mirror of
https://github.com/google-gemini/gemini-cli.git
synced 2026-04-23 03:24:42 -07:00
Disallow unsafe type assertions (#18688)
This commit is contained in:
Christian Gunderman
committed by
GitHub
GitHub
parent
bce1caefd0
commit
fd65416a2f
@@ -143,6 +143,7 @@ export class MCPOAuthProvider {
|
||||
);
|
||||
}
|
||||
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
return (await response.json()) as OAuthClientRegistrationResponse;
|
||||
}
|
||||
|
||||
@@ -377,6 +378,7 @@ export class MCPOAuthProvider {
|
||||
}
|
||||
|
||||
server.listen(listenPort, () => {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
const address = server.address() as net.AddressInfo;
|
||||
serverPort = address.port;
|
||||
debugLogger.log(
|
||||
@@ -580,6 +582,7 @@ export class MCPOAuthProvider {
|
||||
|
||||
// Try to parse as JSON first, fall back to form-urlencoded
|
||||
try {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
return JSON.parse(responseText) as OAuthTokenResponse;
|
||||
} catch {
|
||||
// Parse form-urlencoded response
|
||||
@@ -702,6 +705,7 @@ export class MCPOAuthProvider {
|
||||
|
||||
// Try to parse as JSON first, fall back to form-urlencoded
|
||||
try {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
return JSON.parse(responseText) as OAuthTokenResponse;
|
||||
} catch {
|
||||
// Parse form-urlencoded response
|
||||
|
||||
@@ -61,6 +61,7 @@ export class MCPOAuthTokenStorage implements TokenStorage {
|
||||
try {
|
||||
const tokenFile = this.getTokenFilePath();
|
||||
const data = await fs.readFile(tokenFile, 'utf-8');
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
const tokens = JSON.parse(data) as OAuthCredentials[];
|
||||
|
||||
for (const credential of tokens) {
|
||||
@@ -68,6 +69,7 @@ export class MCPOAuthTokenStorage implements TokenStorage {
|
||||
}
|
||||
} catch (error) {
|
||||
// File doesn't exist or is invalid, return empty map
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
if ((error as NodeJS.ErrnoException).code !== 'ENOENT') {
|
||||
coreEvents.emitFeedback(
|
||||
'error',
|
||||
@@ -222,6 +224,7 @@ export class MCPOAuthTokenStorage implements TokenStorage {
|
||||
const tokenFile = this.getTokenFilePath();
|
||||
await fs.unlink(tokenFile);
|
||||
} catch (error) {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
if ((error as NodeJS.ErrnoException).code !== 'ENOENT') {
|
||||
coreEvents.emitFeedback(
|
||||
'error',
|
||||
|
||||
@@ -101,6 +101,7 @@ export class OAuthUtils {
|
||||
if (!response.ok) {
|
||||
return null;
|
||||
}
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
return (await response.json()) as OAuthProtectedResourceMetadata;
|
||||
} catch (error) {
|
||||
debugLogger.debug(
|
||||
@@ -124,6 +125,7 @@ export class OAuthUtils {
|
||||
if (!response.ok) {
|
||||
return null;
|
||||
}
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
return (await response.json()) as OAuthAuthorizationServerMetadata;
|
||||
} catch (error) {
|
||||
debugLogger.debug(
|
||||
|
||||
@@ -114,6 +114,7 @@ export class ServiceAccountImpersonationProvider implements McpAuthProvider {
|
||||
coreEvents.emitFeedback(
|
||||
'error',
|
||||
'Failed to obtain authentication token.',
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
e as Error,
|
||||
);
|
||||
return undefined;
|
||||
|
||||
@@ -72,9 +72,11 @@ export class FileTokenStorage extends BaseTokenStorage {
|
||||
try {
|
||||
const data = await fs.readFile(this.tokenFilePath, 'utf-8');
|
||||
const decrypted = this.decrypt(data);
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
const tokens = JSON.parse(decrypted) as Record<string, OAuthCredentials>;
|
||||
return new Map(Object.entries(tokens));
|
||||
} catch (error: unknown) {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
const err = error as NodeJS.ErrnoException & { message?: string };
|
||||
if (err.code === 'ENOENT') {
|
||||
return new Map();
|
||||
@@ -144,6 +146,7 @@ export class FileTokenStorage extends BaseTokenStorage {
|
||||
try {
|
||||
await fs.unlink(this.tokenFilePath);
|
||||
} catch (error: unknown) {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
const err = error as NodeJS.ErrnoException;
|
||||
if (err.code !== 'ENOENT') {
|
||||
throw error;
|
||||
@@ -176,6 +179,7 @@ export class FileTokenStorage extends BaseTokenStorage {
|
||||
try {
|
||||
await fs.unlink(this.tokenFilePath);
|
||||
} catch (error: unknown) {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
const err = error as NodeJS.ErrnoException;
|
||||
if (err.code !== 'ENOENT') {
|
||||
throw error;
|
||||
|
||||
@@ -70,6 +70,7 @@ export class KeychainTokenStorage
|
||||
return null;
|
||||
}
|
||||
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
const credentials = JSON.parse(data) as OAuthCredentials;
|
||||
|
||||
if (this.isTokenExpired(credentials)) {
|
||||
@@ -179,6 +180,7 @@ export class KeychainTokenStorage
|
||||
|
||||
for (const cred of credentials) {
|
||||
try {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
const data = JSON.parse(cred.password) as OAuthCredentials;
|
||||
if (!this.isTokenExpired(data)) {
|
||||
result.set(cred.account, data);
|
||||
@@ -223,6 +225,7 @@ export class KeychainTokenStorage
|
||||
try {
|
||||
await this.deleteCredentials(server);
|
||||
} catch (error) {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unsafe-type-assertion
|
||||
errors.push(error as Error);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user