@zowe/imperative/lib/imperative/src/OverridesLoader.js

framework for building configurable CLIs

"use strict";
/*
* This program and the accompanying materials are made available under the terms of the
* Eclipse Public License v2.0 which accompanies this distribution, and is available at
* https://www.eclipse.org/legal/epl-v20.html
*
* SPDX-License-Identifier: EPL-2.0
*
* Copyright Contributors to the Zowe Project.
*
*/
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.OverridesLoader = void 0;
const security_1 = require("../../security");
const path_1 = require("path");
const settings_1 = require("../../settings");
const utilities_1 = require("../../utilities");
const logger_1 = require("../../logger");
/**
 * Imperative-internal class to load overrides
 * You should not need to call this from your CLI.
 */
class OverridesLoader {
    /**
     * Apply overrides to all applicable facilities and use our defaults where
     * an override is not provided.
     *
     * @param {IImperativeConfig} config - the current {@link Imperative#loadedConfig}
     * @param {any} packageJson - the current package.json
     */
    static load(config, packageJson) {
        return __awaiter(this, void 0, void 0, function* () {
            var _a;
            // Initialize the Credential Manager
            yield this.loadCredentialManager(config, packageJson, (_a = utilities_1.ImperativeConfig.instance.config) === null || _a === void 0 ? void 0 : _a.exists);
        });
    }
    /**
     * Ensure the Credential Manager is initialized for team config.
     */
    static ensureCredentialManagerLoaded() {
        return __awaiter(this, void 0, void 0, function* () {
            if (security_1.CredentialManagerFactory.initialized)
                return;
            yield this.loadCredentialManager(utilities_1.ImperativeConfig.instance.loadedConfig, utilities_1.ImperativeConfig.instance.callerPackageJson, true);
        });
    }
    /**
     * Initialize the Credential Manager using the supplied override when provided.
     *
     * @param {IImperativeConfig} config - the current {@link Imperative#loadedConfig}
     * @param {any} packageJson - the current package.json
     * @param {boolean} useTeamConfig - specify True if team config is active
     */
    static loadCredentialManager(config, packageJson, useTeamConfig) {
        return __awaiter(this, void 0, void 0, function* () {
            var _a;
            const overrides = config.overrides;
            // The manager display name used to populate the "managed by" fields in profiles
            const displayName = overrides.CredentialManager != null
                && settings_1.AppSettings.initialized
                && settings_1.AppSettings.instance.getNamespace("overrides") != null
                && settings_1.AppSettings.instance.get("overrides", "CredentialManager") != null
                && settings_1.AppSettings.instance.get("overrides", "CredentialManager") !== false
                ?
                    // App settings is configured - use the plugin name for the manager name
                    settings_1.AppSettings.instance.get("overrides", "CredentialManager")
                :
                    // App settings is not configured - use the CLI display name OR the package name as the manager name
                    config.productDisplayName || config.name;
            // Initialize the credential manager if an override was supplied and/or keytar was supplied in package.json
            if (overrides.CredentialManager != null || this.shouldUseKeytar(packageJson, useTeamConfig)) {
                let Manager = overrides.CredentialManager;
                if (typeof overrides.CredentialManager === "string" && !(0, path_1.isAbsolute)(overrides.CredentialManager)) {
                    const resolvePath = (_a = utilities_1.ImperativeConfig.instance.callerLocation) !== null && _a !== void 0 ? _a : require.main.filename;
                    Manager = (0, path_1.resolve)(resolvePath, "../", overrides.CredentialManager);
                }
                yield security_1.CredentialManagerFactory.initialize({
                    // Init the manager with the override specified OR (if null) default to keytar
                    Manager,
                    // The display name will be the plugin name that introduced the override OR it will default to the CLI name
                    displayName,
                    // The service is always the CLI name (Keytar and other plugins can use this to uniquely identify the service)
                    service: config.name === this.ZOWE_CLI_PACKAGE_NAME ? security_1.DefaultCredentialManager.SVC_NAME : config.name,
                    // If the default is to be used, we won't implant the invalid credential manager
                    invalidOnFailure: !(Manager == null)
                });
            }
            yield OverridesLoader.loadSecureConfig();
        });
    }
    /**
     * Check if the DefaultCredentialManager which uses keytar should be enabled.
     * We require that keytar is listed as a dependency in package.json, and one of the following is true:
     *  1. AppSettings are not initialized (SDK usage)
     *  2. Team config is active (CLI with v2 profiles)
     *  3. CredentialManager override is host package name (CLI with v1 profiles)
     * @param packageJson The current package.json of the CLI package
     * @param useTeamConfig Specify True if team config is active
     * @returns True if DefaultCredentialManager should be used
     */
    static shouldUseKeytar(packageJson, useTeamConfig) {
        var _a, _b, _c;
        const deps = (_a = packageJson.dependencies) !== null && _a !== void 0 ? _a : {};
        const optionalDeps = (_b = packageJson.optionalDependencies) !== null && _b !== void 0 ? _b : {};
        return ("@zowe/secrets-for-zowe-sdk" in deps || "@zowe/secrets-for-zowe-sdk" in optionalDeps) &&
            (!settings_1.AppSettings.initialized || useTeamConfig || ((_c = settings_1.AppSettings.instance.getNamespace("overrides")) === null || _c === void 0 ? void 0 : _c.CredentialManager) === packageJson.name);
    }
    /**
     * After the plugins and secure credentials are loaded, rebuild the configuration with the
     * secure values
     */
    static loadSecureConfig() {
        return __awaiter(this, void 0, void 0, function* () {
            if (!security_1.CredentialManagerFactory.initialized)
                return;
            const vault = {
                load: (key) => {
                    return security_1.CredentialManagerFactory.manager.load(key, true);
                },
                save: (key, value) => {
                    return security_1.CredentialManagerFactory.manager.save(key, value);
                }
            };
            try {
                yield utilities_1.ImperativeConfig.instance.config.api.secure.load(vault);
            }
            catch (err) {
                // Secure vault is optional since we can prompt for values instead
                logger_1.Logger.getImperativeLogger().warn(`Secure vault not enabled. Reason: ${err.message}`);
            }
        });
    }
}
exports.OverridesLoader = OverridesLoader;
OverridesLoader.ZOWE_CLI_PACKAGE_NAME = "@zowe/cli";
//# sourceMappingURL=OverridesLoader.js.map