@sap/cli-core/cache/secrets/utils.js

Command-Line Interface (CLI) Core Module

import { get } from "../../config/index.js";
import { OPTION_HOST } from "../../constants.js";
import { GrantType } from "../../types.js";
import { fetch } from "../../utils/http/index.js";
import { isValidURL, removeQueryParametersFromUrl } from "../../utils/utils.js";
// Pre-delivered OAuth Client ID: 5a638330-5899-366e-ac00-ab62cc32dcda
// Custom OAuth Client ID: sb-00bb7bc2-cc32-423c-921c-2abdee11a29d!b49931|client!b3650
export const isCustomClient = (clientId) => clientId ? clientId.startsWith("sb-") : true;
export const getTenantUrl = () => {
    const config = get();
    const tenantUrl = config.tenantUrl ?? config.options[OPTION_HOST.longName];
    if (!tenantUrl) {
        throw new Error("no tenant url found");
    }
    return tenantUrl;
};
export async function updateUrls(secret) {
    if (secret.client_id) {
        const config = get();
        let oauth = {};
        if (!secret.customClient &&
            (!secret.authorization_url || !secret.token_url)) {
            oauth = (await fetch({
                method: "GET",
                url: `${config.tenantUrl}/oauth`,
            })).data;
        }
        let authorizationUrl = secret.authorization_url;
        if (!authorizationUrl) {
            if (!secret.customClient) {
                authorizationUrl = oauth.authorizationUrl;
            }
            else {
                authorizationUrl = config.authorizationUrl;
            }
        }
        let tokenUrl = secret.token_url;
        if (!tokenUrl) {
            if (!secret.customClient) {
                tokenUrl = oauth.tokenUrl;
            }
            else {
                tokenUrl = config.tokenUrl;
            }
        }
        if (!tokenUrl || !authorizationUrl) {
            throw new Error("invalid token url or authorization url");
        }
        // eslint-disable-next-line no-param-reassign
        secret.authorization_url = removeQueryParametersFromUrl(authorizationUrl);
        // eslint-disable-next-line no-param-reassign
        secret.token_url = removeQueryParametersFromUrl(tokenUrl);
    }
    return secret;
}
export function isSecretConsistent(secret) {
    const errors = [];
    if (!(isValidURL(secret.tenantUrl) ||
        ((secret.authorization_flow !== GrantType.authorization_code ||
            isValidURL(secret.authorization_url)) &&
            isValidURL(secret.token_url)))) {
        errors.push("the secrets file is missing either property tenantUrl or properties authorization_url and token_url" +
            " or the URLs are not valid");
    }
    if (!(secret.access_token ||
        ((secret.authorization_flow !== GrantType.authorization_code ||
            secret.refresh_token) &&
            secret.client_id &&
            secret.client_secret))) {
        errors.push("the secrets file is missing either property access_token or properties refresh_token, " +
            "client_id and client_secret");
    }
    if (errors.length > 0) {
        return { consistent: false, errors };
    }
    return { consistent: true };
}