Move credentialToStr and update it

2026-05-07 14:20:19 +00:00 · 2026-03-10 01:23:06 +00:00
parent 7263be2084
commit e168f8e52a
5 changed files with 300 additions and 71 deletions
@@ -0,0 +1,136 @@
+import test from "ava";
+
+import { setupTests } from "../testing-utils";
+
+import * as types from "./types";
+
+setupTests(test);
+
+const validAzureCredential: types.AzureConfig = {
+  tenant_id: "12345678-1234-1234-1234-123456789012",
+  client_id: "abcdef01-2345-6789-abcd-ef0123456789",
+};
+
+const validAwsCredential: types.AWSConfig = {
+  aws_region: "us-east-1",
+  account_id: "123456789012",
+  role_name: "MY_ROLE",
+  domain: "MY_DOMAIN",
+  domain_owner: "987654321098",
+  audience: "custom-audience",
+};
+
+const validJFrogCredential: types.JFrogConfig = {
+  jfrog_oidc_provider_name: "MY_PROVIDER",
+  audience: "jfrog-audience",
+  identity_mapping_name: "my-mapping",
+};
+
+test("credentialToStr - pretty-prints valid username+password configurations", (t) => {
+  const secret = "password123";
+  const credential: types.Credential = {
+    type: "maven_credential",
+    username: "user",
+    password: secret,
+    url: "https://localhost",
+  };
+
+  const str = types.credentialToStr(credential);
+
+  t.false(str.includes(secret));
+  t.is(
+    "Type: maven_credential; Url: https://localhost; Username: user; Password: ***;",
+    str,
+  );
+});
+
+test("credentialToStr - pretty-prints valid username+token configurations", (t) => {
+  const secret = "password123";
+  const credential: types.Credential = {
+    type: "maven_credential",
+    username: "user",
+    token: secret,
+    url: "https://localhost",
+  };
+
+  const str = types.credentialToStr(credential);
+
+  t.false(str.includes(secret));
+  t.is(
+    "Type: maven_credential; Url: https://localhost; Username: user; Token: ***;",
+    str,
+  );
+});
+
+test("credentialToStr - pretty-prints valid Azure OIDC configurations", (t) => {
+  const credential: types.Credential = {
+    type: "maven_credential",
+    url: "https://localhost",
+    ...validAzureCredential,
+  };
+
+  const str = types.credentialToStr(credential);
+
+  t.is(
+    "Type: maven_credential; Url: https://localhost; Tenant: 12345678-1234-1234-1234-123456789012; Client: abcdef01-2345-6789-abcd-ef0123456789;",
+    str,
+  );
+});
+
+test("credentialToStr - pretty-prints valid AWS OIDC configurations", (t) => {
+  const credential: types.Credential = {
+    type: "maven_credential",
+    url: "https://localhost",
+    ...validAwsCredential,
+  };
+
+  const str = types.credentialToStr(credential);
+
+  t.is(
+    "Type: maven_credential; Url: https://localhost; AWS Region: us-east-1; AWS Account: 123456789012; AWS Role: MY_ROLE; AWS Domain: MY_DOMAIN; AWS Domain Owner: 987654321098; AWS Audience: custom-audience;",
+    str,
+  );
+});
+
+test("credentialToStr - pretty-prints valid JFrog OIDC configurations", (t) => {
+  const credential: types.Credential = {
+    type: "maven_credential",
+    url: "https://localhost",
+    ...validJFrogCredential,
+  };
+
+  const str = types.credentialToStr(credential);
+
+  t.is(
+    "Type: maven_credential; Url: https://localhost; JFrog Provider: MY_PROVIDER; JFrog Identity Mapping: my-mapping; JFrog Audience: jfrog-audience;",
+    str,
+  );
+});
+
+test("credentialToStr - hides passwords", (t) => {
+  const secret = "password123";
+  const credential = {
+    type: "maven_credential",
+    password: secret,
+    url: "https://localhost",
+  };
+
+  const str = types.credentialToStr(credential);
+
+  t.false(str.includes(secret));
+  t.is("Type: maven_credential; Url: https://localhost; Password: ***;", str);
+});
+
+test("credentialToStr - hides tokens", (t) => {
+  const secret = "password123";
+  const credential = {
+    type: "maven_credential",
+    token: secret,
+    url: "https://localhost",
+  };
+
+  const str = types.credentialToStr(credential);
+
+  t.false(str.includes(secret));
+  t.is("Type: maven_credential; Url: https://localhost; Token: ***;", str);
+});
@@ -121,6 +121,53 @@ export type AuthConfig = UsernamePassword | Token | OIDC;
 */
 export type Credential = AuthConfig & Registry;

+/**
+ * Pretty-prints a `Credential` value to a string, but hides the actual password or token values.
+ *
+ * @param credential The credential to convert to a string.
+ */
+export function credentialToStr(credential: Credential): string {
+  let result: string = `Type: ${credential.type};`;
+
+  const appendIfDefined = (name: string, val: string | undefined) => {
+    if (isDefined(val)) {
+      result += ` ${name}: ${val};`;
+    }
+  };
+
+  appendIfDefined("Url", credential.url);
+  appendIfDefined("Host", credential.host);
+
+  if (hasUsername(credential)) {
+    appendIfDefined("Username", credential.username);
+  }
+
+  if ("password" in credential) {
+    appendIfDefined("Password", credential.password ? "***" : undefined);
+  }
+  if (isToken(credential)) {
+    appendIfDefined("Token", credential.token ? "***" : undefined);
+  }
+
+  if (isAzureConfig(credential)) {
+    appendIfDefined("Tenant", credential.tenant_id);
+    appendIfDefined("Client", credential.client_id);
+  } else if (isAWSConfig(credential)) {
+    appendIfDefined("AWS Region", credential.aws_region);
+    appendIfDefined("AWS Account", credential.account_id);
+    appendIfDefined("AWS Role", credential.role_name);
+    appendIfDefined("AWS Domain", credential.domain);
+    appendIfDefined("AWS Domain Owner", credential.domain_owner);
+    appendIfDefined("AWS Audience", credential.audience);
+  } else if (isJFrogConfig(credential)) {
+    appendIfDefined("JFrog Provider", credential.jfrog_oidc_provider_name);
+    appendIfDefined("JFrog Identity Mapping", credential.identity_mapping_name);
+    appendIfDefined("JFrog Audience", credential.audience);
+  }
+
+  return result;
+}
+
 /** A package registry is identified by its type and address. */
 export type Registry = {
  /** The type of the package registry. */