Group OIDC schemas into an array

Author: mbg

lib/start-proxy-action.js

@@ -0,0 +1,15 @@
+import * as json from ".";
+
+export function makeFromSchema<S extends json.Schema>(
+  includeOptional: boolean,
+  schema: S,
+): json.FromSchema<S> {
+  const result = {};
+  for (const [key, validator] of Object.entries(schema)) {
+    if (!validator.required && !includeOptional) {
+      continue;
+    }
+    result[key] = `value-for-${key}`;
+  }
+  return result as json.FromSchema<S>;
+}

src/json/testing-util.ts

@@ -8,6 +8,7 @@ import sinon from "sinon";
 import * as apiClient from "./api-client";
 import * as defaults from "./defaults.json";
 import { setUpFeatureFlagTests } from "./feature-flags/testing-util";
+import { makeFromSchema } from "./json/testing-util";
 import { BuiltInLanguage } from "./languages";
 import { getRunnerLogger, Logger } from "./logging";
 import * as startProxyExports from "./start-proxy";
@@ -457,23 +458,13 @@ test("getCredentials throws an error when non-printable characters are used for
 });
 
 test("getCredentials accepts OIDC configurations", (t) => {
-  const oidcConfigurations = [
-    {
+  const oidcConfigurations = startProxyExports.oidcSchemas.map(
+    (schemaInfo) => ({
       type: "nuget_feed",
-      host: "azure.pkg.github.com",
-      ...validAzureCredential,
-    },
-    {
-      type: "nuget_feed",
-      host: "aws.pkg.github.com",
-      ...validAwsCredential,
-    },
-    {
-      type: "nuget_feed",
-      host: "jfrog.pkg.github.com",
-      ...validJFrogCredential,
-    },
-  ];
+      host: `${schemaInfo.name.toLowerCase()}.pkg.github.com`,
+      ...makeFromSchema(true, schemaInfo.schema),
+    }),
+  );
 
   const credentials = startProxyExports.getCredentials(
     getRunnerLogger(true),

src/start-proxy.test.ts

@@ -118,6 +118,13 @@ export function isJFrogConfig(
   return json.validateSchema(jfrogConfigSchema, config);
 }
 
+/** An array of all OIDC configuration schemas along with output-friendly names. */
+export const oidcSchemas = [
+  { schema: azureConfigSchema, name: "Azure" },
+  { schema: awsConfigSchema, name: "AWS" },
+  { schema: jfrogConfigSchema, name: "JFrog" },
+];
+
 /** Represents all supported OIDC configurations. */
 export type OIDC = AzureConfig | AWSConfig | JFrogConfig;
 

src/start-proxy/types.ts

@@ -1,34 +1,15 @@
 import test from "ava";
 
 import * as json from "../json";
+import { makeFromSchema } from "../json/testing-util";
 import { setupTests } from "../testing-utils";
 
 import * as types from "./types";
 import { getAuthConfig } from "./validation";
 
 setupTests(test);
 
-function makeFromSchema(
-  includeOptional: boolean,
-  schema: json.Schema,
-): json.FromSchema<typeof schema> {
-  const result = {};
-  for (const [key, validator] of Object.entries(schema)) {
-    if (!validator.required && !includeOptional) {
-      continue;
-    }
-    result[key] = `value-for-${key}`;
-  }
-  return result;
-}
-
-const schemaTests = [
-  { schema: types.azureConfigSchema, name: "isAzureConfig" },
-  { schema: types.awsConfigSchema, name: "isAWSConfig" },
-  { schema: types.jfrogConfigSchema, name: "isJFrogConfig" },
-] as Array<{ schema: json.Schema; name: string }>;
-
-for (const schemaTest of schemaTests) {
+for (const schemaTest of types.oidcSchemas) {
   for (const includeOptional of [true, false]) {
     const minimalName = includeOptional ? "full" : "minimal";
 
@@ -39,7 +20,7 @@ for (const schemaTest of schemaTests) {
         getAuthConfig({
           ...config,
           unexpected: "unexpected-value",
-        } as json.UnvalidatedObject<types.AuthConfig>),
+        } as unknown as json.UnvalidatedObject<types.AuthConfig>),
         config,
       );
     });

src/start-proxy/validation.test.ts

@@ -30,13 +30,14 @@ export function getAuthConfig(
 ): AuthConfig {
   // Start by checking for the OIDC configurations, since they have required properties
   // which we can use to identify them.
-  if (types.isAzureConfig(config)) {
-    return cloneCredential(types.azureConfigSchema, config);
-  } else if (types.isAWSConfig(config)) {
-    return cloneCredential(types.awsConfigSchema, config);
-  } else if (types.isJFrogConfig(config)) {
-    return cloneCredential(types.jfrogConfigSchema, config);
-  } else if (types.isToken(config)) {
+  for (const oidcSchema of types.oidcSchemas) {
+    if (json.validateSchema(oidcSchema.schema, config)) {
+      return cloneCredential(oidcSchema.schema, config);
+    }
+  }
+
+  // Otherwise, try the basic configuration types.
+  if (types.isToken(config)) {
     // There are three scenarios for non-OIDC authentication based on the registry type:
     //
     // 1. `username`+`token`