1
0
Fork 0

oidc client changes

pull/867/head
Sourav Chanduka 2021-07-20 08:58:34 +05:30
parent 1322acbcca
commit f7330892f1
13 changed files with 15328 additions and 1298 deletions

View File

@ -1,20 +1,20 @@
import * as get from '../src/main' import {getIDTokenUrl} from './../src/internal/config-variables'
import {HttpClient} from '@actions/http-client' import {HttpClient} from '@actions/http-client'
test('Get httpclient', () => { test('Get httpclient', () => {
let http: HttpClient = new HttpClient('actions/oidc-client') const http = new HttpClient('actions/oidc-client')
expect(http).toBeDefined() expect(http).toBeDefined()
}) })
test('HTTP get request to get token endpoint', async () => { test('HTTP get request to get token endpoint', async () => {
let http: HttpClient = new HttpClient('actions/oidc-client') const http = new HttpClient('actions/oidc-client')
let res = await http.get( const res = await http.get(
'https://ghactionsoidc.azurewebsites.net/.well-known/openid-configuration' 'https://ghactionsoidc.azurewebsites.net/.well-known/openid-configuration'
) )
expect(res.message.statusCode).toBe(200) expect(res.message.statusCode).toBe(200)
}) })
test('Get token endpoint', async () => { test('Get token endpoint', async () => {
let url: string = await get.getTokenEndPoint() let url; url = getIDTokenUrl()
expect(url).toBeDefined() expect(url).toBeDefined()
}) })

1718
packages/oidc-client/dist/index.js vendored Normal file

File diff suppressed because it is too large Load Diff

File diff suppressed because one or more lines are too long

60
packages/oidc-client/dist/licenses.txt vendored Normal file
View File

@ -0,0 +1,60 @@
@actions/core
MIT
The MIT License (MIT)
Copyright 2019 GitHub
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@actions/http-client
MIT
Actions Http Client for Node.js
Copyright (c) GitHub, Inc.
All rights reserved.
MIT License
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
associated documentation files (the "Software"), to deal in the Software without restriction,
including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
tunnel
MIT
The MIT License (MIT)
Copyright (c) 2012 Koichi Kobayashi
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,5 +1,5 @@
{ {
"name": "@dwivedine/oidc-client", "name": "@souravchanduka/oidc-client",
"version": "1.0.9", "version": "1.0.9",
"description": "To get id token from oidc provider", "description": "To get id token from oidc provider",
"main": "lib/main.js", "main": "lib/main.js",
@ -10,18 +10,24 @@
"format-check": "prettier --check **/*.ts", "format-check": "prettier --check **/*.ts",
"package": "ncc build --source-map --license licenses.txt", "package": "ncc build --source-map --license licenses.txt",
"test": "jest", "test": "jest",
"all": "npm run build && npm run format && npm run package && npm test" "all": "npm run build && npm run format && npm run package && npm test",
"tsc":"tsc",
"type": "module"
}, },
"repository": { "repository": {
"type": "git", "type": "git",
"url": "git+https://github.com/dwivedine/toolkit.git" "url": "git+https://github.com/souravchanduka/toolkit.git"
}, },
"keywords": [ "keywords": [
"actions", "actions",
"node", "node",
"setup" "setup"
], ],
"author": "Neha Dwivedi", "directories": {
"lib": "lib",
"test": "__tests__"
},
"author": "Sourav Chanduka",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@actions/core": "^1.2.6", "@actions/core": "^1.2.6",
@ -42,5 +48,9 @@
"prettier": "2.2.1", "prettier": "2.2.1",
"ts-jest": "^26.4.4", "ts-jest": "^26.4.4",
"typescript": "^4.1.3" "typescript": "^4.1.3"
} },
} "bugs": {
"url": "https://github.com/souravchanduka/toolkit/issues"
},
"homepage": "https://github.com/souravchanduka/toolkit#readme"
}

View File

@ -0,0 +1,27 @@
"use strict";
exports.__esModule = true;
exports.getIDTokenFromEnv = exports.getIDTokenUrl = exports.getRuntimeToken = void 0;
function getRuntimeToken() {
var token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Imlmb2lQTVA1ZlVaUFBkUnV4WXVPbklNUHVEcyJ9.eyJuYW1laWQiOiJkZGRkZGRkZC1kZGRkLWRkZGQtZGRkZC1kZGRkZGRkZGRkZGQiLCJzY3AiOiJBY3Rpb25zLkdlbmVyaWNSZWFkOjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCBBY3Rpb25zLlVwbG9hZEFydGlmYWN0czowMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAvMTpCdWlsZC9CdWlsZC8yIERpc3RyaWJ1dGVkVGFzay5HZW5lcmF0ZUlkVG9rZW46YzU3NjQ3Y2QtZGEyMy00YzkwLWEzNWEtY2QzMjhhZTc1ZTBlOmNhMzk1MDg1LTA0MGEtNTI2Yi0yY2U4LWJkYzg1ZjY5Mjc3NCBMb2NhdGlvblNlcnZpY2UuQ29ubmVjdCBSZWFkQW5kVXBkYXRlQnVpbGRCeVVyaTowMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAvMTpCdWlsZC9CdWlsZC8yIiwiSWRlbnRpdHlUeXBlQ2xhaW0iOiJTeXN0ZW06U2VydmljZUlkZW50aXR5IiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvc2lkIjoiREREREREREQtRERERC1ERERELUREREQtREREREREREREREREIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9wcmltYXJ5c2lkIjoiZGRkZGRkZGQtZGRkZC1kZGRkLWRkZGQtZGRkZGRkZGRkZGRkIiwiYXVpIjoiNjIyZTlkODgtY2Y4NS00NzdkLWE5ZGYtNzM5MWFiMjBhYjI4Iiwic2lkIjoiZmVjNzUzYzktNjAzZS00OGYzLWEwYmUtMzhhY2UyNGVlYTY5IiwiYWMiOiJbe1wiU2NvcGVcIjpcInJlZnMvaGVhZHMvbWFpblwiLFwiUGVybWlzc2lvblwiOjN9XSIsIm9pZGNfc3ViIjoiUmVwbzpnaXRodWIvc2RmZzpSZWY6cmVmcy9oZWFkcy9tYWluIiwib3JjaGlkIjoiYzU3NjQ3Y2QtZGEyMy00YzkwLWEzNWEtY2QzMjhhZTc1ZTBlLmJ1aWxkLl9fZGVmYXVsdCIsImlzcyI6InZzdG9rZW4uY29kZWRldi5tcyIsImF1ZCI6InZzdG9rZW4uY29kZWRldi5tc3x2c286MWFjZjY2YjQtZjhkOS00MmUwLWFmNWQtMThmNDE0ODhjNzFkIiwibmJmIjoxNjI2NjU1MDIxLCJleHAiOjE2MjY2Nzc4MjF9.Xwlp7EGXS-MhHwI93NCntEv7RBfMLNYInfbnjHTL5XdFPkSSLftlTbEIlrWz0PHguXRhw7W1WjzXVCOHMuRybeOce6p9U5Ap_JzxYE7NllEsT5KgeuUHAEnIVzgT474BoUEsI1NwFMzxx56f-68jgf088fJfbF9BRv609o0pnrYpHGs8g1lJoy1D0VRfOluxGhpbhrfFnNqbVJPTE4l1KyBvYjAfh5T9qBu1VFv7tR23siq0a1F4nPIVLh9Jd1g1YBIcFd7ejj_vEEyo2UGjXlNlc9pO9xrmjy_1wPggnX5OmndSPozK-oho1YCIuhL8TZomHeaX6qXeXcCakR_Lmw"; //process.env['ACTIONS_RUNTIME_TOKEN']
if (!token) {
throw new Error('Unable to get ACTIONS_RUNTIME_TOKEN env variable');
}
return token;
}
exports.getRuntimeToken = getRuntimeToken;
function getIDTokenUrl() {
var runtimeUrl = "https://neha.ngrok.io/5BIeW5yLeO4xcIjKhPUlNw8vNEKgp3rNJJO0ZaEk4usJseJjZ3/00000000-0000-0000-0000-000000000000/_apis/distributedtask/hubs/Actions/plans/c57647cd-da23-4c90-a35a-cd328ae75e0e/jobs/ca395085-040a-526b-2ce8-bdc85f692774/idtoken"; //process.env['ACTIONS_ID_TOKEN_REQUEST_URL']
if (!runtimeUrl) {
throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable');
}
return runtimeUrl;
}
exports.getIDTokenUrl = getIDTokenUrl;
function getIDTokenFromEnv() {
var tokenId = process.env['OIDC_TOKEN_ID']; //Need to check the exact env var name
if (!tokenId) {
return '';
}
return tokenId;
}
exports.getIDTokenFromEnv = getIDTokenFromEnv;

View File

@ -1,5 +1,5 @@
export function getRuntimeToken(): string { export function getRuntimeToken(): string {
const token = process.env['ACTIONS_RUNTIME_TOKEN'] const token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Imlmb2lQTVA1ZlVaUFBkUnV4WXVPbklNUHVEcyJ9.eyJuYW1laWQiOiJkZGRkZGRkZC1kZGRkLWRkZGQtZGRkZC1kZGRkZGRkZGRkZGQiLCJzY3AiOiJBY3Rpb25zLkdlbmVyaWNSZWFkOjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCBBY3Rpb25zLlVwbG9hZEFydGlmYWN0czowMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAvMTpCdWlsZC9CdWlsZC8yIERpc3RyaWJ1dGVkVGFzay5HZW5lcmF0ZUlkVG9rZW46YzU3NjQ3Y2QtZGEyMy00YzkwLWEzNWEtY2QzMjhhZTc1ZTBlOmNhMzk1MDg1LTA0MGEtNTI2Yi0yY2U4LWJkYzg1ZjY5Mjc3NCBMb2NhdGlvblNlcnZpY2UuQ29ubmVjdCBSZWFkQW5kVXBkYXRlQnVpbGRCeVVyaTowMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAvMTpCdWlsZC9CdWlsZC8yIiwiSWRlbnRpdHlUeXBlQ2xhaW0iOiJTeXN0ZW06U2VydmljZUlkZW50aXR5IiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvc2lkIjoiREREREREREQtRERERC1ERERELUREREQtREREREREREREREREIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy9wcmltYXJ5c2lkIjoiZGRkZGRkZGQtZGRkZC1kZGRkLWRkZGQtZGRkZGRkZGRkZGRkIiwiYXVpIjoiNjIyZTlkODgtY2Y4NS00NzdkLWE5ZGYtNzM5MWFiMjBhYjI4Iiwic2lkIjoiZmVjNzUzYzktNjAzZS00OGYzLWEwYmUtMzhhY2UyNGVlYTY5IiwiYWMiOiJbe1wiU2NvcGVcIjpcInJlZnMvaGVhZHMvbWFpblwiLFwiUGVybWlzc2lvblwiOjN9XSIsIm9pZGNfc3ViIjoiUmVwbzpnaXRodWIvc2RmZzpSZWY6cmVmcy9oZWFkcy9tYWluIiwib3JjaGlkIjoiYzU3NjQ3Y2QtZGEyMy00YzkwLWEzNWEtY2QzMjhhZTc1ZTBlLmJ1aWxkLl9fZGVmYXVsdCIsImlzcyI6InZzdG9rZW4uY29kZWRldi5tcyIsImF1ZCI6InZzdG9rZW4uY29kZWRldi5tc3x2c286MWFjZjY2YjQtZjhkOS00MmUwLWFmNWQtMThmNDE0ODhjNzFkIiwibmJmIjoxNjI2NjU1MDIxLCJleHAiOjE2MjY2Nzc4MjF9.Xwlp7EGXS-MhHwI93NCntEv7RBfMLNYInfbnjHTL5XdFPkSSLftlTbEIlrWz0PHguXRhw7W1WjzXVCOHMuRybeOce6p9U5Ap_JzxYE7NllEsT5KgeuUHAEnIVzgT474BoUEsI1NwFMzxx56f-68jgf088fJfbF9BRv609o0pnrYpHGs8g1lJoy1D0VRfOluxGhpbhrfFnNqbVJPTE4l1KyBvYjAfh5T9qBu1VFv7tR23siq0a1F4nPIVLh9Jd1g1YBIcFd7ejj_vEEyo2UGjXlNlc9pO9xrmjy_1wPggnX5OmndSPozK-oho1YCIuhL8TZomHeaX6qXeXcCakR_Lmw"//process.env['ACTIONS_RUNTIME_TOKEN']
if (!token) { if (!token) {
throw new Error('Unable to get ACTIONS_RUNTIME_TOKEN env variable') throw new Error('Unable to get ACTIONS_RUNTIME_TOKEN env variable')
} }
@ -7,7 +7,7 @@ export function getRuntimeToken(): string {
} }
export function getIDTokenUrl(): string { export function getIDTokenUrl(): string {
const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL'] const runtimeUrl = "https://neha.ngrok.io/5BIeW5yLeO4xcIjKhPUlNw8vNEKgp3rNJJO0ZaEk4usJseJjZ3/00000000-0000-0000-0000-000000000000/_apis/distributedtask/hubs/Actions/plans/c57647cd-da23-4c90-a35a-cd328ae75e0e/jobs/ca395085-040a-526b-2ce8-bdc85f692774/idtoken"//process.env['ACTIONS_ID_TOKEN_REQUEST_URL']
if (!runtimeUrl) { if (!runtimeUrl) {
throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable') throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable')
} }
@ -15,7 +15,9 @@ export function getIDTokenUrl(): string {
} }
export function getIDTokenFromEnv(): string { export function getIDTokenFromEnv(): string {
const tokenId = process.env['OIDC_TOKEN_ID'] //Need to check the exact env var name const tokenId = process.env['OIDC_TOKEN_ID'] //Need to check the exact env var name
if (!tokenId) {
return ''
}
return tokenId return tokenId
} }

View File

@ -0,0 +1,23 @@
"use strict";
exports.__esModule = true;
exports.getApiVersion = exports.createHttpClient = exports.isSuccessStatusCode = void 0;
var http_client_1 = require("@actions/http-client");
var auth_1 = require("@actions/http-client/auth");
var config_variables_1 = require("./config-variables");
function isSuccessStatusCode(statusCode) {
if (!statusCode) {
return false;
}
return statusCode >= 200 && statusCode < 300;
}
exports.isSuccessStatusCode = isSuccessStatusCode;
function createHttpClient() {
return new http_client_1.HttpClient('actions/oidc-client', [
new auth_1.BearerCredentialHandler(config_variables_1.getRuntimeToken())
]);
}
exports.createHttpClient = createHttpClient;
function getApiVersion() {
return '2.0';
}
exports.getApiVersion = getApiVersion;

View File

@ -1,29 +1,20 @@
import {debug, info, warning} from '@actions/core'
import {HttpClient} from '@actions/http-client' import {HttpClient} from '@actions/http-client'
import {BearerCredentialHandler} from '@actions/http-client/auth' import {BearerCredentialHandler} from '@actions/http-client/auth'
import {IHeaders, IHttpClientResponse} from '@actions/http-client/interfaces' import {getRuntimeToken} from './config-variables'
import { export function isSuccessStatusCode(statusCode?: number): boolean {
getRuntimeToken, if (!statusCode) {
getWorkFlowRunId return false
} from './config-variables'
export function isSuccessStatusCode(statusCode?: number): boolean {
if (!statusCode) {
return false
}
return statusCode >= 200 && statusCode < 300
} }
return statusCode >= 200 && statusCode < 300
}
export function createHttpClient(): HttpClient {
return new HttpClient('actions/oidc-client', [
new BearerCredentialHandler(getRuntimeToken())
])
}
export function createHttpClient(): HttpClient { export function getApiVersion(): string {
return new HttpClient('actions/oidc-client', [ return '2.0'
new BearerCredentialHandler(getRuntimeToken()) }
])
}
export function getApiVersion(): string {
return '2.0'
}

View File

@ -0,0 +1,103 @@
"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __generator = (this && this.__generator) || function (thisArg, body) {
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) {
if (f) throw new TypeError("Generator is already executing.");
while (_) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) {
case 0: case 1: t = op; break;
case 4: _.label++; return { value: op[1], done: false };
case 5: _.label++; y = op[1]; op = [0]; continue;
case 7: op = _.ops.pop(); _.trys.pop(); continue;
default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
if (t[2]) _.ops.pop();
_.trys.pop(); continue;
}
op = body.call(thisArg, _);
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
}
};
exports.__esModule = true;
exports.getIDToken = void 0;
var core = require("@actions/core");
var actions_http_client = require("@actions/http-client");
var utils_1 = require("./internal/utils");
var config_variables_1 = require("./internal/config-variables");
function getIDToken(audience) {
return __awaiter(this, void 0, void 0, function () {
var id_token, secondsSinceEpoch, id_token_json, id_token_url, httpclient, additionalHeaders, data, response, body, val, error_1;
var _a;
return __generator(this, function (_b) {
switch (_b.label) {
case 0:
_b.trys.push([0, 3, , 4]);
id_token = config_variables_1.getIDTokenFromEnv();
if (id_token !== undefined) {
secondsSinceEpoch = Math.round(Date.now() / 1000);
id_token_json = JSON.parse(id_token);
if (parseInt(id_token_json['exp']) - secondsSinceEpoch > 120)
// Expiry time is more than 2 mins
return [2 /*return*/, id_token];
}
id_token_url = config_variables_1.getIDTokenUrl();
if (id_token_url === undefined) {
throw new Error("ID Token URL not found");
}
id_token_url = id_token_url + '?api-version=' + utils_1.getApiVersion();
core.debug("ID token url is " + id_token_url);
httpclient = utils_1.createHttpClient();
if (httpclient === undefined) {
throw new Error("Failed to get Httpclient ");
}
core.debug("Httpclient created " + httpclient + " "); // debug is only output if you set the secret `ACTIONS_RUNNER_DEBUG` to true
additionalHeaders = (_a = {},
_a[actions_http_client.Headers.ContentType] = actions_http_client.MediaTypes.ApplicationJson,
_a);
data = JSON.stringify({ aud: audience });
return [4 /*yield*/, httpclient.post(id_token_url, data, additionalHeaders)];
case 1:
response = _b.sent();
if (!utils_1.isSuccessStatusCode(response.message.statusCode)) {
throw new Error("Failed to get ID Token. Error message :" + response.message.statusMessage + " ");
}
return [4 /*yield*/, response.readBody()];
case 2:
body = _b.sent();
val = JSON.parse(body);
id_token = val['value'];
if (id_token === undefined) {
throw new Error("Not able to fetch the ID token");
}
// Save ID Token in Env Variable
core.exportVariable('OIDC_TOKEN_ID', id_token);
return [2 /*return*/, id_token];
case 3:
error_1 = _b.sent();
core.setFailed(error_1.message);
return [2 /*return*/, error_1.message];
case 4: return [2 /*return*/];
}
});
});
}
exports.getIDToken = getIDToken;
//module.exports.getIDToken = getIDToken
getIDToken('helloworld');

View File

@ -1,54 +1,55 @@
import * as core from '@actions/core' import * as core from '@actions/core'
import {IHeaders} from '@actions/http-client/interfaces' import * as actions_http_client from '@actions/http-client'
import { import {
createHttpClient, createHttpClient,
isSuccessStatusCode isSuccessStatusCode,
getApiVersion
} from './internal/utils' } from './internal/utils'
import { import {getIDTokenFromEnv, getIDTokenUrl} from './internal/config-variables'
getIDTokenFromEnv,
getIDTokenUrl
} from './internal/config-variables'
export async function getIDToken(audience: string): Promise<string> { export async function getIDToken(audience: string): Promise<string> {
try { try {
//Check if id token is stored in environment variable //Check if id token is stored in environment variable
var id_token: string = getIDTokenFromEnv() let id_token: string = getIDTokenFromEnv()
if(id_token != undefined) { if (id_token !== undefined) {
const secondsSinceEpoch = Math.round(Date.now() / 1000) const secondsSinceEpoch = Math.round(Date.now() / 1000)
const id_token_json = JSON.parse(id_token) const id_token_json = JSON.parse(id_token)
if(parseInt(id_token_json['exp']) - secondsSinceEpoch > 120) // Expiry time is more than 2 mins if (parseInt(id_token_json['exp']) - secondsSinceEpoch > 120)
// Expiry time is more than 2 mins
return id_token return id_token
} }
// New ID Token is requested from action service // New ID Token is requested from action service
const id_tokne_url: string = getIDTokenUrl()
if (id_tokne_url == undefined) { let id_token_url: string = getIDTokenUrl()
if (id_token_url === undefined) {
throw new Error(`ID Token URL not found`) throw new Error(`ID Token URL not found`)
} }
id_token_url = id_token_url + '?api-version=' + getApiVersion()
core.debug(`ID token url is ${id_tokne_url}`) core.debug(`ID token url is ${id_token_url}`)
const httpclient = createHttpClient() const httpclient = createHttpClient()
if (httpclient == undefined) { if (httpclient === undefined) {
throw new Error(`Failed to get Httpclient `) throw new Error(`Failed to get Httpclient `)
} }
core.debug(`Httpclient created ${httpclient} `) // debug is only output if you set the secret `ACTIONS_RUNNER_DEBUG` to true core.debug(`Httpclient created ${httpclient} `) // debug is only output if you set the secret `ACTIONS_RUNNER_DEBUG` to true
var additionalHeaders = {[httpclient.Headers.ContentType]: httpclient.MediaTypes.ApplicationJson} const additionalHeaders = {
[actions_http_client.Headers.ContentType]:
actions_http_client.MediaTypes.ApplicationJson
}
var data : String = new String('id_token_aud:') const data: string = JSON.stringify({aud: audience})
data = data.concat(audience) const response = await httpclient.post(
const response = await httpclient.post(id_tokne_url, data, additionalHeaders) id_token_url,
data,
additionalHeaders
)
if (!isSuccessStatusCode(response.message.statusCode)) {
if (!isSuccessStatusCode(response.message.statusCode)){
throw new Error( throw new Error(
`Failed to get ID Token. Error message :${response.message.statusMessage} ` `Failed to get ID Token. Error message :${response.message.statusMessage} `
) )
@ -58,7 +59,7 @@ export async function getIDToken(audience: string): Promise<string> {
const val = JSON.parse(body) const val = JSON.parse(body)
id_token = val['value'] id_token = val['value']
if (id_token == undefined) { if (id_token === undefined) {
throw new Error(`Not able to fetch the ID token`) throw new Error(`Not able to fetch the ID token`)
} }
@ -66,11 +67,12 @@ export async function getIDToken(audience: string): Promise<string> {
core.exportVariable('OIDC_TOKEN_ID', id_token) core.exportVariable('OIDC_TOKEN_ID', id_token)
return id_token return id_token
} catch (error) { } catch (error) {
core.setFailed(error.message) core.setFailed(error.message)
return error.message return error.message
} }
} }
module.exports.getIDToken = getIDToken //module.exports.getIDToken = getIDToken
getIDToken('helloworld')