Move azCliUtils from artifacts-common to azure-arm-rest (#340)

* Moved azCliUtils from artifacts-common to azure-arm-rest.
microsoft · Jul 1, 2024 · 04f7c52 · 04f7c52
1 parent 8eb6d84
commit 04f7c52
Show file tree

Hide file tree

Showing 8 changed files with 363 additions and 172 deletions.
diff --git a/common-npm-packages/artifacts-common/azCliUtils.d.ts b/common-npm-packages/artifacts-common/azCliUtils.d.ts
diff --git a/common-npm-packages/artifacts-common/package-lock.json b/common-npm-packages/artifacts-common/package-lock.json
diff --git a/common-npm-packages/artifacts-common/package.json b/common-npm-packages/artifacts-common/package.json
@@ -1,6 +1,6 @@
 {
     "name": "azure-pipelines-tasks-artifacts-common",
-    "version": "2.241.1",
+    "version": "2.242.0",
     "description": "Azure Artifacts common code (for new authentication tasks)",
     "scripts": {
         "build": "cd ../build-scripts && npm install && cd ../artifacts-common && node make.js"
@@ -15,7 +15,7 @@
         "@types/fs-extra": "8.0.0",
         "@types/mocha": "^5.2.6",
         "@types/node": "^16.11.39",
-        "azure-devops-node-api": "12.0.0",
+        "azure-devops-node-api": "14.0.1",
         "azure-pipelines-task-lib": "^4.13.0",
         "fs-extra": "8.1.0",
         "semver": "6.3.0"

diff --git a/common-npm-packages/artifacts-common/webapi.d.ts b/common-npm-packages/artifacts-common/webapi.d.ts
@@ -2,4 +2,3 @@ import * as api from 'azure-devops-node-api';
 import { IRequestOptions } from 'azure-devops-node-api/interfaces/common/VsoBaseInterfaces';
 export declare function getWebApiWithProxy(serviceUri: string, accessToken: string, options?: IRequestOptions): api.WebApi;
 export declare function getSystemAccessToken(): string;
-export declare function getFederatedToken(connectedServiceName: string): Promise<string>;
diff --git a/common-npm-packages/artifacts-common/webapi.ts b/common-npm-packages/artifacts-common/webapi.ts
@@ -1,9 +1,5 @@
-import Q = require('q');
 import path = require("path");
 import * as api from 'azure-devops-node-api';
-import { getHandlerFromToken, WebApi } from "azure-devops-node-api";
-import { ITaskApi } from "azure-devops-node-api/TaskApi";
-import { TaskHubOidcToken } from "azure-devops-node-api/interfaces/TaskAgentInterfaces";
 import { IRequestOptions } from 'azure-devops-node-api/interfaces/common/VsoBaseInterfaces';
 import * as tl from 'azure-pipelines-task-lib/task';
 
@@ -33,63 +29,3 @@ export function getSystemAccessToken(): string {
     }
 }
 
-export async function getFederatedToken(connectedServiceName: string): Promise<string> {
-    const projectId: string = tl.getVariable("System.TeamProjectId");
-    const hub: string = tl.getVariable("System.HostType");
-    const planId: string = tl.getVariable('System.PlanId');
-    const jobId: string = tl.getVariable('System.JobId');
-    let uri = tl.getVariable("System.CollectionUri");
-    if (!uri) {
-        uri = tl.getVariable("System.TeamFoundationServerUri");
-    }
-
-    const token = getSystemAccessToken();
-    const authHandler = getHandlerFromToken(token);
-    const connection = new WebApi(uri, authHandler);
-    const oidc_token: string = await initOIDCToken(
-        connection,
-        projectId,
-        hub,
-        planId,
-        jobId,
-        connectedServiceName,
-        0,
-        2000);
-
-    tl.setSecret(oidc_token);
-
-    return oidc_token;
-}
-
-function initOIDCToken(connection: WebApi, projectId: string, hub: string, planId: string, jobId: string, serviceConnectionId: string, retryCount: number, timeToWait: number): Q.Promise<string> {
-    var deferred = Q.defer<string>();
-    connection.getTaskApi().then(
-        (taskApi: ITaskApi) => {
-            taskApi.createOidcToken({}, projectId, hub, planId, jobId, serviceConnectionId).then(
-                (response: TaskHubOidcToken) => {
-                    if (response != null) {
-                        tl.debug('Got OIDC token');
-                        deferred.resolve(response.oidcToken);
-                    }
-                    else if (response.oidcToken == null) {
-                        if (retryCount < 3) {
-                            let waitedTime = timeToWait;
-                            retryCount += 1;
-                            setTimeout(() => {
-                                deferred.resolve(initOIDCToken(connection, projectId, hub, planId, jobId, serviceConnectionId, retryCount, waitedTime));
-                            }, waitedTime);
-                        }
-                        else {
-                            deferred.reject(tl.loc('CouldNotFetchAccessTokenforAAD'));
-                        }
-                    }
-                },
-                (error) => {
-                    deferred.reject(tl.loc('CouldNotFetchAccessTokenforAAD') + " " + error);
-                }
-            );
-        }
-    );
-
-    return deferred.promise;
-}
diff --git a/...m-packages/artifacts-common/azCliUtils.ts → ...m-packages/azure-arm-rest/azCliUtility.ts b/...m-packages/artifacts-common/azCliUtils.ts → ...m-packages/azure-arm-rest/azCliUtility.ts
@@ -2,7 +2,10 @@ import fs = require("fs");
 import path = require("path");
 import * as tl from 'azure-pipelines-task-lib/task';
 import { IExecSyncResult } from 'azure-pipelines-task-lib/toolrunner';
-import { getFederatedToken } from './webapi';
+import { getHandlerFromToken, WebApi } from "azure-devops-node-api";
+import { ITaskApi } from "azure-devops-node-api/TaskApi";
+import { TaskHubOidcToken } from "azure-devops-node-api/interfaces/TaskAgentInterfaces";
+import Q = require('q');
 
 tl.setResourcePath(path.join(__dirname, 'module.json'), true);
 
@@ -73,4 +76,77 @@ function throwIfError(resultOfToolExecution: IExecSyncResult, errormsg?: string)
         }
         throw resultOfToolExecution;
     }
+}
+
+function getSystemAccessToken(): string {
+    tl.debug('Getting credentials for account feeds');
+    let auth = tl.getEndpointAuthorization('SYSTEMVSSCONNECTION', false);
+    if (auth && auth.scheme === 'OAuth') {
+        tl.debug('Got auth token, setting it as secret so it does not print in console log');
+        tl.setSecret(auth.parameters['AccessToken']);
+        return auth.parameters['AccessToken'];
+    }
+    tl.warning(tl.loc('FeedTokenUnavailable'));
+    return '';
+}
+
+async function getFederatedToken(connectedServiceName: string): Promise<string> {
+    const projectId: string = tl.getVariable("System.TeamProjectId");
+    const hub: string = tl.getVariable("System.HostType");
+    const planId: string = tl.getVariable('System.PlanId');
+    const jobId: string = tl.getVariable('System.JobId');
+    let uri = tl.getVariable("System.CollectionUri");
+    if (!uri) {
+        uri = tl.getVariable("System.TeamFoundationServerUri");
+    }
+
+    const token = getSystemAccessToken();
+    const authHandler = getHandlerFromToken(token);
+    const connection = new WebApi(uri, authHandler);
+    const oidc_token: string = await initOIDCToken(
+        connection,
+        projectId,
+        hub,
+        planId,
+        jobId,
+        connectedServiceName,
+        0,
+        2000);
+
+    tl.setSecret(oidc_token);
+
+    return oidc_token;
+}
+
+function initOIDCToken(connection: WebApi, projectId: string, hub: string, planId: string, jobId: string, serviceConnectionId: string, retryCount: number, timeToWait: number): Q.Promise<string> {
+    var deferred = Q.defer<string>();
+    connection.getTaskApi().then(
+        (taskApi: ITaskApi) => {
+            taskApi.createOidcToken({}, projectId, hub, planId, jobId, serviceConnectionId).then(
+                (response: TaskHubOidcToken) => {
+                    if (response != null) {
+                        tl.debug('Got OIDC token');
+                        deferred.resolve(response.oidcToken);
+                    }
+                    else if (response.oidcToken == null) {
+                        if (retryCount < 3) {
+                            let waitedTime = timeToWait;
+                            retryCount += 1;
+                            setTimeout(() => {
+                                deferred.resolve(initOIDCToken(connection, projectId, hub, planId, jobId, serviceConnectionId, retryCount, waitedTime));
+                            }, waitedTime);
+                        }
+                        else {
+                            deferred.reject(tl.loc('CouldNotFetchAccessTokenforAAD'));
+                        }
+                    }
+                },
+                (error) => {
+                    deferred.reject(tl.loc('CouldNotFetchAccessTokenforAAD') + " " + error);
+                }
+            );
+        }
+    );
+
+    return deferred.promise;
 }
diff --git a/common-npm-packages/azure-arm-rest/package-lock.json b/common-npm-packages/azure-arm-rest/package-lock.json
diff --git a/common-npm-packages/azure-arm-rest/package.json b/common-npm-packages/azure-arm-rest/package.json
@@ -1,6 +1,6 @@
 {
   "name": "azure-pipelines-tasks-azure-arm-rest",
-  "version": "3.242.0",
+  "version": "3.242.1",
   "description": "Common Lib for Azure ARM REST apis",
   "repository": {
     "type": "git",