esa-cli
Version:
A CLI for operating Alibaba Cloud ESA Functions and Pages.
221 lines (220 loc) • 10.3 kB
JavaScript
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
import { isCancel, select as clackSelect, text as clackText } from '@clack/prompts';
import chalk from 'chalk';
import t from '../../i18n/index.js';
import logger from '../../libs/logger.js';
import { getCliConfig, updateCliConfigFile, generateDefaultConfig } from '../../utils/fileUtils/index.js';
import { validateCredentials } from '../../utils/validateCredentials.js';
/** Parse STS token string: "AccessKeyId,AccessKeySecret,SecurityToken" or JSON */
function parseStsToken(raw) {
var _a, _b, _c;
const s = raw.trim();
if (!s)
return null;
if (s.startsWith('{')) {
try {
const o = JSON.parse(s);
const accessKeyId = (_a = o.AccessKeyId) !== null && _a !== void 0 ? _a : o.accessKeyId;
const accessKeySecret = (_b = o.AccessKeySecret) !== null && _b !== void 0 ? _b : o.accessKeySecret;
const securityToken = (_c = o.SecurityToken) !== null && _c !== void 0 ? _c : o.securityToken;
if (accessKeyId && accessKeySecret && securityToken) {
return { accessKeyId, accessKeySecret, securityToken };
}
}
catch (_d) {
return null;
}
return null;
}
const parts = s.split(',').map((p) => p.trim());
if (parts.length >= 3) {
return {
accessKeyId: parts[0],
accessKeySecret: parts[1],
securityToken: parts.slice(2).join(',').trim()
};
}
return null;
}
const login = {
command: 'login',
describe: `🔑 ${t('login_describe').d('Login to the server')}`,
builder: (yargs) => {
var _a, _b, _c;
return yargs
.option('access-key-id', {
alias: 'ak',
describe: (_a = t('login_option_access_key_id')) === null || _a === void 0 ? void 0 : _a.d('AccessKey ID'),
type: 'string'
})
.option('access-key-secret', {
alias: 'sk',
describe: (_b = t('login_option_access_key_secret')) === null || _b === void 0 ? void 0 : _b.d('AccessKey Secret'),
type: 'string'
})
.option('sts-token', {
describe: (_c = t('login_option_sts_token')) === null || _c === void 0 ? void 0 : _c.d('STS token: AccessKeyId,AccessKeySecret,SecurityToken (comma-separated, one-shot)'),
type: 'string'
});
},
handler: (argv) => __awaiter(void 0, void 0, void 0, function* () {
handleLogin(argv);
})
};
export default login;
export function handleLogin(argv) {
return __awaiter(this, void 0, void 0, function* () {
generateDefaultConfig();
const envSecurityToken = process.env.ESA_SECURITY_TOKEN;
if (process.env.ESA_ACCESS_KEY_ID &&
process.env.ESA_ACCESS_KEY_SECRET) {
const result = yield validateCredentials(process.env.ESA_ACCESS_KEY_ID, process.env.ESA_ACCESS_KEY_SECRET, envSecurityToken);
if (result.valid) {
logger.log(t('login_get_credentials_from_environment_variables').d('Get credentials from environment variables'));
logger.success(t('login_success').d('Login success!'));
}
else {
logger.error(result.message || 'Login failed');
}
return;
}
const stsTokenRaw = argv === null || argv === void 0 ? void 0 : argv['sts-token'];
if (stsTokenRaw) {
const parsed = parseStsToken(stsTokenRaw);
if (!parsed) {
logger.error(t('login_sts_token_format_invalid').d('Invalid STS token format. Use: AccessKeyId,AccessKeySecret,SecurityToken'));
return;
}
const result = yield validateCredentials(parsed.accessKeyId, parsed.accessKeySecret, parsed.securityToken);
if (result.valid) {
logger.success(t('login_success').d('Login success!'));
updateCliConfigFile(Object.assign({ auth: {
accessKeyId: parsed.accessKeyId,
accessKeySecret: parsed.accessKeySecret,
securityToken: parsed.securityToken
} }, (result.endpoint ? { endpoint: result.endpoint } : {})));
}
else {
logger.error(result.message || 'Login failed');
}
return;
}
const accessKeyId = argv === null || argv === void 0 ? void 0 : argv['access-key-id'];
const accessKeySecret = argv === null || argv === void 0 ? void 0 : argv['access-key-secret'];
if (accessKeyId && accessKeySecret) {
const result = yield validateCredentials(accessKeyId, accessKeySecret);
if (result.valid) {
logger.success(t('login_success').d('Login success!'));
updateCliConfigFile(Object.assign({ auth: {
accessKeyId,
accessKeySecret
} }, (result.endpoint ? { endpoint: result.endpoint } : {})));
}
else {
logger.error(result.message || 'Login failed');
}
return;
}
// interactive login
const cliConfig = getCliConfig();
if (!cliConfig)
return;
if (cliConfig &&
cliConfig.auth &&
cliConfig.auth.accessKeyId &&
cliConfig.auth.accessKeySecret) {
const loginStatus = yield validateCredentials(cliConfig.auth.accessKeyId, cliConfig.auth.accessKeySecret, cliConfig.auth.securityToken);
if (loginStatus.valid) {
logger.warn(t('login_already').d('You are already logged in.'));
const selected = (yield clackSelect({
message: t('login_existing_credentials_message').d('Existing credentials found. What do you want to do?'),
options: [
{
label: t('login_existing_credentials_action_overwrite').d('Overwrite existing credentials'),
value: 'overwrite'
},
{ label: t('common_exit').d('Exit'), value: 'exit' }
]
}));
if (isCancel(selected) || selected === 'exit') {
return;
}
}
else {
logger.error(t('pre_login_failed').d('The previously entered Access Key ID (AK) and Secret Access Key (SK) are incorrect. Please enter them again.'));
}
}
yield interactiveLogin();
});
}
export function interactiveLogin() {
return __awaiter(this, void 0, void 0, function* () {
const loginMethod = (yield clackSelect({
message: t('login_method_select').d('Choose login method'),
options: [
{
label: t('login_method_aksk').d('AK/SK (AccessKey ID + AccessKey Secret)'),
value: 'aksk'
},
{
label: t('login_method_sts').d('STS Token (one-shot: AccessKeyId,AccessKeySecret,SecurityToken)'),
value: 'sts'
}
]
}));
if (isCancel(loginMethod)) {
return;
}
if (loginMethod === 'sts') {
const stsInput = (yield clackText({
message: t('login_sts_token_prompt').d('Enter STS token (AccessKeyId,AccessKeySecret,SecurityToken):')
}));
if (isCancel(stsInput))
return;
const parsed = parseStsToken(stsInput);
if (!parsed) {
logger.error(t('login_sts_token_format_invalid').d('Invalid STS token format. Use: AccessKeyId,AccessKeySecret,SecurityToken'));
return;
}
const loginStatus = yield validateCredentials(parsed.accessKeyId, parsed.accessKeySecret, parsed.securityToken);
if (loginStatus.valid) {
yield updateCliConfigFile(Object.assign({ auth: {
accessKeyId: parsed.accessKeyId,
accessKeySecret: parsed.accessKeySecret,
securityToken: parsed.securityToken
} }, (loginStatus.endpoint ? { endpoint: loginStatus.endpoint } : {})));
logger.success(t('login_success').d('Login success!'));
}
else {
logger.error(loginStatus.message || 'Login failed');
}
return;
}
const styledUrl = chalk.underline.blue('https://ram.console.aliyun.com/manage/ak');
logger.log(`🔑 ${chalk.underline(t('login_get_ak_sk').d(`Please go to the following link to get your account's AccessKey ID and AccessKey Secret`))}`);
logger.log(`👉 ${styledUrl}`);
const accessKeyId = (yield clackText({ message: 'AccessKey ID:' }));
const accessKeySecret = (yield clackText({
message: 'AccessKey Secret:'
}));
const loginStatus = yield validateCredentials(accessKeyId, accessKeySecret);
if (loginStatus.valid) {
yield updateCliConfigFile(Object.assign({ auth: {
accessKeyId,
accessKeySecret
} }, (loginStatus.endpoint ? { endpoint: loginStatus.endpoint } : {})));
logger.success(t('login_success').d('Login success!'));
}
else {
logger.error(loginStatus.message || 'Login failed');
}
});
}