opal-security 3.2.3 → 4.0.2

package/build/lib/config.js

@@ -0,0 +1,46 @@
+import * as fs from "node:fs";
+import * as path from "node:path";
+export const urlKey = "url";
+export const defaultUrl = "https://app.opal.dev";
+export const allowSelfSignedCertsKey = "allowSelfSignedCerts";
+export const defaultAllowSelfSignedCerts = false;
+export const customHttpHeaderKey = "customHttpHeader";
+export const getOrCreateConfigData = (configDir) => {
+    if (!fs.existsSync(configDir)) {
+        fs.mkdirSync(configDir, { recursive: true });
+    }
+    const configFilePath = path.join(configDir, "config.json");
+    if (!fs.existsSync(configFilePath)) {
+        fs.writeFileSync(configFilePath, JSON.stringify({
+            [urlKey]: defaultUrl,
+            [allowSelfSignedCertsKey]: defaultAllowSelfSignedCerts,
+        }));
+    }
+    let configData = {};
+    try {
+        const configDataRaw = fs.readFileSync(configFilePath);
+        configData = JSON.parse(configDataRaw === null || configDataRaw === void 0 ? void 0 : configDataRaw.toString());
+    }
+    catch (error) {
+        if (error &&
+            typeof error === "object" &&
+            "code" in error &&
+            error.code !== "ENOENT") {
+            throw error;
+        }
+    }
+    return configData;
+};
+export const writeConfigData = (configDir, newConfigData) => {
+    fs.writeFileSync(path.join(configDir, "config.json"), JSON.stringify(newConfigData), {
+        mode: 0o0600,
+    });
+};
+export const isProduction = (configDir) => {
+    const configData = getOrCreateConfigData(configDir);
+    // Custom URLs are considered production since it includes on-prem
+    return (configData[urlKey] !== "https://dev.opal.dev" &&
+        configData[urlKey] !== "https://demo.opal.dev" &&
+        configData[urlKey] !== "https://staging.opal.dev" &&
+        !configData[urlKey].match(/https?:\/\/localhost/));
+};

package/{lib → build}/lib/credentials/index.d.ts

@@ -2,7 +2,7 @@ import type { Command } from "@oclif/core";
 interface OpalCredentials {
     email?: string;
     organizationID?: string;
-    clientIDCandidate?: string;
+    clientID?: string;
     secret?: string;
     secretType?: SecretType;
     organizationName?: string;
@@ -11,7 +11,8 @@ export declare enum SecretType {
     Cookie = "COOKIE",
     ApiToken = "API_TOKEN"
 }
-export declare const setOpalCredentials: (command: Command, email: string | undefined, organizationID: string, clientIDCandidate: string | undefined | null, secret: string, secretType: SecretType, organizationName?: string) => Promise<void>;
+export declare const setOpalCredentials: (command: Command, email: string | undefined, organizationID: string | undefined, clientID: string | undefined, secret: string, secretType?: SecretType, organizationName?: string) => Promise<void>;
 export declare const getOpalCredentials: (command: Command, includeAuthSecret?: boolean) => Promise<OpalCredentials>;
 export declare const removeOpalCredentials: (command: Command) => Promise<void>;
+export declare const removeAuthSecret: (command: Command) => Promise<void>;
 export {};

package/build/lib/credentials/index.js

@@ -0,0 +1,85 @@
+import { getOrCreateConfigData, writeConfigData } from "../config.js";
+import { deleteSecretFromKeychain, getSecretFromKeychain, setSecretInKeychain, } from "./keychain.js";
+import { getSecretFromConfig, setSecretInConfig } from "./localEncryption.js";
+export var SecretType;
+(function (SecretType) {
+    SecretType["Cookie"] = "COOKIE";
+    SecretType["ApiToken"] = "API_TOKEN";
+})(SecretType || (SecretType = {}));
+export const setOpalCredentials = async (command, email, organizationID, clientID, secret, secretType, organizationName) => {
+    const givenEmail = email || "email-unset";
+    const configData = getOrCreateConfigData(command.config.configDir);
+    configData.creds = {
+        email,
+        organizationID,
+        organizationName,
+        secretType,
+    };
+    writeConfigData(command.config.configDir, configData);
+    await writeSecret(command, configData, givenEmail, { clientID, secret });
+};
+export const getOpalCredentials = async (command, includeAuthSecret = true) => {
+    var _a, _b;
+    const creds = (_b = (_a = getOrCreateConfigData(command.config.configDir)) === null || _a === void 0 ? void 0 : _a.creds) !== null && _b !== void 0 ? _b : {};
+    if (!includeAuthSecret) {
+        return creds;
+    }
+    let secretStr = null;
+    if (process.platform === "darwin") {
+        secretStr = await getSecretFromKeychain((creds === null || creds === void 0 ? void 0 : creds.email) || "email-unset");
+    }
+    else {
+        secretStr = await getSecretFromConfig(creds);
+    }
+    if (secretStr) {
+        try {
+            const parsed = JSON.parse(secretStr);
+            creds.secret = parsed.secret;
+            creds.clientID = parsed.clientID;
+        }
+        catch (error) {
+            // Fallback for old format where only the secret was stored as a plain string
+            creds.secret = secretStr;
+        }
+        // This is a fallback for users with stored credentials from before we converted to session auth with the CLITokenExchange mutation
+        // It will allow them to continue authenticating with an access token in an Authorization header, which will work until we remove support for that
+        if (!creds.secretType) {
+            creds.secretType = SecretType.ApiToken;
+        }
+    }
+    return creds;
+};
+// This removes *everything* in the creds object, and wipes out anything stored in the keychain
+export const removeOpalCredentials = async (command) => {
+    var _a;
+    const configData = getOrCreateConfigData(command.config.configDir);
+    const email = ((_a = configData === null || configData === void 0 ? void 0 : configData.creds) === null || _a === void 0 ? void 0 : _a.email) || "email-unset";
+    // On linux, the access token is stored encrypted in configData.creds, so this effectively removes it
+    configData.creds = {};
+    writeConfigData(command.config.configDir, configData);
+    // but on OSX, we need an extra step to delete the token from the keychain
+    if (process.platform === "darwin") {
+        await deleteSecretFromKeychain(email);
+    }
+};
+// This just removes the auth secret, if it exists
+export const removeAuthSecret = async (command) => {
+    const configData = getOrCreateConfigData(command.config.configDir);
+    const creds = await getOpalCredentials(command, true);
+    if (creds.email) {
+        const secretCreds = {};
+        if (creds.clientID) {
+            secretCreds.clientID = creds.clientID;
+        }
+        await writeSecret(command, configData, creds.email, secretCreds);
+    }
+};
+const writeSecret = async (command, configData, email, secretCreds) => {
+    const secretStr = JSON.stringify(secretCreds);
+    if (process.platform === "darwin") {
+        await setSecretInKeychain(email, secretStr);
+    }
+    else {
+        await setSecretInConfig(command, configData, secretStr);
+    }
+};

package/{lib → build}/lib/credentials/keychain.js

@@ -1,10 +1,7 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.deleteSecretFromKeychain = exports.getSecretFromKeychain = exports.setSecretInKeychain = void 0;
-const keychain = require("keychain");
+import keychain from "keychain";
 const OPAL_KEYCHAIN_SERVICE = "opal-cli";
 // On OSX, we can easily work with the system Keychain to store the access token.
-const setSecretInKeychain = async (email, secret) => {
+export const setSecretInKeychain = async (email, secret) => {
     return new Promise((resolve, reject) => {
         keychain.setPassword({ account: email, service: OPAL_KEYCHAIN_SERVICE, password: secret }, (err) => {
             if (err) {
@@ -16,8 +13,7 @@ const setSecretInKeychain = async (email, secret) => {
         });
     });
 };
-exports.setSecretInKeychain = setSecretInKeychain;
-const getSecretFromKeychain = async (email) => {
+export const getSecretFromKeychain = async (email) => {
     return new Promise((resolve, reject) => {
         keychain.getPassword({ account: email, service: OPAL_KEYCHAIN_SERVICE }, (err, password) => {
             if (err && (err === null || err === void 0 ? void 0 : err.type) !== "PasswordNotFoundError") {
@@ -29,8 +25,7 @@ const getSecretFromKeychain = async (email) => {
         });
     });
 };
-exports.getSecretFromKeychain = getSecretFromKeychain;
-const deleteSecretFromKeychain = async (email) => {
+export const deleteSecretFromKeychain = async (email) => {
     return new Promise((resolve) => {
         keychain.deletePassword({ service: OPAL_KEYCHAIN_SERVICE, account: email }, () => {
             // we might get errors here if the password doesn't exist, which we want to swallow
@@ -38,4 +33,3 @@ const deleteSecretFromKeychain = async (email) => {
         });
     });
 };
-exports.deleteSecretFromKeychain = deleteSecretFromKeychain;

package/{lib → build}/lib/credentials/localEncryption.js

@@ -1,10 +1,7 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getSecretFromConfig = exports.setSecretInConfig = void 0;
-const node_crypto_1 = require("node:crypto");
-const argon2 = require("argon2");
-const inquirer = require("inquirer");
-const config_1 = require("../config");
+import { createCipheriv, createDecipheriv, randomBytes } from "node:crypto";
+import * as argon2 from "argon2";
+import inquirer from "inquirer";
+import { writeConfigData } from "../config.js";
 const ENCRYPTION_ALGORITHM = "aes-256-gcm";
 /**
  * On linux, windows, and WSL, we can't easily work with the system keychain
@@ -28,18 +25,18 @@ const promptForPassword = async (msg) => {
     ]);
     return customKey;
 };
-const setSecretInConfig = async (command, configData, secret) => {
+export const setSecretInConfig = async (command, configData, secret) => {
     if (!password) {
         password = await promptForPassword("Enter a password to encrypt your credentials: ");
     }
-    const salt = (0, node_crypto_1.randomBytes)(24);
+    const salt = randomBytes(24);
     const key = await argon2.hash(password, {
         hashLength: 32,
         raw: true,
         salt: salt,
     });
-    const iv = (0, node_crypto_1.randomBytes)(12);
-    const cipher = (0, node_crypto_1.createCipheriv)(ENCRYPTION_ALGORITHM, key, iv);
+    const iv = randomBytes(12);
+    const cipher = createCipheriv(ENCRYPTION_ALGORITHM, key, iv);
     let secretEncrypted = cipher.update(secret, "utf8", "base64");
     secretEncrypted += cipher.final("base64");
     // In addition to storing the encrypted text, we need to store the argon2 salt, and AES authTag + IV so we can decrypt
@@ -49,10 +46,9 @@ const setSecretInConfig = async (command, configData, secret) => {
         salt: salt.toString("base64"),
         iv: iv.toString("base64"),
     };
-    (0, config_1.writeConfigData)(command.config.configDir, configData);
+    writeConfigData(command.config.configDir, configData);
 };
-exports.setSecretInConfig = setSecretInConfig;
-const getSecretFromConfig = async (credsConfig) => {
+export const getSecretFromConfig = async (credsConfig) => {
     let secret = "";
     if (credsConfig === null || credsConfig === void 0 ? void 0 : credsConfig.accessTokenDetails) {
         if (!password) {
@@ -66,12 +62,12 @@ const getSecretFromConfig = async (credsConfig) => {
             salt: salt,
         });
         try {
-            const decipher = (0, node_crypto_1.createDecipheriv)(ENCRYPTION_ALGORITHM, key, iv);
+            const decipher = createDecipheriv(ENCRYPTION_ALGORITHM, key, iv);
             decipher.setAuthTag(Buffer.from(credsConfig.accessTokenDetails.authTag, "base64"));
             secret = decipher.update(credsConfig.accessTokenDetails.encryptedText, "base64", "utf8");
             secret += decipher.final("utf8");
         }
-        catch (error) {
+        catch (_a) {
             console.error("ERROR: Failed to decrypt local credentials.\n" +
                 "  Check that you entered the correct password, or re-authenticate with `opal login`");
             process.exit(1);
@@ -81,4 +77,3 @@ const getSecretFromConfig = async (credsConfig) => {
     }
     return secret;
 };
-exports.getSecretFromConfig = getSecretFromConfig;

package/{lib → build}/lib/flags.js

@@ -1,25 +1,22 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SHARED_FLAGS = void 0;
-const core_1 = require("@oclif/core");
-exports.SHARED_FLAGS = {
-    help: core_1.Flags.help({ char: "h" }),
-    id: core_1.Flags.string({
+import { Flags } from "@oclif/core";
+export const SHARED_FLAGS = {
+    help: Flags.help({ char: "h" }),
+    id: Flags.string({
         multiple: false,
         char: "i",
         description: "The Opal ID of the asset. You can find this from the URL, e.g. https://opal.dev/resources/[ID]",
     }),
-    accessLevelRemoteId: core_1.Flags.string({
+    accessLevelRemoteId: Flags.string({
         multiple: false,
         char: "a",
         description: "The remote ID of the access level with which to access the resource.",
     }),
-    sessionId: core_1.Flags.string({
+    sessionId: Flags.string({
         multiple: false,
         char: "s",
         description: "The Opal ID of the session to connect to. Uses an existing session that was created via the web flow.",
     }),
-    refresh: core_1.Flags.boolean({
+    refresh: Flags.boolean({
         char: "r",
         description: "Starts a new session even if one already exists. Useful if a session is about to expire.",
     }),

package/build/lib/local-auth-server.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Starts a local HTTP server on port 8080 to handle OAuth callback.
+ * Returns a promise that resolves with the full callback URL when authentication succeeds.
+ */
+export declare function startLocalServer(): Promise<string>;

package/build/lib/local-auth-server.js

@@ -0,0 +1,69 @@
+import * as http from "node:http";
+import { authErrorHtml, authMissingCodeHtml, authSuccessHtml, } from "./auth-success-template.js";
+/**
+ * Starts a local HTTP server on port 8080 to handle OAuth callback.
+ * Returns a promise that resolves with the full callback URL when authentication succeeds.
+ */
+export function startLocalServer() {
+    return new Promise((resolve, reject) => {
+        const server = http.createServer(async (req, res) => {
+            try {
+                const url = new URL(req.url || "", "http://127.0.0.1:8080");
+                if (url.pathname === "/callback") {
+                    const error = url.searchParams.get("error");
+                    if (error) {
+                        res.writeHead(400, { "Content-Type": "text/html" });
+                        res.end(authErrorHtml(error));
+                        server.closeAllConnections();
+                        server.close(() => {
+                            reject(new Error(`Authentication failed: ${error}`));
+                        });
+                        return;
+                    }
+                    if (req.url) {
+                        res.writeHead(200, { "Content-Type": "text/html" });
+                        res.end(authSuccessHtml);
+                        const fullUrl = `http://127.0.0.1:8080${req.url}`;
+                        server.closeAllConnections();
+                        server.close(() => {
+                            resolve(fullUrl);
+                        });
+                    }
+                    else {
+                        res.writeHead(400, { "Content-Type": "text/html" });
+                        res.end(authMissingCodeHtml);
+                        server.closeAllConnections();
+                        server.close(() => {
+                            reject(new Error("Missing authorization code"));
+                        });
+                    }
+                }
+                else {
+                    res.writeHead(404);
+                    res.end();
+                }
+            }
+            catch (err) {
+                res.writeHead(400);
+                res.end();
+                server.closeAllConnections();
+                server.close(() => {
+                    reject(err);
+                });
+            }
+        });
+        server.listen(8080, "127.0.0.1", () => {
+            console.log("Local server started on http://127.0.0.1:8080");
+        });
+        server.on("error", (err) => {
+            reject(err);
+        });
+        // Timeout after 5 minutes
+        setTimeout(() => {
+            server.closeAllConnections();
+            server.close(() => {
+                reject(new Error("Authentication timeout"));
+            });
+        }, 5 * 60 * 1000);
+    });
+}

package/build/lib/request/api/index.d.ts

@@ -0,0 +1,6 @@
+export { queryRequestableApps } from "./queries/apps.js";
+export { queryRequestableAssets, queryCatalogItems } from "./queries/assets.js";
+export { queryAssetRoles, queryAssociatedItems } from "./queries/roles.js";
+export { queryRequestDefaults } from "./queries/request-defaults.js";
+export { queryRequest, queryRequests } from "./queries/requests.js";
+export { createRequest } from "./mutations/create-request.js";

package/build/lib/request/api/index.js

@@ -0,0 +1,8 @@
+// Query exports
+export { queryRequestableApps } from "./queries/apps.js";
+export { queryRequestableAssets, queryCatalogItems } from "./queries/assets.js";
+export { queryAssetRoles, queryAssociatedItems } from "./queries/roles.js";
+export { queryRequestDefaults } from "./queries/request-defaults.js";
+export { queryRequest, queryRequests } from "./queries/requests.js";
+// Mutation exports
+export { createRequest } from "./mutations/create-request.js";

package/{lib → build}/lib/request/api/mutations/create-request.d.ts

@@ -1,8 +1,8 @@
 import type { ApolloClient } from "@apollo/client";
 import type { Command } from "@oclif/core";
-import type { RequestedGroupInput, RequestedResourceInput } from "../../../../graphql/graphql";
+import type { RequestedGroupInput, RequestedResourceInput } from "../../../../graphql/graphql.js";
 export declare function createRequest(cmd: Command, client: ApolloClient, requestedResources: RequestedResourceInput[], requestedGroups: RequestedGroupInput[], reason: string, durationInMinutes?: number): Promise<{
     __typename?: "Request";
     id: string;
-    status: import("../../../../graphql/graphql").RequestStatus;
+    status: import("../../../../graphql/graphql.js").RequestStatus;
 } | undefined>;

package/{lib → build}/lib/request/api/mutations/create-request.js

@@ -1,8 +1,5 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createRequest = createRequest;
-const graphql_1 = require("../../../../graphql");
-const CREATE_REQUEST_MUTATION = (0, graphql_1.graphql)(`
+import { graphql } from "../../../../graphql/index.js";
+const CREATE_REQUEST_MUTATION = graphql(`
   mutation CreateRequest(
     $requestedResources: [RequestedResourceInput!]!
     $requestedGroups: [RequestedGroupInput!]!
@@ -86,7 +83,7 @@ const CREATE_REQUEST_MUTATION = (0, graphql_1.graphql)(`
     }
   }
 `);
-async function createRequest(cmd, client, requestedResources, requestedGroups, reason, durationInMinutes) {
+export async function createRequest(cmd, client, requestedResources, requestedGroups, reason, durationInMinutes) {
     var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s, _t;
     try {
         const resp = await client.mutate({

package/{lib → build}/lib/request/api/queries/apps.d.ts

@@ -1,4 +1,4 @@
 import type { ApolloClient } from "@apollo/client";
 import type { Command } from "@oclif/core";
-import type { PromptChoice } from "../../types";
+import type { PromptChoice } from "../../types.js";
 export declare function queryRequestableApps(cmd: Command, client: ApolloClient, input: string | undefined): Promise<PromptChoice[] | undefined>;

package/{lib → build}/lib/request/api/queries/apps.js

@@ -1,9 +1,6 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.queryRequestableApps = queryRequestableApps;
-const graphql_1 = require("../../../../graphql");
+import { graphql } from "../../../../graphql/index.js";
 // TODO: add pagination ability from CLI. (Load more...) option
-const GET_REQUESTABLE_APPS_QUERY = (0, graphql_1.graphql)(`
+const GET_REQUESTABLE_APPS_QUERY = graphql(`
   query GetRequestableAppsQuery($searchQuery: String) {
     appsV2(
       filters: {
@@ -32,7 +29,7 @@ const GET_REQUESTABLE_APPS_QUERY = (0, graphql_1.graphql)(`
     }
   }
   `);
-async function queryRequestableApps(cmd, client, input) {
+export async function queryRequestableApps(cmd, client, input) {
     var _a, _b;
     try {
         const resp = await client.query({

package/{lib → build}/lib/request/api/queries/assets.d.ts

@@ -1,6 +1,6 @@
 import type { ApolloClient } from "@apollo/client";
 import type { Command } from "@oclif/core";
-import type { GetCatalogItemQuery } from "../../../../graphql/graphql";
-import { type PromptChoice } from "../../types";
+import type { GetCatalogItemQuery } from "../../../../graphql/graphql.js";
+import { type PromptChoice } from "../../types.js";
 export declare function queryRequestableAssets(cmd: Command, client: ApolloClient, appId: string, input: string | undefined): Promise<PromptChoice[] | undefined>;
 export declare function queryCatalogItems(cmd: Command, client: ApolloClient, assetId: string): Promise<ApolloClient.QueryResult<GetCatalogItemQuery>>;

package/{lib → build}/lib/request/api/queries/assets.js

@@ -1,10 +1,6 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.queryRequestableAssets = queryRequestableAssets;
-exports.queryCatalogItems = queryCatalogItems;
-const graphql_1 = require("../../../../graphql");
-const types_1 = require("../../types");
-const GET_ASSETS_QUERY = (0, graphql_1.graphql)(`
+import { graphql } from "../../../../graphql/index.js";
+import { entityTypeFromString } from "../../types.js";
+const GET_ASSETS_QUERY = graphql(`
   query PaginatedEntityDropdown(
   $id: UUID!
   $searchQuery: String
@@ -40,7 +36,7 @@ const GET_ASSETS_QUERY = (0, graphql_1.graphql)(`
   }
 }
 `);
-async function queryRequestableAssets(cmd, client, appId, input) {
+export async function queryRequestableAssets(cmd, client, appId, input) {
     var _a, _b, _c, _d, _e, _f, _g;
     try {
         const resp = await client.query({
@@ -65,7 +61,7 @@ async function queryRequestableAssets(cmd, client, appId, input) {
                         value: {
                             name: name || "",
                             id: id || "",
-                            type: (0, types_1.entityTypeFromString)(((_g = item.resource) === null || _g === void 0 ? void 0 : _g.__typename) || ((_h = item.group) === null || _h === void 0 ? void 0 : _h.__typename)),
+                            type: entityTypeFromString(((_g = item.resource) === null || _g === void 0 ? void 0 : _g.__typename) || ((_h = item.group) === null || _h === void 0 ? void 0 : _h.__typename)),
                         },
                     };
                 });
@@ -82,7 +78,7 @@ async function queryRequestableAssets(cmd, client, appId, input) {
         }
     }
 }
-const CATALOG_ITEM = (0, graphql_1.graphql)(`
+const CATALOG_ITEM = graphql(`
   query GetCatalogItem($uuid: UUID!) {
     catalogItem(id: $uuid) {
       __typename
@@ -120,7 +116,7 @@ const CATALOG_ITEM = (0, graphql_1.graphql)(`
     }
   }
   `);
-async function queryCatalogItems(cmd, client, assetId) {
+export async function queryCatalogItems(cmd, client, assetId) {
     try {
         return await client.query({
             query: CATALOG_ITEM,

package/{lib → build}/lib/request/api/queries/request-defaults.d.ts

@@ -1,5 +1,5 @@
 import type { ApolloClient } from "@apollo/client";
 import type { Command } from "@oclif/core";
-import type { RequestConfigurationGroupInput, RequestConfigurationResourceInput } from "../../../../graphql/graphql";
-import type { RequestDefaults } from "../../types";
+import type { RequestConfigurationGroupInput, RequestConfigurationResourceInput } from "../../../../graphql/graphql.js";
+import type { RequestDefaults } from "../../types.js";
 export declare function queryRequestDefaults(cmd: Command, client: ApolloClient, requestedResources: RequestConfigurationResourceInput[], requestedGroups: RequestConfigurationGroupInput[]): Promise<RequestDefaults | undefined>;

package/{lib → build}/lib/request/api/queries/request-defaults.js

@@ -1,8 +1,5 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.queryRequestDefaults = queryRequestDefaults;
-const graphql_1 = require("../../../../graphql");
-const REQUEST_DEFAULTS_QUERY = (0, graphql_1.graphql)(`
+import { graphql } from "../../../../graphql/index.js";
+const REQUEST_DEFAULTS_QUERY = graphql(`
   query RequestDefaults(
     $requestedResources: [RequestConfigurationResourceInput!]!
     $requestedGroups: [RequestConfigurationGroupInput!]!
@@ -31,7 +28,7 @@ const REQUEST_DEFAULTS_QUERY = (0, graphql_1.graphql)(`
       }
     }
   }`);
-async function queryRequestDefaults(cmd, client, requestedResources, requestedGroups) {
+export async function queryRequestDefaults(cmd, client, requestedResources, requestedGroups) {
     var _a;
     try {
         const resp = await client.query({

package/{lib → build}/lib/request/api/queries/requests.d.ts

@@ -1,4 +1,4 @@
 import type { ApolloClient } from "@apollo/client";
-export declare const queryRequest: (client: ApolloClient, requestId: string) => Promise<ApolloClient.QueryResult<import("../../../../graphql/graphql").GetRequestQuery>>;
-export declare const queryRequests: (client: ApolloClient, pageSize: number, showPendingOnly: boolean) => Promise<ApolloClient.QueryResult<import("../../../../graphql/graphql").GetRequestsQuery>>;
-export declare const queryBundle: (client: ApolloClient, bundleId: string) => Promise<ApolloClient.QueryResult<import("../../../../graphql/graphql").GetBundleQuery>>;
+export declare const queryRequest: (client: ApolloClient, requestId: string) => Promise<ApolloClient.QueryResult<import("../../../../graphql/graphql.js").GetRequestQuery>>;
+export declare const queryRequests: (client: ApolloClient, pageSize: number, showPendingOnly: boolean) => Promise<ApolloClient.QueryResult<import("../../../../graphql/graphql.js").GetRequestsQuery>>;
+export declare const queryBundle: (client: ApolloClient, bundleId: string) => Promise<ApolloClient.QueryResult<import("../../../../graphql/graphql.js").GetBundleQuery>>;

package/{lib → build}/lib/request/api/queries/requests.js

@@ -1,8 +1,5 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.queryBundle = exports.queryRequests = exports.queryRequest = void 0;
-const graphql_1 = require("../../../../graphql");
-const RESOURCE_FRAGMENT = (0, graphql_1.graphql)(`
+import { graphql } from "../../../../graphql/index.js";
+const RESOURCE_FRAGMENT = graphql(`
   fragment ResourceFields on Resource {
     displayName
     id
@@ -13,7 +10,7 @@ const RESOURCE_FRAGMENT = (0, graphql_1.graphql)(`
     }
   }
 `);
-const GROUP_FRAGMENT = (0, graphql_1.graphql)(`
+const GROUP_FRAGMENT = graphql(`
   fragment GroupFields on Group {
     name
     id
@@ -24,7 +21,7 @@ const GROUP_FRAGMENT = (0, graphql_1.graphql)(`
     }
   }
 `);
-const REQUEST_FIELDS_FRAGMENT = (0, graphql_1.graphql)(`
+const REQUEST_FIELDS_FRAGMENT = graphql(`
   fragment RequestFields on Request {
     id
     createdAt
@@ -57,7 +54,7 @@ const REQUEST_FIELDS_FRAGMENT = (0, graphql_1.graphql)(`
     }
   }
 `);
-const GET_REQUEST = (0, graphql_1.graphql)(`
+const GET_REQUEST = graphql(`
   query GetRequest(
   $id: RequestId!
 ) {
@@ -74,7 +71,7 @@ const GET_REQUEST = (0, graphql_1.graphql)(`
   }
 }
 `);
-const queryRequest = async (client, requestId) => {
+export const queryRequest = async (client, requestId) => {
     const resp = await client.query({
         query: GET_REQUEST,
         variables: {
@@ -84,9 +81,8 @@ const queryRequest = async (client, requestId) => {
     });
     return resp;
 };
-exports.queryRequest = queryRequest;
 // TODO: Add date filters, search query,
-const GET_OUTGOING_REQUESTS = (0, graphql_1.graphql)(`
+const GET_OUTGOING_REQUESTS = graphql(`
   query GetRequests($showPendingOnly: Boolean!, $pageSize: Int) {
   requests(input: {
     requestType: OUTGOING
@@ -106,7 +102,7 @@ const GET_OUTGOING_REQUESTS = (0, graphql_1.graphql)(`
   
   }
 }`);
-const queryRequests = async (client, pageSize, showPendingOnly) => {
+export const queryRequests = async (client, pageSize, showPendingOnly) => {
     const resp = await client.query({
         query: GET_OUTGOING_REQUESTS,
         variables: {
@@ -117,8 +113,7 @@ const queryRequests = async (client, pageSize, showPendingOnly) => {
     });
     return resp;
 };
-exports.queryRequests = queryRequests;
-const GET_BUNDLE = (0, graphql_1.graphql)(`query GetBundle($id: BundleId!) {
+const GET_BUNDLE = graphql(`query GetBundle($id: BundleId!) {
   bundle(input: { id: $id }) {
     __typename
     ... on BundleResult {
@@ -150,7 +145,7 @@ const GET_BUNDLE = (0, graphql_1.graphql)(`query GetBundle($id: BundleId!) {
     }
   }
 }`);
-const queryBundle = async (client, bundleId) => {
+export const queryBundle = async (client, bundleId) => {
     const resp = await client.query({
         query: GET_BUNDLE,
         variables: {
@@ -160,4 +155,3 @@ const queryBundle = async (client, bundleId) => {
     });
     return resp;
 };
-exports.queryBundle = queryBundle;

package/{lib → build}/lib/request/api/queries/roles.d.ts

@@ -1,5 +1,5 @@
 import type { ApolloClient } from "@apollo/client";
 import type { Command } from "@oclif/core";
-import type { PromptChoice } from "../../types";
+import type { PromptChoice } from "../../types.js";
 export declare function queryAssetRoles(cmd: Command, client: ApolloClient, assetType: string, assetId: string): Promise<PromptChoice[] | undefined>;
 export declare function queryAssociatedItems(cmd: Command, client: ApolloClient, id: string, input: string | undefined): Promise<PromptChoice[] | undefined>;