function saveToken ({email, token}) { const netrc = require('netrc-parser').default netrc.loadSync() const hosts = [vars.apiHost, vars.httpGitHost] hosts.forEach(host => { if (!netrc.machines[host]) netrc.machines[host] = {} netrc.machines[host].login = email netrc.machines[host].password = token }) if (netrc.machines._tokens) { netrc.machines._tokens.forEach(token => { if (hosts.includes(token.host)) { token.internalWhitespace = '\n ' } }) } netrc.saveSync() }
function * logout () { let token = cli.heroku.options.token if (token) { // for SSO logins we delete the session since those do not show up in // authorizations because they are created a trusted client let sessionsP = cli.heroku.delete('/oauth/sessions/~') .catch(err => { if (err.statusCode === 404 && err.body && err.body.id === 'not_found' && err.body.resource === 'session') { return null } if (err.statusCode === 401 && err.body && err.body.id === 'unauthorized') { return null } throw err }) // grab the default authorization because that is the token shown in the // dashboard as API Key and they may be using it for something else and we // would unwittingly break an integration that they are depending on let defaultAuthorizationP = cli.heroku.get('/oauth/authorizations/~') .catch(err => { if (err.statusCode === 404 && err.body && err.body.id === 'not_found' && err.body.resource === 'authorization') { return null } if (err.statusCode === 401 && err.body && err.body.id === 'unauthorized') { return null } throw err }) // grab all the authorizations so that we can delete the token they are // using in the CLI. we have to do this rather than delete ~ because // the ~ is the API Key, not the authorization that is currently requesting let authorizationsP = cli.heroku.get('/oauth/authorizations') .catch(err => { if (err.statusCode === 401 && err.body && err.body.id === 'unauthorized') { return [] } throw err }) let [, defaultAuthorization, authorizations] = yield [sessionsP, defaultAuthorizationP, authorizationsP] if (accessToken(defaultAuthorization) !== token) { for (let authorization of authorizations) { if (accessToken(authorization) === token) { // remove the matching access token from core services yield cli.heroku.delete(`/oauth/authorizations/${authorization.id}`) } } } } const netrc = require('netrc-parser').default netrc.loadSync() if (netrc.machines[vars.apiHost]) { netrc.machines[vars.apiHost] = undefined } if (netrc.machines[vars.httpGitHost]) { netrc.machines[vars.httpGitHost] = undefined } netrc.saveSync() }