@sap/cli-core/commands/handler/authentication/oauth/tokenProvider/utils.js

Command-Line Interface (CLI) Core Module

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.getCode = exports.retrieveCode = exports.refreshToken = void 0;
const http_1 = require("http");
const fs_extra_1 = require("fs-extra");
const logger_1 = require("../../../../../logger");
const utils_1 = require("../utils");
const setAuthorization_1 = require("./setAuthorization");
const constants_1 = require("../../../../../constants");
const options_1 = require("../../../../../utils/options");
const SecretsStorageSingleton_1 = require("../../../../../cache/secrets/SecretsStorageSingleton");
const openUtils_1 = require("../../../../../utils/openUtils");
const utils_2 = require("../../../../../logger/utils");
const types_1 = require("../../../../../types");
const getLogger = () => (0, logger_1.get)("commands.handler.authentication.oauth.tokenProvider.utils.refreshToken");
const refreshToken = async (forceRefresh = false) => {
    const logger = getLogger();
    const secrets = await SecretsStorageSingleton_1.SecretsStorageSingleton.SINGLETON.getDefaultSecret();
    if ((!forceRefresh && !secrets.expires_after) ||
        (secrets.authorization_flow === types_1.GrantType.authorization_code &&
            !secrets.refresh_token)) {
        (0, utils_2.logVerbose)(logger, "Access token cannot be refreshed. Is the refresh token available?");
        throw new Error("invalid secrets information");
    }
    logger.info("checking token expiry date");
    if (forceRefresh || (0, utils_1.isExpired)(secrets.expires_after)) {
        logger.debug("access token is expired, refreshing token");
        if (secrets.authorization_flow === types_1.GrantType.client_credentials) {
            await (0, utils_1.readToken)({ grant_type: secrets.authorization_flow });
        }
        else {
            await (0, utils_1.readToken)({
                refresh_token: secrets.refresh_token,
                grant_type: types_1.GrantType.refresh_token,
            });
        }
        await (0, setAuthorization_1.updateAuthorization)();
    }
    else {
        logger.debug("access token is not expired");
    }
};
exports.refreshToken = refreshToken;
const retrieveCode = async () => new Promise((resolve, reject) => {
    void (async () => {
        const { debug, error, output } = getLogger();
        try {
            const secrets = await SecretsStorageSingleton_1.SecretsStorageSingleton.SINGLETON.getDefaultSecret();
            const defaultPort = secrets.customClient ? "8080" : "65000";
            const PORT = parseInt(process.env.CLI_HTTP_PORT ?? defaultPort, 10);
            let timeout;
            const server = (0, http_1.createServer)((req, res) => {
                void (async () => {
                    clearTimeout(timeout);
                    const code = new URL(req.url
                        ? `http://localhost:${PORT}${req.url}`
                        : "http://no-code.damn").searchParams.get("code");
                    let file;
                    try {
                        file = await (0, fs_extra_1.readFile)(code ? constants_1.PATH_TO_SUCCESS_HTML : constants_1.PATH_TO_ERROR_HTML, "utf8");
                    }
                    catch (err) {
                        debug("failed to read file for code", code, err);
                        file =
                            "<html><body>Ops, something went wrong! Please try again.</body></html>";
                    }
                    res.writeHead(200, {
                        "Content-Type": "text/html",
                        "Content-Security-Policy": "frame-ancestors 'none'",
                        "X-Frame-Options": "DENY",
                    });
                    res.end(file, "utf8");
                    server.close();
                    if (code) {
                        debug(`code received: ${code}`);
                        resolve(code);
                    }
                    else {
                        const message = "no code found in callback URI";
                        error(message);
                        reject(new Error(message));
                    }
                })();
            });
            timeout = setTimeout(() => {
                server.close();
                const message = `Did not receive a code within 30 seconds. Did you maintain the redirect URI for the OAuth client as http://localhost:${PORT} in SAP Datasphere?`;
                output(message);
                reject(new Error(message));
            }, 30 * 1000);
            server.listen(PORT);
            debug(`started http server at localhost:${PORT}`);
        }
        catch (err) {
            error("failed to instantiate server", err);
            reject(new Error("failed to instantiate server", { cause: err }));
        }
    })();
});
exports.retrieveCode = retrieveCode;
const getCode = async (authorizeUrl, clientId) => {
    const { debug } = getLogger();
    try {
        return (0, options_1.getOptionValueFromConfig)(constants_1.OPTION_CODE);
    }
    catch (err) {
        debug("failed to retrieve code from options", err);
        const code = (0, exports.retrieveCode)();
        void (0, openUtils_1.openUrlInBrowser)(authorizeUrl, {
            response_type: "code",
            client_id: clientId,
        });
        return code;
    }
};
exports.getCode = getCode;