screwdriver-api 6.0.12 → 6.0.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/lib/server.js
CHANGED
|
@@ -201,7 +201,7 @@ module.exports = async config => {
|
|
|
201
201
|
server.app.buildFactory.apiUri = server.info.uri;
|
|
202
202
|
server.app.buildFactory.tokenGen = (buildId, metadata, scmContext, expiresIn, scope = ['temporal']) =>
|
|
203
203
|
server.plugins.auth.generateToken(
|
|
204
|
-
server.plugins.auth.generateProfile(buildId,
|
|
204
|
+
server.plugins.auth.generateProfile({ username: buildId, scmContext, scope, metadata }),
|
|
205
205
|
expiresIn
|
|
206
206
|
);
|
|
207
207
|
server.app.buildFactory.executor.tokenGen = server.app.buildFactory.tokenGen;
|
|
@@ -209,7 +209,7 @@ module.exports = async config => {
|
|
|
209
209
|
server.app.jobFactory.apiUri = server.info.uri;
|
|
210
210
|
server.app.jobFactory.tokenGen = (username, metadata, scmContext, scope = ['user']) =>
|
|
211
211
|
server.plugins.auth.generateToken(
|
|
212
|
-
server.plugins.auth.generateProfile(username,
|
|
212
|
+
server.plugins.auth.generateProfile({ username, scmContext, scope, metadata })
|
|
213
213
|
);
|
|
214
214
|
server.app.jobFactory.executor.userTokenGen = server.app.jobFactory.tokenGen;
|
|
215
215
|
|
package/package.json
CHANGED
package/plugins/auth/index.js
CHANGED
|
@@ -97,14 +97,16 @@ const authPlugin = {
|
|
|
97
97
|
/**
|
|
98
98
|
* Generates a profile for storage in cookie and jwt
|
|
99
99
|
* @method generateProfile
|
|
100
|
-
* @param {
|
|
101
|
-
* @param {String}
|
|
102
|
-
* @param {String}
|
|
103
|
-
* @param {
|
|
104
|
-
* @param {
|
|
105
|
-
* @
|
|
100
|
+
* @param {Object} config Configuration object
|
|
101
|
+
* @param {String} config.username Username of the person
|
|
102
|
+
* @param {String} config.scmUserId User ID in the SCM
|
|
103
|
+
* @param {String} config.scmContext Scm to which the person logged in belongs
|
|
104
|
+
* @param {Array} config.scope Scope for this profile (usually build or user)
|
|
105
|
+
* @param {Object} config.metadata Additional information to tag along with the login
|
|
106
|
+
* @return {Object} The profile to be stored in jwt and/or cookie
|
|
106
107
|
*/
|
|
107
|
-
server.expose('generateProfile',
|
|
108
|
+
server.expose('generateProfile', config => {
|
|
109
|
+
const { username, scmUserId, scmContext, scope, metadata } = config;
|
|
108
110
|
const profile = { username, scmContext, scope, ...(metadata || {}) };
|
|
109
111
|
|
|
110
112
|
if (pluginOptions.jwtEnvironment) {
|
package/plugins/auth/login.js
CHANGED
|
@@ -32,13 +32,11 @@ function addGuestRoute(config) {
|
|
|
32
32
|
}
|
|
33
33
|
|
|
34
34
|
const username = `guest/${uuidv4()}`;
|
|
35
|
-
const profile = request.server.plugins.auth.generateProfile(
|
|
35
|
+
const profile = request.server.plugins.auth.generateProfile({
|
|
36
36
|
username,
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
{}
|
|
41
|
-
);
|
|
37
|
+
scope: ['user', 'guest'],
|
|
38
|
+
metadata: {}
|
|
39
|
+
});
|
|
42
40
|
|
|
43
41
|
// Log that the user has authenticated
|
|
44
42
|
request.log(['auth'], `${username} has logged in`);
|
|
@@ -89,13 +87,13 @@ function addOAuthRoutes(config) {
|
|
|
89
87
|
const accessToken = request.auth.credentials.token;
|
|
90
88
|
const { username, id: scmUserId } = request.auth.credentials.profile;
|
|
91
89
|
|
|
92
|
-
const profile = request.server.plugins.auth.generateProfile(
|
|
90
|
+
const profile = request.server.plugins.auth.generateProfile({
|
|
93
91
|
username,
|
|
94
92
|
scmUserId,
|
|
95
93
|
scmContext,
|
|
96
|
-
['user'],
|
|
97
|
-
{}
|
|
98
|
-
);
|
|
94
|
+
scope: ['user'],
|
|
95
|
+
metadata: {}
|
|
96
|
+
});
|
|
99
97
|
const scmDisplayName = await userFactory.scm.getDisplayName({ scmContext });
|
|
100
98
|
const userDisplayName = config.authCheckById
|
|
101
99
|
? `${scmDisplayName}:${username}:${scmUserId}`
|
package/plugins/auth/token.js
CHANGED
|
@@ -39,12 +39,11 @@ module.exports = () => ({
|
|
|
39
39
|
const job = await jobFactory.get(build.jobId);
|
|
40
40
|
const pipeline = pipelineFactory.get(job.pipelineId);
|
|
41
41
|
|
|
42
|
-
profile = request.server.plugins.auth.generateProfile(
|
|
43
|
-
request.params.buildId,
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
);
|
|
42
|
+
profile = request.server.plugins.auth.generateProfile({
|
|
43
|
+
username: request.params.buildId,
|
|
44
|
+
scmContext: pipeline.scmContext,
|
|
45
|
+
scope: ['build', 'impersonated']
|
|
46
|
+
});
|
|
48
47
|
profile.token = request.server.plugins.auth.generateToken(profile);
|
|
49
48
|
|
|
50
49
|
request.cookieAuth.set(profile);
|
package/plugins/builds/token.js
CHANGED
|
@@ -54,13 +54,12 @@ module.exports = () => ({
|
|
|
54
54
|
}
|
|
55
55
|
|
|
56
56
|
const token = request.server.plugins.auth.generateToken(
|
|
57
|
-
request.server.plugins.auth.generateProfile(
|
|
58
|
-
profile.username,
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
),
|
|
57
|
+
request.server.plugins.auth.generateProfile({
|
|
58
|
+
username: profile.username,
|
|
59
|
+
scmContext: profile.scmContext,
|
|
60
|
+
scope: ['build'],
|
|
61
|
+
metadata: jwtInfo
|
|
62
|
+
}),
|
|
64
63
|
parseInt(buildTimeout, 10)
|
|
65
64
|
);
|
|
66
65
|
|
|
@@ -36,7 +36,12 @@ async function invoke(request) {
|
|
|
36
36
|
const { username, scmContext } = auth.credentials;
|
|
37
37
|
|
|
38
38
|
const token = request.server.plugins.auth.generateToken(
|
|
39
|
-
request.server.plugins.auth.generateProfile(
|
|
39
|
+
request.server.plugins.auth.generateProfile({
|
|
40
|
+
username,
|
|
41
|
+
scmContext,
|
|
42
|
+
scope: ['sdapi'],
|
|
43
|
+
metadata: { pipelineId }
|
|
44
|
+
})
|
|
40
45
|
);
|
|
41
46
|
|
|
42
47
|
const options = {
|