Skip to content

Commit

Permalink
checking for identity mapping with an aud field as a list with severa…
Browse files Browse the repository at this point in the history 
…l values
  • Loading branch information
@eranturgeman
eranturgeman committed Jan 4, 2024
1 parent 00d094e commit bf4587a
Show file tree
Hide file tree
Showing 5 changed files with 76 additions and 33 deletions.
1 change: 1 addition & 0 deletions lib/main.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ function main() {
core.startGroup('Setup JFrog CLI');
utils_1.Utils.setCliEnv();
let jfrogCredentials = yield utils_1.Utils.getJfrogCredentials();
console.log(`ERAN CHECK: access token: ${jfrogCredentials.accessToken}`);
yield utils_1.Utils.getAndAddCliToPath(jfrogCredentials);
yield utils_1.Utils.configJFrogServers(jfrogCredentials);
}
Expand Down
39 changes: 25 additions & 14 deletions lib/utils.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,20 +50,9 @@ class Utils {
*/
static getJfrogCredentials() {
return __awaiter(this, void 0, void 0, function* () {
let jfrogCredentials = {};
if (!process.env.JF_URL) {
return jfrogCredentials;
}
jfrogCredentials.jfrogUrl = process.env.JF_URL;
console.log("Searching for JF_ACCESS_TOKEN and JF_USER + JF_PASSWORD");
if (process.env.JF_ACCESS_TOKEN) {
console.log("JF_ACCESS_TOKEN found");
jfrogCredentials.accessToken = process.env.JF_ACCESS_TOKEN;
}
if (process.env.JF_USER && process.env.JF_PASSWORD) {
console.log("JF_USER and JF_PASSWORD found");
jfrogCredentials.username = process.env.JF_USER;
jfrogCredentials.password = process.env.JF_PASSWORD;
let jfrogCredentials = this.collectJfrogCredentialsFromEnvVars();
if (!jfrogCredentials.jfrogUrl) {
throw new Error("JF_URL is required but doesn't exist");
}
if (jfrogCredentials.accessToken || (jfrogCredentials.username && jfrogCredentials.password)) {
return jfrogCredentials;
Expand All @@ -87,6 +76,28 @@ class Utils {
}
});
}
/**
* Collects JFrog's credentials from environment variable and return them in a JfrogCredentials struct
* @private
*/
static collectJfrogCredentialsFromEnvVars() {
let jfrogCredentials = {};
if (!process.env.JF_URL) {
return jfrogCredentials;
}
jfrogCredentials.jfrogUrl = process.env.JF_URL;
console.log("Searching for JF_ACCESS_TOKEN and JF_USER + JF_PASSWORD");
if (process.env.JF_ACCESS_TOKEN) {
console.log("JF_ACCESS_TOKEN found");
jfrogCredentials.accessToken = process.env.JF_ACCESS_TOKEN;
}
if (process.env.JF_USER && process.env.JF_PASSWORD) {
console.log("JF_USER and JF_PASSWORD found");
jfrogCredentials.username = process.env.JF_USER;
jfrogCredentials.password = process.env.JF_PASSWORD;
}
return jfrogCredentials;
}
/**
* Exchanges JWT with a valid access token
* @param jfrogCredentials existing JFrog credentials - url, access token, username + password
Expand Down
1 change: 1 addition & 0 deletions src/main.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ async function main() {
core.startGroup('Setup JFrog CLI');
Utils.setCliEnv();
let jfrogCredentials :JfrogCredentials = await Utils.getJfrogCredentials()
console.log(`ERAN CHECK: access token: ${jfrogCredentials.accessToken}`)
await Utils.getAndAddCliToPath(jfrogCredentials);
await Utils.configJFrogServers(jfrogCredentials);
} catch (error) {
Expand Down
44 changes: 28 additions & 16 deletions src/utils.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,22 +50,9 @@ export class Utils {
* OpenID Connect mechanism
*/
public static async getJfrogCredentials(): Promise<JfrogCredentials> {
let jfrogCredentials : JfrogCredentials = {} as JfrogCredentials;
if(!process.env.JF_URL) {
return jfrogCredentials;
}
jfrogCredentials.jfrogUrl = process.env.JF_URL;

console.log("Searching for JF_ACCESS_TOKEN and JF_USER + JF_PASSWORD")
if (process.env.JF_ACCESS_TOKEN) {
console.log("JF_ACCESS_TOKEN found")
jfrogCredentials.accessToken = process.env.JF_ACCESS_TOKEN
}

if (process.env.JF_USER && process.env.JF_PASSWORD) {
console.log("JF_USER and JF_PASSWORD found")
jfrogCredentials.username = process.env.JF_USER;
jfrogCredentials.password = process.env.JF_PASSWORD;
let jfrogCredentials : JfrogCredentials = this.collectJfrogCredentialsFromEnvVars();
if (!jfrogCredentials.jfrogUrl) {
throw new Error("JF_URL is required but doesn't exist")
}

if (jfrogCredentials.accessToken || (jfrogCredentials.username && jfrogCredentials.password)) {
Expand All @@ -90,6 +77,31 @@ export class Utils {
}
}

/**
* Collects JFrog's credentials from environment variable and return them in a JfrogCredentials struct
* @private
*/
public static collectJfrogCredentialsFromEnvVars(): JfrogCredentials {
let jfrogCredentials : JfrogCredentials = {} as JfrogCredentials;
if(!process.env.JF_URL) {
return jfrogCredentials;
}
jfrogCredentials.jfrogUrl = process.env.JF_URL;

console.log("Searching for JF_ACCESS_TOKEN and JF_USER + JF_PASSWORD")
if (process.env.JF_ACCESS_TOKEN) {
console.log("JF_ACCESS_TOKEN found")
jfrogCredentials.accessToken = process.env.JF_ACCESS_TOKEN
}

if (process.env.JF_USER && process.env.JF_PASSWORD) {
console.log("JF_USER and JF_PASSWORD found")
jfrogCredentials.username = process.env.JF_USER;
jfrogCredentials.password = process.env.JF_PASSWORD;
}
return jfrogCredentials
}

/**
* Exchanges JWT with a valid access token
* @param jfrogCredentials existing JFrog credentials - url, access token, username + password
Expand Down
24 changes: 21 additions & 3 deletions test/main.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,11 +73,29 @@ test('Get legacy Config Tokens', async () => {
expect(Utils.getConfigTokens()).toStrictEqual(new Set(['DUMMY_CONFIG_TOKEN_1', 'DUMMY_CONFIG_TOKEN_2', 'DUMMY_CONFIG_TOKEN_3']));
});

test("Get JFrog access token", async () => {
test("Collect JFrog Credentials from env vars", async () => {
process.env['JF_URL'] = '';
let jfrogCredentials: JfrogCredentials = await Utils.getJfrogCredentials();
let jfrogCredentials: JfrogCredentials = Utils.collectJfrogCredentialsFromEnvVars();
expect(jfrogCredentials.jfrogUrl).toEqual(undefined);
expect(jfrogCredentials.username).toEqual(undefined);
expect(jfrogCredentials.password).toEqual(undefined);
expect(jfrogCredentials.accessToken).toEqual(undefined);
// TODO how do I test the working use case where the returned value is a secret and cannot be exposed in the tests code?

process.env['JF_URL'] = "https://my-server.io";
process.env['JF_ACCESS_TOKEN'] = "my-access-token";
jfrogCredentials = Utils.collectJfrogCredentialsFromEnvVars();
expect(jfrogCredentials.jfrogUrl).toEqual("https://my-server.io");
expect(jfrogCredentials.username).toEqual(undefined);
expect(jfrogCredentials.password).toEqual(undefined);
expect(jfrogCredentials.accessToken).toEqual("my-access-token");

process.env['JF_USER'] = "user";
process.env['JF_PASSWORD'] = "password";
jfrogCredentials = Utils.collectJfrogCredentialsFromEnvVars();
expect(jfrogCredentials.jfrogUrl).toEqual("https://my-server.io");
expect(jfrogCredentials.username).toEqual("user");
expect(jfrogCredentials.password).toEqual("password");
expect(jfrogCredentials.accessToken).toEqual("my-access-token");
});

//TODO add tests to the REST function that gets the access token ??
Expand Down

0 comments on commit bf4587a

Please sign in to comment.