UNPKG

@cap-js-community/mtx-tool

Version:

Multitenancy and Extensibility Tool is a cli to reduce operational overhead for multitenant Cloud Foundry applications

cap-js-community.github.io/mtx-tool/

cap-js-community/mtx-tool

78 lines (70 loc) 2.63 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
"use strict"; const https = require("https"); const { isDashedWord, isUUID } = require("./static"); const { assert } = require("./error"); const { request } = require("./request"); const getUaaTokenFromCredentials = async ( credentials, { subdomain, identityZone, tenantId, passcode, username, password } = {} ) => { subdomain && assert(isDashedWord(subdomain), `argument "${subdomain}" is not a valid subdomain`); tenantId && assert(isUUID(tenantId), `argument "${tenantId}" is not a valid tenantId`); const { url: serviceUrlPaas, clientid: clientId, clientsecret: clientSecret, certurl: certUrlPaas, certificate, key, identityzone: credentialIdentityZone, } = credentials; identityZone = identityZone ?? credentialIdentityZone; const isX509Enabled = !clientSecret && certUrlPaas; const serviceUrl = subdomain ? serviceUrlPaas.replace(identityZone, subdomain) : serviceUrlPaas; const certUrl = subdomain && certUrlPaas ? certUrlPaas.replace(identityZone, subdomain) : certUrlPaas; const url = isX509Enabled ? certUrl : serviceUrl; passcode && assert( [10, 32].includes(passcode.length), `"argument ${passcode}" is not a valid passcode, get one at ${serviceUrl}/passcode` ); const baseOptions = { clientId, tenantId, passcode, username, password }; const options = isX509Enabled ? { ...baseOptions, certificate, key } : { ...baseOptions, clientSecret }; return await getUaaToken(url, options); }; const getUaaToken = async ( url, { clientId, clientSecret, certificate, key, tenantId, passcode, username, password } = {} ) => { const agent = certificate && new https.Agent({ ...(key && { key }), ...(certificate && { cert: certificate }) }); const grantType = passcode || username ? "password" : "client_credentials"; const loginHint = username && JSON.stringify({ origin: "sap.custom" }); const body = new URLSearchParams({ grant_type: grantType, client_id: clientId, ...(clientSecret && { client_secret: clientSecret }), ...(passcode && { passcode }), ...(username && { username }), ...(password && { password }), ...(loginHint && { login_hint: loginHint }), }).toString(); return await ( await request({ ...(agent && { agent }), method: "POST", url, pathname: "/oauth/token", body, headers: { "Content-Type": "application/x-www-form-urlencoded", Accept: "application/json", ...(tenantId && { "X-Zid": tenantId }), }, logged: false, }) ).json(); }; module.exports = { getUaaToken, getUaaTokenFromCredentials, };