@sap/cli-core/cache/secrets/utils.js

Command-Line Interface (CLI) Core Module

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.getTenantUrl = exports.isCustomClient = void 0;
exports.updateUrls = updateUrls;
exports.isSecretConsistent = isSecretConsistent;
const config_1 = require("../../config");
const constants_1 = require("../../constants");
const types_1 = require("../../types");
const http_1 = require("../../utils/http");
const utils_1 = require("../../utils/utils");
// Pre-delivered OAuth Client ID: 5a638330-5899-366e-ac00-ab62cc32dcda
// Custom OAuth Client ID: sb-00bb7bc2-cc32-423c-921c-2abdee11a29d!b49931|client!b3650
const isCustomClient = (clientId) => clientId ? clientId.startsWith("sb-") : true;
exports.isCustomClient = isCustomClient;
const getTenantUrl = () => {
    const config = (0, config_1.get)();
    const tenantUrl = config.tenantUrl ?? config.options[constants_1.OPTION_HOST.longName];
    if (!tenantUrl) {
        throw new Error("no tenant url found");
    }
    return tenantUrl;
};
exports.getTenantUrl = getTenantUrl;
async function updateUrls(secret) {
    if (secret.client_id) {
        const config = (0, config_1.get)();
        let oauth = {};
        if (!secret.customClient &&
            (!secret.authorization_url || !secret.token_url)) {
            oauth = (await (0, http_1.fetch)({
                method: "GET",
                url: `${config.tenantUrl}/oauth`,
            })).data;
        }
        let authorizationUrl = secret.authorization_url;
        if (!authorizationUrl) {
            if (!secret.customClient) {
                authorizationUrl = oauth.authorizationUrl;
            }
            else {
                authorizationUrl = config.authorizationUrl;
            }
        }
        let tokenUrl = secret.token_url;
        if (!tokenUrl) {
            if (!secret.customClient) {
                tokenUrl = oauth.tokenUrl;
            }
            else {
                tokenUrl = config.tokenUrl;
            }
        }
        if (!tokenUrl || !authorizationUrl) {
            throw new Error("invalid token url or authorization url");
        }
        // eslint-disable-next-line no-param-reassign
        secret.authorization_url = (0, utils_1.removeQueryParametersFromUrl)(authorizationUrl);
        // eslint-disable-next-line no-param-reassign
        secret.token_url = (0, utils_1.removeQueryParametersFromUrl)(tokenUrl);
    }
    return secret;
}
function isSecretConsistent(secret) {
    const errors = [];
    if (!((0, utils_1.isValidURL)(secret.tenantUrl) ||
        ((secret.authorization_flow !== types_1.GrantType.authorization_code ||
            (0, utils_1.isValidURL)(secret.authorization_url)) &&
            (0, utils_1.isValidURL)(secret.token_url)))) {
        errors.push("the secrets file is missing either property tenantUrl or properties authorization_url and token_url" +
            " or the URLs are not valid");
    }
    if (!(secret.access_token ||
        ((secret.authorization_flow !== types_1.GrantType.authorization_code ||
            secret.refresh_token) &&
            secret.client_id &&
            secret.client_secret))) {
        errors.push("the secrets file is missing either property access_token or properties refresh_token, " +
            "client_id and client_secret");
    }
    if (errors.length > 0) {
        return { consistent: false, errors };
    }
    return { consistent: true };
}