@salesforce/cli-plugins-testkit - npm Package Compare versions

Comparing version 0.0.5 to 0.0.6

CHANGELOG.md

@@ -5,2 +5,9 @@ # Changelog
 
+### [0.0.6](https://github.com/salesforcecli/cli-plugins-testkit/compare/v0.0.5...v0.0.6) (2021-02-18)
+
+
+### Bug Fixes
+
+* properly format jwtkey prior to file save ([c6045d3](https://github.com/salesforcecli/cli-plugins-testkit/commit/c6045d301ba97511e50d9fbd470e2ec74fed614a))
+
 ### [0.0.5](https://github.com/salesforcecli/cli-plugins-testkit/compare/v0.0.4...v0.0.5) (2021-02-18)
@@ -7,0 +14,0 @@

lib/hubAuth.js

@@ -27,2 +27,35 @@ "use strict";
 /**
+ * Function examines the env var TESTKIT_JWT_KEY to determine if it needs to be
+ * reformatted so when saved to a file the RSA key file contents are formatted
+ * properly.
+ *
+ * Throws an error if function is called and the env var is undefined
+ *
+ * returns a string that complies with RSA private key file format
+ */
+const formatJwtKey = () => {
+    if (kit_1.env.getString('TESTKIT_JWT_KEY')) {
+        let keyLines = kit_1.env.getString('TESTKIT_JWT_KEY', '').split('\n');
+        if (keyLines.length <= 1) {
+            const footer = '-----END RSA PRIVATE KEY-----';
+            const header = '-----BEGIN RSA PRIVATE KEY-----';
+            // strip out header and footer
+            const newKeyContents = kit_1.env.getString('TESTKIT_JWT_KEY', '').replace(header, '').replace(footer, '');
+            // check to see if newlines were replaced with spaces
+            keyLines = newKeyContents.trim().split(/\s/);
+            if (keyLines.length <= 1) {
+                // still one big string, split into 64 byte chucks
+                keyLines = [header, ...newKeyContents.match(/.{1,64}/g), footer];
+            }
+            else {
+                keyLines = [header, ...keyLines, footer];
+            }
+        }
+        return keyLines.join('\n');
+    }
+    else {
+        throw new Error('env var TESTKIT_JWT_KEY is undefined');
+    }
+};
+/**
  * Inspects the environment (via AuthStrategy) and authenticates to a devhub via JWT or AuthUrl
@@ -40,10 +73,10 @@ * Sets the hub as default for use in tests
     const logger = debug_1.debug('testkit:authFromStubbedHome');
-    if (getAuthStrategy() === AuthStrategy.JWT && process.env.TESTKIT_JWT_KEY) {
+    if (getAuthStrategy() === AuthStrategy.JWT) {
         logger('trying jwt auth');
         const jwtKey = path.join(homeDir, 'jwtKey');
-        core_1.fs.writeFileSync(jwtKey, kit_1.env.getString('TESTKIT_JWT_KEY', ''));
+        core_1.fs.writeFileSync(jwtKey, formatJwtKey());
         shell.exec(`sfdx auth:jwt:grant -d -u ${kit_1.env.getString('TESTKIT_HUB_USERNAME', '')} -i ${kit_1.env.getString('TESTKIT_JWT_CLIENT_ID', '')} -f ${jwtKey} -r ${kit_1.env.getString('TESTKIT_HUB_INSTANCE', DEFAULT_INSTANCE_URL)}`, { silent: true, fatal: true });
         return;
     }
-    if (getAuthStrategy() === AuthStrategy.AUTH_URL && process.env.TESTKIT_AUTH_URL) {
+    if (getAuthStrategy() === AuthStrategy.AUTH_URL) {
         logger('trying to authenticate with AuthUrl');
@@ -60,10 +93,12 @@ const tmpUrl = path.join(homeDir, 'tmpUrl');
 const getAuthStrategy = () => {
-    if (process.env.TESTKIT_JWT_CLIENT_ID && process.env.TESTKIT_HUB_USERNAME && process.env.TESTKIT_JWT_KEY) {
+    if (kit_1.env.getString('TESTKIT_JWT_CLIENT_ID') &&
+        kit_1.env.getString('TESTKIT_HUB_USERNAME') &&
+        kit_1.env.getString('TESTKIT_JWT_KEY')) {
         return AuthStrategy.JWT;
     }
-    if (process.env.TESTKIT_AUTH_URL) {
+    if (kit_1.env.getString('TESTKIT_AUTH_URL')) {
         return AuthStrategy.AUTH_URL;
     }
     // none of the above are included, so we want to reuse an already authenticated hub
-    if (process.env.TESTKIT_HUB_USERNAME) {
+    if (kit_1.env.getString('TESTKIT_HUB_USERNAME')) {
         return AuthStrategy.REUSE;
@@ -92,3 +127,3 @@ }
     const authFileName = `${kit_1.env.getString('TESTKIT_HUB_USERNAME', '')}.json`;
-    const hubAuthFileSource = path.join(process.env.HOME || os.homedir(), '.sfdx', authFileName);
+    const hubAuthFileSource = path.join(kit_1.env.getString('HOME') || os.homedir(), '.sfdx', authFileName);
     const authFileContents = core_1.fs.readJsonSync(hubAuthFileSource);
@@ -95,0 +130,0 @@ if (authFileContents.privateKey) {

package.json

 {
   "name": "@salesforce/cli-plugins-testkit",
   "description": "Provides test utilities to assist Salesforce CLI plug-in authors with writing non-unit tests (NUT).",
-  "version": "0.0.5",
+  "version": "0.0.6",
   "author": "Salesforce",
@@ -6,0 +6,0 @@ "license": "BSD-3-Clause",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Improved metrics

Total package byte prevSize

50897

increased by3.3%

Lines of code

955

increased by3.8%

Number of low supply chain risk alerts

4

decreased by-66.67%

No dependency changes