auth0-deploy-cli 7.6.0 → 7.8.0

package/lib/tools/auth0/handlers/databases.js

@@ -57,13 +57,13 @@ exports.schema = {
                 properties: {
                     customScripts: {
                         type: 'object',
-                        properties: Object.assign({}, constants_1.default.DATABASE_SCRIPTS.reduce((o, script) => (Object.assign(Object.assign({}, o), { [script]: { type: 'string' } })), {}))
-                    }
-                }
-            }
+                        properties: Object.assign({}, constants_1.default.DATABASE_SCRIPTS.reduce((o, script) => (Object.assign(Object.assign({}, o), { [script]: { type: 'string' } })), {})),
+                    },
+                },
+            },
         },
-        required: ['name']
-    }
+        required: ['name'],
+    },
 };
 class DatabaseHandler extends default_1.default {
     constructor(config) {
@@ -75,9 +75,8 @@ class DatabaseHandler extends default_1.default {
     getClientFN(fn) {
         // Override this as a database is actually a connection but we are treating them as a different object
         // If we going to update database, we need to get current options first
-        if (fn === this.functions.update) {
-            return (params, payload) => this.client.connections.get(params)
-                .then((connection) => {
+        if (fn === 'update') {
+            return (params, payload) => this.client.connections.get(params).then((connection) => {
                 payload.options = Object.assign(Object.assign({}, connection.options), payload.options);
                 return this.client.connections.update(params, payload);
             });
@@ -88,7 +87,11 @@ class DatabaseHandler extends default_1.default {
         return __awaiter(this, void 0, void 0, function* () {
             if (this.existing)
                 return this.existing;
-            this.existing = this.client.connections.getAll({ strategy: 'auth0', paginate: true, include_totals: true });
+            this.existing = this.client.connections.getAll({
+                strategy: 'auth0',
+                paginate: true,
+                include_totals: true,
+            });
             return this.existing;
         });
     }
@@ -100,13 +103,22 @@ class DatabaseHandler extends default_1.default {
             const { databases } = assets;
             // Do nothing if not set
             if (!databases)
-                return {};
+                return {
+                    del: [],
+                    create: [],
+                    update: [],
+                    conflicts: [],
+                };
             // Convert enabled_clients by name to the id
             const clients = yield this.client.clients.getAll({ paginate: true, include_totals: true });
-            const existingDatabasesConecctions = yield this.client.connections.getAll({ strategy: 'auth0', paginate: true, include_totals: true });
+            const existingDatabasesConnections = yield this.client.connections.getAll({
+                strategy: 'auth0',
+                paginate: true,
+                include_totals: true,
+            });
             const formatted = databases.map((db) => {
                 if (db.enabled_clients) {
-                    return Object.assign(Object.assign({}, db), { enabled_clients: (0, utils_1.getEnabledClients)(assets, db, existingDatabasesConecctions, clients) });
+                    return Object.assign(Object.assign({}, db), { enabled_clients: (0, utils_1.getEnabledClients)(assets, db, existingDatabasesConnections, clients) });
                 }
                 return db;
             });

package/lib/tools/auth0/handlers/default.d.ts

@@ -0,0 +1,54 @@
+import { Asset, Assets, Auth0APIClient, CalculatedChanges } from '../../../types';
+import { ConfigFunction } from '../../../configFactory';
+export declare function order(value: any): (t: any, n: any, descriptor: any) => any;
+export default class APIHandler {
+    config: ConfigFunction;
+    id: string;
+    type: string;
+    updated: number;
+    created: number;
+    deleted: number;
+    existing: null | Asset | Asset[];
+    client: Auth0APIClient;
+    identifiers: string[];
+    objectFields: string[];
+    sensitiveFieldsToObfuscate: string[];
+    stripUpdateFields: string[];
+    stripCreateFields: string[];
+    name?: string;
+    functions: {
+        getAll: string;
+        update: string;
+        create: string;
+        delete: string;
+    };
+    constructor(options: {
+        id?: APIHandler['id'];
+        config: ConfigFunction;
+        type: APIHandler['type'];
+        client: Auth0APIClient;
+        objectFields?: APIHandler['objectFields'];
+        identifiers?: APIHandler['identifiers'];
+        stripUpdateFields?: APIHandler['stripUpdateFields'];
+        sensitiveFieldsToObfuscate?: APIHandler['sensitiveFieldsToObfuscate'];
+        stripCreateFields?: APIHandler['stripCreateFields'];
+        functions: {
+            getAll?: string;
+            update?: string;
+            create?: string;
+            delete?: string;
+        };
+    });
+    getClientFN(fn: string | Function): Function;
+    didDelete(item: Asset): void;
+    didCreate(item: Asset): void;
+    didUpdate(item: Asset): void;
+    objString(item: Asset): string;
+    getType(): Promise<Asset | Asset[] | null>;
+    load(): Promise<{
+        [key: string]: Asset | Asset[] | null;
+    }>;
+    calcChanges(assets: Assets): Promise<CalculatedChanges>;
+    validate(assets: Assets): Promise<void>;
+    processChanges(assets: Assets, changes: CalculatedChanges): Promise<void>;
+}

package/lib/tools/auth0/handlers/default.js

@@ -13,9 +13,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.order = void 0;
-const ValidationError_1 = __importDefault(require("../../ValidationError"));
-const logger_1 = __importDefault(require("../../logger"));
+const validationError_1 = __importDefault(require("../../validationError"));
 const utils_1 = require("../../utils");
+const logger_1 = __importDefault(require("../../../logger"));
 const calculateChanges_1 = require("../../calculateChanges");
 function order(value) {
     return function decorator(t, n, descriptor) {
@@ -24,7 +24,7 @@ function order(value) {
     };
 }
 exports.order = order;
-class DefaultHandler {
+class APIHandler {
     constructor(options) {
         this.config = options.config;
         this.type = options.type;
@@ -33,11 +33,10 @@ class DefaultHandler {
         this.existing = null;
         this.identifiers = options.identifiers || ['id', 'name'];
         this.objectFields = options.objectFields || [];
-        this.stripUpdateFields = [
-            ...options.stripUpdateFields || [],
-            this.id
-        ];
-        this.functions = Object.assign({ getAll: 'getAll', create: 'create', update: 'update', delete: 'delete' }, options.functions || {});
+        this.stripUpdateFields = [...(options.stripUpdateFields || []), this.id];
+        this.sensitiveFieldsToObfuscate = options.sensitiveFieldsToObfuscate || [];
+        this.stripCreateFields = options.stripCreateFields || [];
+        this.functions = Object.assign({ getAll: 'getAll', create: 'create', delete: 'delete', update: 'update' }, (options.functions || {}));
         this.updated = 0;
         this.created = 0;
         this.deleted = 0;
@@ -59,7 +58,7 @@ class DefaultHandler {
         logger_1.default.info(`Updated [${this.type}]: ${this.objString(item)}`);
     }
     objString(item) {
-        return (0, utils_1.dumpJSON)(item);
+        return (0, utils_1.convertJsonToString)(item);
     }
     getType() {
         return __awaiter(this, void 0, void 0, function* () {
@@ -71,7 +70,8 @@ class DefaultHandler {
         return __awaiter(this, void 0, void 0, function* () {
             // Load Asset from Tenant
             logger_1.default.info(`Retrieving ${this.type} data from Auth0`);
-            this.existing = yield this.getType();
+            const data = yield this.getType();
+            this.existing = (0, utils_1.obfuscateSensitiveValues)(data, this.sensitiveFieldsToObfuscate);
             return { [this.type]: this.existing };
         });
     }
@@ -79,15 +79,22 @@ class DefaultHandler {
         return __awaiter(this, void 0, void 0, function* () {
             const typeAssets = assets[this.type];
             // Do nothing if not set
-            if (!typeAssets)
-                return {};
+            if (!typeAssets) {
+                return {
+                    del: [],
+                    create: [],
+                    conflicts: [],
+                    update: [],
+                };
+            }
             const existing = yield this.getType();
             // Figure out what needs to be updated vs created
             return (0, calculateChanges_1.calculateChanges)({
                 handler: this,
                 assets: typeAssets,
+                //@ts-ignore TODO: investigate what happens when `existing` is null
                 existing,
-                identifiers: this.identifiers
+                identifiers: this.identifiers,
             });
         });
     }
@@ -102,16 +109,16 @@ class DefaultHandler {
             const duplicateNames = (0, utils_1.duplicateItems)(typeAssets, 'name');
             if (duplicateNames.length > 0) {
                 const formatted = duplicateNames.map((dups) => dups.map((d) => `${d.name}`));
-                throw new ValidationError_1.default(`There are multiple ${this.type} with the same name combinations
-      ${(0, utils_1.dumpJSON)(formatted)}.
+                throw new validationError_1.default(`There are multiple ${this.type} with the same name combinations
+      ${(0, utils_1.convertJsonToString)(formatted)}.
        Names must be unique.`);
             }
             // Do not allow items with same id
             const duplicateIDs = (0, utils_1.duplicateItems)(typeAssets, this.id);
             if (duplicateIDs.length > 0) {
                 const formatted = duplicateIDs.map((dups) => dups.map((d) => `${d[this.id]}`));
-                throw new ValidationError_1.default(`There are multiple ${this.type} for the following stage-order combinations
-      ${(0, utils_1.dumpJSON)(formatted)}.
+                throw new validationError_1.default(`There are multiple ${this.type} for the following stage-order combinations
+      ${(0, utils_1.convertJsonToString)(formatted)}.
        Only one rule must be defined for the same order number in a stage.`);
             }
         });
@@ -129,7 +136,8 @@ class DefaultHandler {
             // Process Deleted
             if (del.length > 0) {
                 const allowDelete = this.config('AUTH0_ALLOW_DELETE') === 'true' || this.config('AUTH0_ALLOW_DELETE') === true;
-                const byExtension = this.config('EXTENSION_SECRET') && (this.type === 'rules' || this.type === 'resourceServers');
+                const byExtension = this.config('EXTENSION_SECRET') &&
+                    (this.type === 'rules' || this.type === 'resourceServers');
                 const shouldDelete = allowDelete || byExtension;
                 if (!shouldDelete) {
                     logger_1.default.warn(`Detected the following ${this.type} should be deleted. Doing so may be destructive.\nYou can enable deletes by setting 'AUTH0_ALLOW_DELETE' to true in the config
@@ -137,7 +145,8 @@ class DefaultHandler {
          `);
                 }
                 else {
-                    yield this.client.pool.addEachTask({
+                    yield this.client.pool
+                        .addEachTask({
                         data: del || [],
                         generator: (delItem) => {
                             const delFunction = this.getClientFN(this.functions.delete);
@@ -149,30 +158,41 @@ class DefaultHandler {
                                 .catch((err) => {
                                 throw new Error(`Problem deleting ${this.type} ${this.objString(delItem)}\n${err}`);
                             });
-                        }
-                    }).promise();
+                        },
+                    })
+                        .promise();
                 }
             }
             // Process Renaming Entries Temp due to conflicts in names
-            yield this.client.pool.addEachTask({
+            yield this.client.pool
+                .addEachTask({
                 data: conflicts || [],
                 generator: (updateItem) => {
                     const updateFN = this.getClientFN(this.functions.update);
                     const params = { [this.id]: updateItem[this.id] };
-                    const payload = (0, utils_1.stripFields)(Object.assign({}, updateItem), this.stripUpdateFields);
-                    return updateFN(params, payload)
+                    const updatePayload = (() => {
+                        let data = (0, utils_1.stripFields)(Object.assign({}, updateItem), this.stripUpdateFields);
+                        return (0, utils_1.stripObfuscatedFieldsFromPayload)(data, this.sensitiveFieldsToObfuscate);
+                    })();
+                    return updateFN(params, updatePayload)
                         .then((data) => this.didUpdate(data))
                         .catch((err) => {
                         throw new Error(`Problem updating ${this.type} ${this.objString(updateItem)}\n${err}`);
                     });
-                }
-            }).promise();
+                },
+            })
+                .promise();
             // Process Creations
-            yield this.client.pool.addEachTask({
+            yield this.client.pool
+                .addEachTask({
                 data: create || [],
                 generator: (createItem) => {
                     const createFunction = this.getClientFN(this.functions.create);
-                    return createFunction(createItem)
+                    const createPayload = (() => {
+                        const strippedPayload = (0, utils_1.stripFields)(createItem, this.stripCreateFields);
+                        return (0, utils_1.stripObfuscatedFieldsFromPayload)(strippedPayload, this.sensitiveFieldsToObfuscate);
+                    })();
+                    return createFunction(createPayload)
                         .then((data) => {
                         this.didCreate(data);
                         this.created += 1;
@@ -180,16 +200,21 @@ class DefaultHandler {
                         .catch((err) => {
                         throw new Error(`Problem creating ${this.type} ${this.objString(createItem)}\n${err}`);
                     });
-                }
-            }).promise();
+                },
+            })
+                .promise();
             // Process Updates and strip fields not allowed in updates
-            yield this.client.pool.addEachTask({
+            yield this.client.pool
+                .addEachTask({
                 data: update || [],
                 generator: (updateItem) => {
                     const updateFN = this.getClientFN(this.functions.update);
                     const params = { [this.id]: updateItem[this.id] };
-                    const payload = (0, utils_1.stripFields)(Object.assign({}, updateItem), this.stripUpdateFields);
-                    return updateFN(params, payload)
+                    const updatePayload = (() => {
+                        let data = (0, utils_1.stripFields)(Object.assign({}, updateItem), this.stripUpdateFields);
+                        return (0, utils_1.stripObfuscatedFieldsFromPayload)(data, this.sensitiveFieldsToObfuscate);
+                    })();
+                    return updateFN(params, updatePayload)
                         .then((data) => {
                         this.didUpdate(data);
                         this.updated += 1;
@@ -197,9 +222,10 @@ class DefaultHandler {
                         .catch((err) => {
                         throw new Error(`Problem updating ${this.type} ${this.objString(updateItem)}\n${err}`);
                     });
-                }
-            }).promise();
+                },
+            })
+                .promise();
         });
     }
 }
-exports.default = DefaultHandler;
+exports.default = APIHandler;

package/lib/tools/auth0/handlers/emailProvider.d.ts

@@ -0,0 +1,11 @@
+import DefaultHandler from './default';
+import { Asset, Assets } from '../../../types';
+export declare const schema: {
+    type: string;
+};
+export default class EmailProviderHandler extends DefaultHandler {
+    constructor(options: DefaultHandler);
+    getType(): Promise<Asset>;
+    objString(provider: any): string;
+    processChanges(assets: Assets): Promise<void>;
+}

package/lib/tools/auth0/handlers/emailTemplates.d.ts

@@ -0,0 +1,26 @@
+import DefaultHandler from './default';
+import { Assets, Asset } from '../../../types';
+export declare const supportedTemplates: string[];
+export declare const schema: {
+    type: string;
+    items: {
+        type: string;
+        properties: {
+            template: {
+                type: string;
+                enum: string[];
+            };
+            body: {
+                type: string;
+                default: string;
+            };
+        };
+        required: string[];
+    };
+};
+export default class EmailTemplateHandler extends DefaultHandler {
+    constructor(options: DefaultHandler);
+    getType(): Promise<Asset>;
+    updateOrCreate(emailTemplate: any): Promise<void>;
+    processChanges(assets: Assets): Promise<void>;
+}

package/lib/tools/auth0/handlers/emailTemplates.js

@@ -44,19 +44,17 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.schema = exports.supportedTemplates = void 0;
 const default_1 = __importStar(require("./default"));
 const constants_1 = __importDefault(require("../../constants"));
-exports.supportedTemplates = constants_1.default.EMAIL_TEMPLATES_NAMES
-    .filter((p) => p.includes('.json'))
-    .map((p) => p.replace('.json', ''));
+exports.supportedTemplates = constants_1.default.EMAIL_TEMPLATES_NAMES.filter((p) => p.includes('.json')).map((p) => p.replace('.json', ''));
 exports.schema = {
     type: 'array',
     items: {
         type: 'object',
         properties: {
             template: { type: 'string', enum: exports.supportedTemplates },
-            body: { type: 'string', default: '' }
+            body: { type: 'string', default: '' },
         },
-        required: ['template']
-    }
+        required: ['template'],
+    },
 };
 class EmailTemplateHandler extends default_1.default {
     constructor(options) {
@@ -64,11 +62,10 @@ class EmailTemplateHandler extends default_1.default {
     }
     getType() {
         return __awaiter(this, void 0, void 0, function* () {
-            const emailTemplates = [];
-            yield Promise.all(constants_1.default.EMAIL_TEMPLATES_TYPES.map((name) => __awaiter(this, void 0, void 0, function* () {
+            const emailTemplates = yield Promise.all(constants_1.default.EMAIL_TEMPLATES_TYPES.map((name) => __awaiter(this, void 0, void 0, function* () {
                 try {
                     const template = yield this.client.emailTemplates.get({ name });
-                    emailTemplates.push(template);
+                    return template;
                 }
                 catch (err) {
                     // Ignore if not found, else throw error
@@ -77,7 +74,8 @@ class EmailTemplateHandler extends default_1.default {
                     }
                 }
             })));
-            return emailTemplates;
+            const nonEmptyTemplates = emailTemplates.filter((template) => !!template);
+            return nonEmptyTemplates;
         });
     }
     updateOrCreate(emailTemplate) {

package/lib/tools/auth0/handlers/guardianFactorProviders.d.ts

@@ -0,0 +1,25 @@
+import DefaultHandler from './default';
+import { Asset, Assets } from '../../../types';
+export declare const schema: {
+    type: string;
+    items: {
+        type: string;
+        properties: {
+            name: {
+                type: string;
+                enum: string[];
+            };
+            provider: {
+                type: string;
+                enum: string[];
+            };
+        };
+        required: string[];
+    };
+};
+export default class GuardianFactorProvidersHandler extends DefaultHandler {
+    existing: Asset[];
+    constructor(options: DefaultHandler);
+    getType(): Promise<Asset[]>;
+    processChanges(assets: Assets): Promise<void>;
+}

package/lib/tools/auth0/handlers/guardianFactorProviders.js

@@ -27,10 +27,10 @@ exports.schema = {
         type: 'object',
         properties: {
             name: { type: 'string', enum: constants_1.default.GUARDIAN_FACTORS },
-            provider: { type: 'string', enum: mappings.map((p) => p.provider) }
+            provider: { type: 'string', enum: mappings.map((p) => p.provider) },
         },
-        required: ['name', 'provider']
-    }
+        required: ['name', 'provider'],
+    },
 };
 class GuardianFactorProvidersHandler extends default_1.default {
     constructor(options) {

package/lib/tools/auth0/handlers/guardianFactorTemplates.d.ts

@@ -0,0 +1,21 @@
+import DefaultHandler from './default';
+import { Assets, Asset } from '../../../types';
+export declare const schema: {
+    type: string;
+    items: {
+        type: string;
+        properties: {
+            name: {
+                type: string;
+                enum: string[];
+            };
+        };
+        required: string[];
+    };
+};
+export default class GuardianFactorTemplatesHandler extends DefaultHandler {
+    existing: Asset[];
+    constructor(options: any);
+    getType(): Promise<Asset[]>;
+    processChanges(assets: Assets): Promise<void>;
+}

package/lib/tools/auth0/handlers/guardianFactorTemplates.js

@@ -20,10 +20,10 @@ exports.schema = {
     items: {
         type: 'object',
         properties: {
-            name: { type: 'string', enum: constants_1.default.GUARDIAN_FACTOR_TEMPLATES }
+            name: { type: 'string', enum: constants_1.default.GUARDIAN_FACTOR_TEMPLATES },
         },
-        required: ['name']
-    }
+        required: ['name'],
+    },
 };
 class GuardianFactorTemplatesHandler extends default_1.default {
     constructor(options) {

package/lib/tools/auth0/handlers/guardianFactors.d.ts

@@ -0,0 +1,21 @@
+import DefaultHandler from './default';
+import { Asset, Assets } from '../../../types';
+export declare const schema: {
+    type: string;
+    items: {
+        type: string;
+        properties: {
+            name: {
+                type: string;
+                enum: string[];
+            };
+        };
+        required: string[];
+    };
+};
+export default class GuardianFactorsHandler extends DefaultHandler {
+    existing: Asset[];
+    constructor(options: DefaultHandler);
+    getType(): Promise<Asset[]>;
+    processChanges(assets: Assets): Promise<void>;
+}

package/lib/tools/auth0/handlers/guardianFactors.js

@@ -20,10 +20,10 @@ exports.schema = {
     items: {
         type: 'object',
         properties: {
-            name: { type: 'string', enum: constants_1.default.GUARDIAN_FACTORS }
+            name: { type: 'string', enum: constants_1.default.GUARDIAN_FACTORS },
         },
-        required: ['name']
-    }
+        required: ['name'],
+    },
 };
 class GuardianFactorsHandler extends default_1.default {
     constructor(options) {

package/lib/tools/auth0/handlers/guardianPhoneFactorMessageTypes.d.ts

@@ -0,0 +1,21 @@
+import DefaultHandler from './default';
+import { Asset, Assets } from '../../../types';
+export declare const schema: {
+    type: string;
+    properties: {
+        message_types: {
+            type: string;
+            items: {
+                type: string;
+                enum: string[];
+            };
+        };
+    };
+    additionalProperties: boolean;
+};
+export default class GuardianPhoneMessageTypesHandler extends DefaultHandler {
+    existing: Asset[];
+    constructor(options: DefaultHandler);
+    getType(): Promise<Asset[] | {}>;
+    processChanges(assets: Assets): Promise<void>;
+}

package/lib/tools/auth0/handlers/guardianPhoneFactorMessageTypes.js

@@ -22,22 +22,22 @@ exports.schema = {
             type: 'array',
             items: {
                 type: 'string',
-                enum: constants_1.default.GUARDIAN_PHONE_MESSAGE_TYPES
-            }
-        }
+                enum: constants_1.default.GUARDIAN_PHONE_MESSAGE_TYPES,
+            },
+        },
     },
-    additionalProperties: false
+    additionalProperties: false,
 };
 const isFeatureUnavailableError = (err) => {
     if (err.statusCode === 404) {
         // Older Management API version where the endpoint is not available.
         return true;
     }
-    if (err.statusCode === 403
-        && err.originalError
-        && err.originalError.response
-        && err.originalError.response.body
-        && err.originalError.response.body.errorCode === 'voice_mfa_not_allowed') {
+    if (err.statusCode === 403 &&
+        err.originalError &&
+        err.originalError.response &&
+        err.originalError.response.body &&
+        err.originalError.response.body.errorCode === 'voice_mfa_not_allowed') {
         // Recent Management API version, but with feature explicitly disabled.
         return true;
     }
@@ -50,7 +50,8 @@ class GuardianPhoneMessageTypesHandler extends default_1.default {
     getType() {
         return __awaiter(this, void 0, void 0, function* () {
             // in case client version does not support the operation
-            if (!this.client.guardian || typeof this.client.guardian.getPhoneFactorMessageTypes !== 'function') {
+            if (!this.client.guardian ||
+                typeof this.client.guardian.getPhoneFactorMessageTypes !== 'function') {
                 return {};
             }
             if (this.existing)

package/lib/tools/auth0/handlers/guardianPhoneFactorSelectedProvider.d.ts

@@ -0,0 +1,18 @@
+import DefaultHandler from './default';
+import { Asset, Assets } from '../../../types';
+export declare const schema: {
+    type: string;
+    properties: {
+        provider: {
+            type: string;
+            enum: string[];
+        };
+    };
+    additionalProperties: boolean;
+};
+export default class GuardianPhoneSelectedProviderHandler extends DefaultHandler {
+    existing: Asset[];
+    constructor(options: any);
+    getType(): Promise<{}>;
+    processChanges(assets: Assets): Promise<void>;
+}