@atomist/sdm-core/lib/handlers/common/GitHubCredentialsResolver.js

Atomist Software Delivery Machine - Implementation

"use strict";
/*
 * Copyright © 2019 Atomist, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
    return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
const automation_client_1 = require("@atomist/automation-client");
const RepoId_1 = require("@atomist/automation-client/lib/operations/common/RepoId");
const _ = require("lodash");
const types_1 = require("../../typings/types");
let GitHubCredentialsResolver = class GitHubCredentialsResolver {
    eventHandlerCredentials(context, id) {
        return __awaiter(this, void 0, void 0, function* () {
            return this.credentials([
                obtainTokenFromConfiguration(this),
                ObtainTokenFromIncomingMessage,
                ObtainTokenFromGitHubApp,
                ObtainTokenFromProvider,
            ], context, id);
        });
    }
    commandHandlerCredentials(context, id) {
        return __awaiter(this, void 0, void 0, function* () {
            return this.credentials([
                ObtainTokenFromIncomingMessage,
                obtainTokenFromConfiguration(this),
                ObtainTokenFromGitHubApp,
                ObtainTokenFromProvider,
            ], context, id);
        });
    }
    credentials(obtainTokens, context, id) {
        return __awaiter(this, void 0, void 0, function* () {
            for (const obtainToken of obtainTokens) {
                const token = yield obtainToken(context, id);
                if (hasToken(token)) {
                    return { token };
                }
            }
            throw new Error("No GitHub token available! Please add a token to the SDM configuration at 'sdm.github.token' "
                + "or authenticate the GitHub SCM provider from the web app or CLI.");
        });
    }
};
__decorate([
    automation_client_1.Secret(automation_client_1.Secrets.OrgToken),
    __metadata("design:type", String)
], GitHubCredentialsResolver.prototype, "orgToken", void 0);
GitHubCredentialsResolver = __decorate([
    automation_client_1.Parameters()
], GitHubCredentialsResolver);
exports.GitHubCredentialsResolver = GitHubCredentialsResolver;
/**
 * Obtain a org or user token from the incoming event or command invocation
 */
const ObtainTokenFromIncomingMessage = (ctx) => __awaiter(void 0, void 0, void 0, function* () {
    // Try to obtain the token from the incoming event or command
    const actx = ctx;
    if (!!actx.trigger && !!actx.trigger.secrets) {
        let secret = actx.trigger.secrets.find(s => s.uri === automation_client_1.Secrets.OrgToken);
        if (secret && hasToken(secret.value)) {
            return secret.value;
        }
        secret = actx.trigger.secrets.find(s => s.uri.startsWith(automation_client_1.Secrets.UserToken));
        if (secret && hasToken(secret.value)) {
            return secret.value;
        }
    }
    return undefined;
});
/**
 * Obtain a token from an SCMProvider
 */
const ObtainTokenFromProvider = (ctx, id) => __awaiter(void 0, void 0, void 0, function* () {
    // Check the graph to see if we have a token on the provider
    if (!!id && (id.providerType === RepoId_1.ProviderType.github_com)) {
        const token = yield fetchTokenByProviderType(types_1.ProviderType.github_com, ctx);
        if (hasToken(token)) {
            return token;
        }
    }
    return undefined;
});
/**
 * Obtain a token from an GitHubAppInstallation
 */
const ObtainTokenFromGitHubApp = (ctx, id) => __awaiter(void 0, void 0, void 0, function* () {
    // Check the graph to see if we have a token on the GitHubAppInstallation
    if (!!id && (id.providerType === RepoId_1.ProviderType.github_com)) {
        const token = yield fetchTokenByGitHubAppName(id.owner, ctx);
        if (hasToken(token)) {
            return token;
        }
    }
    return undefined;
});
/**
 * Obtain a token from the SDM configuration
 */
function obtainTokenFromConfiguration(resolver) {
    return () => __awaiter(this, void 0, void 0, function* () {
        if (hasToken(automation_client_1.configurationValue("token", "null"))) {
            return automation_client_1.configurationValue("token");
        }
        else if (hasToken(automation_client_1.configurationValue("sdm.github.token", "null"))) {
            return automation_client_1.configurationValue("sdm.github.token");
        }
        return undefined;
    });
}
function hasToken(token) {
    if (!token) {
        return false;
        // "null" as string is being sent when the orgToken can't be determined by the api
    }
    else if (token === "null" || token === "undefined") {
        return false;
    }
    return true;
}
function fetchTokenByProviderType(providerType, ctx) {
    return __awaiter(this, void 0, void 0, function* () {
        const provider = yield ctx.graphClient.query({
            name: "ScmProviderByType",
            variables: {
                providerType,
            },
        });
        return _.get(provider, "SCMProvider[0].credential.secret");
    });
}
function fetchTokenByGitHubAppName(owner, ctx) {
    return __awaiter(this, void 0, void 0, function* () {
        const app = yield ctx.graphClient.query({
            name: "GitHubAppInstallationByOwner",
            variables: {
                name: owner,
            },
        });
        return _.get(app, "GitHubAppInstallation[0].token.secret");
    });
}
//# sourceMappingURL=GitHubCredentialsResolver.js.map