auth0-deploy-cli/src/tools/auth0/handlers/riskAssessment.ts at 44226745407204bb00c32a4e3f002668d8d95009 · josh-cain/auth0-deploy-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
import DefaultAPIHandler from './default';
import { Assets } from '../../../types';
import { Management, ManagementError } from 'auth0';

export const schema = {
  type: 'object',
  properties: {
    settings: {
      type: 'object',
      properties: {
        enabled: {
          type: 'boolean',
          description: 'Whether or not risk assessment is enabled.',
        },
      },
      required: ['enabled'],
    },
    new_device: {
      type: 'object',
      properties: {
        remember_for: {
          type: 'number',
          description: 'Length of time to remember devices for, in days.',
        },
      },
      required: ['remember_for'],
    },
  },
  required: ['settings'],
};

export type RiskAssessment = {
  settings: Management.GetRiskAssessmentsSettingsResponseContent;
  new_device?: Management.GetRiskAssessmentsSettingsNewDeviceResponseContent;
};

export default class RiskAssessmentHandler extends DefaultAPIHandler {
  existing: RiskAssessment;

  constructor(config: DefaultAPIHandler) {
    super({
      ...config,
      type: 'riskAssessment',
    });
  }

  async getType(): Promise<RiskAssessment> {
    if (this.existing) {
      return this.existing;
    }

    try {
      const [settings, newDeviceSettings] = await Promise.all([
        this.client.riskAssessments.settings.get(),
        this.client.riskAssessments.settings.newDevice.get().catch((err) => {
          if (err instanceof ManagementError && err?.statusCode === 404) {
            return { remember_for: 0 };
          }
          throw err;
        }),
      ]);

      const riskAssessment: RiskAssessment = {
        settings: settings,
        new_device: newDeviceSettings,
        ...(newDeviceSettings.remember_for > 0 && {
          new_device: newDeviceSettings,
        }),
      };

      this.existing = riskAssessment;
      return this.existing;
    } catch (err) {
      if (err instanceof ManagementError && err.statusCode === 404) {
        const riskAssessment: RiskAssessment = {
          settings: { enabled: false },
        };
        this.existing = riskAssessment;
        return this.existing;
      }
      throw err;
    }
  }

  async processChanges(assets: Assets): Promise<void> {
    const { riskAssessment } = assets;

    // Non-existing section means it doesn't need to be processed
    if (!riskAssessment) {
      return;
    }

    const updates: Promise<unknown>[] = [];

    // Update main settings (enabled flag)
    updates.push(this.client.riskAssessments.settings.update(riskAssessment?.settings));

    // Update new device settings if provided
    if (riskAssessment.new_device) {
      updates.push(
        this.client.riskAssessments.settings.newDevice.update(riskAssessment.new_device)
      );
    }

    await Promise.all(updates);
    this.updated += 1;
    this.didUpdate(riskAssessment);
  }
}