auth0-deploy-cli 7.6.0 → 7.8.0

package/lib/context/yaml/handlers/triggers.js

@@ -15,7 +15,7 @@ function parse(context) {
         if (!context.assets.triggers)
             return {};
         return {
-            triggers: context.assets.triggers
+            triggers: context.assets.triggers,
         };
     });
 }
@@ -26,7 +26,7 @@ function dump(context) {
         if (!triggers)
             return {};
         return {
-            triggers: triggers
+            triggers: triggers,
         };
     });
 }

package/lib/context/yaml/index.d.ts

@@ -0,0 +1,13 @@
+import { Assets, Config, Auth0APIClient, KeywordMappings } from '../../types';
+export default class YAMLContext {
+    basePath: string;
+    configFile: string;
+    config: Config;
+    mappings: KeywordMappings;
+    mgmtClient: Auth0APIClient;
+    assets: Assets;
+    constructor(config: Config, mgmtClient: any);
+    loadFile(f: any): string;
+    load(): Promise<void>;
+    dump(): Promise<void>;
+}

package/lib/context/yaml/index.js

@@ -20,28 +20,29 @@ const logger_1 = __importDefault(require("../../logger"));
 const utils_1 = require("../../utils");
 const handlers_1 = __importDefault(require("./handlers"));
 const readonly_1 = __importDefault(require("../../readonly"));
-class default_1 {
+class YAMLContext {
     constructor(config, mgmtClient) {
         this.configFile = config.AUTH0_INPUT_FILE;
         this.config = config;
-        this.mappings = config.AUTH0_KEYWORD_REPLACE_MAPPINGS;
+        this.mappings = config.AUTH0_KEYWORD_REPLACE_MAPPINGS || {};
         this.mgmtClient = mgmtClient;
+        //@ts-ignore because the assets property gets filled out throughout
+        this.assets = {};
         // Get excluded rules
-        this.assets = {
-            exclude: {
-                rules: config.AUTH0_EXCLUDED_RULES || [],
-                clients: config.AUTH0_EXCLUDED_CLIENTS || [],
-                databases: config.AUTH0_EXCLUDED_DATABASES || [],
-                connections: config.AUTH0_EXCLUDED_CONNECTIONS || [],
-                resourceServers: config.AUTH0_EXCLUDED_RESOURCE_SERVERS || [],
-                defaults: config.AUTH0_EXCLUDED_DEFAULTS || []
-            }
+        this.assets.exclude = {
+            rules: config.AUTH0_EXCLUDED_RULES || [],
+            clients: config.AUTH0_EXCLUDED_CLIENTS || [],
+            databases: config.AUTH0_EXCLUDED_DATABASES || [],
+            connections: config.AUTH0_EXCLUDED_CONNECTIONS || [],
+            resourceServers: config.AUTH0_EXCLUDED_RESOURCE_SERVERS || [],
+            defaults: config.AUTH0_EXCLUDED_DEFAULTS || [],
         };
-        this.basePath = config.AUTH0_BASE_PATH;
-        if (!this.basePath) {
+        this.basePath = (() => {
+            if (!!config.AUTH0_BASE_PATH)
+                return config.AUTH0_BASE_PATH;
             //@ts-ignore because this looks to be a bug, but do not want to introduce regression; more investigation needed
-            this.basePath = (typeof configFile === 'object') ? process.cwd() : path_1.default.dirname(this.configFile);
-        }
+            return typeof configFile === 'object' ? process.cwd() : path_1.default.dirname(this.configFile);
+        })();
     }
     loadFile(f) {
         let toLoad = path_1.default.join(this.basePath, f);
@@ -75,8 +76,7 @@ class default_1 {
             yield Promise.all(Object.entries(handlers_1.default).map(([name, handler]) => __awaiter(this, void 0, void 0, function* () {
                 try {
                     const parsed = yield handler.parse(this);
-                    Object.entries(parsed)
-                        .forEach(([k, v]) => {
+                    Object.entries(parsed).forEach(([k, v]) => {
                         this.assets[k] = v;
                     });
                 }
@@ -97,17 +97,25 @@ class default_1 {
             }
             catch (err) {
                 const docUrl = 'https://auth0.com/docs/deploy/deploy-cli-tool/create-and-configure-the-deploy-cli-application#modify-deploy-cli-application-scopes';
-                const extraMessage = err.message.startsWith('Insufficient scope') ? `\nSee ${docUrl} for more information` : '';
+                const extraMessage = err.message.startsWith('Insufficient scope')
+                    ? `\nSee ${docUrl} for more information`
+                    : '';
                 throw new Error(`Problem loading tenant data from Auth0 ${err}${extraMessage}`);
             }
-            yield Promise.all(Object.entries(handlers_1.default).map(([name, handler]) => __awaiter(this, void 0, void 0, function* () {
+            yield Promise.all(Object.entries(handlers_1.default)
+                .filter(([handlerName]) => {
+                const excludedAssetTypes = this.config.AUTH0_EXCLUDED || [];
+                return !excludedAssetTypes.includes(handlerName);
+            })
+                .map(([name, handler]) => __awaiter(this, void 0, void 0, function* () {
                 try {
                     const data = yield handler.dump(this);
                     if (data) {
                         logger_1.default.info(`Exporting ${name}`);
-                        Object.entries(data)
-                            .forEach(([k, v]) => {
-                            this.assets[k] = Array.isArray(v) ? v.map(utils_1.formatResults).sort(utils_1.recordsSorter) : (0, utils_1.formatResults)(v);
+                        Object.entries(data).forEach(([k, v]) => {
+                            this.assets[k] = Array.isArray(v)
+                                ? v.map(utils_1.formatResults).sort(utils_1.recordsSorter)
+                                : (0, utils_1.formatResults)(v);
                         });
                     }
                 }
@@ -131,4 +139,4 @@ class default_1 {
         });
     }
 }
-exports.default = default_1;
+exports.default = YAMLContext;

package/lib/index.d.ts

@@ -0,0 +1,88 @@
+#!/usr/bin/env node
+import importCMD from './commands/import';
+import exportCMD from './commands/export';
+declare const _default: {
+    deploy: typeof importCMD;
+    dump: typeof exportCMD;
+    import: typeof importCMD;
+    export: typeof exportCMD;
+    tools: {
+        constants: {
+            CONCURRENT_CALLS: number;
+            RULES_DIRECTORY: string;
+            RULES_STAGES: string[];
+            DEFAULT_RULE_STAGE: string;
+            HOOKS_HIDDEN_SECRET_VALUE: string;
+            OBFUSCATED_SECRET_VALUE: string;
+            HOOKS_DIRECTORY: string;
+            ACTIONS_DIRECTORY: string;
+            TRIGGERS_DIRECTORY: string;
+            RULES_CONFIGS_DIRECTORY: string;
+            PAGES_DIRECTORY: string;
+            PAGE_LOGIN: string;
+            PAGE_GUARDIAN_MULTIFACTOR: string;
+            PAGE_PASSWORD_RESET: string;
+            PAGE_ERROR: string;
+            DATABASE_CONNECTIONS_DIRECTORY: string;
+            DATABASE_SCRIPTS_CHANGE_EMAIL: string;
+            DATABASE_SCRIPTS_GET_USER: string;
+            EMAIL_TEMPLATES_TYPES: string[];
+            ACTIONS_TRIGGERS: string[];
+            EMAIL_TEMPLATES_DIRECTORY: string;
+            EMAIL_VERIFY: string;
+            EMAIL_VERIFY_BY_CODE: string;
+            EMAIL_RESET: string;
+            EMAIL_WELCOME: string;
+            EMAIL_BLOCKED: string;
+            EMAIL_STOLEN_CREDENTIALS: string;
+            EMAIL_ENROLLMENT: string;
+            EMAIL_CHANGE_PASSWORD: string;
+            EMAIL_PASSWORD_RESET: string;
+            EMAIL_MFA_OOB_CODE: string;
+            EMAIL_USER_INVITATION: string;
+            GUARDIAN_DIRECTORY: string;
+            GUARDIAN_FACTORS_DIRECTORY: string;
+            GUARDIAN_PROVIDERS_DIRECTORY: string;
+            GUARDIAN_TEMPLATES_DIRECTORY: string;
+            UNIVERSAL_LOGIN_TEMPLATE: string;
+            RESOURCE_SERVERS_DIRECTORY: string;
+            RESOURCE_SERVERS_CLIENT_NAME: string;
+            RESOURCE_SERVERS_MANAGEMENT_API_NAME: string;
+            RESOURCE_SERVERS_ID_NAME: string;
+            CLIENTS_DIRECTORY: string;
+            CLIENTS_GRANTS_DIRECTORY: string;
+            BRANDING_DIRECTORY: string;
+            BRANDING_TEMPLATES_DIRECTORY: string;
+            BRANDING_TEMPLATES_YAML_DIRECTORY: string;
+            CLIENTS_CLIENT_NAME: string;
+            CLIENTS_CLIENT_ID_NAME: string;
+            CONNECTIONS_DIRECTORY: string;
+            CONNECTIONS_CLIENT_NAME: string;
+            CONNECTIONS_ID_NAME: string;
+            ROLES_DIRECTORY: string;
+            ATTACK_PROTECTION_DIRECTORY: string;
+            GUARDIAN_FACTORS: string[];
+            GUARDIAN_POLICIES: string[];
+            GUARDIAN_PHONE_PROVIDERS: string[];
+            GUARDIAN_PHONE_MESSAGE_TYPES: string[];
+            GUARDIAN_FACTOR_TEMPLATES: string[];
+            GUARDIAN_FACTOR_PROVIDERS: {
+                sms: string[];
+                'push-notification': string[];
+            };
+            PAGE_NAMES: string[];
+            DATABASE_SCRIPTS: string[];
+            DATABASE_SCRIPTS_NO_IMPORT: string[];
+            DATABASE_SCRIPTS_IMPORT: string[];
+            EMAIL_TEMPLATES_NAMES: string[];
+            SUPPORTED_BRANDING_TEMPLATES: string[];
+        };
+        deploy: typeof import("./tools").deploy;
+        keywordReplace: typeof import("./tools").keywordReplace;
+        loadFileAndReplaceKeywords: typeof import("./tools").loadFileAndReplaceKeywords;
+        Auth0: typeof import("./tools").Auth0;
+    };
+};
+export default _default;
+export declare const dump: typeof exportCMD;
+export declare const deploy: typeof importCMD;

package/lib/index.js

@@ -13,15 +13,17 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.deploy = exports.dump = void 0;
 const global_agent_1 = require("global-agent");
 const args_1 = require("./args");
-const commands_1 = __importDefault(require("./commands"));
 const logger_1 = __importDefault(require("./logger"));
 const tools_1 = __importDefault(require("./tools"));
+const import_1 = __importDefault(require("./commands/import"));
+const export_1 = __importDefault(require("./commands/export"));
 function run(params) {
     return __awaiter(this, void 0, void 0, function* () {
         // Run command
-        const cmd = commands_1.default[params._[0]];
+        const command = params._[0];
         const proxy = params.proxy_url;
         if (proxy) {
             const MAJOR_NODEJS_VERSION = parseInt(process.version.slice(1).split('.')[0], 10);
@@ -32,9 +34,14 @@ function run(params) {
             process.env.GLOBAL_AGENT_HTTP_PROXY = proxy;
             (0, global_agent_1.bootstrap)();
         }
-        logger_1.default.debug(`Start command ${params._[0]}`);
-        yield cmd(params);
-        logger_1.default.debug(`Finished command ${params._[0]}`);
+        logger_1.default.debug(`Start command ${command}`);
+        if (['deploy', 'import'].includes(command) && 'input_file' in params) {
+            yield (0, import_1.default)(params);
+        }
+        if (['dump', 'export'].includes(command) && 'output_folder' in params) {
+            yield (0, export_1.default)(params);
+        }
+        logger_1.default.debug(`Finished command ${command}`);
     });
 }
 // Only run if from command line
@@ -42,10 +49,8 @@ if (require.main === module) {
     // Load cli params
     const params = (0, args_1.getParams)();
     logger_1.default.debug('Starting Auth0 Deploy CLI Tool');
-    // Set log level
-    logger_1.default.transports.console.level = params.level;
     if (params.debug) {
-        logger_1.default.transports.console.level = 'debug';
+        logger_1.default.level = 'debug';
         // Set for tools
         process.env.AUTH0_DEBUG = 'true';
         process.env.AUTH0_LOG = 'debug';
@@ -53,15 +58,16 @@ if (require.main === module) {
     run(params)
         .then(() => process.exit(0))
         .catch((error) => {
+        const command = params._[0];
         if (error.type || error.stage) {
-            logger_1.default.error(`Problem running command ${params._[0]} during stage ${error.stage} when processing type ${error.type}`);
+            logger_1.default.error(`Problem running command ${command} during stage ${error.stage} when processing type ${error.type}`);
         }
         else {
-            logger_1.default.error(`Problem running command ${params._[0]}`);
+            logger_1.default.error(`Problem running command ${command}`);
         }
         const msg = error.message || error.toString();
         logger_1.default.error(msg);
-        if (process.env.AUTH0_DEBUG === 'true') {
+        if (process.env.AUTH0_DEBUG === 'true' && error.stack) {
             logger_1.default.debug(error.stack);
         }
         if (typeof msg === 'string' && msg.includes('Payload validation error')) {
@@ -71,10 +77,12 @@ if (require.main === module) {
     });
 }
 // Export commands to be used programmatically
-module.exports = {
-    deploy: commands_1.default.import,
-    dump: commands_1.default.export,
-    import: commands_1.default.import,
-    export: commands_1.default.export,
-    tools: tools_1.default
+exports.default = {
+    deploy: import_1.default,
+    dump: export_1.default,
+    import: import_1.default,
+    export: export_1.default,
+    tools: tools_1.default,
 };
+exports.dump = export_1.default;
+exports.deploy = import_1.default;

package/lib/logger.d.ts

@@ -0,0 +1,2 @@
+declare const logger: import("winston").Logger;
+export default logger;

package/lib/logger.js

@@ -1,20 +1,11 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-const winston_1 = __importDefault(require("winston"));
-winston_1.default.emitErrs = true;
-const log = new winston_1.default.Logger({
-    transports: [
-        new winston_1.default.transports.Console({
-            timestamp: true,
-            level: process.env.AUTH0_LOG || 'info',
-            handleExceptions: true,
-            json: false,
-            colorize: true
-        })
-    ],
-    exitOnError: false
+const winston_1 = require("winston");
+const { combine, timestamp, colorize } = winston_1.format;
+const logger = (0, winston_1.createLogger)({
+    level: process.env.AUTH0_LOG || 'info',
+    format: combine(colorize(), timestamp(), winston_1.format.printf((info) => `${info.timestamp} - ${info.level}: ${info.message}`)),
+    transports: [new winston_1.transports.Console()],
+    exitOnError: false,
 });
-exports.default = log;
+exports.default = logger;

package/lib/readonly.d.ts

@@ -0,0 +1,2 @@
+import { Assets, Config } from './types';
+export default function cleanAssets(assets: Assets, config: Config): Assets;

package/lib/readonly.js

@@ -6,24 +6,17 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const dot_prop_1 = __importDefault(require("dot-prop"));
 const lodash_1 = __importDefault(require("lodash"));
 // Filter out known read only fields during dump
-const readOnly = {
-    guardianFactors: [
-        'trial_expired'
-    ],
-    connections: [
-        'provisioning_ticket_url',
-        'realms'
-    ],
-    databases: [
-        'options.configuration'
-    ],
+const readOnlyFields = {
+    guardianFactors: ['trial_expired'],
+    connections: ['provisioning_ticket_url', 'realms'],
+    databases: ['options.configuration'],
     tenant: [
         'sandbox_version',
         'sandbox_versions_available',
         'flags.allow_changing_enable_sso',
         'flags.enable_sso',
         'flags.disable_impersonation',
-        'flags.remove_stale_idp_attributes'
+        'flags.remove_stale_idp_attributes',
     ],
     clients: [
         'client_secret',
@@ -33,11 +26,11 @@ const readOnly = {
         'tenant',
         'custom_login_page_preview',
         'config_route',
-        'owners'
-    ]
+        'owners',
+    ],
 };
 function getExcludedFields(config) {
-    const strippedFields = Object.assign({}, readOnly);
+    const strippedFields = Object.assign({}, readOnlyFields);
     let { EXCLUDED_PROPS: excluded, INCLUDED_PROPS: included } = config;
     if (typeof excluded !== 'object')
         excluded = {};
@@ -45,7 +38,7 @@ function getExcludedFields(config) {
         included = {};
     Object.entries(excluded).forEach(([name, fields]) => {
         // Do not allow same field to be included and excluded at the same time
-        const intersections = fields.filter((field) => included[name] && included[name].includes(field));
+        const intersections = fields.filter((field) => included && included[name] && included[name].includes(field));
         if (intersections.length > 0) {
             throw new Error(`EXCLUDED_PROPS should NOT have any intersections with INCLUDED_PROPS. Intersections found: ${name}: ${intersections.join(', ')}`);
         }
@@ -71,9 +64,11 @@ function cleanAssets(assets, config) {
         if (!obj)
             return;
         if (Array.isArray(obj)) {
+            //@ts-ignore because `message_types` and `policies` on guardianPhoneFactorMessageTypes and guardianPolicies don't adhere to the expect types
             cleaned[name] = obj.map((o) => deleteKeys(o, fields));
         }
         else {
+            //@ts-ignore because `message_types` and `policies` on guardianPhoneFactorMessageTypes and guardianPolicies don't adhere to the expect types
             cleaned[name] = deleteKeys(cleaned[name], fields);
         }
     });

package/lib/sessionDurationsToMinutes.d.ts

@@ -0,0 +1,7 @@
+export declare const sessionDurationsToMinutes: ({ session_lifetime, idle_session_lifetime, }: {
+    session_lifetime?: number | undefined;
+    idle_session_lifetime?: number | undefined;
+}) => {
+    session_lifetime_in_minutes?: number;
+    idle_session_lifetime_in_minutes?: number;
+};

package/lib/sessionDurationsToMinutes.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sessionDurationsToMinutes = void 0;
+function hoursToMinutes(hours) {
+    return Math.round(hours * 60);
+}
+const sessionDurationsToMinutes = ({ session_lifetime, idle_session_lifetime, }) => {
+    const sessionDurations = {};
+    if (!!session_lifetime)
+        sessionDurations.session_lifetime_in_minutes = hoursToMinutes(session_lifetime);
+    if (!!idle_session_lifetime)
+        sessionDurations.idle_session_lifetime_in_minutes = hoursToMinutes(idle_session_lifetime);
+    return sessionDurations;
+};
+exports.sessionDurationsToMinutes = sessionDurationsToMinutes;

package/lib/tools/auth0/client.d.ts

@@ -0,0 +1,2 @@
+import { Auth0APIClient, BaseAuth0APIClient } from '../../types';
+export default function pagedClient(client: BaseAuth0APIClient): Auth0APIClient;

package/lib/tools/auth0/client.js

@@ -33,7 +33,7 @@ const API_FREQUENCY_PER_SECOND = 8;
 const MAX_PAGE_SIZE = 100;
 function getEntity(rsp) {
     const found = Object.values(rsp).filter((a) => Array.isArray(a));
-    if (found.length === 1) {
+    if (Array.isArray(found) && found.length === 1) {
         return found[0];
     }
     throw new Error('There was an error trying to find the entity within paginate');
@@ -48,7 +48,7 @@ function checkpointPaginator(client, target, name) {
             const { total } = yield client.pool
                 .addSingleTask({
                 data: newArgs,
-                generator: (requestArgs) => target[name](requestArgs)
+                generator: (requestArgs) => target[name](requestArgs),
             })
                 .promise();
             let done = false;
@@ -58,7 +58,7 @@ function checkpointPaginator(client, target, name) {
                 const rsp = yield client.pool
                     .addSingleTask({
                     data: newArgs,
-                    generator: (requestArgs) => target[name](requestArgs)
+                    generator: (requestArgs) => target[name](requestArgs),
                 })
                     .promise();
                 data.push(...getEntity(rsp));
@@ -92,7 +92,7 @@ function pagePaginator(client, target, name) {
             const rsp = yield client.pool
                 .addSingleTask({
                 data: lodash_1.default.cloneDeep(newArgs),
-                generator: (pageArgs) => target[name](...pageArgs)
+                generator: (pageArgs) => target[name](...pageArgs),
             })
                 .promise();
             data.push(...getEntity(rsp));
@@ -107,7 +107,7 @@ function pagePaginator(client, target, name) {
                         const pageArgs = lodash_1.default.cloneDeep(newArgs);
                         pageArgs[0].page = page + 1;
                         return target[name](...pageArgs).then((r) => getEntity(r));
-                    }
+                    },
                 })
                     .promise();
                 data.push(...(0, utils_1.flatten)(pages));
@@ -142,16 +142,16 @@ function pagedManager(client, manager) {
                 return pagedManager(client, nestedManager);
             }
             return nestedManager;
-        }
+        },
     });
 }
 // Warp around the ManagementClient and detect when requesting specific pages to return all
 function pagedClient(client) {
-    client.pool = new promise_pool_executor_1.PromisePoolExecutor({
-        concurrencyLimit: API_CONCURRENCY,
-        frequencyLimit: API_FREQUENCY_PER_SECOND,
-        frequencyWindow: 1000 // 1 sec
-    });
-    return pagedManager(client, client);
+    const clientWithPooling = Object.assign(Object.assign({}, client), { pool: new promise_pool_executor_1.PromisePoolExecutor({
+            concurrencyLimit: API_CONCURRENCY,
+            frequencyLimit: API_FREQUENCY_PER_SECOND,
+            frequencyWindow: 1000, // 1 sec
+        }) });
+    return pagedManager(clientWithPooling, clientWithPooling);
 }
 exports.default = pagedClient;

package/lib/tools/auth0/handlers/actions.d.ts

@@ -0,0 +1,95 @@
+import DefaultAPIHandler from './default';
+import { Asset } from '../../../types';
+export declare const schema: {
+    type: string;
+    items: {
+        type: string;
+        required: string[];
+        additionalProperties: boolean;
+        properties: {
+            code: {
+                type: string;
+                default: string;
+            };
+            runtime: {
+                type: string;
+            };
+            dependencies: {
+                type: string;
+                items: {
+                    type: string;
+                    additionalProperties: boolean;
+                    properties: {
+                        name: {
+                            type: string;
+                        };
+                        version: {
+                            type: string;
+                        };
+                        registry_url: {
+                            type: string;
+                        };
+                    };
+                };
+            };
+            secrets: {
+                type: string;
+                items: {
+                    type: string;
+                    properties: {
+                        name: {
+                            type: string;
+                        };
+                        value: {
+                            type: string;
+                        };
+                        updated_at: {
+                            type: string;
+                            format: string;
+                        };
+                    };
+                };
+            };
+            name: {
+                type: string;
+                default: string;
+            };
+            supported_triggers: {
+                type: string;
+                items: {
+                    type: string;
+                    properties: {
+                        id: {
+                            type: string;
+                            default: string;
+                        };
+                        version: {
+                            type: string;
+                        };
+                        url: {
+                            type: string;
+                        };
+                    };
+                };
+            };
+            deployed: {
+                type: string;
+            };
+            status: {
+                type: string;
+            };
+        };
+    };
+};
+export default class ActionHandler extends DefaultAPIHandler {
+    existing: Asset[] | null;
+    constructor(options: any);
+    createAction(action: any): Promise<Asset>;
+    deleteAction(action: any): Promise<void | never[]>;
+    objString(action: any): string;
+    deployActions(actions: any): Promise<void>;
+    deployAction(action: any): Promise<void>;
+    actionChanges(action: any, found: any): Promise<Asset>;
+    getType(): Promise<Asset[] | null>;
+    processChanges(assets: any): Promise<void>;
+}