Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bumps njwt #420

Open
wants to merge 5 commits into
base: 6.6
Choose a base branch
from
Open

bumps njwt #420

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
3cf5f95
bumps njwt
jaredperreault-okta Jun 26, 2024
106d906
CHLOG
jaredperreault-okta Jun 26, 2024
de1a2e7
fixes e2e
jaredperreault-okta Jun 26, 2024
4a19323
e2e fixes
jaredperreault-okta Jul 1, 2024
ff4ac61
test fix
jaredperreault-okta Jul 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# Okta Node SDK Changelog

# 6.6.1

### Fixes

- [#420](https://github.com/okta/okta-sdk-nodejs/pull/420) fix: upgrades `njwt` version to `2.0.1` to pull in [CVE-2024-34273](https://www.cve.org/CVERecord?id=CVE-2024-34273) resolution

# 6.6.0

### Bug Fixes
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
"https-proxy-agent": "^5.0.0",
"js-yaml": "^4.1.0",
"lodash": "^4.17.20",
"njwt": "^1.0.0",
"njwt": "^2.0.1",
"node-fetch": "^2.6.7",
"parse-link-header": "^2.0.0",
"rasha": "^1.2.5",
Expand Down
6 changes: 3 additions & 3 deletions scripts/clean-resources.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@
source ${OKTA_HOME}/${REPO}/scripts/setup.sh

export OKTA_CLIENT_ORGURL=https://node-sdk-oie.oktapreview.com
get_vault_secret_key devex/okta-sdk-nodejs-vars api_key OKTA_CLIENT_TOKEN
export OKTA_CLIENT_CLIENTID=0oa1q34stxthm0zbJ1d7
get_vault_secret_key devex/okta-sdk-nodejs-vars private_key OKTA_CLIENT_PRIVATEKEY
get_vault_secret_key devex/okta-sdk-nodejs-vars username ORG_USER
get_terminus_secret "/" api_key OKTA_CLIENT_TOKEN
get_terminus_secret "/" private_key OKTA_CLIENT_PRIVATEKEY
get_terminus_secret "/" username ORG_USER

if ! yarn aftertest; then
echo "Cleanup failed! Exiting..."
Expand Down
18 changes: 16 additions & 2 deletions scripts/e2e.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,23 @@
source ${OKTA_HOME}/${REPO}/scripts/setup.sh

export OKTA_CLIENT_ORGURL=https://node-sdk-oie.oktapreview.com
get_vault_secret_key devex/okta-sdk-nodejs-vars api_key OKTA_CLIENT_TOKEN
export OKTA_CLIENT_CLIENTID=0oa1q34stxthm0zbJ1d7
get_vault_secret_key devex/okta-sdk-nodejs-vars private_key OKTA_CLIENT_PRIVATEKEY
get_terminus_secret "/" api_key OKTA_CLIENT_TOKEN
get_terminus_secret "/" private_key E2E_PK
get_terminus_secret "/" username ORG_USER

HEADER="-----BEGIN RSA PRIVATE KEY-----"
FOOTER="-----END RSA PRIVATE KEY-----"

# NOTE: storing pem as secret results in newline characters becoming spaces, which
# causes the pem to be malformed when used by tests. Below solves this issue
pem=$(echo ${E2E_PK:31}) # remove -----BEGIN prefix
pem=$(echo "${pem% ${FOOTER}}") # remove -----END suffix
# BEGIN / END need to be removed so all remaining spaces can be converted to newlines
echo $HEADER > /tmp/e2e.pem # appends BEGIN header to tmp file
echo "$pem" | tr " " "\n" >> /tmp/e2e.pem # appends pem with spaces converted to newlines
echo "$FOOTER" >> /tmp/e2e.pem # appends END footer to tmp file
export OKTA_CLIENT_PRIVATEKEY=$(cat /tmp/e2e.pem)

export TEST_SUITE_TYPE="junit"
export TEST_RESULT_FILE_DIR="${REPO}/test-reports"
Expand Down
7 changes: 3 additions & 4 deletions scripts/unit.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,11 @@

source ${OKTA_HOME}/${REPO}/scripts/setup.sh

aws s3 --quiet --region us-east-1 cp s3://ci-secret-stash/prod/okta-sdk-nodejs/privateKey.pem ${OKTA_HOME}/${REPO}/scripts/privateKey.pem

export OKTA_CLIENT_ORGURL=https://node-sdk.okta.com
export OKTA_CLIENT_TOKEN="$(aws s3 --quiet --region us-east-1 cp s3://ci-secret-stash/prod/okta-sdk-nodejs/apiKey /dev/stdout)"
export OKTA_CLIENT_CLIENTID=0oa1jnkiuz6FCTchz4x7
export OKTA_CLIENT_PRIVATEKEY=$(cat ${OKTA_HOME}/${REPO}/scripts/privateKey.pem)
get_terminus_secret "/" api_key OKTA_CLIENT_TOKEN
get_terminus_secret "/" private_key OKTA_CLIENT_PRIVATEKEY
get_terminus_secret "/" username ORG_USER

export TEST_SUITE_TYPE="junit"
export TEST_RESULT_FILE_DIR="${REPO}/test-reports"
Expand Down
81 changes: 57 additions & 24 deletions test/delete-resources.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,39 +15,68 @@ const client = new okta.Client({
});

async function cleanInlineHooks() {
const collection = await client.listInlineHooks();
collection.each(async (inlineHook) => {
const collection = client.listInlineHooks();
await collection.each(async (inlineHook) => {

await inlineHook.deactivate();
await inlineHook.delete();
});
}

function cleanAuthorizationServers() {
client.listAuthorizationServers().each(
authorizationServer => {
authorizationServer.delete();
async function cleanDomains() {
const domains = (await client.listDomains()).domains;
for (const domain of domains) {
if (domain.certificateSourceType === 'MANUAL') {
await client.deleteDomain(domain.id);
}
}
}

async function cleanAuthorizationServers() {
await client.listAuthorizationServers().each(
async (authorizationServer) => {
await authorizationServer.delete();
}
);
}

async function cleanNetworkZones() {
await client.listNetworkZones().each(
async networkZone => {
const canDelete = networkZone.name?.startsWith('node-sdk: ');
if (canDelete) {
try {
if (networkZone.status === 'ACTIVE') {
await client.deactivateNetworkZone(networkZone.id);
}
await client.deleteNetworkZone(networkZone.id);
} catch (err) {
console.error(err);
}
} else {
console.log(`Skipped network zone to remove ${networkZone.name}`);
}
}
);
}

function cleanApplications() {
client.listApplications().each(application =>{
async function cleanApplications() {
await client.listApplications().each(async (application) =>{
(application.label === 'Node SDK Service App' || application.label === 'Bacon Service Client') ?
console.log(`Skipped application to remove ${application.label}`) :
utils.removeAppByLabel(client, application.label);
await utils.removeAppByLabel(client, application.label);
});
}

function cleanTestUsers() {
client.listUsers().each(user => {
async function cleanTestUsers() {
await client.listUsers().each(async (user) => {
(user.profile.email.endsWith('okta.com')) ?
console.log(`Skipped user to remove ${user.profile.email}`) :
utils.deleteUser(user);
await utils.deleteUser(user);
});
}

function cleanTestGroups() {
async function cleanTestGroups() {
const url = `${client.baseUrl}/api/v1/groups`;
const request = {
method: 'get',
Expand All @@ -73,15 +102,19 @@ function cleanTestGroups() {
}

describe('Clean all test resources', () => {

cleanAuthorizationServers();

cleanTestUsers();

cleanTestGroups();

cleanApplications();

cleanInlineHooks();

it('cleans resources', async () => {
await cleanNetworkZones();

await cleanAuthorizationServers();

await cleanTestUsers();

await cleanTestGroups();

await cleanApplications();

await cleanDomains();

await cleanInlineHooks();
});
});
4 changes: 3 additions & 1 deletion test/it/feature-crud.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,9 @@ const client = new Client({
const getFirstNonBetaFeature = async () => {
let firstFeatureInList;
await client.listFeatures().each((feature) => {
if (feature.stage.value !== 'BETA') {
// Note: Trying to enable feature 'Enforce MFA For Admin Console' will fail with error:
// Api validation failed: ENFORCE_MFA_FOR_ADMIN_APPS. Cannot enable the feature: To satisfy 2FA assurance, the current admin must have enough enrolled authenticators, and the enrolled authenticators cannot be disabled in authenticator enrollment policy.
if (feature.stage.value !== 'BETA' && !feature.name.includes('Enforce MFA')) {
firstFeatureInList = feature;
return false;
}
Expand Down
3 changes: 2 additions & 1 deletion test/it/network-zone.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ describe('Network Zone API', () => {
networkZone = await client.createNetworkZone({
type: 'IP',
id: null,
name: 'newNetworkZone',
name: 'node-sdk: newNetworkZone',
status: 'ACTIVE',
created: null,
lastUpdated: null,
Expand Down Expand Up @@ -50,6 +50,7 @@ describe('Network Zone API', () => {
});

afterEach(async () => {
await client.deactivateNetworkZone(networkZone.id);
await client.deleteNetworkZone(networkZone.id);
});

Expand Down
10 changes: 5 additions & 5 deletions yarn.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3474,10 +3474,10 @@ nise@^5.1.0:
just-extend "^4.0.2"
path-to-regexp "^1.7.0"

njwt@^1.0.0:
version "1.2.0"
resolved "https://registry.yarnpkg.com/njwt/-/njwt-1.2.0.tgz#1badf085fba3fd00abb70ed6c8f00246c6f46fa4"
integrity sha512-i+cdqwxo7EUimJCHPSAEpQEWrz4ilsVefL+FRhWrjMqq8HHiQ8dwi9GUWUfj3Vt6XMY2PXSjMn9JeVB3/Jp6pg==
njwt@^2.0.1:
version "2.0.1"
resolved "https://registry.yarnpkg.com/njwt/-/njwt-2.0.1.tgz#21a224c33ab1468f903210b1f45a20181adb6600"
integrity sha512-HwFeZsPJ1aOhIjMjqT9Qv7BOsQbkxjRVPPSdFXNOTEkfKpr9+O6OX+dSN6TxxIErSYSqrmlDR4H2zOGOpEbZLA==
dependencies:
"@types/node" "^15.0.1"
ecdsa-sig-formatter "^1.0.5"
Expand Down Expand Up @@ -4799,4 +4799,4 @@ z-schema@^4.2.2:
lodash.isequal "^4.5.0"
validator "^13.6.0"
optionalDependencies:
commander "^2.7.1"
commander "^2.7.1"