diff --git a/.github/workflows/oidc-test.yml b/.github/workflows/oidc-test.yml index 9ea0c8ec5..1239149e9 100644 --- a/.github/workflows/oidc-test.yml +++ b/.github/workflows/oidc-test.yml @@ -74,11 +74,11 @@ jobs: - name: Test User Output shell: bash - run: test -n "${{ steps.setup-jfrog-cli.outputs.jf-oidc-user }}" + run: test -n "${{ steps.setup-jfrog-cli.outputs.oidc-user }}" - name: Test Token Output shell: bash - run: test -n "${{ steps.setup-jfrog-cli.outputs.jf-oidc-token }}" + run: test -n "${{ steps.setup-jfrog-cli.outputs.oidc-token }}" # Removing the OIDC integration will remove the Identity Mapping as well - name: Delete OIDC integration diff --git a/README.md b/README.md index 85bc7baf6..7e8c865a0 100644 --- a/README.md +++ b/README.md @@ -195,8 +195,8 @@ Example step utilizing OpenID Connect: with: oidc-provider-name: setup-jfrog-cli ``` -Notice: when using the oidc authentication, the action outputs both the oidc token and the oidc token username which can be used inside the current workflow for logging into the JFrog platform through other actions/clients (for example, for using with docker login). -The outputs added are jf-oidc-token and jf-oidc-user respectively. + +**Notice:** When using OIDC authentication, this action outputs both the OIDC token and the OIDC token username. These can be utilized within the current workflow to log into the JFrog platform through other actions or clients (e.g., for use with `docker login`). The added outputs are `oidc-token` and `oidc-user`, respectively. diff --git a/action.yml b/action.yml index ff48d5734..64d6f7ba0 100644 --- a/action.yml +++ b/action.yml @@ -16,10 +16,10 @@ inputs: description: "By default, this is the URL of the GitHub repository owner, such as the organization that owns the repository." required: false outputs: - jf-oidc-token: - description: "JFrog oidc token generated by the JFrog CLI when setting oidc-provider-name." - jf-oidc-user: - description: "JFrog OIDC username from the oidc token generated by the Setup JFrog CLI when setting oidc-provider-name." + oidc-token: + description: "JFrog OIDC token generated by the Setup JFrog CLI when setting oidc-provider-name." + oidc-user: + description: "JFrog OIDC username from the OIDC token generated by the Setup JFrog CLI when setting oidc-provider-name." runs: using: "node20" main: "lib/main.js" diff --git a/lib/utils.js b/lib/utils.js index 077782011..0082adb07 100644 --- a/lib/utils.js +++ b/lib/utils.js @@ -141,14 +141,14 @@ class Utils { // Making sure the token is treated as a secret core.setSecret(oidcToken); // Output the oidc access token as a secret - core.setOutput('jf-oidc-token', oidcToken); + core.setOutput('oidc-token', oidcToken); // Output the user from the oidc access token subject as a secret let payload = this.decodeOidcToken(oidcToken); let tokenUser = this.extractTokenUser(payload.sub); // Mark the user as a secret core.setSecret(tokenUser); // Output the user from the oidc access token subject extracted from the last section of the subject - core.setOutput('jf-oidc-user', tokenUser); + core.setOutput('oidc-user', tokenUser); } /** * Extract the username from the OIDC access token subject. diff --git a/src/utils.ts b/src/utils.ts index d6a5c402b..e1d9d7180 100644 --- a/src/utils.ts +++ b/src/utils.ts @@ -144,7 +144,7 @@ export class Utils { // Making sure the token is treated as a secret core.setSecret(oidcToken); // Output the oidc access token as a secret - core.setOutput('jf-oidc-token', oidcToken); + core.setOutput('oidc-token', oidcToken); // Output the user from the oidc access token subject as a secret let payload: JWTTokenData = this.decodeOidcToken(oidcToken); @@ -152,7 +152,7 @@ export class Utils { // Mark the user as a secret core.setSecret(tokenUser); // Output the user from the oidc access token subject extracted from the last section of the subject - core.setOutput('jf-oidc-user', tokenUser); + core.setOutput('oidc-user', tokenUser); } /** diff --git a/test/main.spec.ts b/test/main.spec.ts index 75203bc58..5c25d9ca1 100644 --- a/test/main.spec.ts +++ b/test/main.spec.ts @@ -270,7 +270,10 @@ describe('extractTokenUser', () => { describe('decodeOidcToken', () => { it('should decode valid OIDC token', () => { - const oidcToken = Buffer.from(JSON.stringify({ sub: 'test' })).toString('base64') + '.eyJzdWIiOiJ0ZXN0In0.' + Buffer.from(JSON.stringify({ sub: 'test' })).toString('base64'); + const oidcToken = + Buffer.from(JSON.stringify({ sub: 'test' })).toString('base64') + + '.eyJzdWIiOiJ0ZXN0In0.' + + Buffer.from(JSON.stringify({ sub: 'test' })).toString('base64'); const result = Utils.decodeOidcToken(oidcToken); expect(result).toEqual({ sub: 'test' }); }); @@ -281,7 +284,10 @@ describe('decodeOidcToken', () => { }); it('should throw error for OIDC token without subject', () => { - const oidcToken = Buffer.from(JSON.stringify({ notSub: 'test' })).toString('base64') + '.eyJub3RTdWIiOiJ0ZXN0In0.' + Buffer.from(JSON.stringify({ notSub: 'test' })).toString('base64'); + const oidcToken = + Buffer.from(JSON.stringify({ notSub: 'test' })).toString('base64') + + '.eyJub3RTdWIiOiJ0ZXN0In0.' + + Buffer.from(JSON.stringify({ notSub: 'test' })).toString('base64'); expect(() => Utils.decodeOidcToken(oidcToken)).toThrowError('OIDC invalid access token format'); }); -}); \ No newline at end of file +});