Skip to content

Commit

Permalink
CR
Browse files Browse the repository at this point in the history
  • Loading branch information
yahavi committed Jan 18, 2024
1 parent 65624eb commit 45d568e
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 2 deletions.
22 changes: 21 additions & 1 deletion lib/utils.js
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ class Utils {
static getJfrogCredentials() {
return __awaiter(this, void 0, void 0, function* () {
let jfrogCredentials = this.collectJfrogCredentialsFromEnvVars();
if (!jfrogCredentials.jfrogUrl || jfrogCredentials.password || jfrogCredentials.accessToken || !process.env.ACTIONS_ID_TOKEN_REQUEST_URL) {
if (!this.shouldUseOpenIDConnect(jfrogCredentials)) {
// Use JF_ENV or the credentials found in the environment variables
return jfrogCredentials;
}
Expand All @@ -73,6 +73,26 @@ class Utils {
}
});
}
/**
* Returns true if OpenID Connect authentication should be used.
* @param jfrogCredentials - Credentials retrieved from the environment variables
* @returns true if OpenID Connect authentication should be used
*/
static shouldUseOpenIDConnect(jfrogCredentials) {
if (!jfrogCredentials.jfrogUrl) {
// If no JFrog URL is specified, we can't use OpenID Connect
return false;
}
if (jfrogCredentials.password || jfrogCredentials.accessToken) {
// If credentials are specified - use them instead
return false;
}
if (!process.env.ACTIONS_ID_TOKEN_REQUEST_URL) {
// Only if the user added id-token: write, this environment variable was set
return false;
}
return true;
}
/**
* Gathers JFrog's credentials from environment variables and delivers them in a JfrogCredentials structure
* @returns JfrogCredentials struct with all credentials found in environment variables
Expand Down
23 changes: 22 additions & 1 deletion src/utils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ export class Utils {
*/
public static async getJfrogCredentials(): Promise<JfrogCredentials> {
let jfrogCredentials: JfrogCredentials = this.collectJfrogCredentialsFromEnvVars();
if (!jfrogCredentials.jfrogUrl || jfrogCredentials.password || jfrogCredentials.accessToken || !process.env.ACTIONS_ID_TOKEN_REQUEST_URL) {
if (!this.shouldUseOpenIDConnect(jfrogCredentials)) {
// Use JF_ENV or the credentials found in the environment variables
return jfrogCredentials;
}
Expand All @@ -72,6 +72,27 @@ export class Utils {
}
}

/**
* Returns true if OpenID Connect authentication should be used.
* @param jfrogCredentials - Credentials retrieved from the environment variables
* @returns true if OpenID Connect authentication should be used
*/
private static shouldUseOpenIDConnect(jfrogCredentials: JfrogCredentials): boolean {
if (!jfrogCredentials.jfrogUrl) {
// If no JFrog URL is specified, we can't use OpenID Connect
return false;
}
if (jfrogCredentials.password || jfrogCredentials.accessToken) {
// If credentials are specified - use them instead
return false;
}
if (!process.env.ACTIONS_ID_TOKEN_REQUEST_URL) {
// Only if the user added id-token: write, this environment variable was set
return false;
}
return true;
}

/**
* Gathers JFrog's credentials from environment variables and delivers them in a JfrogCredentials structure
* @returns JfrogCredentials struct with all credentials found in environment variables
Expand Down

0 comments on commit 45d568e

Please sign in to comment.