dataverse-utils 1.0.1 → 2.0.0

package/CHANGELOG.json

@@ -2,7 +2,22 @@
   "name": "dataverse-utils",
   "entries": [
     {
-      "date": "Thu, 02 Sep 2021 16:21:26 GMT",
+      "date": "Thu, 16 Sep 2021 20:49:35 GMT",
+      "tag": "dataverse-utils_v2.0.0",
+      "version": "2.0.0",
+      "comments": {
+        "major": [
+          {
+            "comment": "Switch to device-code auth",
+            "author": "derek.finlinson@journeyteam.com",
+            "commit": "b1c526bdddb59fe2f4a3eb61096909ebbb2379d7",
+            "package": "dataverse-utils"
+          }
+        ]
+      }
+    },
+    {
+      "date": "Thu, 02 Sep 2021 16:22:00 GMT",
       "tag": "dataverse-utils_v1.0.1",
       "version": "1.0.1",
       "comments": {

package/CHANGELOG.md

@@ -1,13 +1,21 @@
 # Change Log - dataverse-utils
 
-This log was last generated on Thu, 02 Sep 2021 16:21:26 GMT and should not be manually modified.
+This log was last generated on Thu, 16 Sep 2021 20:49:35 GMT and should not be manually modified.
 
 <!-- Start content -->
 
-## 1.0.1
+## 2.0.0
 
-Thu, 02 Sep 2021 16:21:26 GMT
+Thu, 16 Sep 2021 20:49:35 GMT
 
-### Patches
+### Major changes
 
+- Switch to device-code auth (derek.finlinson@journeyteam.com)
+
+## 1.0.1
+
+Thu, 02 Sep 2021 16:22:00 GMT
+
+### Patches
+
 - Add generate command; Rename project (derek.finlinson@journeyteam.com)

package/README.md

@@ -5,17 +5,9 @@
 
 Utilities for interacting with Dataverse environments
 
-# Acquire authorization token
-
-Connection information is stored in dataverse.config.json.
-
-```sh
-dataverse-utils auth
-```
-
 # Deploy
 
-Deployment configuration is stored in dataverse.config.json.
+Deployment configuration is stored in dataverse.config.json. Access token will be acquired via device-code flow.
 
 ```sh
 dataverse-utils deploy webresource
@@ -25,7 +17,7 @@ dataverse-utils deploy assembly
 
 # Generate Early-Bound TS Files
 
-Generate early bound TypeScript files for tables
+Generate early bound TypeScript files for tables. Access token will be acquired via device-code flow.
 
 ```sh
 dataverse-utils generate account

package/lib/auth.d.ts

@@ -0,0 +1,2 @@
+import { AuthenticationResult } from '@azure/msal-node';
+export declare const getAccessToken: (tenant: string, url: string) => Promise<AuthenticationResult | null>;

package/lib/auth.js

@@ -0,0 +1,44 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAccessToken = void 0;
+const cachePlugin_1 = require("./cachePlugin");
+const msal_node_1 = require("@azure/msal-node");
+const just_scripts_utils_1 = require("just-scripts-utils");
+const clientId = '51f81489-12ee-4a9e-aaae-a2591f45987d';
+const getAccessToken = async (tenant, url) => {
+    const config = {
+        auth: {
+            clientId: clientId,
+            authority: `https://login.microsoftonline.com/${tenant}/`
+        },
+        cache: {
+            cachePlugin: cachePlugin_1.cachePlugin(url.replace('https://', '').split('.')[0])
+        }
+    };
+    const pca = new msal_node_1.PublicClientApplication(config);
+    const cache = pca.getTokenCache();
+    const accounts = await (cache === null || cache === void 0 ? void 0 : cache.getAllAccounts().catch(ex => {
+        throw new Error(ex.message);
+    }));
+    // Try to get token silently
+    if (accounts.length > 0) {
+        const silentToken = await pca.acquireTokenSilent({
+            account: accounts[0],
+            scopes: [`${url}/.default`]
+        }).catch(ex => {
+            throw new Error(ex.message);
+        });
+        if (silentToken) {
+            return silentToken;
+        }
+    }
+    // Acquire token by device code
+    const token = await pca.acquireTokenByDeviceCode({
+        scopes: [`${url}/.default`],
+        deviceCodeCallback: (response) => just_scripts_utils_1.logger.info(response.message)
+    }).catch(ex => {
+        throw new Error(ex.message);
+    });
+    return token;
+};
+exports.getAccessToken = getAccessToken;

package/lib/cachePlugin.d.ts

@@ -0,0 +1,2 @@
+import { ICachePlugin } from '@azure/msal-node';
+export declare function cachePlugin(org: string): ICachePlugin;

package/lib/cachePlugin.js

@@ -0,0 +1,64 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cachePlugin = void 0;
+const os_1 = __importDefault(require("os"));
+const path_1 = __importDefault(require("path"));
+const fs_1 = __importDefault(require("fs"));
+function cachePlugin(org) {
+    const getCachePath = () => {
+        if (!fs_1.default.existsSync(path_1.default.join(os_1.default.homedir(), './.dataverse-utils/'))) {
+            fs_1.default.mkdirSync(path_1.default.join(os_1.default.homedir(), './.dataverse-utils/'));
+        }
+        return path_1.default.join(os_1.default.homedir(), `./.dataverse-utils/${org}.json`);
+    };
+    const cacheLocation = getCachePath();
+    const beforeCacheAccess = (tokenCacheContext) => {
+        return new Promise((resolve, reject) => {
+            if (fs_1.default.existsSync(cacheLocation)) {
+                fs_1.default.readFile(cacheLocation, 'utf-8', (err, data) => {
+                    if (err) {
+                        reject();
+                    }
+                    else {
+                        // const crypt = new Cryptr(os.userInfo.name);
+                        // const decrypted = crypt.decrypt(data.toString());
+                        tokenCacheContext.tokenCache.deserialize(data);
+                        resolve();
+                    }
+                });
+            }
+            else {
+                fs_1.default.writeFile(cacheLocation, tokenCacheContext.tokenCache.serialize(), (err) => {
+                    if (err) {
+                        reject();
+                    }
+                });
+            }
+        });
+    };
+    const afterCacheAccess = (tokenCacheContext) => {
+        return new Promise((resolve, reject) => {
+            if (tokenCacheContext.cacheHasChanged) {
+                // const crypt = new Cryptr(os.userInfo.name);
+                // const encrypted = crypt.encrypt(tokenCacheContext.tokenCache.serialize());
+                fs_1.default.writeFile(cacheLocation, tokenCacheContext.tokenCache.serialize(), (err) => {
+                    if (err) {
+                        reject(err);
+                    }
+                    resolve();
+                });
+            }
+            else {
+                resolve();
+            }
+        });
+    };
+    return {
+        beforeCacheAccess,
+        afterCacheAccess
+    };
+}
+exports.cachePlugin = cachePlugin;

package/lib/dataverse-utils.js

@@ -5,36 +5,12 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const commander_1 = require("commander");
-const child_process_1 = require("child_process");
 const deploy_1 = __importDefault(require("./deploy"));
 const generate_1 = __importDefault(require("./generate"));
-// eslint-disable-next-line @typescript-eslint/no-var-requires
-const electron = require('electron');
 commander_1.program
     // eslint-disable-next-line @typescript-eslint/no-var-requires
     .version(require('../package').version)
     .usage('<command> [options]');
-// Auth command
-commander_1.program
-    .command('auth')
-    .description('Authenticate to dataverse')
-    .action(() => {
-    const child = child_process_1.spawn(electron, [`${__dirname}/.`], {
-        stdio: 'inherit',
-        windowsHide: false
-    });
-    child.on('close', code => {
-        process.exit(code || undefined);
-    });
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    ['SIGINT', 'SIGTERM'].forEach((signal) => {
-        process.on(signal, () => {
-            if (!child.killed) {
-                child.kill(signal);
-            }
-        });
-    });
-});
 // Deploy command
 commander_1.program
     .command('deploy')
@@ -48,7 +24,7 @@ commander_1.program
 commander_1.program
     .command('generate')
     .description('Generate early-bound TypeScript file for specified table')
-    .argument('<table>', 'Table to generate')
+    .argument('[table]', 'Table to generate')
     .action((table) => {
     generate_1.default(table);
 });

package/lib/deploy.js

@@ -10,7 +10,7 @@ const just_scripts_utils_1 = require("just-scripts-utils");
 const assemblyDeploy_1 = require("./assemblyDeploy");
 const webResourceDeploy_1 = require("./webResourceDeploy");
 const node_1 = require("dataverse-webapi/lib/node");
-const tokenCache_1 = require("./tokenCache");
+const auth_1 = require("./auth");
 async function deploy(type, files) {
     if (!type || (type !== 'webresource' && type !== 'assembly')) {
         const invalid = type !== undefined && type !== 'webresource' && type !== 'assembly';
@@ -18,7 +18,7 @@ async function deploy(type, files) {
         const { typePrompt } = await prompts_1.default({
             type: 'select',
             name: 'typePrompt',
-            message: `${invalidMessage} Select project type to deploy`,
+            message: `${invalidMessage} select project type to deploy`,
             choices: [
                 { title: 'web resource', value: 'webresource' },
                 { title: 'plugin or workflow activity', value: 'assembly' }
@@ -33,9 +33,16 @@ async function deploy(type, files) {
         return;
     }
     const creds = JSON.parse(credsFile).connection;
-    const token = tokenCache_1.getTokenFromCache(creds.server);
-    if (!token.accessToken) {
-        just_scripts_utils_1.logger.error('use dataverse-utils auth command to get access token before deploying');
+    let token = null;
+    try {
+        token = await auth_1.getAccessToken(creds.tenant, creds.server);
+    }
+    catch (ex) {
+        just_scripts_utils_1.logger.error(`failed to acquire access token: ${ex.message}`);
+        return;
+    }
+    if (token == null || token.accessToken == null) {
+        just_scripts_utils_1.logger.error('failed to acquire access token');
         return;
     }
     const apiConfig = new node_1.WebApiConfig('8.2', token.accessToken, creds.server);

package/lib/generate.js

@@ -3,13 +3,22 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+const prompts_1 = __importDefault(require("prompts"));
 const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
 const just_scripts_utils_1 = require("just-scripts-utils");
 const dataverse_service_1 = require("./dataverse.service");
 const node_1 = require("dataverse-webapi/lib/node");
-const tokenCache_1 = require("./tokenCache");
+const auth_1 = require("./auth");
 async function generate(table) {
+    if (!table) {
+        const { tablePrompt } = await prompts_1.default({
+            type: 'text',
+            name: 'tablePrompt',
+            message: `select table generate`
+        });
+        table = tablePrompt;
+    }
     const currentPath = '.';
     const credsFile = fs_1.default.readFileSync(path_1.default.resolve(currentPath, 'dataverse.config.json'), 'utf8');
     if (credsFile == null) {
@@ -17,9 +26,16 @@ async function generate(table) {
         return;
     }
     const creds = JSON.parse(credsFile).connection;
-    const token = tokenCache_1.getTokenFromCache(creds.server);
-    if (!token.accessToken) {
-        just_scripts_utils_1.logger.error('use dataverse-utils auth command to get access token before deploying');
+    let token = null;
+    try {
+        token = await auth_1.getAccessToken(creds.tenant, creds.server);
+    }
+    catch (ex) {
+        just_scripts_utils_1.logger.error(`failed to acquire access token: ${ex.message}`);
+        return;
+    }
+    if (token == null || token.accessToken == null) {
+        just_scripts_utils_1.logger.error('failed to acquire access token');
         return;
     }
     const apiConfig = new node_1.WebApiConfig('8.2', token.accessToken, creds.server);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dataverse-utils",
-  "version": "1.0.1",
+  "version": "2.0.0",
   "license": "MIT",
   "main": "lib/index.js",
   "bin": {
@@ -16,23 +16,21 @@
   "scripts": {
     "build": "tsc -p .",
     "lint": "eslint",
-    "prebuild": "rimraf lib",
-    "start": "electron ."
+    "prebuild": "rimraf lib"
   },
   "dependencies": {
-    "adal-node": "^0.2.2",
     "envinfo": "^7.8.1",
+    "@azure/msal-node": "^1.3.1",
     "prompts": "^2.4.1",
     "dataverse-webapi": "^2.0.0",
-    "commander": "^8.1.0",
+    "commander": "^8.2.0",
     "just-scripts-utils": "^1.1.4",
     "cryptr": "^6.0.2",
-    "os": "^0.1.2",
-    "electron": "^14.0.0"
+    "os": "^0.1.2"
   },
   "devDependencies": {
     "@types/cryptr": "^4.0.1",
-    "@types/node": "^14.14.22",
+    "@types/node": "^16.9.1",
     "@types/prompts": "^2.0.14"
   }
 }

package/lib/index.d.ts

@@ -1,2 +0,0 @@
-#!/usr/bin/env node
-export default function getAccessToken(): Promise<void>;

package/lib/index.js

@@ -1,127 +0,0 @@
-#!/usr/bin/env node
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const adal_node_1 = require("adal-node");
-const electron_1 = require("electron");
-const tokenCache_1 = require("./tokenCache");
-const fs_1 = __importDefault(require("fs"));
-const path_1 = __importDefault(require("path"));
-const just_scripts_utils_1 = require("just-scripts-utils");
-const clientId = '51f81489-12ee-4a9e-aaae-a2591f45987d';
-const authorityHostUrl = 'https://login.windows.net/common';
-const redirect = 'app://58145B91-0C36-4500-8554-080854F2AC97';
-function getTokenWithAuthCode(url, redirectUrl) {
-    const regex = /(?<=code=)[^&]*/gm;
-    const authCode = regex.exec(redirectUrl);
-    if (!authCode) {
-        throw new Error('Auth code not found in redirect');
-    }
-    return new Promise((resolve, reject) => {
-        const context = new adal_node_1.AuthenticationContext(authorityHostUrl);
-        context.acquireTokenWithAuthorizationCode(authCode[0], redirect, url, clientId, '', (err, tokenResponse) => {
-            if (err) {
-                reject(err);
-            }
-            else {
-                resolve(tokenResponse);
-            }
-        });
-    });
-}
-async function authenticate(url, tenant) {
-    const authUrl = `https://login.microsoftonline.com/${tenant}/oauth2/v2.0/authorize`;
-    await electron_1.app.whenReady();
-    return new Promise((resolve, reject) => {
-        let loginComplete = false;
-        // Create the browser window.
-        const win = new electron_1.BrowserWindow({
-            width: 800,
-            height: 600,
-            autoHideMenuBar: true,
-            titleBarStyle: 'hidden',
-            webPreferences: {
-                contextIsolation: true
-            },
-        });
-        // Navigate to the get code page
-        win.loadURL(`${authUrl}?client_id=${clientId}&response_type=code&redirect_uri=${encodeURIComponent(redirect)}&scope=openid`);
-        win.on('closed', () => {
-            if (!loginComplete) {
-                reject('Login Closed');
-            }
-        });
-        win.webContents.on('will-redirect', (event, newUrl) => {
-            // Check if this is the success callback
-            if (newUrl.toLowerCase().startsWith(redirect.toLowerCase())) {
-                // Stop the redirect to the app: endpoint
-                event.preventDefault();
-                loginComplete = true;
-                getTokenWithAuthCode(url, newUrl).then((tokenResponse) => {
-                    const token = tokenResponse;
-                    win.close();
-                    resolve(token);
-                }, (err) => {
-                    console.log('Token Acquisition failed:' + JSON.stringify(err));
-                    reject(err);
-                });
-            }
-        });
-    });
-}
-async function getAccessToken() {
-    const currentPath = '.';
-    const credsFile = fs_1.default.readFileSync(path_1.default.resolve(currentPath, 'dataverse.config.json'), 'utf8');
-    if (credsFile == null) {
-        throw new Error('unable to find dataverse.config.json file');
-    }
-    const creds = JSON.parse(credsFile).connection;
-    return new Promise((resolve, reject) => {
-        const token = tokenCache_1.getTokenFromCache(creds.server);
-        if (!token.expiresOn) {
-            // Get initial token
-            authenticate(creds.server, creds.tenant).then(authToken => {
-                tokenCache_1.addTokenToCache(creds.server, authToken);
-                resolve();
-            }).catch((ex) => reject(ex));
-        }
-        else {
-            const expiryDate = new Date(Date.parse(token.expiresOn.toString()));
-            const nowDate = new Date();
-            const expiresInMinutes = (expiryDate - nowDate) / 1000 / 60;
-            const hasTokenExpired = expiresInMinutes < 5;
-            if (hasTokenExpired) {
-                const context = new adal_node_1.AuthenticationContext(authorityHostUrl);
-                // Get new token using refresh token
-                context.acquireTokenWithRefreshToken(token.refreshToken, clientId, creds.server, (err, tokenResponse) => {
-                    if (err) {
-                        tokenCache_1.addTokenToCache(creds.server, {});
-                        reject('Failed to acquire new token from refresh token. Token cache has been cleared and you must reauthenticate');
-                    }
-                    else {
-                        const newToken = tokenResponse;
-                        tokenCache_1.addTokenToCache(creds.server, newToken);
-                        resolve();
-                    }
-                });
-            }
-            else {
-                // Use current token
-                resolve();
-            }
-        }
-    });
-}
-exports.default = getAccessToken;
-async function main() {
-    try {
-        await getAccessToken();
-    }
-    catch (ex) {
-        just_scripts_utils_1.logger.error(ex);
-    }
-    electron_1.app.exit();
-}
-main();

package/lib/tokenCache.d.ts

@@ -1,6 +0,0 @@
-import { TokenResponse } from 'adal-node';
-export interface TokenCache {
-    [index: string]: string;
-}
-export declare function addTokenToCache(url: string, token: TokenResponse): void;
-export declare function getTokenFromCache(url: string): TokenResponse;

package/lib/tokenCache.js

@@ -1,40 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getTokenFromCache = exports.addTokenToCache = void 0;
-const cryptr_1 = __importDefault(require("cryptr"));
-const os_1 = __importDefault(require("os"));
-const path_1 = __importDefault(require("path"));
-const fs_1 = __importDefault(require("fs"));
-function getCachePath() {
-    return path_1.default.join(os_1.default.homedir(), '.dataverse-deploy');
-}
-function getCache() {
-    const path = getCachePath();
-    if (fs_1.default.existsSync(path)) {
-        const cache = fs_1.default.readFileSync(path);
-        const crypt = new cryptr_1.default(os_1.default.userInfo.name);
-        const decrypted = crypt.decrypt(cache.toString());
-        return JSON.parse(decrypted);
-    }
-    return {};
-}
-function addTokenToCache(url, token) {
-    const cache = getCache();
-    cache[url] = JSON.stringify(token);
-    const crypt = new cryptr_1.default(os_1.default.userInfo.name);
-    const encrypted = crypt.encrypt(JSON.stringify(cache));
-    fs_1.default.writeFileSync(getCachePath(), encrypted);
-}
-exports.addTokenToCache = addTokenToCache;
-function getTokenFromCache(url) {
-    const cache = getCache();
-    const urlToken = cache[url];
-    if (!urlToken) {
-        return {};
-    }
-    return JSON.parse(urlToken);
-}
-exports.getTokenFromCache = getTokenFromCache;