Merge pull request #150 from paul-bartlett/feature/EDB-3567

EDB-3567: Revert back to old token workflow until backward compatibility can be completed

cli.json

@@ -11,7 +11,7 @@
     },
     {
       "name": "edgekv",
-      "version": "1.8.0",
+      "version": "1.8.1",
       "aliases": ["ekv", "edgekv"],
       "description": "Manage Akamai EdgeKV database."
     }

src/edgekv/ekv-cli-main.ts

@@ -11,6 +11,7 @@ import {
   STAGING,
   PRODUCTION,
   EW_IDS,
+  EXPIRY,
   NAMESPACE,
   SAVE_PATH } from './../utils/constants';
 import { SANDBOX_ID } from '../utils/constants';
@@ -362,10 +363,11 @@ list
 
 list
   .command('tokens')
+  .option('--include-expired', 'Returns expired tokens in the response')
   .description('List all tokens for which the user has permission to download')
-  .action(async function () {
+  .action(async function (options) {
     try {
-      await kvCliHandler.listTokens();
+      await kvCliHandler.listTokens(options.includeExpired);
     } catch (e) {
       cliUtils.logAndExit(1, e);
     }
@@ -460,6 +462,10 @@ create
     '--ewids <ewIds>',
     'A comma separated list of up to a maximum of 8 EdgeWorker IDs. Use "all" to allow all EdgeWorkers. (REQUIRED)'
   )
+  .option(
+    '--expiry <expiry>',
+    'Expiration date of the token. Format of the expiry date is ISO 8601 format: yyyy-mm-dd. (REQUIRED)'
+  )
   .option(
     '--namespace <namespace>',
     'A comma separated list of up to a maximum of 20 namespace identifier and permission combinations. Use the namespace name combined with "+rwd" (read, write, delete) to set permissions. Ex: "namespace1+rwd,namespace2+rw" (REQUIRED)'
@@ -476,6 +482,7 @@ create
     options['staging'] = options.staging || configUtils.searchProperty(STAGING);
     options['production'] = options.production || configUtils.searchProperty(PRODUCTION);
     options['ewIds'] = options.ewIds || configUtils.searchProperty(EW_IDS);
+    options['expiry'] = options.expiry || configUtils.searchProperty(EXPIRY);
     options['namespace'] = options.namespace || configUtils.searchProperty(NAMESPACE);
     options['save_path'] = options.save_path || configUtils.searchProperty(SAVE_PATH);
 
@@ -490,6 +497,7 @@ create
           'staging',
           'production',
           'ewids',
+          'expiry',
           'namespace',
         ];
         cliUtils.checkOptions(options, requiredOptions);
@@ -609,24 +617,6 @@ download
     cliUtils.logAndExit(0, copywrite);
   });
 
-const refresh = program
-  .command('refresh')
-  .description('Refresh an EdgeKV token');
-
-refresh
-  .command('token <tokenName>')
-  .description('Refresh an EdgeKV token')
-  .action(async function (tokenName) {
-    try {
-      await kvCliHandler.refreshToken(tokenName);
-    } catch (e) {
-      cliUtils.logAndExit(1, e);
-    }
-  })
-  .on('--help', function () {
-    cliUtils.logAndExit(0, copywrite);
-  });
-
 const show = program
   .command('show')
   .description('Check the initialization status of the EdgeKV or Retrieve an EdgeKV namespace');

src/edgekv/ekv-handler.ts

@@ -505,9 +505,9 @@ export async function listItemsFromGroup(
   }
 }
 
-export async function listTokens() {
+export async function listTokens(incExpired) {
   const tokenList = await cliUtils.spinner(
-    edgekvSvc.getTokenList(),
+    edgekvSvc.getTokenList(incExpired),
     'Fetching token list...'
   );
   const msg = 'The following tokens are available for you to download';
@@ -537,9 +537,13 @@ export async function createToken(
     production?: string;
     ewids?: string;
     namespace?: string;
+    expiry?: string;
     overwrite?;
   }
 ) {
+  // convert string to ISO date
+  const expiry = getExpiryDate(options.expiry);
+
   // parse input permissions
   const permissionList = parseNameSpacePermissions(options.namespace);
   const envAccess = { allow: true, deny: false };
@@ -552,7 +556,8 @@ export async function createToken(
       permissionList,
       envAccess[options.staging],
       envAccess[options.production],
-      options.ewids.split(',')
+      options.ewids.split(','),
+      expiry
     ),
     'Creating edgekv token ...'
   );
@@ -576,7 +581,7 @@ export async function retrieveToken(
 
   const retrievedToken = await cliUtils.spinner(
     edgekvSvc.getSingleToken(tokenName),
-    'Downloading edgekv token...'
+    'Downloading egdekv token...'
   );
 
   if (retrievedToken != undefined && !retrievedToken.isError) {
@@ -589,35 +594,6 @@ export async function retrieveToken(
   }
 }
 
-export async function refreshToken(
-  tokenName: string
-) {
-  const refreshedToken = await cliUtils.spinner(
-    edgekvSvc.refreshToken(tokenName),
-    'Refreshing EdgeKV token...'
-  );
-
-  if (refreshedToken != undefined && !refreshedToken.isError) {
-    const nameSpaceList = Object.keys(refreshedToken['namespacePermissions']);
-    const msg = `Token "${refreshedToken['name']}" has been refreshed`;
-    if (ekvJsonOutput.isJSONOutputMode()) {
-      ekvJsonOutput.writeJSONOutput(
-        0,
-        msg,
-        response.logTokenToJson(refreshedToken, nameSpaceList)
-      );
-    } else {
-      cliUtils.logWithBorder(msg);
-      response.logToken(refreshedToken);
-    }
-  } else {
-    response.logError(
-      refreshedToken,
-      `ERROR: Unable to retrieve edgekv token. ${refreshedToken.error_reason} [TraceId: ${refreshedToken.traceId}]`
-    );
-  }
-}
-
 export async function revokeToken(tokenName: string) {
   const revokedToken = await cliUtils.spinner(
     edgekvSvc.revokeToken(tokenName),
@@ -760,6 +736,24 @@ async function getEwGroups(groupId: string) {
   }
   return ewGrpCapabilitiesMap;
 }
+/**
+ * Checks if date is in format yyyy-mm-dd
+ * Converts date to iso format to be consumed by API
+ * @param expiry
+ */
+function getExpiryDate(expiry: string) {
+  const errorMsg =
+    'Expiration time specified is invalid. Please specify in format yyyy-mm-dd.';
+  try {
+    if (!ekvhelper.isValidDate(expiry)) {
+      cliUtils.logAndExit(1, errorMsg);
+    }
+    expiry = new Date(expiry).toISOString().split('.').shift() + 'Z';
+    return expiry;
+  } catch (ex) {
+    cliUtils.logAndExit(1, errorMsg);
+  }
+}
 
 function parseNameSpacePermissions(namespace: string) {
   // list to which all the permissions mapped to namespace will be added
@@ -813,22 +807,26 @@ function validateSavePath(savePath) {
 }
 
 function processToken(token, savePath, overwrite) {
-  const nameSpaceList = Object.keys(token['namespacePermissions']);
+  // decodes the jwt token
+  const decodedToken = ekvhelper.decodeJWTToken(token['value']);
+  const nameSpaceList = ekvhelper.getNameSpaceListFromJWT(decodedToken);
   const msg =
-    'Add the token reference in edgekv_tokens.js file and place it in your bundle. Use --save_path option to save the token file to your bundle';
+    'Add the token value in edgekv_tokens.js file and place it in your bundle. Use --save_path option to save the token file to your bundle';
   if (savePath) {
     if (ekvhelper.getFileExtension(savePath) != '.tgz') {
       ekvhelper.createTokenFileWithoutBundle(
         savePath,
         overwrite,
         token,
+        decodedToken,
         nameSpaceList
       );
     } else {
       ekvhelper.saveTokenToBundle(
         savePath,
         overwrite,
         token,
+        decodedToken,
         nameSpaceList
       );
     }
@@ -837,11 +835,17 @@ function processToken(token, savePath, overwrite) {
       ekvJsonOutput.writeJSONOutput(
         0,
         msg,
-        response.logTokenToJson(token, nameSpaceList)
+        response.logTokenToJson(token, decodedToken, nameSpaceList)
       );
     } else {
       cliUtils.logWithBorder(msg);
-      response.logToken(token);
+      response.logToken(
+        token['name'],
+        token['value'],
+        decodedToken,
+        nameSpaceList,
+        false
+      );
     }
   }
 }