rgst-io/mise-action
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: added pre-commit task

Browse source
This commit is contained in:
jdx 2024-11-18 13:23:29 -06:00
parent 6c29640836
commit 793f8df484
No known key found for this signature in database
GPG key ID: 584DADE86724B407
5 changed files with 333 additions and 76 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

202
dist/cache-save/index.js generated vendored
View file

@ -65999,7 +65999,7 @@ exports.buildCreatePoller = buildCreatePoller;
// Licensed under the MIT License.
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.DEFAULT_RETRY_POLICY_COUNT = exports.SDK_VERSION = void 0;
exports.SDK_VERSION = "1.17.0";
exports.SDK_VERSION = "1.18.0";
exports.DEFAULT_RETRY_POLICY_COUNT = 3;
//# sourceMappingURL=constants.js.map
@ -66304,6 +66304,9 @@ function isReadableStream(body) {
return body && typeof body.pipe === "function";
}
function isStreamComplete(stream) {
if (stream.readable === false) {
return Promise.resolve();
}
return new Promise((resolve) => {
const handler = () => {
resolve();
@ -67032,20 +67035,46 @@ function auxiliaryAuthenticationHeaderPolicy(options) {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.bearerTokenAuthenticationPolicyName = void 0;
exports.bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy;
exports.parseChallenges = parseChallenges;
const tokenCycler_js_1 = __nccwpck_require__(9202);
const log_js_1 = __nccwpck_require__(544);
const restError_js_1 = __nccwpck_require__(8666);
/**
* The programmatic identifier of the bearerTokenAuthenticationPolicy.
*/
exports.bearerTokenAuthenticationPolicyName = "bearerTokenAuthenticationPolicy";
/**
* Try to send the given request.
*
* When a response is received, returns a tuple of the response received and, if the response was received
* inside a thrown RestError, the RestError that was thrown.
*
* Otherwise, if an error was thrown while sending the request that did not provide an underlying response, it
* will be rethrown.
*/
async function trySendRequest(request, next) {
try {
return [await next(request), undefined];
}
catch (e) {
if ((0, restError_js_1.isRestError)(e) && e.response) {
return [e.response, e];
}
else {
throw e;
}
}
}
/**
* Default authorize request handler
*/
async function defaultAuthorizeRequest(options) {
const { scopes, getAccessToken, request } = options;
// Enable CAE true by default
const getTokenOptions = {
abortSignal: request.abortSignal,
tracingOptions: request.tracingOptions,
enableCae: true,
};
const accessToken = await getAccessToken(scopes, getTokenOptions);
if (accessToken) {
@ -67056,12 +67085,26 @@ async function defaultAuthorizeRequest(options) {
* We will retrieve the challenge only if the response status code was 401,
* and if the response contained the header "WWW-Authenticate" with a non-empty value.
*/
function getChallenge(response) {
const challenge = response.headers.get("WWW-Authenticate");
if (response.status === 401 && challenge) {
return challenge;
function isChallengeResponse(response) {
return response.status === 401 && response.headers.has("WWW-Authenticate");
}
/**
* Re-authorize the request for CAE challenge.
* The response containing the challenge is `options.response`.
* If this method returns true, the underlying request will be sent once again.
*/
async function authorizeRequestOnCaeChallenge(onChallengeOptions, caeClaims) {
var _a;
const { scopes } = onChallengeOptions;
const accessToken = await onChallengeOptions.getAccessToken(scopes, {
enableCae: true,
claims: caeClaims,
});
if (!accessToken) {
return false;
}
return;
onChallengeOptions.request.headers.set("Authorization", `${(_a = accessToken.tokenType) !== null && _a !== void 0 ? _a : "Bearer"} ${accessToken.token}`);
return true;
}
/**
* A policy that can request a token from a TokenCredential implementation and
@ -67071,7 +67114,10 @@ function bearerTokenAuthenticationPolicy(options) {
var _a;
const { credential, scopes, challengeCallbacks } = options;
const logger = options.logger || log_js_1.logger;
const callbacks = Object.assign({ authorizeRequest: (_a = challengeCallbacks === null || challengeCallbacks === void 0 ? void 0 : challengeCallbacks.authorizeRequest) !== null && _a !== void 0 ? _a : defaultAuthorizeRequest, authorizeRequestOnChallenge: challengeCallbacks === null || challengeCallbacks === void 0 ? void 0 : challengeCallbacks.authorizeRequestOnChallenge }, challengeCallbacks);
const callbacks = {
authorizeRequest: (_a = challengeCallbacks === null || challengeCallbacks === void 0 ? void 0 : challengeCallbacks.authorizeRequest) !== null && _a !== void 0 ? _a : defaultAuthorizeRequest,
authorizeRequestOnChallenge: challengeCallbacks === null || challengeCallbacks === void 0 ? void 0 : challengeCallbacks.authorizeRequestOnChallenge,
};
// This function encapsulates the entire process of reliably retrieving the token
// The options are left out of the public API until there's demand to configure this.
// Remember to extend `BearerTokenAuthenticationPolicyOptions` with `TokenCyclerOptions`
@ -67106,26 +67152,71 @@ function bearerTokenAuthenticationPolicy(options) {
});
let response;
let error;
try {
response = await next(request);
}
catch (err) {
error = err;
response = err.response;
}
if (callbacks.authorizeRequestOnChallenge &&
(response === null || response === void 0 ? void 0 : response.status) === 401 &&
getChallenge(response)) {
// processes challenge
const shouldSendRequest = await callbacks.authorizeRequestOnChallenge({
scopes: Array.isArray(scopes) ? scopes : [scopes],
request,
response,
getAccessToken,
logger,
});
if (shouldSendRequest) {
return next(request);
let shouldSendRequest;
[response, error] = await trySendRequest(request, next);
if (isChallengeResponse(response)) {
let claims = getCaeChallengeClaims(response.headers.get("WWW-Authenticate"));
// Handle CAE by default when receive CAE claim
if (claims) {
let parsedClaim;
// Return the response immediately if claims is not a valid base64 encoded string
try {
parsedClaim = atob(claims);
}
catch (e) {
logger.warning(`The WWW-Authenticate header contains "claims" that cannot be parsed. Unable to perform the Continuous Access Evaluation authentication flow. Unparsable claims: ${claims}`);
return response;
}
shouldSendRequest = await authorizeRequestOnCaeChallenge({
scopes: Array.isArray(scopes) ? scopes : [scopes],
response,
request,
getAccessToken,
logger,
}, parsedClaim);
// Send updated request and handle response for RestError
if (shouldSendRequest) {
[response, error] = await trySendRequest(request, next);
}
}
else if (callbacks.authorizeRequestOnChallenge) {
// Handle custom challenges when client provides custom callback
shouldSendRequest = await callbacks.authorizeRequestOnChallenge({
scopes: Array.isArray(scopes) ? scopes : [scopes],
request,
response,
getAccessToken,
logger,
});
// Send updated request and handle response for RestError
if (shouldSendRequest) {
[response, error] = await trySendRequest(request, next);
}
// If we get another CAE Claim, we will handle it by default and return whatever value we receive for this
if (isChallengeResponse(response)) {
claims = getCaeChallengeClaims(response.headers.get("WWW-Authenticate"));
if (claims) {
let parsedClaim;
try {
parsedClaim = atob(claims);
}
catch (e) {
logger.warning(`The WWW-Authenticate header contains "claims" that cannot be parsed. Unable to perform the Continuous Access Evaluation authentication flow. Unparsable claims: ${claims}`);
return response;
}
shouldSendRequest = await authorizeRequestOnCaeChallenge({
scopes: Array.isArray(scopes) ? scopes : [scopes],
response,
request,
getAccessToken,
logger,
}, parsedClaim);
// Send updated request and handle response for RestError
if (shouldSendRequest) {
[response, error] = await trySendRequest(request, next);
}
}
}
}
}
if (error) {
@ -67137,6 +67228,49 @@ function bearerTokenAuthenticationPolicy(options) {
},
};
}
/**
* Converts: `Bearer a="b", c="d", Pop e="f", g="h"`.
* Into: `[ { scheme: 'Bearer', params: { a: 'b', c: 'd' } }, { scheme: 'Pop', params: { e: 'f', g: 'h' } } ]`.
*
* @internal
*/
function parseChallenges(challenges) {
// Challenge regex seperates the string to individual challenges with different schemes in the format `Scheme a="b", c=d`
// The challenge regex captures parameteres with either quotes values or unquoted values
const challengeRegex = /(\w+)\s+((?:\w+=(?:"[^"]*"|[^,]*),?\s*)+)/g;
// Parameter regex captures the claims group removed from the scheme in the format `a="b"` and `c="d"`
// CAE challenge always have quoted parameters. For more reference, https://learn.microsoft.com/entra/identity-platform/claims-challenge
const paramRegex = /(\w+)="([^"]*)"/g;
const parsedChallenges = [];
let match;
// Iterate over each challenge match
while ((match = challengeRegex.exec(challenges)) !== null) {
const scheme = match[1];
const paramsString = match[2];
const params = {};
let paramMatch;
// Iterate over each parameter match
while ((paramMatch = paramRegex.exec(paramsString)) !== null) {
params[paramMatch[1]] = paramMatch[2];
}
parsedChallenges.push({ scheme, params });
}
return parsedChallenges;
}
/**
* Parse a pipeline response and look for a CAE challenge with "Bearer" scheme
* Return the value in the header without parsing the challenge
* @internal
*/
function getCaeChallengeClaims(challenges) {
var _a;
if (!challenges) {
return;
}
// Find all challenges present in the header
const parsedChallenges = parseChallenges(challenges);
return (_a = parsedChallenges.find((x) => x.scheme === "Bearer" && x.params.claims && x.params.error === "insufficient_claims")) === null || _a === void 0 ? void 0 : _a.params.claims;
}
//# sourceMappingURL=bearerTokenAuthenticationPolicy.js.map
/***/ }),
@ -68350,7 +68484,6 @@ function exponentialRetryStrategy(options = {}) {
var _a, _b;
const retryInterval = (_a = options.retryDelayInMs) !== null && _a !== void 0 ? _a : DEFAULT_CLIENT_RETRY_INTERVAL;
const maxRetryInterval = (_b = options.maxRetryDelayInMs) !== null && _b !== void 0 ? _b : DEFAULT_CLIENT_MAX_RETRY_INTERVAL;
let retryAfterInMs = retryInterval;
return {
name: "exponentialRetryStrategy",
retry({ retryCount, response, responseError }) {
@ -68365,15 +68498,10 @@ function exponentialRetryStrategy(options = {}) {
if (responseError && !matchedSystemError && !isExponential) {
return { errorToThrow: responseError };
}
// Exponentially increase the delay each time
const exponentialDelay = retryAfterInMs * Math.pow(2, retryCount);
// Don't let the delay exceed the maximum
const clampedExponentialDelay = Math.min(maxRetryInterval, exponentialDelay);
// Allow the final value to have some "jitter" (within 50% of the delay size) so
// that retries across multiple clients don't occur simultaneously.
retryAfterInMs =
clampedExponentialDelay / 2 + (0, core_util_1.getRandomIntegerInclusive)(0, clampedExponentialDelay / 2);
return { retryAfterInMs };
return (0, core_util_1.calculateRetryDelay)(retryCount, {
retryDelayInMs: retryInterval,
maxRetryDelayInMs: maxRetryInterval,
});
},
};
}

2
dist/cache-save/index.js.map generated vendored
View file

File diff suppressed because one or more lines are too long

202
dist/index.js generated vendored
View file

@ -67389,7 +67389,7 @@ exports.buildCreatePoller = buildCreatePoller;
// Licensed under the MIT License.
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.DEFAULT_RETRY_POLICY_COUNT = exports.SDK_VERSION = void 0;
exports.SDK_VERSION = "1.17.0";
exports.SDK_VERSION = "1.18.0";
exports.DEFAULT_RETRY_POLICY_COUNT = 3;
//# sourceMappingURL=constants.js.map
@ -67694,6 +67694,9 @@ function isReadableStream(body) {
return body && typeof body.pipe === "function";
}
function isStreamComplete(stream) {
if (stream.readable === false) {
return Promise.resolve();
}
return new Promise((resolve) => {
const handler = () => {
resolve();
@ -68422,20 +68425,46 @@ function auxiliaryAuthenticationHeaderPolicy(options) {
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.bearerTokenAuthenticationPolicyName = void 0;
exports.bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy;
exports.parseChallenges = parseChallenges;
const tokenCycler_js_1 = __nccwpck_require__(9202);
const log_js_1 = __nccwpck_require__(544);
const restError_js_1 = __nccwpck_require__(8666);
/**
* The programmatic identifier of the bearerTokenAuthenticationPolicy.
*/
exports.bearerTokenAuthenticationPolicyName = "bearerTokenAuthenticationPolicy";
/**
* Try to send the given request.
*
* When a response is received, returns a tuple of the response received and, if the response was received
* inside a thrown RestError, the RestError that was thrown.
*
* Otherwise, if an error was thrown while sending the request that did not provide an underlying response, it
* will be rethrown.
*/
async function trySendRequest(request, next) {
try {
return [await next(request), undefined];
}
catch (e) {
if ((0, restError_js_1.isRestError)(e) && e.response) {
return [e.response, e];
}
else {
throw e;
}
}
}
/**
* Default authorize request handler
*/
async function defaultAuthorizeRequest(options) {
const { scopes, getAccessToken, request } = options;
// Enable CAE true by default
const getTokenOptions = {
abortSignal: request.abortSignal,
tracingOptions: request.tracingOptions,
enableCae: true,
};
const accessToken = await getAccessToken(scopes, getTokenOptions);
if (accessToken) {
@ -68446,12 +68475,26 @@ async function defaultAuthorizeRequest(options) {
* We will retrieve the challenge only if the response status code was 401,
* and if the response contained the header "WWW-Authenticate" with a non-empty value.
*/
function getChallenge(response) {
const challenge = response.headers.get("WWW-Authenticate");
if (response.status === 401 && challenge) {
return challenge;
function isChallengeResponse(response) {
return response.status === 401 && response.headers.has("WWW-Authenticate");
}
/**
* Re-authorize the request for CAE challenge.
* The response containing the challenge is `options.response`.
* If this method returns true, the underlying request will be sent once again.
*/
async function authorizeRequestOnCaeChallenge(onChallengeOptions, caeClaims) {
var _a;
const { scopes } = onChallengeOptions;
const accessToken = await onChallengeOptions.getAccessToken(scopes, {
enableCae: true,
claims: caeClaims,
});
if (!accessToken) {
return false;
}
return;
onChallengeOptions.request.headers.set("Authorization", `${(_a = accessToken.tokenType) !== null && _a !== void 0 ? _a : "Bearer"} ${accessToken.token}`);
return true;
}
/**
* A policy that can request a token from a TokenCredential implementation and
@ -68461,7 +68504,10 @@ function bearerTokenAuthenticationPolicy(options) {
var _a;
const { credential, scopes, challengeCallbacks } = options;
const logger = options.logger || log_js_1.logger;
const callbacks = Object.assign({ authorizeRequest: (_a = challengeCallbacks === null || challengeCallbacks === void 0 ? void 0 : challengeCallbacks.authorizeRequest) !== null && _a !== void 0 ? _a : defaultAuthorizeRequest, authorizeRequestOnChallenge: challengeCallbacks === null || challengeCallbacks === void 0 ? void 0 : challengeCallbacks.authorizeRequestOnChallenge }, challengeCallbacks);
const callbacks = {
authorizeRequest: (_a = challengeCallbacks === null || challengeCallbacks === void 0 ? void 0 : challengeCallbacks.authorizeRequest) !== null && _a !== void 0 ? _a : defaultAuthorizeRequest,
authorizeRequestOnChallenge: challengeCallbacks === null || challengeCallbacks === void 0 ? void 0 : challengeCallbacks.authorizeRequestOnChallenge,
};
// This function encapsulates the entire process of reliably retrieving the token
// The options are left out of the public API until there's demand to configure this.
// Remember to extend `BearerTokenAuthenticationPolicyOptions` with `TokenCyclerOptions`
@ -68496,26 +68542,71 @@ function bearerTokenAuthenticationPolicy(options) {
});
let response;
let error;
try {
response = await next(request);
}
catch (err) {
error = err;
response = err.response;
}
if (callbacks.authorizeRequestOnChallenge &&
(response === null || response === void 0 ? void 0 : response.status) === 401 &&
getChallenge(response)) {
// processes challenge
const shouldSendRequest = await callbacks.authorizeRequestOnChallenge({
scopes: Array.isArray(scopes) ? scopes : [scopes],
request,
response,
getAccessToken,
logger,
});
if (shouldSendRequest) {
return next(request);
let shouldSendRequest;
[response, error] = await trySendRequest(request, next);
if (isChallengeResponse(response)) {
let claims = getCaeChallengeClaims(response.headers.get("WWW-Authenticate"));
// Handle CAE by default when receive CAE claim
if (claims) {
let parsedClaim;
// Return the response immediately if claims is not a valid base64 encoded string
try {
parsedClaim = atob(claims);
}
catch (e) {
logger.warning(`The WWW-Authenticate header contains "claims" that cannot be parsed. Unable to perform the Continuous Access Evaluation authentication flow. Unparsable claims: ${claims}`);
return response;
}
shouldSendRequest = await authorizeRequestOnCaeChallenge({
scopes: Array.isArray(scopes) ? scopes : [scopes],
response,
request,
getAccessToken,
logger,
}, parsedClaim);
// Send updated request and handle response for RestError
if (shouldSendRequest) {
[response, error] = await trySendRequest(request, next);
}
}
else if (callbacks.authorizeRequestOnChallenge) {
// Handle custom challenges when client provides custom callback
shouldSendRequest = await callbacks.authorizeRequestOnChallenge({
scopes: Array.isArray(scopes) ? scopes : [scopes],
request,
response,
getAccessToken,
logger,
});
// Send updated request and handle response for RestError
if (shouldSendRequest) {
[response, error] = await trySendRequest(request, next);
}
// If we get another CAE Claim, we will handle it by default and return whatever value we receive for this
if (isChallengeResponse(response)) {
claims = getCaeChallengeClaims(response.headers.get("WWW-Authenticate"));
if (claims) {
let parsedClaim;
try {
parsedClaim = atob(claims);
}
catch (e) {
logger.warning(`The WWW-Authenticate header contains "claims" that cannot be parsed. Unable to perform the Continuous Access Evaluation authentication flow. Unparsable claims: ${claims}`);
return response;
}
shouldSendRequest = await authorizeRequestOnCaeChallenge({
scopes: Array.isArray(scopes) ? scopes : [scopes],
response,
request,
getAccessToken,
logger,
}, parsedClaim);
// Send updated request and handle response for RestError
if (shouldSendRequest) {
[response, error] = await trySendRequest(request, next);
}
}
}
}
}
if (error) {
@ -68527,6 +68618,49 @@ function bearerTokenAuthenticationPolicy(options) {
},
};
}
/**
* Converts: `Bearer a="b", c="d", Pop e="f", g="h"`.
* Into: `[ { scheme: 'Bearer', params: { a: 'b', c: 'd' } }, { scheme: 'Pop', params: { e: 'f', g: 'h' } } ]`.
*
* @internal
*/
function parseChallenges(challenges) {
// Challenge regex seperates the string to individual challenges with different schemes in the format `Scheme a="b", c=d`
// The challenge regex captures parameteres with either quotes values or unquoted values
const challengeRegex = /(\w+)\s+((?:\w+=(?:"[^"]*"|[^,]*),?\s*)+)/g;
// Parameter regex captures the claims group removed from the scheme in the format `a="b"` and `c="d"`
// CAE challenge always have quoted parameters. For more reference, https://learn.microsoft.com/entra/identity-platform/claims-challenge
const paramRegex = /(\w+)="([^"]*)"/g;
const parsedChallenges = [];
let match;
// Iterate over each challenge match
while ((match = challengeRegex.exec(challenges)) !== null) {
const scheme = match[1];
const paramsString = match[2];
const params = {};
let paramMatch;
// Iterate over each parameter match
while ((paramMatch = paramRegex.exec(paramsString)) !== null) {
params[paramMatch[1]] = paramMatch[2];
}
parsedChallenges.push({ scheme, params });
}
return parsedChallenges;
}
/**
* Parse a pipeline response and look for a CAE challenge with "Bearer" scheme
* Return the value in the header without parsing the challenge
* @internal
*/
function getCaeChallengeClaims(challenges) {
var _a;
if (!challenges) {
return;
}
// Find all challenges present in the header
const parsedChallenges = parseChallenges(challenges);
return (_a = parsedChallenges.find((x) => x.scheme === "Bearer" && x.params.claims && x.params.error === "insufficient_claims")) === null || _a === void 0 ? void 0 : _a.params.claims;
}
//# sourceMappingURL=bearerTokenAuthenticationPolicy.js.map
/***/ }),
@ -69740,7 +69874,6 @@ function exponentialRetryStrategy(options = {}) {
var _a, _b;
const retryInterval = (_a = options.retryDelayInMs) !== null && _a !== void 0 ? _a : DEFAULT_CLIENT_RETRY_INTERVAL;
const maxRetryInterval = (_b = options.maxRetryDelayInMs) !== null && _b !== void 0 ? _b : DEFAULT_CLIENT_MAX_RETRY_INTERVAL;
let retryAfterInMs = retryInterval;
return {
name: "exponentialRetryStrategy",
retry({ retryCount, response, responseError }) {
@ -69755,15 +69888,10 @@ function exponentialRetryStrategy(options = {}) {
if (responseError && !matchedSystemError && !isExponential) {
return { errorToThrow: responseError };
}
// Exponentially increase the delay each time
const exponentialDelay = retryAfterInMs * Math.pow(2, retryCount);
// Don't let the delay exceed the maximum
const clampedExponentialDelay = Math.min(maxRetryInterval, exponentialDelay);
// Allow the final value to have some "jitter" (within 50% of the delay size) so
// that retries across multiple clients don't occur simultaneously.
retryAfterInMs =
clampedExponentialDelay / 2 + (0, core_util_1.getRandomIntegerInclusive)(0, clampedExponentialDelay / 2);
return { retryAfterInMs };
return (0, core_util_1.calculateRetryDelay)(retryCount, {
retryDelayInMs: retryInterval,
maxRetryDelayInMs: maxRetryInterval,
});
},
};
}

2
dist/index.js.map generated vendored
View file

File diff suppressed because one or more lines are too long

1
mise.toml
View file

@ -1,3 +1,4 @@
tasks.pre-commit = ["npm run all", "git add dist"]
tasks.lint = "bun run lint"
tasks."lint:fix" = "bun run format:write"
tasks.version = "npm version"