Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
codeql-action/node_modules/@actions/core/lib/oidc-utils.js
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict"; | |
| var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | |
| function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } | |
| return new (P || (P = Promise))(function (resolve, reject) { | |
| function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } | |
| function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } | |
| function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } | |
| step((generator = generator.apply(thisArg, _arguments || [])).next()); | |
| }); | |
| }; | |
| Object.defineProperty(exports, "__esModule", { value: true }); | |
| exports.OidcClient = void 0; | |
| const http_client_1 = require("@actions/http-client"); | |
| const auth_1 = require("@actions/http-client/lib/auth"); | |
| const core_1 = require("./core"); | |
| class OidcClient { | |
| static createHttpClient(allowRetry = true, maxRetry = 10) { | |
| const requestOptions = { | |
| allowRetries: allowRetry, | |
| maxRetries: maxRetry | |
| }; | |
| return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions); | |
| } | |
| static getRequestToken() { | |
| const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN']; | |
| if (!token) { | |
| throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable'); | |
| } | |
| return token; | |
| } | |
| static getIDTokenUrl() { | |
| const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL']; | |
| if (!runtimeUrl) { | |
| throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable'); | |
| } | |
| return runtimeUrl; | |
| } | |
| static getCall(id_token_url) { | |
| var _a; | |
| return __awaiter(this, void 0, void 0, function* () { | |
| const httpclient = OidcClient.createHttpClient(); | |
| const res = yield httpclient | |
| .getJson(id_token_url) | |
| .catch(error => { | |
| throw new Error(`Failed to get ID Token. \n | |
| Error Code : ${error.statusCode}\n | |
| Error Message: ${error.result.message}`); | |
| }); | |
| const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value; | |
| if (!id_token) { | |
| throw new Error('Response json body do not have ID Token field'); | |
| } | |
| return id_token; | |
| }); | |
| } | |
| static getIDToken(audience) { | |
| return __awaiter(this, void 0, void 0, function* () { | |
| try { | |
| // New ID Token is requested from action service | |
| let id_token_url = OidcClient.getIDTokenUrl(); | |
| if (audience) { | |
| const encodedAudience = encodeURIComponent(audience); | |
| id_token_url = `${id_token_url}&audience=${encodedAudience}`; | |
| } | |
| core_1.debug(`ID token url is ${id_token_url}`); | |
| const id_token = yield OidcClient.getCall(id_token_url); | |
| core_1.setSecret(id_token); | |
| return id_token; | |
| } | |
| catch (error) { | |
| throw new Error(`Error message: ${error.message}`); | |
| } | |
| }); | |
| } | |
| } | |
| exports.OidcClient = OidcClient; | |
| //# sourceMappingURL=oidc-utils.js.map |