO,EAAE,CAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAC3F,CAAC;KAAA;IAED;;OAEG;IACG,oBAAoB,CAAC,EAAE,EAAE,EAAE,aAAa,EAAqB;;YAClE,gBAAG,CAAC,KAAK,CAAC,8CAA+C,aAAc,EAAE,CAAC,CAAC;YAC3E,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;YAChD,OAAO,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAE,GAAG,CAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAC1D,CAAC;KAAA;IAED;;OAEG;IACG,uBAAuB,CAAC,EAAE,EAAE,EAAE,aAAa,EAAqB,EAAE,EAAE,iBAAiB,EAAE,OAAO,EAAkB;;YACrH,gBAAG,CAAC,KAAK,CAAC,6CAA8C,aAAc,EAAE,CAAC,CAAC;YAC1E,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;YAChD,OAAO,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAE,GAAG,EAAE,EAAE,iBAAiB,EAAE,OAAO,EAAE,CAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAC5F,CAAC;KAAA;IAED;;OAEG;IACG,uBAAuB,CAAC,EAAE,EAAE,EAAE,aAAa,EAAqB;;YACrE,gBAAG,CAAC,KAAK,CAAC,6CAA8C,aAAc,EAAE,CAAC,CAAC;YAC1E,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;YAChD,OAAO,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,CAAE,GAAG,CAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAC7D,CAAC;KAAA;IAEK,cAAc,CAAC,aAAgC,EAAE,UAAiB;;YACvE,kDAAkD;YAClD,iGAAiG;YACjG,MAAM,EAAE,kBAAkB,EAAE,cAAc,EAAE,GAAG,UAAU,CAAC;YAC1D,OAAO,UAAU,CAAC,kBAAkB,CAAC;YAErC,+BAA+B;YAC/B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAChF,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;YAClD,IAAI,CAAC,gBAAgB,EAAG,CAAC;YAE3B,kEAAkE;YAClE,0FAA0F;YAC1F,qFAAqF;YACrF,qFAAqF;YACrF,IAAI,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,SAAS,EAAE;gBAC1B,IAAI,cAAc,EAAE;oBACf,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAC,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,cAAc,EAAC,CAAC,CAAC;iBAC7E;qBAAM;oBACN,IAAI,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAE;wBACtC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAC,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAC,CAAC,CAAC;qBACzD;yBAAM;wBACN,gBAAG,CAAC,IAAI,CAAC,0GAA0G,CAAC,CAAC;qBACrH;iBACD;aACD;iBAAM,IAAI,cAAc,EAAE;gBAC1B,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAC,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,cAAc,EAAC,CAAC,CAAC;aACzE;YAED,qBAAqB;YACrB,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,eAAe,EAAE;gBAClD,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;aAC1B;YAED,iDAAiD;YACjD,OAAO,OAAO,CAAC;QAChB,CAAC;KAAA;IAEK,cAAc,CAAC,UAAiB;;YACrC,kDAAkD;YAClD,iGAAiG;YACjG,MAAM,EAAE,kBAAkB,EAAE,cAAc,EAAE,GAAG,UAAU,CAAC;YAC1D,OAAO,UAAU,CAAC,kBAAkB,CAAC;YAErC,sCAAsC;YACtC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAC/D,IAAI,CAAC,gBAAgB,EAAG,CAAC;YAE3B,IAAI,cAAc,EAAE;gBACnB,uEAAuE;gBACvE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAC,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,EAAC,EAAE,EAAE,OAAO,CAAC,EAAE,EAAC,EAAE,cAAc,EAAC,CAAC,CAAC;aAC3F;YAED,qBAAqB;YACrB,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,eAAe,EAAE;gBAClD,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;aAC1B;YAED,iDAAiD;YACjD,OAAO,OAAO,CAAC;QAChB,CAAC;KAAA;IAED;;;;;;;;OAQG;IACI,YAAY;;YAChB,IAAI,IAAI,CAAC,WAAW;gBAAE,OAAO;YAE/B,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACtB,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;gBAClC,4BAA4B;gBAC5B,MAAM,IAAA,aAAK,EAAC,GAAG,CAAC,CAAC;gBACjB,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;gBAE3E,QAAQ,MAAM,EAAE;oBACd,KAAK,QAAQ;wBAChB,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM;4BAAE,MAAM,IAAI,CAAC,uBAAuB,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;wBACzF,MAAM;oBACR,KAAK,QAAQ;wBACX,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM;4BAAE,MAAM,IAAI,CAAC,uBAAuB,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;wBAC9F,MAAM;oBACR,KAAK,QAAQ;wBACX,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM;4BAAE,MAAM,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;wBAC9E,MAAM;iBACT;aACF;YAED,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;YAC3B,IAAI,CAAC,eAAe,GAAG,CAAC,CAAC;YACzB,IAAI,CAAC,gBAAgB,GAAG,CAAC,CAAC;QAC1B,CAAC;KAAA;CACF;AApSD,8BAoSC"}
|