@zowe/imperative
Version:
framework for building configurable CLIs
154 lines • 6.95 kB
JavaScript
;
/*
* This program and the accompanying materials are made available under the terms of the
* Eclipse Public License v2.0 which accompanies this distribution, and is available at
* https://www.eclipse.org/legal/epl-v20.html
*
* SPDX-License-Identifier: EPL-2.0
*
* Copyright Contributors to the Zowe Project.
*
*/
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.ProfileCredentials = void 0;
const fs = require("fs");
const path = require("path");
const error_1 = require("../../error");
const security_1 = require("../../security");
const utilities_1 = require("../../utilities");
class ProfileCredentials {
constructor(mProfileInfo, opts) {
this.mProfileInfo = mProfileInfo;
if (typeof opts === "function") {
this.mCredMgrOverride = ProfileCredentials.defaultCredMgrWithKeytar(opts);
this.mOnlyCheckActiveLayer = false;
}
else {
this.mCredMgrOverride = opts === null || opts === void 0 ? void 0 : opts.credMgrOverride;
this.mOnlyCheckActiveLayer = opts === null || opts === void 0 ? void 0 : opts.onlyCheckActiveLayer;
}
}
/**
* Given a custom method to require Keytar, return an object that defines
* credential manager settings to replace the default credential manager.
* If the credential manager is not overridden, the default implementation
* is to `require("keytar")` from the caller app's node_modules folder.
* @param requireKeytar Callback to require Keytar module for managing secure credentials
* @returns Credential manager settings with Keytar module overridden
*/
static defaultCredMgrWithKeytar(requireKeytar) {
return {
service: null,
Manager: class extends security_1.DefaultCredentialManager {
initialize() {
return __awaiter(this, void 0, void 0, function* () {
try {
this.keytar = requireKeytar();
}
catch (error) {
throw new error_1.ImperativeError({
msg: `Failed to load Keytar module: ${error.message}`,
causeErrors: error
});
}
});
}
}
};
}
/**
* Check if secure credentials will be encrypted or stored in plain text.
* This will return true if the team configuration files contain secure
* fields, or if a custom CredentialManager is defined in the Imperative
* settings.json file.
*/
get isSecured() {
this.mSecured = this.isTeamConfigSecure() || this.isCredentialManagerInAppSettings();
return this.mSecured;
}
/**
* Initialize credential manager to be used for secure credential storage.
* This method throws if ProfileCredentials.isSecured is false. If the
* CredentialManagerFactory is already initialized, it is reused since it
* is not possible to reinitialize.
*/
loadManager() {
return __awaiter(this, void 0, void 0, function* () {
var _a;
if (!((_a = this.mSecured) !== null && _a !== void 0 ? _a : this.isSecured)) {
throw new error_1.ImperativeError({ msg: "Secure credential storage is not enabled" });
}
yield this.activateCredMgrOverride();
yield this.mProfileInfo.getTeamConfig().api.secure.load({
load: (key) => {
return security_1.CredentialManagerFactory.manager.load(key, true);
},
save: (key, value) => {
return security_1.CredentialManagerFactory.manager.save(key, value);
}
});
});
}
/**
* Attempt to initialize `CredentialManagerFactory` with the specified override.
* @internal
*/
activateCredMgrOverride() {
return __awaiter(this, void 0, void 0, function* () {
if (!security_1.CredentialManagerFactory.initialized) {
try {
// TODO? Make CredentialManagerFactory.initialize params optional
// see https://github.com/zowe/imperative/issues/545
yield security_1.CredentialManagerFactory.initialize(Object.assign({ service: null }, this.mCredMgrOverride || {}));
}
catch (error) {
throw error instanceof error_1.ImperativeError ? error : new error_1.ImperativeError({
msg: `Failed to load CredentialManager class: ${error.message}`,
causeErrors: error
});
}
}
});
}
/**
* Check whether a teamConfig is secure or not
* @returns False if not using teamConfig or there are no secure fields
*/
isTeamConfigSecure() {
return this.mProfileInfo.getTeamConfig().api.secure.secureFields(!this.mOnlyCheckActiveLayer).length > 0;
}
/**
* Check whether a custom CredentialManager is defined in the Imperative
* settings.json file.
* @internal
*/
isCredentialManagerInAppSettings() {
try {
const fileName = path.join(utilities_1.ImperativeConfig.instance.cliHome, "settings", "imperative.json");
let settings;
if (fs.existsSync(fileName)) {
settings = JSON.parse(fs.readFileSync(fileName, "utf-8"));
}
const value1 = settings === null || settings === void 0 ? void 0 : settings.overrides.CredentialManager;
const value2 = settings === null || settings === void 0 ? void 0 : settings.overrides["credential-manager"];
return typeof value1 === "string" && value1.length > 0 || typeof value2 === "string" && value2.length > 0;
}
catch (error) {
throw new error_1.ImperativeError({
msg: "Unable to read Imperative settings file",
causeErrors: error
});
}
}
}
exports.ProfileCredentials = ProfileCredentials;
//# sourceMappingURL=ProfileCredentials.js.map