.

jfrog · Jan 1, 2024 · 019192f · 019192f
1 parent 9a17ec2
commit 019192f
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 10 deletions.
diff --git a/src/main.ts b/src/main.ts
@@ -5,8 +5,8 @@ async function main() {
     try {
         core.startGroup('Setup JFrog CLI');
         Utils.setCliEnv();
-        console.log("ERAN CHECK: ####################### 11 #######################") // TODO del
-        let accessToken = await Utils.getJfrogAccessToken()
+        console.log("ERAN CHECK: ####################### 12 #######################") // TODO del
+        let accessToken :string = await Utils.getJfrogAccessToken()
         console.log(`ERAN CHECK: finished access token flow with access token: ${accessToken}`) // TODO del
         await Utils.getAndAddCliToPath();
         await Utils.configJFrogServers();

diff --git a/src/utils.ts b/src/utils.ts
@@ -5,8 +5,8 @@ import { chmodSync } from 'fs';
 import { platform, arch } from 'os';
 import { join } from 'path';
 import { lt } from 'semver';
-import {HttpClient, HttpClientResponse} from '@actions/http-client'
-import {OutgoingHttpHeaders} from "http";
+import { HttpClient, HttpClientResponse } from '@actions/http-client'
+import { OutgoingHttpHeaders } from "http";
 
 
 export class Utils {
@@ -83,30 +83,40 @@ export class Utils {
     private static async getAccessTokenFromJWT(basicUrl: string, jsonWebToken: string): Promise<string> {
         const exchangeUrl : string = basicUrl.replace(/\/$/, '') + "/access/api/v1/oidc/token"
 
-        console.log(`ERAN CHECK: Url for REST command: ${exchangeUrl}`) // TODO del
+        console.log(`ERAN CHECK: Exchanging JWT with ACCESS TOKEN. Url for REST command: ${exchangeUrl}`) // TODO del
 
         console.log("Exchanging JSON web token with access token")
-
         const audience: string = core.getInput(Utils.OIDC_AUDIENCE_ARG, { required: false });
         const httpClient : HttpClient = new HttpClient()
 
+        // TODO fix request
         try {
+            /*
             const dataString: string = JSON.stringify({
                 grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
                 subject_token_type: "urn:ietf:params:oauth:token-type:access_token", //TODO try: id-token -> access_token
                 subject_token: jsonWebToken,
                 provider_name: "github-oidc" // https://token.actions.githubusercontent.com
                 //assertion: jsonWebToken,
-                //audience: audience,
+                //audience: audience, //TODO should I pass audience here as well? it was passed to the JWT generator
             });
+             */
+
+            const data = `{
+                "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
+                "subject_token_type": "urn:ietf:params:oauth:token-type:id_token",
+                "subject_token": "${jsonWebToken}",
+                "provider_name": "github-oidc-integration"
+            }`;
 
-            const headers: OutgoingHttpHeaders = {
+
+            const additionalHeaders: OutgoingHttpHeaders = {
                 'Content-Type': 'application/json',
-            }
+            };
 
 
             console.log(`ERAN CHECK: starting POST`) // TODO del
-            const response: HttpClientResponse = await httpClient.post(exchangeUrl, dataString, headers)
+            const response: HttpClientResponse = await httpClient.post(exchangeUrl, data, additionalHeaders)
             console.log(`ERAN CHECK: POST succeeded`) // TODO del
             const responseData: string = await response.readBody()
             console.log(`ERAN CHECK: response string: ${responseData}`) // TODO del