hookdeck-cli 0.6.2

package/pkg/login/client_login.go

@@ -0,0 +1,209 @@
+package login
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"os"
+
+	"github.com/briandowns/spinner"
+
+	"github.com/hookdeck/hookdeck-cli/pkg/ansi"
+	"github.com/hookdeck/hookdeck-cli/pkg/config"
+	"github.com/hookdeck/hookdeck-cli/pkg/hookdeck"
+	"github.com/hookdeck/hookdeck-cli/pkg/open"
+	"github.com/hookdeck/hookdeck-cli/pkg/validators"
+)
+
+var openBrowser = open.Browser
+var canOpenBrowser = open.CanOpenBrowser
+
+const hookdeckCLIAuthPath = "/cli-auth"
+
+// Links provides the URLs for the CLI to continue the login flow
+type Links struct {
+	BrowserURL string `json:"browser_url"`
+	PollURL    string `json:"poll_url"`
+}
+
+// Login function is used to obtain credentials via hookdeck dashboard.
+func Login(config *config.Config, input io.Reader) error {
+	var s *spinner.Spinner
+
+	if config.Profile.APIKey != "" {
+		s = ansi.StartNewSpinner("Verifying CLI Key...", os.Stdout)
+		response, err := ValidateKey(config.APIBaseURL, config.Profile.APIKey)
+		if err != nil {
+			return err
+		}
+
+		config.Profile.ClientID = response.ClientID
+		config.Profile.DisplayName = response.UserName
+		config.Profile.TeamName = response.TeamName
+		config.Profile.TeamMode = response.TeamMode
+		config.Profile.TeamID = response.TeamID
+
+		profileErr := config.Profile.CreateProfile()
+		if profileErr != nil {
+			return profileErr
+		}
+
+		message := SuccessMessage(response.UserName, response.TeamName, config.Profile.TeamMode == "console")
+		ansi.StopSpinner(s, message, os.Stdout)
+
+		return nil
+	}
+
+	links, err := getLinks(config.APIBaseURL, config.Profile.DeviceName)
+	if err != nil {
+		return err
+	}
+
+	if isSSH() || !canOpenBrowser() {
+		fmt.Printf("To authenticate with Hookdeck, please go to: %s\n", links.BrowserURL)
+
+		s = ansi.StartNewSpinner("Waiting for confirmation...", os.Stdout)
+	} else {
+		fmt.Printf("Press Enter to open the browser (^C to quit)")
+		fmt.Fscanln(input)
+
+		s = ansi.StartNewSpinner("Waiting for confirmation...", os.Stdout)
+
+		err = openBrowser(links.BrowserURL)
+		if err != nil {
+			msg := fmt.Sprintf("Failed to open browser, please go to %s manually.", links.BrowserURL)
+			ansi.StopSpinner(s, msg, os.Stdout)
+			s = ansi.StartNewSpinner("Waiting for confirmation...", os.Stdout)
+		}
+	}
+
+	// Call poll function
+	response, err := PollForKey(links.PollURL, 0, 0)
+	if err != nil {
+		return err
+	}
+
+	validateErr := validators.APIKey(response.APIKey)
+	if validateErr != nil {
+		return validateErr
+	}
+
+	config.Profile.APIKey = response.APIKey
+	config.Profile.ClientID = response.ClientID
+	config.Profile.DisplayName = response.UserName
+	config.Profile.TeamName = response.TeamName
+	config.Profile.TeamMode = response.TeamMode
+	config.Profile.TeamID = response.TeamID
+
+	profileErr := config.Profile.CreateProfile()
+	if profileErr != nil {
+		return profileErr
+	}
+
+	message := SuccessMessage(response.UserName, response.TeamName, response.TeamMode == "console")
+	ansi.StopSpinner(s, message, os.Stdout)
+
+	return nil
+}
+
+func GuestLogin(config *config.Config) (string, error) {
+	parsedBaseURL, err := url.Parse(config.APIBaseURL)
+	if err != nil {
+		return "", err
+	}
+
+	client := &hookdeck.Client{
+		BaseURL: parsedBaseURL,
+	}
+
+	fmt.Println("🚩 Not connected with any account. Creating a guest account...")
+
+	guest_user, err := client.CreateGuestUser(hookdeck.CreateGuestUserInput{
+		DeviceName: config.Profile.DeviceName,
+	})
+	if err != nil {
+		return "", err
+	}
+
+	// Call poll function
+	response, err := PollForKey(guest_user.PollURL, 0, 0)
+	if err != nil {
+		return "", err
+	}
+
+	validateErr := validators.APIKey(response.APIKey)
+	if validateErr != nil {
+		return "", validateErr
+	}
+
+	config.Profile.APIKey = response.APIKey
+	config.Profile.ClientID = response.ClientID
+	config.Profile.DisplayName = response.UserName
+	config.Profile.TeamName = response.TeamName
+	config.Profile.TeamMode = response.TeamMode
+	config.Profile.TeamID = response.TeamID
+
+	profileErr := config.Profile.CreateProfile()
+	if profileErr != nil {
+		return "", profileErr
+	}
+
+	return guest_user.Url, nil
+}
+
+func getLinks(baseURL string, deviceName string) (*Links, error) {
+	parsedBaseURL, err := url.Parse(baseURL)
+	if err != nil {
+		return nil, err
+	}
+
+	client := &hookdeck.Client{
+		BaseURL: parsedBaseURL,
+	}
+
+	data := struct {
+		DeviceName string `json:"device_name"`
+	}{}
+	data.DeviceName = deviceName
+	json_data, err := json.Marshal(data)
+	if err != nil {
+		return nil, err
+	}
+
+	res, err := client.Post(context.TODO(), hookdeckCLIAuthPath, json_data, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	defer res.Body.Close()
+
+	bodyBytes, err := ioutil.ReadAll(res.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if res.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("unexpected http status code: %d %s", res.StatusCode, string(bodyBytes))
+	}
+
+	var links Links
+
+	err = json.Unmarshal(bodyBytes, &links)
+	if err != nil {
+		return nil, err
+	}
+
+	return &links, nil
+}
+
+func isSSH() bool {
+	if os.Getenv("SSH_TTY") != "" || os.Getenv("SSH_CONNECTION") != "" || os.Getenv("SSH_CLIENT") != "" {
+		return true
+	}
+
+	return false
+}

package/pkg/login/interactive_login.go

@@ -0,0 +1,180 @@
+package login
+
+import (
+	"bufio"
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net/url"
+	"os"
+	"os/signal"
+	"strings"
+	"syscall"
+
+	"golang.org/x/term"
+
+	"github.com/hookdeck/hookdeck-cli/pkg/ansi"
+	"github.com/hookdeck/hookdeck-cli/pkg/config"
+	"github.com/hookdeck/hookdeck-cli/pkg/hookdeck"
+	"github.com/hookdeck/hookdeck-cli/pkg/validators"
+)
+
+// InteractiveLogin lets the user set configuration on the command line
+func InteractiveLogin(config *config.Config) error {
+	apiKey, err := getConfigureAPIKey(os.Stdin)
+	if err != nil {
+		return err
+	}
+
+	config.Profile.DeviceName = getConfigureDeviceName(os.Stdin)
+
+	s := ansi.StartNewSpinner("Waiting for confirmation...", os.Stdout)
+
+	// Call poll function
+	response, err := PollForKey(config.APIBaseURL+"/cli-auth/poll?key="+apiKey, 0, 0)
+	if err != nil {
+		return err
+	}
+
+	parsedBaseURL, err := url.Parse(config.APIBaseURL)
+	if err != nil {
+		return err
+	}
+
+	client := &hookdeck.Client{
+		BaseURL: parsedBaseURL,
+		APIKey:  response.APIKey,
+	}
+
+	data := struct {
+		DeviceName string `json:"device_name"`
+	}{}
+	data.DeviceName = config.Profile.DeviceName
+	json_data, err := json.Marshal(data)
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Put(context.TODO(), "/cli/"+response.ClientID, json_data, nil)
+	if err != nil {
+		return err
+	}
+
+	config.Profile.APIKey = response.APIKey
+	config.Profile.ClientID = response.ClientID
+	config.Profile.DisplayName = response.UserName
+	config.Profile.TeamName = response.TeamName
+	config.Profile.TeamMode = response.TeamMode
+	config.Profile.TeamID = response.TeamID
+
+	profileErr := config.Profile.CreateProfile()
+	if profileErr != nil {
+		ansi.StopSpinner(s, "", os.Stdout)
+		return profileErr
+	}
+
+	message := SuccessMessage(response.UserName, response.TeamName, response.TeamMode == "console")
+
+	ansi.StopSpinner(s, message, os.Stdout)
+
+	return nil
+}
+
+func getConfigureAPIKey(input io.Reader) (string, error) {
+	fmt.Print("Enter your CLI API key: ")
+
+	apiKey, err := securePrompt(input)
+	if err != nil {
+		return "", err
+	}
+
+	apiKey = strings.TrimSpace(apiKey)
+	if apiKey == "" {
+		return "", errors.New("CLI API key is required, please provide your CLI API key")
+	}
+
+	err = validators.APIKey(apiKey)
+	if err != nil {
+		return "", err
+	}
+
+	fmt.Printf("Your API key is: %s\n", redactAPIKey(apiKey))
+
+	return apiKey, nil
+}
+
+func getConfigureDeviceName(input io.Reader) string {
+	hostName, _ := os.Hostname()
+	reader := bufio.NewReader(input)
+
+	color := ansi.Color(os.Stdout)
+	fmt.Printf("How would you like to identify this device in the Hookdeck Dashboard? [default: %s] ", color.Bold(color.Cyan(hostName)))
+
+	deviceName, _ := reader.ReadString('\n')
+	if strings.TrimSpace(deviceName) == "" {
+		deviceName = hostName
+	}
+
+	return deviceName
+}
+
+// redactAPIKey returns a redacted version of API keys. The first 8 and last 4
+// characters are not redacted, everything else is replaced by "*" characters.
+//
+// It panics if the provided string has less than 12 characters.
+func redactAPIKey(apiKey string) string {
+	var b strings.Builder
+
+	b.WriteString(apiKey[0:8])                         // #nosec G104 (gosec bug: https://github.com/securego/gosec/issues/267)
+	b.WriteString(strings.Repeat("*", len(apiKey)-12)) // #nosec G104 (gosec bug: https://github.com/securego/gosec/issues/267)
+	b.WriteString(apiKey[len(apiKey)-4:])              // #nosec G104 (gosec bug: https://github.com/securego/gosec/issues/267)
+
+	return b.String()
+}
+
+func securePrompt(input io.Reader) (string, error) {
+	if input == os.Stdin {
+		// terminal.ReadPassword does not reset terminal state on ctrl-c interrupts,
+		// this results in the terminal input staying hidden after program exit.
+		// We need to manually catch the interrupt and restore terminal state before exiting.
+		signalChan, err := protectTerminalState()
+		if err != nil {
+			return "", err
+		}
+
+		buf, err := term.ReadPassword(int(syscall.Stdin)) //nolint:unconvert
+		if err != nil {
+			return "", err
+		}
+
+		signal.Stop(signalChan)
+
+		fmt.Print("\n")
+
+		return string(buf), nil
+	}
+
+	reader := bufio.NewReader(input)
+
+	return reader.ReadString('\n')
+}
+
+func protectTerminalState() (chan os.Signal, error) {
+	originalTerminalState, err := term.GetState(int(syscall.Stdin)) //nolint:unconvert
+	if err != nil {
+		return nil, err
+	}
+
+	signalChan := make(chan os.Signal)
+	signal.Notify(signalChan, os.Interrupt)
+
+	go func() {
+		<-signalChan
+		term.Restore(int(syscall.Stdin), originalTerminalState) //nolint:unconvert
+		os.Exit(1)
+	}()
+
+	return signalChan, nil
+}

package/pkg/login/login_message.go

@@ -0,0 +1,24 @@
+package login
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/hookdeck/hookdeck-cli/pkg/ansi"
+)
+
+// SuccessMessage returns the display message for a successfully authenticated user
+func SuccessMessage(displayName string, teamName string, isConsole bool) string {
+	color := ansi.Color(os.Stdout)
+
+	if isConsole == true {
+		return fmt.Sprintf(
+			"Done! The Hookdeck CLI is configured with your console Sandbox",
+		)
+	}
+	return fmt.Sprintf(
+		"Done! The Hookdeck CLI is configured for %s in workspace %s\n",
+		color.Bold(displayName),
+		color.Bold(teamName),
+	)
+}

package/pkg/login/poll.go

@@ -0,0 +1,78 @@
+package login
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"io/ioutil"
+	"net/url"
+	"time"
+
+	"github.com/hookdeck/hookdeck-cli/pkg/hookdeck"
+)
+
+const maxAttemptsDefault = 2 * 60
+const intervalDefault = 1 * time.Second
+
+// PollAPIKeyResponse returns the data of the polling client login
+type PollAPIKeyResponse struct {
+	Claimed  bool   `json:"claimed"`
+	UserID   string `json:"user_id"`
+	UserName string `json:"user_name"`
+	TeamID   string `json:"team_id"`
+	TeamName string `json:"team_name"`
+	TeamMode string `json:"team_mode"`
+	APIKey   string `json:"key"`
+	ClientID string `json:"client_id"`
+}
+
+// PollForKey polls Hookdeck at the specified interval until either the API key is available or we've reached the max attempts.
+func PollForKey(pollURL string, interval time.Duration, maxAttempts int) (*PollAPIKeyResponse, error) {
+	if maxAttempts == 0 {
+		maxAttempts = maxAttemptsDefault
+	}
+
+	if interval == 0 {
+		interval = intervalDefault
+	}
+
+	parsedURL, err := url.Parse(pollURL)
+	if err != nil {
+		return nil, err
+	}
+
+	baseURL := &url.URL{Scheme: parsedURL.Scheme, Host: parsedURL.Host}
+
+	client := &hookdeck.Client{
+		BaseURL: baseURL,
+	}
+
+	var count = 0
+	for count < maxAttempts {
+		res, err := client.Get(context.TODO(), parsedURL.Path, parsedURL.Query().Encode(), nil)
+		if err != nil {
+			return nil, err
+		}
+
+		var response PollAPIKeyResponse
+
+		defer res.Body.Close()
+		body, err := ioutil.ReadAll(res.Body)
+		if err != nil {
+			return nil, err
+		}
+		err = json.Unmarshal(body, &response)
+		if err != nil {
+			return nil, err
+		}
+
+		if response.Claimed {
+			return &response, nil
+		}
+
+		count++
+		time.Sleep(interval)
+	}
+
+	return nil, errors.New("exceeded max attempts")
+}

package/pkg/login/validate.go

@@ -0,0 +1,52 @@
+package login
+
+import (
+	"context"
+	"encoding/json"
+	"io/ioutil"
+	"net/url"
+
+	"github.com/hookdeck/hookdeck-cli/pkg/hookdeck"
+)
+
+// ValidateAPIKeyResponse returns the user and team associated with a key
+type ValidateAPIKeyResponse struct {
+	UserID   string `json:"user_id"`
+	UserName string `json:"user_name"`
+	TeamID   string `json:"team_id"`
+	TeamName string `json:"team_name"`
+	TeamMode string `json:"team_mode"`
+	ClientID string `json:"client_id"`
+}
+
+func ValidateKey(baseURL string, key string) (*ValidateAPIKeyResponse, error) {
+
+	parsedBaseURL, err := url.Parse(baseURL)
+	if err != nil {
+		return nil, err
+	}
+
+	client := &hookdeck.Client{
+		BaseURL: parsedBaseURL,
+		APIKey:  key,
+	}
+
+	res, err := client.Get(context.Background(), "/cli-auth/validate", "", nil)
+	if err != nil {
+		return nil, err
+	}
+
+	var response ValidateAPIKeyResponse
+
+	defer res.Body.Close()
+	body, err := ioutil.ReadAll(res.Body)
+	if err != nil {
+		return nil, err
+	}
+	err = json.Unmarshal(body, &response)
+	if err != nil {
+		return nil, err
+	}
+
+	return &response, nil
+}

package/pkg/logout/logout.go

@@ -0,0 +1,48 @@
+package logout
+
+import (
+	"fmt"
+
+	"github.com/hookdeck/hookdeck-cli/pkg/config"
+)
+
+// Logout function is used to clear the credentials set for the current Profile
+func Logout(config *config.Config) error {
+	key, _ := config.Profile.GetAPIKey()
+
+	if key == "" {
+		fmt.Println("You are already logged out.")
+		return nil
+	}
+
+	fmt.Println("Logging out...")
+
+	profileName := config.Profile.ProfileName
+
+	err := config.RemoveProfile(profileName)
+	if err != nil {
+		return err
+	}
+
+	if profileName == "default" {
+		fmt.Println("Credentials have been cleared for the default project.")
+	} else {
+		fmt.Printf("Credentials have been cleared for %s.\n", profileName)
+	}
+
+	return nil
+}
+
+// All function is used to clear the credentials on all profiles
+func All(cfg *config.Config) error {
+	fmt.Println("Logging out...")
+
+	err := cfg.RemoveAllProfiles()
+	if err != nil {
+		return err
+	}
+
+	fmt.Println("Credentials have been cleared for all projects.")
+
+	return nil
+}

package/pkg/open/open.go

@@ -0,0 +1,50 @@
+package open
+
+import (
+	"fmt"
+	"os/exec"
+	"runtime"
+)
+
+var execCommand = exec.Command
+
+// Browser takes a url and opens it using the default browser on the operating system
+func Browser(url string) error {
+	var err error
+
+	switch runtime.GOOS {
+	case "linux":
+		err = execCommand("xdg-open", url).Start()
+	case "windows":
+		err = execCommand("rundll32", "url.dll,FileProtocolHandler", url).Start()
+	case "darwin":
+		err = execCommand("open", url).Start()
+	default:
+		err = fmt.Errorf("unsupported platform")
+	}
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// CanOpenBrowser determines if no browser is set in linux
+func CanOpenBrowser() bool {
+	if runtime.GOOS == "windows" || runtime.GOOS == "darwin" {
+		return true
+	}
+
+	output, err := execCommand("xdg-settings", "get", "default-web-browser").Output()
+
+	if err != nil {
+		return false
+	}
+
+	if string(output) == "" {
+		return false
+	}
+
+	return true
+}