auth0-deploy-cli 7.6.0 → 7.8.0

package/lib/tools/deploy.js

@@ -13,11 +13,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const auth0_1 = __importDefault(require("./auth0"));
-const logger_1 = __importDefault(require("./logger"));
+const logger_1 = __importDefault(require("../logger"));
 function deploy(assets, client, config) {
     return __awaiter(this, void 0, void 0, function* () {
         // Setup log level
-        logger_1.default.transports.console.level = process.env.AUTH0_DEBUG === 'true' ? 'debug' : 'info';
+        logger_1.default.level = process.env.AUTH0_DEBUG === 'true' ? 'debug' : 'info';
         logger_1.default.info('Getting access token for ' + config('AUTH0_CLIENT_ID') + '/' + config('AUTH0_DOMAIN'));
         const auth0 = new auth0_1.default(client, assets, config);
         // Validate Assets
@@ -28,7 +28,7 @@ function deploy(assets, client, config) {
             accum[h.type] = {
                 deleted: h.deleted,
                 created: h.created,
-                updated: h.updated
+                updated: h.updated,
             };
             return accum;
         }, {});

package/lib/tools/index.d.ts

@@ -0,0 +1,82 @@
+import constants from './constants';
+import deploy from './deploy';
+import Auth0 from './auth0';
+import { keywordReplace, loadFileAndReplaceKeywords } from './utils';
+declare const _default: {
+    constants: {
+        CONCURRENT_CALLS: number;
+        RULES_DIRECTORY: string;
+        RULES_STAGES: string[];
+        DEFAULT_RULE_STAGE: string;
+        HOOKS_HIDDEN_SECRET_VALUE: string;
+        OBFUSCATED_SECRET_VALUE: string;
+        HOOKS_DIRECTORY: string;
+        ACTIONS_DIRECTORY: string;
+        TRIGGERS_DIRECTORY: string;
+        RULES_CONFIGS_DIRECTORY: string;
+        PAGES_DIRECTORY: string;
+        PAGE_LOGIN: string;
+        PAGE_GUARDIAN_MULTIFACTOR: string;
+        PAGE_PASSWORD_RESET: string;
+        PAGE_ERROR: string;
+        DATABASE_CONNECTIONS_DIRECTORY: string;
+        DATABASE_SCRIPTS_CHANGE_EMAIL: string;
+        DATABASE_SCRIPTS_GET_USER: string;
+        EMAIL_TEMPLATES_TYPES: string[];
+        ACTIONS_TRIGGERS: string[];
+        EMAIL_TEMPLATES_DIRECTORY: string;
+        EMAIL_VERIFY: string;
+        EMAIL_VERIFY_BY_CODE: string;
+        EMAIL_RESET: string;
+        EMAIL_WELCOME: string;
+        EMAIL_BLOCKED: string;
+        EMAIL_STOLEN_CREDENTIALS: string;
+        EMAIL_ENROLLMENT: string;
+        EMAIL_CHANGE_PASSWORD: string;
+        EMAIL_PASSWORD_RESET: string;
+        EMAIL_MFA_OOB_CODE: string;
+        EMAIL_USER_INVITATION: string;
+        GUARDIAN_DIRECTORY: string;
+        GUARDIAN_FACTORS_DIRECTORY: string;
+        GUARDIAN_PROVIDERS_DIRECTORY: string;
+        GUARDIAN_TEMPLATES_DIRECTORY: string;
+        UNIVERSAL_LOGIN_TEMPLATE: string;
+        RESOURCE_SERVERS_DIRECTORY: string;
+        RESOURCE_SERVERS_CLIENT_NAME: string;
+        RESOURCE_SERVERS_MANAGEMENT_API_NAME: string;
+        RESOURCE_SERVERS_ID_NAME: string;
+        CLIENTS_DIRECTORY: string;
+        CLIENTS_GRANTS_DIRECTORY: string;
+        BRANDING_DIRECTORY: string;
+        BRANDING_TEMPLATES_DIRECTORY: string;
+        BRANDING_TEMPLATES_YAML_DIRECTORY: string;
+        CLIENTS_CLIENT_NAME: string;
+        CLIENTS_CLIENT_ID_NAME: string;
+        CONNECTIONS_DIRECTORY: string;
+        CONNECTIONS_CLIENT_NAME: string;
+        CONNECTIONS_ID_NAME: string;
+        ROLES_DIRECTORY: string;
+        ATTACK_PROTECTION_DIRECTORY: string;
+        GUARDIAN_FACTORS: string[];
+        GUARDIAN_POLICIES: string[];
+        GUARDIAN_PHONE_PROVIDERS: string[];
+        GUARDIAN_PHONE_MESSAGE_TYPES: string[];
+        GUARDIAN_FACTOR_TEMPLATES: string[];
+        GUARDIAN_FACTOR_PROVIDERS: {
+            sms: string[];
+            'push-notification': string[];
+        };
+        PAGE_NAMES: string[];
+        DATABASE_SCRIPTS: string[];
+        DATABASE_SCRIPTS_NO_IMPORT: string[];
+        DATABASE_SCRIPTS_IMPORT: string[];
+        EMAIL_TEMPLATES_NAMES: string[];
+        SUPPORTED_BRANDING_TEMPLATES: string[];
+    };
+    deploy: typeof deploy;
+    keywordReplace: typeof keywordReplace;
+    loadFileAndReplaceKeywords: typeof loadFileAndReplaceKeywords;
+    Auth0: typeof Auth0;
+};
+export default _default;
+export { constants, deploy, keywordReplace, loadFileAndReplaceKeywords, Auth0 };

package/lib/tools/index.js

@@ -18,5 +18,5 @@ exports.default = {
     deploy: deploy_1.default,
     keywordReplace: utils_1.keywordReplace,
     loadFileAndReplaceKeywords: utils_1.loadFileAndReplaceKeywords,
-    Auth0: auth0_1.default
+    Auth0: auth0_1.default,
 };

package/lib/tools/utils.d.ts

@@ -0,0 +1,18 @@
+import { Asset, Assets, CalculatedChanges, KeywordMappings } from '../types';
+export declare function keywordArrayReplace(input: string, mappings: KeywordMappings): string;
+export declare function keywordStringReplace(input: string, mappings: KeywordMappings): string;
+export declare function keywordReplace(input: string, mappings: KeywordMappings): string;
+export declare function convertClientNameToId(name: string, clients: Asset[]): string;
+export declare function convertClientNamesToIds(names: string[], clients: Asset[]): string[];
+export declare function loadFileAndReplaceKeywords(file: string, mappings: KeywordMappings): string;
+export declare function flatten(list: any[]): any[];
+export declare function convertJsonToString(obj: {
+    [key: string]: any;
+}, spacing?: number): string;
+export declare function stripFields(obj: Asset, fields: string[]): Asset;
+export declare function getEnabledClients(assets: Assets, connection: Asset, existing: Asset[], clients: Asset[]): string[];
+export declare function duplicateItems(arr: Asset[], key: string): Asset[];
+export declare function filterExcluded(changes: CalculatedChanges, exclude: string[]): CalculatedChanges;
+export declare function areArraysEquals(x: any[], y: any[]): boolean;
+export declare const obfuscateSensitiveValues: (data: Asset | Asset[] | null, sensitiveFieldsToObfuscate: string[]) => Asset | Asset[] | null;
+export declare const stripObfuscatedFieldsFromPayload: (data: Asset | Asset[] | null, obfuscatedFields: string[]) => Asset | Asset[] | null;

package/lib/tools/utils.js

@@ -1,14 +1,38 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.areArraysEquals = exports.filterExcluded = exports.duplicateItems = exports.getEnabledClients = exports.stripFields = exports.dumpJSON = exports.flatten = exports.loadFileAndReplaceKeywords = exports.convertClientNamesToIds = exports.convertClientNameToId = exports.keywordReplace = exports.keywordStringReplace = exports.keywordArrayReplace = void 0;
+exports.stripObfuscatedFieldsFromPayload = exports.obfuscateSensitiveValues = exports.areArraysEquals = exports.filterExcluded = exports.duplicateItems = exports.getEnabledClients = exports.stripFields = exports.convertJsonToString = exports.flatten = exports.loadFileAndReplaceKeywords = exports.convertClientNamesToIds = exports.convertClientNameToId = exports.keywordReplace = exports.keywordStringReplace = exports.keywordArrayReplace = void 0;
 const path_1 = __importDefault(require("path"));
-const fs_1 = __importDefault(require("fs"));
+const fs_1 = __importStar(require("fs"));
 const dot_prop_1 = __importDefault(require("dot-prop"));
 const lodash_1 = __importDefault(require("lodash"));
-const logger_1 = __importDefault(require("./logger"));
+const logger_1 = __importDefault(require("../logger"));
+const constants_1 = __importDefault(require("./constants"));
 function keywordArrayReplace(input, mappings) {
     Object.keys(mappings).forEach(function (key) {
         // Matching against two sets of patterns because a developer may provide their array replacement keyword with or without wrapping quotes. It is not obvious to the developer which to do depending if they're operating in YAML or JSON.
@@ -23,6 +47,7 @@ exports.keywordArrayReplace = keywordArrayReplace;
 function keywordStringReplace(input, mappings) {
     Object.keys(mappings).forEach(function (key) {
         const regex = new RegExp(`##${key}##`, 'g');
+        // @ts-ignore TODO: come back and distinguish strings vs array replacement.
         input = input.replace(regex, mappings[key]);
     });
     return input;
@@ -48,11 +73,12 @@ function convertClientNamesToIds(names, clients) {
         if (names.includes(client.name)) {
             const index = resolvedNames.findIndex((item) => item.name === client.name);
             resolvedNames[index].resolved = true;
-            acc.push(client.client_id);
+            return [...acc, client.client_id];
         }
-        return acc;
+        return [...acc];
     }, []);
     const unresolved = resolvedNames.filter((item) => !item.resolved).map((item) => item.name);
+    // @ts-ignore TODO: come back and refactor to use map instead of reduce.
     return [...unresolved, ...result];
 }
 exports.convertClientNamesToIds = convertClientNamesToIds;
@@ -60,7 +86,7 @@ function loadFileAndReplaceKeywords(file, mappings) {
     // Load file and replace keyword mappings
     const f = path_1.default.resolve(file);
     try {
-        fs_1.default.accessSync(f, fs_1.default.F_OK);
+        fs_1.default.accessSync(f, fs_1.constants.F_OK);
         if (mappings) {
             return keywordReplace(fs_1.default.readFileSync(f, 'utf8'), mappings);
         }
@@ -76,10 +102,10 @@ function flatten(list) {
     return list.reduce((a, b) => a.concat(Array.isArray(b) ? flatten(b) : b), []);
 }
 exports.flatten = flatten;
-function dumpJSON(obj, spacing = 0) {
+function convertJsonToString(obj, spacing = 0) {
     return JSON.stringify(obj, null, spacing);
 }
-exports.dumpJSON = dumpJSON;
+exports.convertJsonToString = convertJsonToString;
 function stripFields(obj, fields) {
     // Strip object fields supporting dot notation (ie: a.deep.field)
     const stripped = [];
@@ -102,7 +128,7 @@ function getEnabledClients(assets, connection, existing, clients) {
     const excludedClientsByNames = (assets.exclude && assets.exclude.clients) || [];
     const excludedClients = convertClientNamesToIds(excludedClientsByNames, clients);
     const enabledClients = [
-        ...convertClientNamesToIds(connection.enabled_clients || [], clients).filter((item) => ![...excludedClientsByNames, ...excludedClients].includes(item))
+        ...convertClientNamesToIds(connection.enabled_clients || [], clients).filter((item) => ![...excludedClientsByNames, ...excludedClients].includes(item)),
     ];
     // If client is excluded and in the existing connection this client is enabled, it should keep enabled
     // If client is excluded and in the existing connection this client is disabled, it should keep disabled
@@ -142,7 +168,7 @@ function filterExcluded(changes, exclude) {
         del: filter(del),
         update: filter(update),
         create: filter(create),
-        conflicts: filter(conflicts)
+        conflicts: filter(conflicts),
     };
 }
 exports.filterExcluded = filterExcluded;
@@ -150,3 +176,35 @@ function areArraysEquals(x, y) {
     return lodash_1.default.isEqual(x && x.sort(), y && y.sort());
 }
 exports.areArraysEquals = areArraysEquals;
+const obfuscateSensitiveValues = (data, sensitiveFieldsToObfuscate) => {
+    if (data === null)
+        return data;
+    if (Array.isArray(data)) {
+        return data.map((asset) => (0, exports.obfuscateSensitiveValues)(asset, sensitiveFieldsToObfuscate));
+    }
+    const newAsset = Object.assign({}, data);
+    sensitiveFieldsToObfuscate.forEach((sensitiveField) => {
+        if (dot_prop_1.default.get(newAsset, sensitiveField) !== undefined) {
+            dot_prop_1.default.set(newAsset, sensitiveField, constants_1.default.OBFUSCATED_SECRET_VALUE);
+        }
+    });
+    return newAsset;
+};
+exports.obfuscateSensitiveValues = obfuscateSensitiveValues;
+// The reverse of `obfuscateSensitiveValues()`, preventing an obfuscated value from being passed to the API
+const stripObfuscatedFieldsFromPayload = (data, obfuscatedFields) => {
+    if (data === null)
+        return data;
+    if (Array.isArray(data)) {
+        return data.map((asset) => (0, exports.stripObfuscatedFieldsFromPayload)(asset, obfuscatedFields));
+    }
+    const newAsset = Object.assign({}, data);
+    obfuscatedFields.forEach((sensitiveField) => {
+        const obfuscatedFieldValue = dot_prop_1.default.get(newAsset, sensitiveField);
+        if (obfuscatedFieldValue === constants_1.default.OBFUSCATED_SECRET_VALUE) {
+            dot_prop_1.default.delete(newAsset, sensitiveField);
+        }
+    });
+    return newAsset;
+};
+exports.stripObfuscatedFieldsFromPayload = stripObfuscatedFieldsFromPayload;

package/lib/tools/validationError.d.ts

@@ -0,0 +1,5 @@
+declare function ValidationError(message: string): void;
+declare namespace ValidationError {
+    var prototype: any;
+}
+export default ValidationError;

package/lib/tools/{ValidationError.js → validationError.js}

@@ -1,3 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
 function ValidationError(message) {
     Error.call(this, message);
     if (process.env.NODE_ENV !== 'production') {
@@ -9,4 +11,4 @@ function ValidationError(message) {
 }
 ValidationError.prototype = Object.create(Error.prototype);
 ValidationError.prototype.constructor = ValidationError;
-module.exports = ValidationError;
+exports.default = ValidationError;

package/lib/types.d.ts

@@ -0,0 +1,255 @@
+declare type SharedPaginationParams = {
+    checkpoint?: boolean;
+    paginate?: boolean;
+    is_global?: boolean;
+    include_totals?: boolean;
+    id?: string;
+    strategy?: 'auth0';
+};
+export declare type CheckpointPaginationParams = SharedPaginationParams & {
+    from: string;
+    take: number;
+};
+export declare type PagePaginationParams = SharedPaginationParams & {
+    page: number;
+    per_page: number;
+};
+declare type APIClientBaseFunctions = {
+    getAll: (arg0: SharedPaginationParams) => Promise<Asset[]>;
+    create: (arg0: {
+        id: string;
+    }) => Promise<Asset>;
+    update: (arg0: {}, arg1: Asset) => Promise<Asset>;
+    delete: (arg0: Asset) => Promise<void>;
+};
+export declare type ApiResponse = {
+    start: number;
+    limit: number;
+    total: number;
+    next?: string;
+} & {
+    [key in AssetTypes]: Asset[];
+};
+export declare type BaseAuth0APIClient = {
+    actions: APIClientBaseFunctions & {
+        deploy: ({ id: string }: {
+            id: any;
+        }) => Promise<void>;
+        getAllTriggers: () => Promise<{
+            triggers: Asset[];
+        }>;
+        getTriggerBindings: ({ trigger_id: string }: {
+            trigger_id: any;
+        }) => Promise<{
+            bindings: Asset[];
+        }>;
+        updateTriggerBindings: ({ trigger_id: string }: {
+            trigger_id: any;
+        }, { bindings: Object }: {
+            bindings: any;
+        }) => Promise<{
+            bindings: Asset[];
+        }>;
+    };
+    attackProtection: APIClientBaseFunctions & {
+        getBreachedPasswordDetectionConfig: () => Promise<Asset>;
+        getBruteForceConfig: () => Promise<Asset>;
+        getSuspiciousIpThrottlingConfig: () => Promise<Asset>;
+        updateBreachedPasswordDetectionConfig: ({}: {}, arg1: Asset) => Promise<void>;
+        updateSuspiciousIpThrottlingConfig: ({}: {}, arg1: Asset) => Promise<void>;
+        updateBruteForceConfig: ({}: {}, arg1: Asset) => Promise<void>;
+    };
+    branding: APIClientBaseFunctions & {
+        getSettings: () => Promise<Asset>;
+        getUniversalLoginTemplate: () => Promise<Asset>;
+        updateSettings: ({}: {}, Asset: any) => Promise<void>;
+        setUniversalLoginTemplate: ({}: {}, Asset: any) => Promise<void>;
+    };
+    clients: APIClientBaseFunctions;
+    clientGrants: APIClientBaseFunctions;
+    connections: APIClientBaseFunctions & {
+        get: (arg0: Asset) => Promise<Asset>;
+        getAll: (arg0: PagePaginationParams | CheckpointPaginationParams) => Promise<Asset[]>;
+    };
+    customDomains: APIClientBaseFunctions & {
+        getAll: () => Promise<Asset[]>;
+    };
+    emailProvider: APIClientBaseFunctions & {
+        delete: () => Promise<void>;
+        get: (arg0: Asset) => Promise<Asset>;
+        configure: (arg0: Object, arg1: Object) => Promise<Asset>;
+    };
+    emailTemplates: APIClientBaseFunctions & {
+        get: (arg0: Asset) => Promise<Asset>;
+    };
+    guardian: APIClientBaseFunctions & {
+        getFactorProvider: (arg0: Asset) => Promise<Asset>;
+        updateFactorProvider: (arg0: {}, arg1: Asset) => Promise<void>;
+        getFactors: () => Promise<Asset[]>;
+        updateFactor: (arg0: {}, arg1: Asset) => Promise<void>;
+        getPolicies: () => Promise<Asset[]>;
+        updatePolicies: (arg0: {}, arg1: Asset) => Promise<void>;
+        getFactorTemplates: (arg0: {
+            name: string;
+        }) => Promise<Asset[]>;
+        updateFactorTemplates: (arg0: {}, arg1: Asset) => Promise<void>;
+        updatePhoneFactorMessageTypes: (arg0: {}, arg1: Asset) => Promise<void>;
+        getPhoneFactorSelectedProvider: () => Promise<Asset[]>;
+        getPhoneFactorMessageTypes: () => Promise<Asset[]>;
+        updatePhoneFactorSelectedProvider: (arg0: {}, arg1: Asset) => Promise<void>;
+    };
+    hooks: APIClientBaseFunctions & {
+        get: ({ id: string }: {
+            id: any;
+        }) => Promise<Asset>;
+        removeSecrets: (arg0: {}, arg1: Asset) => Promise<void>;
+        updateSecrets: (arg0: {}, arg1: Asset) => Promise<void>;
+        getSecrets: ({ id: string }: {
+            id: any;
+        }) => Promise<Promise<Asset[]>>;
+        addSecrets: (arg0: {}, arg1: Asset) => Promise<void>;
+    };
+    migrations: APIClientBaseFunctions & {
+        getMigrations: () => Promise<{
+            flags: Asset[];
+        }>;
+        updateMigrations: (arg0: {
+            flags: Asset[];
+        }) => Promise<void>;
+    };
+    organizations: APIClientBaseFunctions & {
+        updateEnabledConnection: (arg0: {}, arg1: Asset) => Promise<void>;
+        addEnabledConnection: (arg0: {}, arg1: Asset) => Promise<void>;
+        removeEnabledConnection: (arg0: Asset) => Promise<void>;
+        connections: {
+            get: (arg0: Asset) => Promise<Asset>;
+        };
+    };
+    prompts: APIClientBaseFunctions & {
+        getSettings: () => Promise<Asset[]>;
+        updateSettings: (arg0: {}, arg1: Asset) => Promise<void>;
+    };
+    resourceServers: APIClientBaseFunctions;
+    roles: APIClientBaseFunctions & {
+        permissions: APIClientBaseFunctions & {
+            delete: (arg0: {
+                id: string;
+            }, arg1: {
+                permissions: Asset[];
+            }) => Promise<void>;
+            create: (arg0: {
+                id: string;
+            }, arg1: {
+                permissions: Asset[];
+            }) => Promise<Asset>;
+        };
+    };
+    rules: APIClientBaseFunctions;
+    rulesConfigs: APIClientBaseFunctions & {
+        getAll: () => Promise<Asset[]>;
+    };
+    tenant: APIClientBaseFunctions & {
+        getSettings: () => Promise<Asset>;
+        updateSettings: (arg0: Asset) => Promise<void>;
+    };
+    triggers: APIClientBaseFunctions & {
+        getTriggerBindings: () => Promise<Asset>;
+    };
+    updateRule: (arg0: {
+        id: string;
+    }, arg1: Asset) => Promise<Asset>;
+};
+export declare type Auth0APIClient = BaseAuth0APIClient & {
+    pool: {
+        addSingleTask: (arg0: {
+            data: Object;
+            generator: any;
+        }) => {
+            promise: () => Promise<ApiResponse>;
+        };
+        addEachTask: (arg0: {
+            data: Object;
+            generator: any;
+        }) => {
+            promise: () => Promise<Asset[][]>;
+        };
+    };
+};
+export declare type Config = {
+    AUTH0_DOMAIN: string;
+    AUTH0_CLIENT_ID: string;
+    AUTH0_CLIENT_SECRET: string;
+    AUTH0_INPUT_FILE: string;
+    AUTH0_ALLOW_DELETE: boolean;
+    AUTH0_EXCLUDED: AssetTypes[];
+    EXTENSION_SECRET: string;
+    AUTH0_ACCESS_TOKEN?: string;
+    AUTH0_BASE_PATH?: string;
+    AUTH0_AUDIENCE?: string;
+    AUTH0_API_MAX_RETRIES?: number;
+    AUTH0_KEYWORD_REPLACE_MAPPINGS?: KeywordMappings;
+    AUTH0_EXPORT_IDENTIFIERS?: boolean;
+    AUTH0_CONNECTIONS_DIRECTORY?: string;
+    EXCLUDED_PROPS?: {
+        [key: string]: string[];
+    };
+    INCLUDED_PROPS?: {
+        [key: string]: string[];
+    };
+    AUTH0_IGNORE_UNAVAILABLE_MIGRATIONS?: boolean;
+    AUTH0_EXCLUDED_RULES?: string[];
+    AUTH0_EXCLUDED_CLIENTS?: string[];
+    AUTH0_EXCLUDED_DATABASES?: string[];
+    AUTH0_EXCLUDED_CONNECTIONS?: string[];
+    AUTH0_EXCLUDED_RESOURCE_SERVERS?: string[];
+    AUTH0_EXCLUDED_DEFAULTS?: string[];
+};
+export declare type Asset = {
+    [key: string]: any;
+};
+export declare type Assets = {
+    actions: Asset[];
+    attackProtection: Asset;
+    branding: Asset;
+    clients: Asset[];
+    clientGrants: Asset[];
+    connections: Asset[];
+    databases: Asset[];
+    emailProvider: Asset;
+    emailTemplates: Asset[];
+    guardianFactorProviders: Asset[];
+    guardianFactors: Asset[];
+    guardianFactorTemplates: Asset[];
+    guardianPhoneFactorMessageTypes: {
+        message_types: Asset[];
+    };
+    guardianPhoneFactorSelectedProvider: Asset;
+    guardianPolicies: {
+        policies: Asset[];
+    };
+    hooks: Asset[];
+    migrations: Asset[];
+    organizations: Asset[];
+    pages: Asset[];
+    resourceServers: Asset[];
+    roles: Asset[];
+    rules: Asset[];
+    rulesConfigs: Asset[];
+    tenant: Asset;
+    triggers: Asset[];
+    exclude?: {
+        [key: string]: string[];
+    };
+    clientsOrig: Asset[];
+};
+export declare type CalculatedChanges = {
+    del: Asset[];
+    update: Asset[];
+    conflicts: Asset[];
+    create: Asset[];
+};
+export declare type AssetTypes = 'rules' | 'rulesConfigs' | 'hooks' | 'pages' | 'databases' | 'clientGrants' | 'resourceServers' | 'clients' | 'connections' | 'tenant' | 'emailProvider' | 'emailTemplates' | 'guardianFactors' | 'guardianFactorProviders' | 'guardianFactorTemplates' | 'migrations' | 'guardianPhoneFactorMessageTypes' | 'guardianPhoneFactorSelectedProvider' | 'guardianPolicies' | 'roles' | 'actions' | 'organizations' | 'triggers' | 'attackProtection' | 'branding';
+export declare type KeywordMappings = {
+    [key: string]: (string | number)[] | string | number;
+};
+export {};

package/lib/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/utils.d.ts

@@ -0,0 +1,66 @@
+import { Auth0 } from './tools';
+import { Asset, Assets, Config, KeywordMappings } from './types';
+export declare function isDirectory(filePath: string): boolean;
+export declare function isFile(filePath: string): boolean;
+export declare function getFiles(folder: string, exts: string[]): string[];
+export declare function loadJSON(file: string, mappings: KeywordMappings): any;
+export declare function dumpJSON(file: string, mappings: {
+    [key: string]: any;
+}): void;
+export declare function existsMustBeDir(folder: string): boolean;
+export declare function toConfigFn(data: Config): (arg0: keyof Config) => any;
+export declare function stripIdentifiers(auth0: Auth0, assets: Assets): {
+    actions: Asset[];
+    attackProtection: Asset;
+    branding: Asset;
+    clients: Asset[];
+    clientGrants: Asset[];
+    connections: Asset[];
+    databases: Asset[];
+    emailProvider: Asset;
+    emailTemplates: Asset[];
+    guardianFactorProviders: Asset[];
+    guardianFactors: Asset[];
+    guardianFactorTemplates: Asset[];
+    guardianPhoneFactorMessageTypes: {
+        message_types: Asset[];
+    };
+    guardianPhoneFactorSelectedProvider: Asset;
+    guardianPolicies: {
+        policies: Asset[];
+    };
+    hooks: Asset[];
+    migrations: Asset[];
+    organizations: Asset[];
+    pages: Asset[];
+    resourceServers: Asset[];
+    roles: Asset[];
+    rules: Asset[];
+    rulesConfigs: Asset[];
+    tenant: Asset;
+    triggers: Asset[];
+    exclude?: {
+        [key: string]: string[];
+    } | undefined;
+    clientsOrig: Asset[];
+};
+export declare function sanitize(str: string): string;
+declare type ImportantFields = {
+    name: string | null;
+    client_id: string | null;
+    audience: string | null;
+    template: string | null;
+    identifier: string | null;
+    strategy: string | null;
+    script: string | null;
+    stage: string | null;
+    id: string | null;
+};
+export declare function formatResults(item: any): Partial<ImportantFields>;
+export declare function recordsSorter(a: Partial<ImportantFields>, b: Partial<ImportantFields>): number;
+export declare function clearTenantFlags(tenant: Asset): void;
+export declare function ensureProp(obj: Asset, props: string): void;
+export declare function clearClientArrays(client: Asset): Asset;
+export declare function convertClientIdToName(clientId: string, knownClients?: Asset[]): string;
+export declare function mapClientID2NameSorted(enabledClients: string[], knownClients: Asset[]): string[];
+export {};