opal-security 2.0.20 → 2.1.0

package/lib/commands/ssh/copyTo.js

@@ -1,46 +1,12 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 const command_1 = require("@oclif/command");
-const handler_1 = require("../../handler");
 const apollo_1 = require("../../lib/apollo");
 const cmd_1 = require("../../lib/cmd");
 const ssh_1 = require("../../lib/ssh");
-const common_1 = require("../../lib/common");
-const StartSSHSessionDocument = `
-mutation StartSSHSession($id: ResourceId!, $accessLevel: ResourceAccessLevelInput!, $sessionId: SessionId) {
-  createSession(input: {resourceId: $id, accessLevel: $accessLevel, sessionId: $sessionId}) {
-    __typename
-    ... on CreateSessionResult {
-      session {
-        id
-        endTime
-        metadata {
-          ... on AwsIamFederatedSSMSession {
-            awsAccessKeyId
-            awsSecretAccessKey
-            awsSessionToken
-            awsLoginUrl
-            federatedArn
-            ec2InstanceId
-            ec2Region
-          }
-        }
-      }
-    }
-    ... on SessionNotFoundError {
-      message
-    }
-    ... on MfaInvalidError {
-      message
-    }
-    ... on ResourceNotFoundError {
-      message
-    }
-    ... on EndSystemAuthorizationError {
-      message
-    }
-  }
-}`;
+const resources_1 = require("../../lib/resources");
+const sessions_1 = require("../../lib/sessions");
+const start_1 = require("./start");
 class StartSCPSession extends command_1.Command {
     async run() {
         cmd_1.setMostRecentCommand(this);
@@ -60,38 +26,23 @@ class StartSCPSession extends command_1.Command {
             instanceId = selectedInstance.id;
             instanceName = selectedInstance.name;
         }
-        const { resp, error } = await handler_1.runMutation({
-            command: this,
-            query: StartSSHSessionDocument,
-            variables: { id: instanceId, accessLevel: cmd_1.DEFAULT_ACCESS_LEVEL, sessionId },
-        });
-        switch (resp === null || resp === void 0 ? void 0 : resp.data.createSession.__typename) {
-            case 'CreateSessionResult': {
-                const metadata = resp.data.createSession.session.metadata;
-                switch (metadata === null || metadata === void 0 ? void 0 : metadata.__typename) {
-                    case 'AwsIamFederatedSSMSession': {
-                        const envVars = {
-                            AWS_ACCESS_KEY_ID: metadata.awsAccessKeyId,
-                            AWS_SECRET_ACCESS_KEY: metadata.awsSecretAccessKey,
-                            AWS_SESSION_TOKEN: metadata.awsSessionToken,
-                        };
-                        // Run SCP script
-                        const scpCmd = `$SCRIPT_PATH/../../scripts/ssh_ssm_scp_to_server.sh ${metadata.ec2InstanceId} ${flags.user} ${flags.src} ${metadata.ec2Region} ${flags.dest}`;
-                        const outputMessage = `from "${flags.src}" locally to "${flags.dest}" on ${instanceName ? `"${instanceName}" instance` : 'instance'}.`;
-                        cmd_1.runCommandSpawn(scpCmd, `Copied ${outputMessage}`, `Failed to copy ${outputMessage}.`, envVars);
-                        break;
-                    }
-                    default:
-                        apollo_1.printRequestOutput(this, resp, error);
-                }
-                break;
-            }
-            case 'MfaInvalidError': {
-                common_1.handleMfaRedirect(this, instanceId);
+        const session = await sessions_1.getOrCreateSession(this, instanceId, resources_1.DEFAULT_ACCESS_LEVEL, sessionId, start_1.Ec2SessionMetadataFragment);
+        const metadata = session.metadata;
+        switch (metadata === null || metadata === void 0 ? void 0 : metadata.__typename) {
+            case 'AwsIamFederatedSSMSession': {
+                const envVars = {
+                    AWS_ACCESS_KEY_ID: metadata.awsAccessKeyId,
+                    AWS_SECRET_ACCESS_KEY: metadata.awsSecretAccessKey,
+                    AWS_SESSION_TOKEN: metadata.awsSessionToken,
+                };
+                // Run SCP script
+                const scpCmd = `$SCRIPT_PATH/../../scripts/ssh_ssm_scp_to_server.sh ${metadata.ec2InstanceId} ${flags.user} ${flags.src} ${metadata.ec2Region} ${flags.dest}`;
+                const outputMessage = `from "${flags.src}" locally to "${flags.dest}" on ${instanceName ? `"${instanceName}" instance` : 'instance'}.`;
+                cmd_1.runCommandSpawn(scpCmd, `Copied ${outputMessage}`, `Failed to copy ${outputMessage}.`, envVars);
                 break;
             }
             default:
-                apollo_1.printRequestOutput(this, resp, error);
+                return apollo_1.handleError(this, undefined, session);
         }
     }
 }
@@ -118,7 +69,7 @@ StartSCPSession.flags = {
         multiple: false,
         required: false,
         default: 'ssm-user',
-        description: "Pick which user you want to run SCP over. Keep in mind not all users will have access to each other's home directory.",
+        description: 'Pick which user you want to run SCP over. Keep in mind not all users will have access to each other\'s home directory.',
     }),
     id: command_1.flags.string({
         multiple: false,

package/lib/commands/ssh/start.d.ts

@@ -1,4 +1,5 @@
 import { Command, flags } from '@oclif/command';
+export declare const Ec2SessionMetadataFragment = "\n... on AwsIamFederatedSSMSession {\n  awsAccessKeyId\n  awsSecretAccessKey\n  awsSessionToken\n  awsLoginUrl\n  federatedArn\n  ec2InstanceId\n  ec2Region\n}";
 export default class StartSSHSession extends Command {
     static description: string;
     static examples: string[];

package/lib/commands/ssh/start.js

@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.Ec2SessionMetadataFragment = void 0;
 const command_1 = require("@oclif/command");
 const handler_1 = require("../../handler");
 const cmd_1 = require("../../lib/cmd");
@@ -7,44 +8,17 @@ const apollo_1 = require("../../lib/apollo");
 const ssh_1 = require("../../lib/ssh");
 const get_1 = require("../../commands/resources/get");
 const aws_1 = require("../../lib/aws");
-const common_1 = require("../../lib/common");
-const StartSSHSessionDocument = `
-mutation StartSSHSession($id: ResourceId!, $accessLevel: ResourceAccessLevelInput!, $sessionId: SessionId) {
-  createSession(input: {resourceId: $id, accessLevel: $accessLevel, sessionId: $sessionId}) {
-    __typename
-    ... on CreateSessionResult {
-      session {
-        id
-        endTime
-        metadata {
-          ... on AwsIamFederatedSSMSession {
-            awsAccessKeyId
-            awsSecretAccessKey
-            awsSessionToken
-            awsLoginUrl
-            federatedArn
-            ec2InstanceId
-            ec2Region
-          }
-        }
-      }
-    }
-    ... on SessionNotFoundError {
-      message
-    }
-    ... on MfaInvalidError {
-      message
-    }
-    ... on OidcIDTokenNotFoundError {
-      message
-    }
-    ... on ResourceNotFoundError {
-      message
-    }
-    ... on EndSystemAuthorizationError {
-      message
-    }
-  }
+const resources_1 = require("../../lib/resources");
+const sessions_1 = require("../../lib/sessions");
+exports.Ec2SessionMetadataFragment = `
+... on AwsIamFederatedSSMSession {
+  awsAccessKeyId
+  awsSecretAccessKey
+  awsSessionToken
+  awsLoginUrl
+  federatedArn
+  ec2InstanceId
+  ec2Region
 }`;
 class StartSSHSession extends command_1.Command {
     async run() {
@@ -57,7 +31,6 @@ class StartSSHSession extends command_1.Command {
         let instanceId = flags.id;
         let instanceName = null;
         const sessionId = flags.sessionId;
-        // TODO: RESOURCES-1: How do we grant access to a perm using ID
         if (!instanceId) {
             const selectedInstance = await ssh_1.selectComputeInstance(this, 'SSH into');
             if (!selectedInstance) {
@@ -67,63 +40,43 @@ class StartSSHSession extends command_1.Command {
             instanceName = selectedInstance.name;
         }
         else {
-            const { resp: sshInstanceResp, error } = await handler_1.runQuery({
+            const { resp, error } = await handler_1.runQuery({
                 command: this,
                 query: get_1.GetResourceDocument,
                 variables: {
                     id: instanceId,
                 },
             });
-            if (error || !(sshInstanceResp === null || sshInstanceResp === void 0 ? void 0 : sshInstanceResp.data.resource.resource)) {
-                apollo_1.printRequestOutput(this, sshInstanceResp, error);
-                return;
+            if (error) {
+                return apollo_1.handleError(this, error, resp);
+            }
+            if (!(resp === null || resp === void 0 ? void 0 : resp.data.resource.resource)) {
+                return apollo_1.handleError(this, `Resource not found for ID: ${instanceId}`);
             }
             instanceName =
-                (sshInstanceResp === null || sshInstanceResp === void 0 ? void 0 : sshInstanceResp.data.resource.resource.name) || 'ssh-instance';
+                (resp === null || resp === void 0 ? void 0 : resp.data.resource.resource.name) || 'ssh-instance';
         }
-        const { resp, error } = await handler_1.runMutation({
-            command: this,
-            query: StartSSHSessionDocument,
-            variables: {
-                id: instanceId,
-                accessLevel: cmd_1.DEFAULT_ACCESS_LEVEL,
-                sessionId,
-            },
-        });
-        switch (resp === null || resp === void 0 ? void 0 : resp.data.createSession.__typename) {
-            case 'CreateSessionResult': {
-                const metadata = resp.data.createSession.session.metadata;
-                switch (metadata === null || metadata === void 0 ? void 0 : metadata.__typename) {
-                    case 'AwsIamFederatedSSMSession': {
-                        const updateAwsConfigCommand = aws_1.getAwsConfigUpdateCmd(instanceName, metadata.awsAccessKeyId, metadata.awsSecretAccessKey, metadata.awsSessionToken);
-                        const sessionCmd = `aws ssm start-session --target ${metadata.ec2InstanceId} --region ${metadata.ec2Region} --profile opal`;
-                        // TODO: Unfortunately allowing SSH over SSM disables logging
-                        // Run SSH script
-                        // const sessionCmd = `../../scripts/ssh_ssm.sh ${metadata.ec2InstanceId} ${flags.user} ${metadata.ec2Region}`
-                        const startSessionCmd = `${updateAwsConfigCommand} && ${sessionCmd}`;
-                        cmd_1.startInteractiveShell(startSessionCmd, `shell into ${instanceName ? `"${instanceName}" instance` : 'instance'}`);
-                        break;
-                    }
-                    default:
-                        apollo_1.printRequestOutput(this, resp, error);
-                }
-                break;
-            }
-            case 'MfaInvalidError': {
-                common_1.handleMfaRedirect(this, instanceId);
-                break;
-            }
-            case 'OidcIDTokenNotFoundError': {
-                common_1.handleOidcRedirect(this, instanceId);
+        const session = await sessions_1.getOrCreateSession(this, instanceId, resources_1.DEFAULT_ACCESS_LEVEL, sessionId, exports.Ec2SessionMetadataFragment);
+        const metadata = session.metadata;
+        switch (metadata === null || metadata === void 0 ? void 0 : metadata.__typename) {
+            case 'AwsIamFederatedSSMSession': {
+                this.log(`\n🕰️  Connecting to a session that expires in ${sessions_1.getSessionExpirationMessage(session)}.`);
+                const updateAwsConfigCommand = aws_1.getAwsConfigUpdateCmd(instanceName, metadata.awsAccessKeyId, metadata.awsSecretAccessKey, metadata.awsSessionToken);
+                const sessionCmd = `aws ssm start-session --target ${metadata.ec2InstanceId} --region ${metadata.ec2Region} --profile opal`;
+                // TODO: Unfortunately allowing SSH over SSM disables logging
+                // Run SSH script
+                // const sessionCmd = `../../scripts/ssh_ssm.sh ${metadata.ec2InstanceId} ${flags.user} ${metadata.ec2Region}`
+                const startSessionCmd = `${updateAwsConfigCommand} && ${sessionCmd}`;
+                cmd_1.startInteractiveShell(startSessionCmd, `shell into ${instanceName ? `"${instanceName}" instance` : 'instance'}`);
                 break;
             }
             default:
-                apollo_1.printRequestOutput(this, resp, error);
+                return apollo_1.handleError(this, undefined, session);
         }
     }
 }
 exports.default = StartSSHSession;
-StartSSHSession.description = 'Start an SSH session to access a particular compute instance.';
+StartSSHSession.description = 'Starts an SSH session to access a compute instance.';
 StartSSHSession.examples = [
     'opal ssh:start',
     'opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398',

package/lib/handler.d.ts

@@ -12,5 +12,4 @@ export declare const runQuery: <TResponse = any, TVar = Record<string, any>>({ c
     resp: import("@apollo/client/core").ApolloQueryResult<TResponse> | null;
     error: any;
 }>;
-declare const handler: ({ command, query, variables }: QueryHandlerProps) => void;
-export default handler;
+export {};

package/lib/handler.js

@@ -37,30 +37,3 @@ exports.runQuery = async ({ command, query, variables, }) => {
     }
     return { resp: queryResp, error: queryError };
 };
-const handler = ({ command, query, variables }) => {
-    const isMutation = query.includes('mutation');
-    (async () => {
-        let resp = null;
-        let err = null;
-        if (isMutation) {
-            const { resp: mutationResp, error } = await exports.runMutation({
-                command,
-                query,
-                variables,
-            });
-            resp = mutationResp;
-            err = error;
-        }
-        else {
-            const { resp: queryResp, error } = await exports.runQuery({
-                command,
-                query,
-                variables,
-            });
-            resp = queryResp;
-            err = error;
-        }
-        apollo_1.printRequestOutput(command, resp, err);
-    })();
-};
-exports.default = handler;

package/lib/lib/apollo.d.ts

@@ -2,4 +2,5 @@ import { ApolloClient, NormalizedCacheObject } from '@apollo/client/core';
 import { Command } from '@oclif/command';
 export declare let client: ApolloClient<NormalizedCacheObject> | null;
 export declare const initClient: (command: Command) => Promise<void>;
-export declare const printRequestOutput: (command: any, resp: any, err?: any) => void;
+export declare const printResponse: (command: Command, resp: any) => void;
+export declare const handleError: (command: Command, err: any, resp?: any) => void;

package/lib/lib/apollo.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.printRequestOutput = exports.initClient = exports.client = void 0;
+exports.handleError = exports.printResponse = exports.initClient = exports.client = void 0;
 const core_1 = require("@apollo/client/core");
 const context_1 = require("@apollo/client/link/context");
 const error_1 = require("@apollo/client/link/error");
@@ -16,6 +16,7 @@ const fetch = require('node-fetch');
 const https = require('https');
 const http = require('http');
 exports.client = null;
+let alreadyNotifiedRecommendedVersion = false;
 exports.initClient = async (command) => {
     const configDir = command.config.configDir;
     const currentCLIVersion = command.config.version;
@@ -43,7 +44,7 @@ exports.initClient = async (command) => {
         },
     });
     const authLink = context_1.setContext((_, { headers }) => {
-        const baseHeaders = Object.assign(Object.assign({}, headers), { authorization: `Bearer ${accessToken}`, 'X-Opal-Organization-ID': organizationID });
+        const baseHeaders = Object.assign(Object.assign({}, headers), { authorization: `Bearer ${accessToken}`, 'X-Opal-Organization-ID': organizationID, 'X-Opal-Cli-Version': currentCLIVersion });
         if (customHeaderKey) {
             return {
                 headers: Object.assign(Object.assign({}, baseHeaders), { [customHeaderKey]: customHeaderValue }),
@@ -59,16 +60,27 @@ exports.initClient = async (command) => {
         if (headers) {
             const expectedCLIMajorVersion = headers.get('Opal-CLI-Expected-Major-Version');
             if (expectedCLIMajorVersion) {
-                const semvarExpectedMinCLIVersion = `${expectedCLIMajorVersion}.0.0`;
-                command.log('');
-                if (semver_1.major(currentCLIVersion) < semver_1.major(semvarExpectedMinCLIVersion)) {
-                    command.warn(chalk_1.default.yellow(`❗️ Update your CLI to match the compatible version. Expected major version ${chalk_1.default.blueBright(semvarExpectedMinCLIVersion)}, but version ${chalk_1.default.blueBright(currentCLIVersion)} is installed.
-          Upgrade using the following command: ${chalk_1.default.blueBright('brew upgrade opalsecurity/brew/opal-security')}`));
+                const semverExpectedMinCLIVersion = `${expectedCLIMajorVersion}.0.0`;
+                if (semver_1.major(currentCLIVersion) < semver_1.major(semverExpectedMinCLIVersion)) {
+                    command.warn(chalk_1.default.yellow(`
+❗️ Your CLI is outdated and is incompatible with your Opal server.
+   Expected major version ${chalk_1.default.blueBright(semverExpectedMinCLIVersion)}, but version ${chalk_1.default.blueBright(currentCLIVersion)} is installed.
+   Upgrade using the following command: ${chalk_1.default.blueBright('brew upgrade opalsecurity/brew/opal-security')}\n`));
                 }
-                else if (semver_1.major(currentCLIVersion) > semver_1.major(semvarExpectedMinCLIVersion)) {
-                    command.warn(chalk_1.default.yellow('❗️ Uh oh! The currently installed Opal server is outdated. Please contact your Opal admins to let them know they need to upgrade their deployment.'));
+                else if (semver_1.major(currentCLIVersion) > semver_1.major(semverExpectedMinCLIVersion)) {
+                    command.warn(chalk_1.default.yellow(`
+❗️ Uh oh! The currently installed Opal server is outdated. Please contact your Opal admins to let them know they need to upgrade their deployment.\n`));
                 }
-                command.log('');
+            }
+            if (!alreadyNotifiedRecommendedVersion) {
+                const recommendedCLIMinorVersion = headers.get('Opal-CLI-Recommended-Version');
+                if (recommendedCLIMinorVersion && semver_1.compare(currentCLIVersion, recommendedCLIMinorVersion) < 0) {
+                    command.log(chalk_1.default.yellow(`
+❗️ Opal recommends that you upgrade your CLI.
+   Recommended version >=${chalk_1.default.blueBright(recommendedCLIMinorVersion)}, but version ${chalk_1.default.blueBright(currentCLIVersion)} is installed.
+   Upgrade using the following command: ${chalk_1.default.blueBright('brew upgrade opalsecurity/brew/opal-security')}\n`));
+                }
+                alreadyNotifiedRecommendedVersion = true;
             }
         }
     };
@@ -97,7 +109,8 @@ exports.initClient = async (command) => {
             switch (networkError.statusCode) {
                 case 401: {
                     command.log('Your session is invalid or expired. Authenticating now...\n');
-                    login_1.default.run().then(() => {
+                    const loginCommand = new login_1.default([], command.config);
+                    loginCommand.run().then(() => {
                         if (cmd_1.mostRecentCommandTime && cmd_1.mostRecentCommand) {
                             const lastCommandReexecutionDuration = moment.duration(2, 'minutes');
                             const lastCommandReexecutionDurationHasElapsed = cmd_1.mostRecentCommandTime.add(lastCommandReexecutionDuration) > moment(new Date());
@@ -110,6 +123,7 @@ exports.initClient = async (command) => {
                 }
                 default:
                     command.log(`❗ Error: received status code ${networkError.statusCode} from server${errorMessage ? ` with message "${errorMessage}"` : ''}`);
+                    process.exit(networkError.statusCode);
             }
         }
     });
@@ -121,19 +135,40 @@ exports.initClient = async (command) => {
         cache: new core_1.InMemoryCache(),
     });
 };
-exports.printRequestOutput = (command, resp, err) => {
-    if (err && !('networkError' in err && 'statusCode' in err.networkError)) {
-        if (err.toString().includes('self signed certificate')) {
-            command.log('Request failed due to a self-signed certificate appearing in the certificate chain. Try setting your CLI to allow self-signed certs by running: "opal set-url --custom INSERT_URL_HERE --allowSelfSignedCerts"');
+exports.printResponse = (command, resp) => {
+    const filteredJson = JSON.parse(JSON.stringify(resp.data, (k, v) => {
+        if (k === '__typename') {
+            return undefined;
         }
-        else {
-            // we handle status code errors in the global handler
-            command.log(`❗ Error: ${err}`);
+        if (v === null || (Array.isArray(v) && v.length === 0)) {
+            return undefined;
         }
-    }
-    if (!resp) {
+        return v;
+    }));
+    command.log(prettyjson_1.render(filteredJson));
+};
+exports.handleError = (command, err, resp) => {
+    if (err && typeof err === 'object' && ('networkError' in err && 'statusCode' in err.networkError)) {
+        // Status code errors are already handled in the global Apollo handler, so we can just return here.
         return;
     }
-    const filteredJson = JSON.parse(JSON.stringify(resp.data, (k, v) => (k === '__typename') ? undefined : v));
-    command.log(prettyjson_1.render(filteredJson));
+    let errorMsg;
+    if (!err) {
+        errorMsg = 'Unexpected response from server (see below). Please contact Opal support if this issue persists.';
+    }
+    else if (typeof err === 'string') {
+        errorMsg = err;
+    }
+    else if (typeof err === 'object' && err.toString().includes('self signed certificate')) {
+        errorMsg = 'Request failed due to a self-signed certificate appearing in the certificate chain. Try setting your CLI to allow self-signed certs by running: "opal set-url --custom INSERT_URL_HERE --allowSelfSignedCerts"';
+    }
+    else {
+        errorMsg = `Error: ${err}`;
+    }
+    errorMsg = '❗ ' + errorMsg;
+    command.log(errorMsg);
+    if (resp) {
+        exports.printResponse(command, resp);
+    }
+    command.exit(1);
 };

package/lib/lib/aws.js

@@ -42,8 +42,9 @@ exports.getAwsEnvVarMessage = () => {
         else if (process.env.AWS_DEFAULT_PROFILE !== opalProfileKey) {
             envVarPhrase = `set to "${process.env.AWS_DEFAULT_PROFILE}"`;
         }
-        return '💡 Did you know you can set your AWS_DEFAULT_PROFILE environment ' +
-            `variable to "${opalProfileKey}" to avoid explicitly specifying profile in each command? Currently, this variable is ${envVarPhrase}.`;
+        return '\n\n💡 Did you know you can set your AWS_DEFAULT_PROFILE environment ' +
+            `variable to "${opalProfileKey}" to avoid explicitly specifying profile in each command? ` +
+            `Currently, this variable is ${envVarPhrase}.`;
     }
     return '';
 };

package/lib/lib/cmd.d.ts

@@ -1,17 +1,7 @@
 /// <reference types="node" />
 import { ExecException } from 'child_process';
-import { ResourceAccessLevelInput } from '../types';
 import { Command } from '@oclif/command';
 import * as moment from 'moment';
-export declare type ResourceInfo = {
-    id: string;
-    name: string;
-};
-export declare type AccessLevelInfo = {
-    id: string;
-    name: string;
-};
-export declare const DEFAULT_ACCESS_LEVEL: ResourceAccessLevelInput;
 export declare let mostRecentCommand: Command | null;
 export declare let mostRecentCommandTime: moment.Moment | null;
 export declare const setMostRecentCommand: (cmd: Command) => void;
@@ -19,4 +9,3 @@ export declare const startInteractiveShell: (runCmd: string, shellName?: string
 export declare const runCommandExec: (runCmd: string, successMessage: string, errorMessage: string, envVars?: Record<string, any> | undefined) => void;
 export declare const runCommandExecWithCallback: (cmd: string, callback?: ((error: ExecException | null, stdout: Buffer, stderr: Buffer) => void) | undefined) => Promise<unknown>;
 export declare const runCommandSpawn: (runCmd: string, successMessage: string, errorMessage: string, envVars?: Record<string, any> | undefined) => void;
-export declare const filterChoices: (input: string, choices: ResourceInfo[] | AccessLevelInfo[]) => ResourceInfo[];

package/lib/lib/cmd.js

@@ -1,13 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.filterChoices = exports.runCommandSpawn = exports.runCommandExecWithCallback = exports.runCommandExec = exports.startInteractiveShell = exports.setMostRecentCommand = exports.mostRecentCommandTime = exports.mostRecentCommand = exports.DEFAULT_ACCESS_LEVEL = void 0;
+exports.runCommandSpawn = exports.runCommandExecWithCallback = exports.runCommandExec = exports.startInteractiveShell = exports.setMostRecentCommand = exports.mostRecentCommandTime = exports.mostRecentCommand = void 0;
 const _ = require("lodash");
 const moment = require("moment");
 const { exec, spawn } = require('child_process');
-exports.DEFAULT_ACCESS_LEVEL = {
-    accessLevelName: '',
-    accessLevelRemoteId: '',
-};
 exports.mostRecentCommand = null;
 exports.mostRecentCommandTime = null;
 exports.setMostRecentCommand = (cmd) => {
@@ -46,7 +42,7 @@ exports.runCommandExec = (runCmd, successMessage, errorMessage, envVars) => {
         env: Object.assign(Object.assign(Object.assign({}, process.env), { SCRIPT_PATH: __dirname }), envVarsToUse),
     }, function (error, stdOut, stdErr) {
         if (error) {
-            console.log(`❗ Error: ${_.upperFirst(errorMessage)}`);
+            console.log(`\n❗ Error: ${_.upperFirst(errorMessage)}`);
         }
         if (stdOut) {
             console.log(stdOut);
@@ -55,7 +51,7 @@ exports.runCommandExec = (runCmd, successMessage, errorMessage, envVars) => {
             console.log(stdErr);
         }
         if (!stdErr && !error) {
-            console.log(`🎉 Success! ${_.upperFirst(successMessage)}`);
+            console.log(`\n🎉 Success! ${_.upperFirst(successMessage)}`);
         }
     });
 };
@@ -83,11 +79,3 @@ exports.runCommandSpawn = (runCmd, successMessage, errorMessage, envVars) => {
         }
     });
 };
-// Returns a filtered array of items that match the input
-exports.filterChoices = (input, choices) => {
-    input = input || '';
-    if (input === '') {
-        return choices;
-    }
-    return choices.filter(choice => choice.name.toLowerCase().includes(input.toLowerCase()));
-};

package/lib/lib/common.d.ts

@@ -1,3 +1,4 @@
-import { Command } from '@oclif/command';
-export declare const handleMfaRedirect: (command: Command, resourceId: string) => void;
-export declare const handleOidcRedirect: (command: Command, resourceId: string) => void;
+/// <reference types="node" />
+export declare const sleep: (ms: number) => Promise<unknown>;
+export declare const copyToClipboard: (content: string) => import("child_process").ChildProcess;
+export declare const displayContent: (content: string) => import("child_process").ChildProcess;

package/lib/lib/common.js

@@ -1,20 +1,38 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.handleOidcRedirect = exports.handleMfaRedirect = void 0;
-const config_1 = require("./config");
-const open = require("open");
-const handleResourceRedirect = (command, resourceId) => {
-    const configData = config_1.getOrCreateConfigData(command.config.configDir);
-    const url = configData[config_1.urlKey];
-    setTimeout(() => {
-        open(url + `/resources/${resourceId}?showModal=true`);
-    }, 2000);
+exports.displayContent = exports.copyToClipboard = exports.sleep = void 0;
+const child_process_1 = require("child_process");
+exports.sleep = (ms) => {
+    return new Promise(resolve => {
+        setTimeout(resolve, ms);
+    });
 };
-exports.handleMfaRedirect = (command, resourceId) => {
-    command.log('❗ MFA validation needed. Please connect via browser. Redirecting...');
-    handleResourceRedirect(command, resourceId);
+const getCopyCommand = () => {
+    switch (process.platform) {
+        case 'darwin':
+            return 'pbcopy';
+        case 'win32':
+            return 'clip';
+        default:
+            return 'xclip -selection clipboard';
+    }
 };
-exports.handleOidcRedirect = (command, resourceId) => {
-    command.log('❗ OIDC authentication needed. Please connect via browser. Redirecting...');
-    handleResourceRedirect(command, resourceId);
+exports.copyToClipboard = (content) => {
+    const copyCommand = getCopyCommand();
+    return child_process_1.exec(`echo "${content}" | ${copyCommand}`);
+};
+const getDisplayCommand = () => {
+    switch (process.platform) {
+        case 'win32':
+            return 'more';
+        default:
+            return 'less';
+    }
+};
+exports.displayContent = (content) => {
+    const displayCommand = getDisplayCommand();
+    return child_process_1.spawn(`cat <<< "${content}" | ${displayCommand}`, {
+        stdio: 'inherit',
+        shell: true,
+    });
 };

package/lib/lib/resources.d.ts

@@ -1,6 +1,14 @@
 import { Command } from '@oclif/command';
-import { ResourceInfo } from './cmd';
-import { ResourceAccessLevel } from '../types';
-export declare const resourcesAreEmpty: (context: Command, resources: ResourceInfo[]) => boolean;
-export declare const unexpectedAmountOfAccessLevelsFound: (context: Command) => void;
-export declare const promptUserForAccessLevels: (context: Command, resourceId: string, instanceType: string, accessLevelRemoteId?: string | undefined) => Promise<ResourceAccessLevel | null>;
+import { ResourceAccessLevel, ResourceAccessLevelInput } from '../types';
+export declare type ResourceInfo = {
+    id: string;
+    name: string;
+};
+export declare type AccessLevelInfo = {
+    id: string;
+    name: string;
+};
+export declare const DEFAULT_ACCESS_LEVEL: ResourceAccessLevelInput;
+export declare const filterChoices: (input: string, choices: ResourceInfo[] | AccessLevelInfo[]) => ResourceInfo[];
+export declare const promptUserForResource: (command: Command, resourceType: string, message: string) => Promise<ResourceInfo | void>;
+export declare const promptUserForAccessLevels: (command: Command, resourceId: string, instanceType: string, accessLevelRemoteId?: string | undefined) => Promise<ResourceAccessLevel | void>;