UNPKG

@hkvstore/taco-cli

Version:

taco-cli is a command-line interface for rapid Apache Cordova development (forked from Microsoft taco-cli)

130 lines (128 loc) 6.36 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
// Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT license. See LICENSE file in the project root for details. /// <reference path="../../../typings/node.d.ts" /> /// <reference path="../../../typings/tacoUtils.d.ts" /> "use strict"; var child_process = require("child_process"); var fs = require("fs"); var https = require("https"); var os = require("os"); var path = require("path"); var Q = require("q"); var TacoErrorCodes = require("../tacoErrorCodes"); var errorHelper = require("../tacoErrorHelper"); var tacoUtils = require("taco-utils"); var Logger = tacoUtils.Logger; var UtilHelper = tacoUtils.UtilHelper; var ConnectionSecurityHelper = (function () { function ConnectionSecurityHelper() { } ConnectionSecurityHelper.getAgent = function (connectionInfo) { if (!connectionInfo.secure) { return Q(null); } var bufferDeferred = Q.defer(); switch (os.platform()) { case "win32": var certScriptPath = path.resolve(__dirname, "win32", "certificates.ps1"); // Note: On windows 7, powershell -file will still attempt to use input from stdin as commands. If we do not close stdin then the process will not exit var certLoadProcess = child_process.spawn("powershell", ["-executionpolicy", "unrestricted", "-file", certScriptPath, "get", connectionInfo.certName], { stdio: ["ignore", "pipe", "inherit"] }); var output = ""; certLoadProcess.stdout.on("data", function (data) { output += data.toString(); }); certLoadProcess.on("error", function (err) { bufferDeferred.reject(errorHelper.wrap(TacoErrorCodes.ErrorCertificateLoad, err, connectionInfo.certName)); }); certLoadProcess.on("close", function (code) { if (code) { if (code === 1) { bufferDeferred.reject(errorHelper.get(TacoErrorCodes.NoCertificateFound, connectionInfo.certName)); } else { Logger.logError(output); bufferDeferred.reject(errorHelper.get(TacoErrorCodes.GetCertificateFailed)); } } else { bufferDeferred.resolve(new Buffer(output, "base64")); } }); break; case "linux": case "darwin": var certPath = path.resolve(UtilHelper.tacoHome, "certs", encodeURIComponent(connectionInfo.host), "cert.pfx"); fs.readFile(certPath, bufferDeferred.makeNodeResolver()); break; default: throw errorHelper.get(TacoErrorCodes.UnsupportedHostPlatform, os.platform()); } return bufferDeferred.promise.then(function (certificate) { return new https.Agent({ pfx: certificate, rejectUnauthorized: true }); }); }; /* * Given a buffer containing certificate data, save the certificate to the system in an appropriate manner, * and return a promise for the name of the certificate that can be used to retrieve it later */ ConnectionSecurityHelper.saveCertificate = function (certificateData, host) { var deferred = Q.defer(); switch (os.platform()) { case "win32": var base64Certificate = certificateData.toString("base64"); // Save the certificate in the user's certificate store via a powershell script var certScriptPath = path.resolve(__dirname, "win32", "certificates.ps1"); var certSaveProcess = child_process.spawn("powershell", ["-executionpolicy", "unrestricted", "-file", certScriptPath, "set"]); var output = ""; certSaveProcess.stdin.write(base64Certificate); certSaveProcess.stdin.end(); certSaveProcess.stdout.on("data", function (data) { // Strip off any CN= prefix output += data.toString().replace(/^CN=/, ""); }); certSaveProcess.stderr.on("data", function (data) { Logger.logError(data.toString()); }); certSaveProcess.on("error", function (err) { deferred.reject(errorHelper.wrap(TacoErrorCodes.ErrorCertificateSave, err)); }); certSaveProcess.on("close", function (code) { if (code) { Logger.logError(output); deferred.reject(errorHelper.get(TacoErrorCodes.ErrorCertificateSaveWithErrorCode, code)); } else { deferred.resolve(output); } }); break; case "linux": case "darwin": var certPath = path.resolve(UtilHelper.tacoHome, "certs", encodeURIComponent(host)); UtilHelper.createDirectoryIfNecessary(certPath); // The folder should only be accessible to the specific user fs.chmod(certPath, "0700", function (err) { if (err) { deferred.reject(errorHelper.wrap(TacoErrorCodes.ErrorCertificatePathChmod, err, certPath)); } var certFilePath = path.join(certPath, "cert.pfx"); fs.writeFile(certFilePath, certificateData, function (writeError) { if (writeError) { deferred.reject(errorHelper.wrap(TacoErrorCodes.ErrorCertificateSaveToPath, writeError, certFilePath)); } deferred.resolve(host); }); }); break; default: deferred.reject(errorHelper.get(TacoErrorCodes.UnsupportedHostPlatform, os.platform())); } return deferred.promise; }; return ConnectionSecurityHelper; }()); module.exports = ConnectionSecurityHelper; //# sourceMappingURL=connectionSecurityHelper.js.map