diff --git a/.circleci/config.yml b/.circleci/config.yml index af8912f..904f84f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -8,14 +8,14 @@ jobs: - checkout - restore_cache: keys: - - v1-dependencies-{{ checksum "package.json" }} + - v1-dependencies-{{ checksum "package-lock.json" }} # fallback to using the latest cache if no exact match is found - v1-dependencies- - run: npm i - save_cache: paths: - node_modules - key: v1-dependencies-{{ checksum "package.json" }} + key: v1-dependencies-{{ checksum "package-lock.json" }} - run: npm run test - persist_to_workspace: root: . @@ -30,7 +30,7 @@ jobs: at: . - restore_cache: keys: - - npm-circleci-{{ checksum "package.lock" }} + - npm-circleci-{{ checksum "package-lock.json" }} - npm-circleci- - run: name: Install Serverless CLI and dependencies @@ -41,8 +41,7 @@ jobs: - node_modules - run: name: Build and deploy lambda package - command: | - node .circlecli/bin/node_modules/serverless/bin/serverless deploy + command: npm run ci-deploy workflows: version: 2.1 diff --git a/.gitignore b/.gitignore index f4b70ee..51dd3ee 100644 --- a/.gitignore +++ b/.gitignore @@ -36,3 +36,6 @@ jspm_packages # Optional REPL history .node_repl_history *.zip + +#Serverless +.serverless diff --git a/lib/auth0tools.js b/lib/auth0tools.js index 8733753..fb0ad16 100644 --- a/lib/auth0tools.js +++ b/lib/auth0tools.js @@ -1,8 +1,10 @@ -var auth0 = require('auth0'); +const auth0 = require('auth0'); const ManagementClient = auth0.ManagementClient; +const isurl = require('isurl'); module.exports = { async addAuth0Url(credentials, url) { + if (typeof credentials.Auth0ClientDomain === 'undefined') { throw new Error('Auth0ClientDomain is required in the credentials parameter'); } @@ -18,6 +20,15 @@ module.exports = { if (typeof url === 'undefined') { throw new Error('url is required'); } + + const protoRegex = /^((http|https):\/\/)/; + if (!protoRegex.test(url)) { + url = `https://${ url }`; + } + if (!isurl(new URL(url))) { + throw new Error(`${ url } is not a valid url`); + } + const mgmt = new ManagementClient({ domain: credentials.Auth0ClientDomain, clientId: credentials.Auth0MgmtApiClientId, @@ -26,14 +37,18 @@ module.exports = { const client = await mgmt.getClient({ client_id: credentials.Auth0ClientID, }); + // Array <--> Set swapparoo to remove duplicates :tophat: + const callbacks = [...new Set(client.callbacks.concat([`${ url }/authenticated`]))]; + const web_origins = [...new Set(client.web_origins.concat([url]))]; + const allowed_logout_urls = [...new Set(client.allowed_logout_urls.concat([url]))]; return mgmt.updateClient( { client_id: credentials.Auth0ClientID, }, { - callbacks: client.callbacks.concat([`${ url }/authenticated`]), - web_origins: client.web_origins.concat([url]), - allowed_logout_urls: client.allowed_logout_urls.concat([url]), + callbacks, + web_origins, + allowed_logout_urls, }, ).then(result => { return result; diff --git a/lib/handler.js b/lib/handler.js index 308b9f8..73b83a9 100644 --- a/lib/handler.js +++ b/lib/handler.js @@ -1,9 +1,11 @@ -var secrets = require('./secrets'); // Known bug with rewire. Need to cast as var -var auth0tools = require('./auth0tools'); +// eslint-disable-next-line no-var +var secrets = require('./secrets'); +// eslint-disable-next-line no-var +var auth0tools = require('./auth0tools'); const Promise = require('bluebird'); -const handler = async (event, context) => { +const handler = async(event, context) => { if (typeof event.secretEnv === 'undefined') { throw new Error('secretEnv is required'); } @@ -16,14 +18,13 @@ const handler = async (event, context) => { return await auth0tools.addAuth0Url(secret, url); }; -module.exports = function(event, context, cb) { - return Promise.try(() => handler(event, context)) - .then(result => { - cb(null); - return result; - }) - .catch(err => { - cb(err); - throw err; - }); +module.exports = async(event, context, cb) => { + try { + const result = await Promise.try(() => handler(event, context)); + cb(null); + return result; + } catch (err) { + cb(err); + throw err; + } }; diff --git a/package-lock.json b/package-lock.json index 7f1aeef..4c6fd32 100644 --- a/package-lock.json +++ b/package-lock.json @@ -96,9 +96,9 @@ } }, "@types/express-serve-static-core": { - "version": "4.17.1", - "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.1.tgz", - "integrity": "sha512-9e7jj549ZI+RxY21Cl0t8uBnWyb22HzILupyHZjYEVK//5TT/1bZodU+yUbLnPdoYViBBnNWbxp4zYjGV0zUGw==", + "version": "4.17.2", + "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.2.tgz", + "integrity": "sha512-El9yMpctM6tORDAiBwZVLMcxoTMcqqRO9dVyYcn7ycLWbvR8klrDn8CAOwRfZujZtWD7yS/mshTdz43jMOejbg==", "requires": { "@types/node": "*", "@types/range-parser": "*" @@ -118,9 +118,9 @@ "integrity": "sha512-FwI9gX75FgVBJ7ywgnq/P7tw+/o1GUbtP0KzbtusLigAOgIgNISRK0ZPl4qertvXSIE8YbsVJueQ90cDt9YYyw==" }, "@types/node": { - "version": "13.1.6", - "resolved": "https://registry.npmjs.org/@types/node/-/node-13.1.6.tgz", - "integrity": "sha512-Jg1F+bmxcpENHP23sVKkNuU3uaxPnsBMW0cLjleiikFKomJQbsn0Cqk2yDvQArqzZN6ABfBkZ0To7pQ8sLdWDg==" + "version": "13.7.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-13.7.0.tgz", + "integrity": "sha512-GnZbirvmqZUzMgkFn70c74OQpTTUcCzlhQliTzYjQMqg+hVKcDnxdL19Ne3UdYzdMA/+W3eb646FWn/ZaT1NfQ==" }, "@types/range-parser": { "version": "1.2.3", @@ -157,11 +157,11 @@ } }, "ajv": { - "version": "6.10.2", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.2.tgz", - "integrity": "sha512-TXtUUEYHuaTEbLZWIKUr5pmBuhDLy+8KYtPYdcV8qC+pOZL+NKqYwvWSRrVXHn+ZmRRAu8vJTAznH7Oag6RVRw==", + "version": "6.11.0", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.11.0.tgz", + "integrity": "sha512-nCprB/0syFYy9fVYU1ox1l2KN8S9I+tziH8D4zdZuLT3N6RMlGSGt5FSTpAiHB/Whv8Qs1cWHma1aMKZyaHRKA==", "requires": { - "fast-deep-equal": "^2.0.1", + "fast-deep-equal": "^3.1.1", "fast-json-stable-stringify": "^2.0.0", "json-schema-traverse": "^0.4.1", "uri-js": "^4.2.2" @@ -264,9 +264,9 @@ "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" }, "auth0": { - "version": "2.20.0", - "resolved": "https://registry.npmjs.org/auth0/-/auth0-2.20.0.tgz", - "integrity": "sha512-l39HEv1LZt7kyXGDe012SRbr+dakLQifpezsj9cNIJJJWW1idCIQsIm+sg3sJgXF6vJicWlYgaHz/erjBHjVPw==", + "version": "2.22.0", + "resolved": "https://registry.npmjs.org/auth0/-/auth0-2.22.0.tgz", + "integrity": "sha512-aGPyxjD/AZi4XujCCyrGYffLm0yvrVd2xIKSzVUJYaJkdtLwaPCVQwneP8dNlDqjsWNL+SOdZd9MEFAuIOaayA==", "requires": { "bluebird": "^3.5.5", "jsonwebtoken": "^8.5.1", @@ -279,9 +279,9 @@ } }, "aws-sdk": { - "version": "2.603.0", - "resolved": "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.603.0.tgz", - "integrity": "sha512-+VlskUDLZLQDDlaVa0Tb02aEFEWcKkTfTew1SGYwce9hUrKcR33IX4e9kM6MyI7UeLQAl0v8dagTniP67UrTQw==", + "version": "2.610.0", + "resolved": "https://registry.npmjs.org/aws-sdk/-/aws-sdk-2.610.0.tgz", + "integrity": "sha512-kqcoCTKjbxrUo2KeLQR2Jw6l4PvkbHXSDk8KqF2hXcpHibiOcMXZZPVe9X+s90RC/B2+qU95M7FImp9ByMcw7A==", "requires": { "buffer": "4.9.1", "events": "1.1.1", @@ -292,6 +292,13 @@ "url": "0.10.3", "uuid": "3.3.2", "xml2js": "0.4.19" + }, + "dependencies": { + "uuid": { + "version": "3.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", + "integrity": "sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA==" + } } }, "aws-sign2": { @@ -300,9 +307,9 @@ "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" }, "aws4": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.9.0.tgz", - "integrity": "sha512-Uvq6hVe90D0B2WEnUqtdgY1bATGz3mw33nH9Y+dmA+w5DHvUmBgkr5rM/KCHpCsiFNRUfokW/szpPPgMK2hm4A==" + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.9.1.tgz", + "integrity": "sha512-wMHVg2EOHaMRxbzgFJ9gtjOOCrI80OHLG14rxi28XwOW8ux6IiEbRCGGGqCtdAIg4FQCbW20k9RsT4y3gJlFug==" }, "babel-code-frame": { "version": "6.26.0", @@ -726,9 +733,9 @@ "integrity": "sha512-vKQ9DTQPN1FLYiiEEOQ6IBGFqvjCa5rSK3cWMy/Nespm5d/x3dGFT9UBZnkLxCwua/IXBi2TYnwTEpsOvhC4UQ==" }, "debug": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", - "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", "requires": { "ms": "^2.1.1" } @@ -816,13 +823,6 @@ "requires": { "jsbn": "~0.1.0", "safer-buffer": "^2.1.0" - }, - "dependencies": { - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - } } }, "ecdsa-sig-formatter": { @@ -840,9 +840,9 @@ "dev": true }, "es-abstract": { - "version": "1.17.1", - "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.17.1.tgz", - "integrity": "sha512-WmWNHWmm/LDwK8jaeZic/g6sU1ZckM+vvOyCV1qFRhJJ6hzve6DRgthNQB7Lra1ocrw68HexLKYgtdxIPcb3Fg==", + "version": "1.17.4", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.17.4.tgz", + "integrity": "sha512-Ae3um/gb8F0mui/jPL+QiqmglkUsaQf7FwBEHYIFkztkneosu9imhqHpBzQ3h1vit8t5iQ74t6PEVvphBZiuiQ==", "dev": true, "requires": { "es-to-primitive": "^1.2.1", @@ -889,15 +889,22 @@ "dev": true }, "escodegen": { - "version": "1.12.1", - "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.12.1.tgz", - "integrity": "sha512-Q8t2YZ+0e0pc7NRVj3B4tSQ9rim1oi4Fh46k2xhJ2qOiEwhQfdjyEQddWdj7ZFaKmU+5104vn1qrcjEPWq+bgQ==", + "version": "1.13.0", + "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.13.0.tgz", + "integrity": "sha512-eYk2dCkxR07DsHA/X2hRBj0CFAZeri/LyDMc0C8JT1Hqi6JnVpMhJ7XFITbb0+yZS3lVkaPL2oCkZ3AVmeVbMw==", "requires": { - "esprima": "^3.1.3", + "esprima": "^4.0.1", "estraverse": "^4.2.0", "esutils": "^2.0.2", "optionator": "^0.8.1", "source-map": "~0.6.1" + }, + "dependencies": { + "esprima": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==" + } } }, "eslint": { @@ -945,15 +952,6 @@ "v8-compile-cache": "^2.0.3" }, "dependencies": { - "debug": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", - "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", - "dev": true, - "requires": { - "ms": "^2.1.1" - } - }, "semver": { "version": "6.3.0", "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", @@ -1058,9 +1056,9 @@ "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" }, "fast-deep-equal": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz", - "integrity": "sha1-ewUhjd+WZ79/Nwv3/bLLFf3Qqkk=" + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz", + "integrity": "sha512-8UEa58QDLauDNfpbrX55Q9jrGHThw2ZMdOky5Gl1CDtVeJDPVrG4Jxx1N8jw2gkWaff5UUuX1KJd+9zGe2B+ZA==" }, "fast-json-stable-stringify": { "version": "2.1.0", @@ -1145,9 +1143,9 @@ "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" }, "form-data": { - "version": "2.5.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", - "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", + "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", "requires": { "asynckit": "^0.4.0", "combined-stream": "^1.0.6", @@ -1353,11 +1351,24 @@ "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", "dev": true }, + "has-symbol-support-x": { + "version": "1.4.2", + "resolved": "https://registry.npmjs.org/has-symbol-support-x/-/has-symbol-support-x-1.4.2.tgz", + "integrity": "sha512-3ToOva++HaW+eCpgqZrCfN51IPB+7bJNVT6CUATzueB5Heb8o6Nam0V3HG5dlDvZU1Gn5QLcbahiKw/XVk5JJw==" + }, "has-symbols": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.1.tgz", "integrity": "sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg==" }, + "has-to-string-tag-x": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/has-to-string-tag-x/-/has-to-string-tag-x-1.4.1.tgz", + "integrity": "sha512-vdbKfmw+3LoOYVr+mtxHaX5a96+0f3DljYd8JOqvOLsf5mw2Otda2qCDT9qRqLAhrjyQ0h7ual5nOiASpsGNFw==", + "requires": { + "has-symbol-support-x": "^1.4.1" + } + }, "he": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", @@ -1417,6 +1428,16 @@ "requires": { "agent-base": "^4.3.0", "debug": "^3.1.0" + }, + "dependencies": { + "debug": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", + "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "requires": { + "ms": "^2.1.1" + } + } } }, "iconv-lite": { @@ -1470,9 +1491,9 @@ "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" }, "inquirer": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/inquirer/-/inquirer-7.0.3.tgz", - "integrity": "sha512-+OiOVeVydu4hnCGLCSX+wedovR/Yzskv9BFqUNNKq9uU2qg7LCcCo3R86S2E7WLo0y/x2pnEZfZe1CoYnORUAw==", + "version": "7.0.4", + "resolved": "https://registry.npmjs.org/inquirer/-/inquirer-7.0.4.tgz", + "integrity": "sha512-Bu5Td5+j11sCkqfqmUTiwv+tWisMtP0L7Q8WrqA2C/BbBhy1YTdFrvjjlrKq8oagA/tLQBski2Gcx/Sqyi2qSQ==", "dev": true, "requires": { "ansi-escapes": "^4.2.1", @@ -1557,6 +1578,11 @@ "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", "dev": true }, + "is-object": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-object/-/is-object-1.0.1.tgz", + "integrity": "sha1-iVJojF7C/9awPsyF52ngKQMINHA=" + }, "is-promise": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-2.1.0.tgz", @@ -1600,6 +1626,15 @@ "upper-case": "^1.1.0" } }, + "is-urlsearchparams": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-urlsearchparams/-/is-urlsearchparams-1.0.1.tgz", + "integrity": "sha512-ISYewXCjgl/DXnP/OC6SFyahdusMiiI2QrrAH/b3U4xrWhlvwxDkgOpSSFkOfDiuU1lnKss9B/+EaLEcOcU1WQ==", + "requires": { + "has-to-string-tag-x": "^1.4.1", + "is-object": "^1.0.1" + } + }, "isarray": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", @@ -1616,6 +1651,16 @@ "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" }, + "isurl": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/isurl/-/isurl-4.0.1.tgz", + "integrity": "sha512-JKpi6sSTtv0BqvbUXlZI4UbR4AQFHkaS8EogyS0E9/I8qRjILoox+4J3QinxZ+CYFd80qms8XBb7n6IjykdVUA==", + "requires": { + "has-to-string-tag-x": "^1.4.1", + "is-object": "^1.0.1", + "is-urlsearchparams": "^1.0.1" + } + }, "jmespath": { "version": "0.15.0", "resolved": "https://registry.npmjs.org/jmespath/-/jmespath-0.15.0.tgz", @@ -1645,6 +1690,11 @@ } } }, + "jsbn": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", + "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + }, "json-schema": { "version": "0.2.3", "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", @@ -1711,45 +1761,17 @@ } }, "jwks-rsa": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/jwks-rsa/-/jwks-rsa-1.6.0.tgz", - "integrity": "sha512-gLhpd7Ka7Jy8ofm9OVj0PFPtSdx3+W2dncF3UCA1wDTAbvfiB1GhHbbyQlz8bqLF5+rge7pgD/DALRfgZi8Fgg==", + "version": "1.6.2", + "resolved": "https://registry.npmjs.org/jwks-rsa/-/jwks-rsa-1.6.2.tgz", + "integrity": "sha512-c/mFFq/wVXSkHzHGH+hLUwLeRKSCofNHJZKPzHho4YmO9LGwAazk7akfABvWhduS9OejWvqBS2jA69YeruEvNA==", "requires": { "@types/express-jwt": "0.0.42", - "debug": "^2.6.9", + "debug": "^4.1.0", "jsonwebtoken": "^8.5.1", "limiter": "^1.1.4", - "lru-memoizer": "^1.12.0", - "ms": "^2.1.1", + "lru-memoizer": "^2.0.1", + "ms": "^2.1.2", "request": "^2.88.0" - }, - "dependencies": { - "debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "requires": { - "ms": "2.0.0" - }, - "dependencies": { - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" - } - } - }, - "lru-memoizer": { - "version": "1.13.0", - "resolved": "https://registry.npmjs.org/lru-memoizer/-/lru-memoizer-1.13.0.tgz", - "integrity": "sha512-q0wMolfI7yimhZ36kBAfMLOIuDBpRkieN9do0YPjSzCaiy6r73s8wOEq7Ue/B95VSRbXzfnOr1O1QdJc5UIqaw==", - "requires": { - "lock": "~0.1.2", - "lodash": "^4.17.4", - "lru-cache": "~4.0.0", - "very-fast-args": "^1.1.0" - } - } } }, "jws": { @@ -1785,15 +1807,11 @@ "path-exists": "^3.0.0" } }, - "lock": { - "version": "0.1.4", - "resolved": "https://registry.npmjs.org/lock/-/lock-0.1.4.tgz", - "integrity": "sha1-/sfervF+fDoKVeHaBCgD4l2RdF0=" - }, "lodash": { "version": "4.17.15", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", - "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==", + "dev": true }, "lodash.clonedeep": { "version": "4.5.0", @@ -1940,9 +1958,9 @@ } }, "mocha": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/mocha/-/mocha-7.0.0.tgz", - "integrity": "sha512-CirsOPbO3jU86YKjjMzFLcXIb5YiGLUrjrXFHoJ3e2z9vWiaZVCZQ2+gtRGMPWF+nFhN6AWwLM/juzAQ6KRkbA==", + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/mocha/-/mocha-7.0.1.tgz", + "integrity": "sha512-9eWmWTdHLXh72rGrdZjNbG3aa1/3NRPpul1z0D979QpEnFdCG0Q5tv834N+94QEN2cysfV72YocQ3fn87s70fg==", "dev": true, "requires": { "ansi-colors": "3.2.3", @@ -1971,6 +1989,15 @@ "yargs-unparser": "1.6.0" }, "dependencies": { + "debug": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", + "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, "glob": { "version": "7.1.3", "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz", @@ -2209,16 +2236,6 @@ "pac-resolver": "^3.0.0", "raw-body": "^2.2.0", "socks-proxy-agent": "^4.0.1" - }, - "dependencies": { - "debug": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", - "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", - "requires": { - "ms": "^2.1.1" - } - } } }, "pac-resolver": { @@ -2362,14 +2379,6 @@ "socks-proxy-agent": "^4.0.1" }, "dependencies": { - "debug": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", - "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", - "requires": { - "ms": "^2.1.1" - } - }, "lru-cache": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", @@ -2401,14 +2410,14 @@ "integrity": "sha512-5NsSEDv8zY70ScRnOTn7bK7eanl2MvFrOrS/R6x+dBt5g1ghnj9Zv90kO8GwT8gxcu2ANyFprnFYB85IogIJOQ==" }, "punycode": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.3.2.tgz", - "integrity": "sha1-llOgNvt8HuQjQvIyXM7v6jkmxI0=" + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" }, "qs": { - "version": "6.9.1", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.1.tgz", - "integrity": "sha512-Cxm7/SS/y/Z3MHWSxXb8lIFqgqBowP5JMlTUFyJN88y0SGQhVmZnqFK/PeuMX9LzUyWsqqhNxIyg0jlzq946yA==" + "version": "6.5.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", + "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" }, "querystring": { "version": "0.2.0", @@ -2438,6 +2447,13 @@ "safe-buffer": "~5.1.1", "string_decoder": "~1.1.1", "util-deprecate": "~1.0.1" + }, + "dependencies": { + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" + } } }, "readdirp": { @@ -2480,23 +2496,6 @@ "tough-cookie": "~2.4.3", "tunnel-agent": "^0.6.0", "uuid": "^3.3.2" - }, - "dependencies": { - "form-data": { - "version": "2.3.3", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", - "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.6", - "mime-types": "^2.1.12" - } - }, - "qs": { - "version": "6.5.2", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", - "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" - } } }, "require-directory": { @@ -2644,6 +2643,15 @@ "which": "^1.2.9" } }, + "debug": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", + "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, "doctrine": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-2.1.0.tgz", @@ -2952,9 +2960,9 @@ } }, "safe-buffer": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", - "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" }, "safer-buffer": { "version": "2.1.2", @@ -2985,6 +2993,12 @@ "lower-case": "^1.1.1" } }, + "serverless-pseudo-parameters": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/serverless-pseudo-parameters/-/serverless-pseudo-parameters-2.5.0.tgz", + "integrity": "sha512-A/O49AR8LL6jlnPSmnOTYgL1KqVgskeRla4sVDeS/r5dHFJlwOU5MgFilc7aaQP8NWAwRJANaIS9oiSE3I+VUA==", + "dev": true + }, "set-blocking": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", @@ -3118,13 +3132,6 @@ "jsbn": "~0.1.0", "safer-buffer": "^2.0.2", "tweetnacl": "~0.14.0" - }, - "dependencies": { - "jsbn": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", - "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" - } } }, "statuses": { @@ -3180,6 +3187,13 @@ "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", "requires": { "safe-buffer": "~5.1.0" + }, + "dependencies": { + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" + } } }, "strip-ansi": { @@ -3220,6 +3234,16 @@ "mime": "^1.4.1", "qs": "^6.5.1", "readable-stream": "^2.3.5" + }, + "dependencies": { + "debug": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", + "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "requires": { + "ms": "^2.1.1" + } + } } }, "superagent-proxy": { @@ -3229,6 +3253,16 @@ "requires": { "debug": "^3.1.0", "proxy-agent": "3" + }, + "dependencies": { + "debug": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", + "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "requires": { + "ms": "^2.1.1" + } + } } }, "supports-color": { @@ -3420,13 +3454,6 @@ "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", "requires": { "punycode": "^2.1.0" - }, - "dependencies": { - "punycode": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", - "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" - } } }, "url": { @@ -3436,6 +3463,13 @@ "requires": { "punycode": "1.3.2", "querystring": "0.2.0" + }, + "dependencies": { + "punycode": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.3.2.tgz", + "integrity": "sha1-llOgNvt8HuQjQvIyXM7v6jkmxI0=" + } } }, "util-deprecate": { @@ -3444,9 +3478,9 @@ "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" }, "uuid": { - "version": "3.3.2", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", - "integrity": "sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA==" + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", + "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" }, "v8-compile-cache": { "version": "2.1.0", @@ -3464,11 +3498,6 @@ "extsprintf": "^1.2.0" } }, - "very-fast-args": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/very-fast-args/-/very-fast-args-1.1.0.tgz", - "integrity": "sha1-4W0dH6+KbllqJGQh/ZCneWPQs5Y=" - }, "which": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", diff --git a/package.json b/package.json index 57dae91..4fc5d3a 100644 --- a/package.json +++ b/package.json @@ -4,7 +4,8 @@ "description": "Lambda function to add trusted url to Auth0 Client Applications", "main": "index.js", "scripts": { - "test": "mocha test" + "test": "mocha test", + "ci-deploy": "node node_modules/serverless/bin/serverless deploy --KeyId \"$KEYID\"" }, "repository": { "type": "git", @@ -22,15 +23,17 @@ "dependencies": { "auth0": "^2.20.0", "aws-sdk": "^2.603.0", - "bluebird": "^3.7.2" + "bluebird": "^3.7.2", + "isurl": "^4.0.1" }, "devDependencies": { "chai": "^4.2.0", "chai-as-promised": "^7.1.1", "eslint": "^6.8.0", "mocha": "^7.0.0", + "mock-aws-sinon": "^1.3.2", "rewire": "^4.0.1", - "sinon": "^4.1.3", - "mock-aws-sinon": "^1.3.2" + "serverless-pseudo-parameters": "^2.5.0", + "sinon": "^4.1.3" } } diff --git a/serverless.yml b/serverless.yml index 7561228..7a32c6f 100644 --- a/serverless.yml +++ b/serverless.yml @@ -1,13 +1,35 @@ +service: auth0-add-url + +plugins: + - serverless-pseudo-parameters + provider: region: us-west-2 name: aws timeout: 30 + stage: ${opt:stage,'preview'} memorySize: 1024 - runtime: provided + runtime: nodejs10.x + iamRoleStatements: + - Effect: "Allow" + Action: + - secretsmanager:GetSecretValue + - secretsmanager:DescribeSecret + - secretsmanager:GetResourcePolicy + - secretsmanager:ListSecretVersionIds + Resource: ${self:custom.secretArn} + - Effect: "Allow" + Action: + - kms:Decrypt + Resource: "${self:custom.keyArn}" functions: auth0-add-url: name: auth0-add-url + handler: 'index.handler' description: 'Simple utility to add dev env urls to auth0' - handler: index.js tracing: Active + +custom: + secretArn: "arn:aws:secretsmanager:${self:provider.region}:#{AWS::AccountId}:secret:${self:provider.stage}/env*" + keyArn: "anr:aws:kms:${self:provider.region}:#{AWS::AccountId}:key/${opt:KeyId,'*'}" diff --git a/test/handler.js b/test/handler.js index e9c9430..cff5d95 100644 --- a/test/handler.js +++ b/test/handler.js @@ -37,24 +37,24 @@ describe('Handler', () => { secretSpy, auth0Spy, }; - } + }; it('should throw an error if secretEnv is not defined', () => { return handler({ url: 'https://test.roundingwell.com' }, context, cb).should.be.rejectedWith( - /secretEnv is required/ + /secretEnv is required/, ); }); it('should throw an error if url is not defined', () => { return handler({ secretEnv: 'test' }, context, cb).should.be.rejectedWith( - /url is required/ + /url is required/, ); }); it('should add urls', () => { const mockEvent = { secretEnv: 'test', - url: 'test' + url: 'test', }; const { secretSpy, auth0Spy } = makeMockHandler();