@@ -1585,6 +1585,90 @@ module.exports.parseURL = function (input, options) {
15851585};
15861586
15871587
1588+ /***/ }),
1589+
1590+ /***/ 41:
1591+ /***/ (function(__unusedmodule, exports, __webpack_require__) {
1592+
1593+ "use strict";
1594+
1595+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
1596+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
1597+ return new (P || (P = Promise))(function (resolve, reject) {
1598+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
1599+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
1600+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
1601+ step((generator = generator.apply(thisArg, _arguments || [])).next());
1602+ });
1603+ };
1604+ Object.defineProperty(exports, "__esModule", { value: true });
1605+ exports.OidcClient = void 0;
1606+ const http_client_1 = __webpack_require__(925);
1607+ const auth_1 = __webpack_require__(702);
1608+ const core_1 = __webpack_require__(186);
1609+ class OidcClient {
1610+ static createHttpClient(allowRetry = true, maxRetry = 10) {
1611+ const requestOptions = {
1612+ allowRetries: allowRetry,
1613+ maxRetries: maxRetry
1614+ };
1615+ return new http_client_1.HttpClient('actions/oidc-client', [new auth_1.BearerCredentialHandler(OidcClient.getRequestToken())], requestOptions);
1616+ }
1617+ static getRequestToken() {
1618+ const token = process.env['ACTIONS_ID_TOKEN_REQUEST_TOKEN'];
1619+ if (!token) {
1620+ throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_TOKEN env variable');
1621+ }
1622+ return token;
1623+ }
1624+ static getIDTokenUrl() {
1625+ const runtimeUrl = process.env['ACTIONS_ID_TOKEN_REQUEST_URL'];
1626+ if (!runtimeUrl) {
1627+ throw new Error('Unable to get ACTIONS_ID_TOKEN_REQUEST_URL env variable');
1628+ }
1629+ return runtimeUrl;
1630+ }
1631+ static getCall(id_token_url) {
1632+ var _a;
1633+ return __awaiter(this, void 0, void 0, function* () {
1634+ const httpclient = OidcClient.createHttpClient();
1635+ const res = yield httpclient
1636+ .getJson(id_token_url)
1637+ .catch(error => {
1638+ throw new Error(`Failed to get ID Token. \n
1639+ Error Code : ${error.statusCode}\n
1640+ Error Message: ${error.result.message}`);
1641+ });
1642+ const id_token = (_a = res.result) === null || _a === void 0 ? void 0 : _a.value;
1643+ if (!id_token) {
1644+ throw new Error('Response json body do not have ID Token field');
1645+ }
1646+ return id_token;
1647+ });
1648+ }
1649+ static getIDToken(audience) {
1650+ return __awaiter(this, void 0, void 0, function* () {
1651+ try {
1652+ // New ID Token is requested from action service
1653+ let id_token_url = OidcClient.getIDTokenUrl();
1654+ if (audience) {
1655+ const encodedAudience = encodeURIComponent(audience);
1656+ id_token_url = `${id_token_url}&audience=${encodedAudience}`;
1657+ }
1658+ core_1.debug(`ID token url is ${id_token_url}`);
1659+ const id_token = yield OidcClient.getCall(id_token_url);
1660+ core_1.setSecret(id_token);
1661+ return id_token;
1662+ }
1663+ catch (error) {
1664+ throw new Error(`Error message: ${error.message}`);
1665+ }
1666+ });
1667+ }
1668+ }
1669+ exports.OidcClient = OidcClient;
1670+ //# sourceMappingURL=oidc-utils.js.map
1671+
15881672/***/ }),
15891673
15901674/***/ 44:
@@ -3448,12 +3532,13 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
34483532 });
34493533};
34503534Object.defineProperty(exports, "__esModule", { value: true });
3451- exports.getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0;
3535+ exports.getIDToken = exports. getState = exports.saveState = exports.group = exports.endGroup = exports.startGroup = exports.info = exports.notice = exports.warning = exports.error = exports.debug = exports.isDebug = exports.setFailed = exports.setCommandEcho = exports.setOutput = exports.getBooleanInput = exports.getMultilineInput = exports.getInput = exports.addPath = exports.setSecret = exports.exportVariable = exports.ExitCode = void 0;
34523536const command_1 = __webpack_require__(351);
34533537const file_command_1 = __webpack_require__(717);
34543538const utils_1 = __webpack_require__(278);
34553539const os = __importStar(__webpack_require__(87));
34563540const path = __importStar(__webpack_require__(622));
3541+ const oidc_utils_1 = __webpack_require__(41);
34573542/**
34583543 * The code to exit an action
34593544 */
@@ -3722,6 +3807,12 @@ function getState(name) {
37223807 return process.env[`STATE_${name}`] || '';
37233808}
37243809exports.getState = getState;
3810+ function getIDToken(aud) {
3811+ return __awaiter(this, void 0, void 0, function* () {
3812+ return yield oidc_utils_1.OidcClient.getIDToken(aud);
3813+ });
3814+ }
3815+ exports.getIDToken = getIDToken;
37253816//# sourceMappingURL=core.js.map
37263817
37273818/***/ }),
@@ -4855,6 +4946,7 @@ function toCommandProperties(annotationProperties) {
48554946 }
48564947 return {
48574948 title: annotationProperties.title,
4949+ file: annotationProperties.file,
48584950 line: annotationProperties.startLine,
48594951 endLine: annotationProperties.endLine,
48604952 col: annotationProperties.startColumn,
@@ -9300,6 +9392,72 @@ module.exports.Singular = Hook.Singular
93009392module.exports.Collection = Hook.Collection
93019393
93029394
9395+ /***/ }),
9396+
9397+ /***/ 702:
9398+ /***/ (function(__unusedmodule, exports) {
9399+
9400+ "use strict";
9401+
9402+ Object.defineProperty(exports, "__esModule", { value: true });
9403+ class BasicCredentialHandler {
9404+ constructor(username, password) {
9405+ this.username = username;
9406+ this.password = password;
9407+ }
9408+ prepareRequest(options) {
9409+ options.headers['Authorization'] =
9410+ 'Basic ' +
9411+ Buffer.from(this.username + ':' + this.password).toString('base64');
9412+ }
9413+ // This handler cannot handle 401
9414+ canHandleAuthentication(response) {
9415+ return false;
9416+ }
9417+ handleAuthentication(httpClient, requestInfo, objs) {
9418+ return null;
9419+ }
9420+ }
9421+ exports.BasicCredentialHandler = BasicCredentialHandler;
9422+ class BearerCredentialHandler {
9423+ constructor(token) {
9424+ this.token = token;
9425+ }
9426+ // currently implements pre-authorization
9427+ // TODO: support preAuth = false where it hooks on 401
9428+ prepareRequest(options) {
9429+ options.headers['Authorization'] = 'Bearer ' + this.token;
9430+ }
9431+ // This handler cannot handle 401
9432+ canHandleAuthentication(response) {
9433+ return false;
9434+ }
9435+ handleAuthentication(httpClient, requestInfo, objs) {
9436+ return null;
9437+ }
9438+ }
9439+ exports.BearerCredentialHandler = BearerCredentialHandler;
9440+ class PersonalAccessTokenCredentialHandler {
9441+ constructor(token) {
9442+ this.token = token;
9443+ }
9444+ // currently implements pre-authorization
9445+ // TODO: support preAuth = false where it hooks on 401
9446+ prepareRequest(options) {
9447+ options.headers['Authorization'] =
9448+ 'Basic ' + Buffer.from('PAT:' + this.token).toString('base64');
9449+ }
9450+ // This handler cannot handle 401
9451+ canHandleAuthentication(response) {
9452+ return false;
9453+ }
9454+ handleAuthentication(httpClient, requestInfo, objs) {
9455+ return null;
9456+ }
9457+ }
9458+ exports.PersonalAccessTokenCredentialHandler = PersonalAccessTokenCredentialHandler;
9459+
9460+
93039461/***/ }),
93049462
93059463/***/ 717:
0 commit comments