github · mbg · Apr 9, 2026 · Apr 9, 2026
@@ -351,23 +351,23 @@ test("getCredentials throws an error when non-printable characters are used", as
 });
 
 const validAzureCredential: startProxyExports.AzureConfig = {
-  tenant_id: "12345678-1234-1234-1234-123456789012",
-  client_id: "abcdef01-2345-6789-abcd-ef0123456789",
+  "tenant-id": "12345678-1234-1234-1234-123456789012",
+  "client-id": "abcdef01-2345-6789-abcd-ef0123456789",
 };
 
 const validAwsCredential: startProxyExports.AWSConfig = {
-  aws_region: "us-east-1",
-  account_id: "123456789012",
-  role_name: "MY_ROLE",
+  "aws-region": "us-east-1",
+  "account-id": "123456789012",
+  "role-name": "MY_ROLE",
   domain: "MY_DOMAIN",
-  domain_owner: "987654321098",
+  "domain-owner": "987654321098",
   audience: "custom-audience",
 };
 
 const validJFrogCredential: startProxyExports.JFrogConfig = {
-  jfrog_oidc_provider_name: "MY_PROVIDER",
+  "jfrog-oidc-provider-name": "MY_PROVIDER",
   audience: "jfrog-audience",
-  identity_mapping_name: "my-mapping",
+  "identity-mapping-name": "my-mapping",
 };
 
 test("getCredentials throws an error when non-printable characters are used for Azure OIDC", (t) => {

@@ -301,22 +301,22 @@ export function getAuthConfig(
   // which we can use to identify them.
   if (isAzureConfig(config)) {
     return {
-      tenant_id: config.tenant_id,
-      client_id: config.client_id,
+      "tenant-id": config["tenant-id"],
+      "client-id": config["client-id"],
     } satisfies AzureConfig;
   } else if (isAWSConfig(config)) {
     return {
-      aws_region: config.aws_region,
-      account_id: config.account_id,
-      role_name: config.role_name,
+      "aws-region": config["aws-region"],
+      "account-id": config["account-id"],
+      "role-name": config["role-name"],
       domain: config.domain,
-      domain_owner: config.domain_owner,
+      "domain-owner": config["domain-owner"],
       audience: config.audience,
     } satisfies AWSConfig;
   } else if (isJFrogConfig(config)) {
     return {
-      jfrog_oidc_provider_name: config.jfrog_oidc_provider_name,
-      identity_mapping_name: config.identity_mapping_name,
+      "jfrog-oidc-provider-name": config["jfrog-oidc-provider-name"],
+      "identity-mapping-name": config["identity-mapping-name"],
       audience: config.audience,
     } satisfies JFrogConfig;
   } else if (isToken(config)) {

@@ -7,23 +7,23 @@ import * as types from "./types";
 setupTests(test);
 
 const validAzureCredential: types.AzureConfig = {
-  tenant_id: "12345678-1234-1234-1234-123456789012",
-  client_id: "abcdef01-2345-6789-abcd-ef0123456789",
+  "tenant-id": "12345678-1234-1234-1234-123456789012",
+  "client-id": "abcdef01-2345-6789-abcd-ef0123456789",
 };
 
 const validAwsCredential: types.AWSConfig = {
-  aws_region: "us-east-1",
-  account_id: "123456789012",
-  role_name: "MY_ROLE",
+  "aws-region": "us-east-1",
+  "account-id": "123456789012",
+  "role-name": "MY_ROLE",
   domain: "MY_DOMAIN",
-  domain_owner: "987654321098",
+  "domain-owner": "987654321098",
   audience: "custom-audience",
 };
 
 const validJFrogCredential: types.JFrogConfig = {
-  jfrog_oidc_provider_name: "MY_PROVIDER",
+  "jfrog-oidc-provider-name": "MY_PROVIDER",
   audience: "jfrog-audience",
-  identity_mapping_name: "my-mapping",
+  "identity-mapping-name": "my-mapping",
 };
 
 test("credentialToStr - pretty-prints valid username+password configurations", (t) => {

@@ -59,29 +59,29 @@ export function isToken(
 }
 
 /** Configuration for Azure OIDC. */
-export type AzureConfig = { tenant_id: string; client_id: string };
+export type AzureConfig = { "tenant-id": string; "client-id": string };
 
 /** Decides whether `config` is an Azure OIDC configuration. */
 export function isAzureConfig(
   config: UnvalidatedObject<AuthConfig>,
 ): config is AzureConfig {
   return (
-    "tenant_id" in config &&
-    "client_id" in config &&
-    isDefined(config.tenant_id) &&
-    isDefined(config.client_id) &&
-    json.isString(config.tenant_id) &&
-    json.isString(config.client_id)
+    "tenant-id" in config &&
+    "client-id" in config &&
+    isDefined(config["tenant-id"]) &&
+    isDefined(config["client-id"]) &&
+    json.isString(config["tenant-id"]) &&
+    json.isString(config["client-id"])
   );
 }
 
 /** Configuration for AWS OIDC. */
 export type AWSConfig = {
-  aws_region: string;
-  account_id: string;
-  role_name: string;
+  "aws-region": string;
+  "account-id": string;
+  "role-name": string;
   domain: string;
-  domain_owner: string;
+  "domain-owner": string;
   audience?: string;
 };
 
@@ -91,11 +91,11 @@ export function isAWSConfig(
 ): config is AWSConfig {
   // All of these properties are required.
   const requiredProperties = [
-    "aws_region",
-    "account_id",
-    "role_name",
+    "aws-region",
+    "account-id",
+    "role-name",
     "domain",
-    "domain_owner",
+    "domain-owner",
   ];
 
   for (const property of requiredProperties) {
@@ -118,30 +118,30 @@ export function isAWSConfig(
 
 /** Configuration for JFrog OIDC. */
 export type JFrogConfig = {
-  jfrog_oidc_provider_name: string;
+  "jfrog-oidc-provider-name": string;
   audience?: string;
-  identity_mapping_name?: string;
+  "identity-mapping-name"?: string;
 };
 
 /** Decides whether `config` is a JFrog OIDC configuration. */
 export function isJFrogConfig(
   config: UnvalidatedObject<AuthConfig>,
 ): config is JFrogConfig {
-  // The "audience" and "identity_mapping_name" fields are optional, but should be strings if present.
+  // The "audience" and "identity-mapping-name" fields are optional, but should be strings if present.
   if ("audience" in config && !json.isStringOrUndefined(config.audience)) {
     return false;
   }
   if (
-    "identity_mapping_name" in config &&
-    !json.isStringOrUndefined(config.identity_mapping_name)
+    "identity-mapping-name" in config &&
+    !json.isStringOrUndefined(config["identity-mapping-name"])
   ) {
     return false;
   }
 
   return (
-    "jfrog_oidc_provider_name" in config &&
-    isDefined(config.jfrog_oidc_provider_name) &&
-    json.isString(config.jfrog_oidc_provider_name)
+    "jfrog-oidc-provider-name" in config &&
+    isDefined(config["jfrog-oidc-provider-name"]) &&
+    json.isString(config["jfrog-oidc-provider-name"])
   );
 }
 
@@ -189,18 +189,21 @@ export function credentialToStr(credential: Credential): string {
   }
 
   if (isAzureConfig(credential)) {
-    appendIfDefined("Tenant", credential.tenant_id);
-    appendIfDefined("Client", credential.client_id);
+    appendIfDefined("Tenant", credential["tenant-id"]);
+    appendIfDefined("Client", credential["client-id"]);
   } else if (isAWSConfig(credential)) {
-    appendIfDefined("AWS Region", credential.aws_region);
-    appendIfDefined("AWS Account", credential.account_id);
-    appendIfDefined("AWS Role", credential.role_name);
+    appendIfDefined("AWS Region", credential["aws-region"]);
+    appendIfDefined("AWS Account", credential["account-id"]);
+    appendIfDefined("AWS Role", credential["role-name"]);
     appendIfDefined("AWS Domain", credential.domain);
-    appendIfDefined("AWS Domain Owner", credential.domain_owner);
+    appendIfDefined("AWS Domain Owner", credential["domain-owner"]);
     appendIfDefined("AWS Audience", credential.audience);
   } else if (isJFrogConfig(credential)) {
-    appendIfDefined("JFrog Provider", credential.jfrog_oidc_provider_name);
-    appendIfDefined("JFrog Identity Mapping", credential.identity_mapping_name);
+    appendIfDefined("JFrog Provider", credential["jfrog-oidc-provider-name"]);
+    appendIfDefined(
+      "JFrog Identity Mapping",
+      credential["identity-mapping-name"],
+    );
     appendIfDefined("JFrog Audience", credential.audience);
   }