git-bug/bridge/github/config.go

package github

import (
	"bufio"
	"bytes"
	"encoding/json"
	"fmt"
	"io"
	"io/ioutil"
	"math/rand"
	"net/http"
	"os"
	"regexp"
	"strings"
	"syscall"
	"time"

	"github.com/MichaelMure/git-bug/bridge/core"
	"github.com/MichaelMure/git-bug/repository"
	"golang.org/x/crypto/ssh/terminal"
)

const githubV3Url = "https://api.github.com"
const keyUser = "user"
const keyProject = "project"
const keyToken = "token"

func (*Github) Configure(repo repository.RepoCommon) (core.Configuration, error) {
	conf := make(core.Configuration)

	fmt.Println()
	fmt.Println("git-bug will generate an access token in your Github profile.")
	// fmt.Println("The token will have the \"repo\" permission, giving it read/write access to your repositories and issues. There is no narrower scope available, sorry :-|")
	fmt.Println()

	projectUser, projectName, err := promptURL()
	if err != nil {
		return nil, err
	}

	conf[keyUser] = projectUser
	conf[keyProject] = projectName

	username, err := promptUsername()
	if err != nil {
		return nil, err
	}

	password, err := promptPassword()
	if err != nil {
		return nil, err
	}

	// Attempt to authenticate and create a token

	note := fmt.Sprintf("git-bug - %s/%s", projectUser, projectName)

	resp, err := requestToken(note, username, password)
	if err != nil {
		return nil, err
	}

	defer resp.Body.Close()

	// Handle 2FA is needed
	OTPHeader := resp.Header.Get("X-GitHub-OTP")
	if resp.StatusCode == http.StatusUnauthorized && OTPHeader != "" {
		otpCode, err := prompt2FA()
		if err != nil {
			return nil, err
		}

		resp, err = requestTokenWith2FA(note, username, password, otpCode)
		if err != nil {
			return nil, err
		}

		defer resp.Body.Close()
	}

	if resp.StatusCode == http.StatusCreated {
		token, err := decodeBody(resp.Body)
		if err != nil {
			return nil, err
		}
		conf[keyToken] = token
		return conf, nil
	}

	b, _ := ioutil.ReadAll(resp.Body)
	fmt.Printf("Error %v: %v\n", resp.StatusCode, string(b))

	return nil, nil
}

func requestToken(note, username, password string) (*http.Response, error) {
	return requestTokenWith2FA(note, username, password, "")
}

func requestTokenWith2FA(note, username, password, otpCode string) (*http.Response, error) {
	url := fmt.Sprintf("%s/authorizations", githubV3Url)
	params := struct {
		Scopes      []string `json:"scopes"`
		Note        string   `json:"note"`
		Fingerprint string   `json:"fingerprint"`
	}{
		// Scopes:      []string{"repo"},
		Note:        note,
		Fingerprint: randomFingerprint(),
	}

	data, err := json.Marshal(params)
	if err != nil {
		return nil, err
	}

	req, err := http.NewRequest("POST", url, bytes.NewBuffer(data))
	if err != nil {
		return nil, err
	}

	req.SetBasicAuth(username, password)
	req.Header.Set("Content-Type", "application/json")

	if otpCode != "" {
		req.Header.Set("X-GitHub-OTP", otpCode)
	}

	client := http.Client{}

	return client.Do(req)
}

func decodeBody(body io.ReadCloser) (string, error) {
	data, _ := ioutil.ReadAll(body)

	aux := struct {
		Token string `json:"token"`
	}{}

	err := json.Unmarshal(data, &aux)
	if err != nil {
		return "", err
	}

	if aux.Token == "" {
		return "", fmt.Errorf("no token found in response: %s", string(data))
	}

	return aux.Token, nil
}

func randomFingerprint() string {
	// Doesn't have to be crypto secure, it's just to avoid token collision
	rand.Seed(time.Now().UnixNano())
	var letterRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
	b := make([]rune, 32)
	for i := range b {
		b[i] = letterRunes[rand.Intn(len(letterRunes))]
	}
	return string(b)
}

func promptUsername() (string, error) {
	for {
		fmt.Print("username: ")

		line, err := bufio.NewReader(os.Stdin).ReadString('\n')
		if err != nil {
			return "", err
		}

		line = strings.TrimRight(line, "\n")

		ok, err := validateUsername(line)
		if err != nil {
			return "", err
		}
		if ok {
			return line, nil
		}

		fmt.Println("invalid username")
	}
}

func promptURL() (string, string, error) {
	for {
		fmt.Print("Github project URL: ")

		line, err := bufio.NewReader(os.Stdin).ReadString('\n')
		if err != nil {
			return "", "", err
		}

		line = strings.TrimRight(line, "\n")

		if line == "" {
			fmt.Println("URL is empty")
			continue
		}

		projectUser, projectName, err := splitURL(line)

		if err != nil {
			fmt.Println(err)
			continue
		}

		return projectUser, projectName, nil
	}
}

func splitURL(url string) (string, string, error) {
	re, err := regexp.Compile(`github\.com\/([^\/]*)\/([^\/]*)`)
	if err != nil {
		panic(err)
	}

	res := re.FindStringSubmatch(url)

	if res == nil {
		return "", "", fmt.Errorf("bad github project url")
	}

	return res[1], res[2], nil
}

func validateUsername(username string) (bool, error) {
	url := fmt.Sprintf("%s/users/%s", githubV3Url, username)

	resp, err := http.Get(url)
	if err != nil {
		return false, err
	}

	err = resp.Body.Close()
	if err != nil {
		return false, err
	}

	return resp.StatusCode == http.StatusOK, nil
}

func promptPassword() (string, error) {
	for {
		fmt.Print("password: ")

		bytePassword, err := terminal.ReadPassword(int(syscall.Stdin))
		// new line for coherent formatting, ReadPassword clip the normal new line
		// entered by the user
		fmt.Println()

		if err != nil {
			return "", err
		}

		if len(bytePassword) > 0 {
			return string(bytePassword), nil
		}

		fmt.Println("password is empty")
	}
}

func prompt2FA() (string, error) {
	for {
		fmt.Print("two-factor authentication code: ")

		byte2fa, err := terminal.ReadPassword(int(syscall.Stdin))
		if err != nil {
			return "", err
		}

		if len(byte2fa) > 0 {
			return string(byte2fa), nil
		}

		fmt.Println("code is empty")
	}
}
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`package github`

			`import (`
			`"bufio"`
			`"bytes"`
			`"encoding/json"`
			`"fmt"`
			`"io"`
			`"io/ioutil"`
			`"math/rand"`
			`"net/http"`
			`"os"`
bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`"regexp"`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`"strings"`
			`"syscall"`
			`"time"`

bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`"github.com/MichaelMure/git-bug/bridge/core"`
			`"github.com/MichaelMure/git-bug/repository"`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`"golang.org/x/crypto/ssh/terminal"`
			`)`

bridge: big refactor and cleanup 2018-09-24 16:25:15 +03:00			`const githubV3Url = "https://api.github.com"`
bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`const keyUser = "user"`
			`const keyProject = "project"`
			`const keyToken = "token"`

			`func (*Github) Configure(repo repository.RepoCommon) (core.Configuration, error) {`
			`conf := make(core.Configuration)`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00
bridge: big refactor and cleanup 2018-09-24 16:25:15 +03:00			`fmt.Println()`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`fmt.Println("git-bug will generate an access token in your Github profile.")`
bridge: make github 2FA work 2018-09-21 15:38:44 +03:00			`// fmt.Println("The token will have the \"repo\" permission, giving it read/write access to your repositories and issues. There is no narrower scope available, sorry :-\|")`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`fmt.Println()`

bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`projectUser, projectName, err := promptURL()`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`if err != nil {`
			`return nil, err`
			`}`

bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`conf[keyUser] = projectUser`
			`conf[keyProject] = projectName`

bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`username, err := promptUsername()`
			`if err != nil {`
			`return nil, err`
			`}`

			`password, err := promptPassword()`
			`if err != nil {`
			`return nil, err`
			`}`

			`// Attempt to authenticate and create a token`

bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`note := fmt.Sprintf("git-bug - %s/%s", projectUser, projectName)`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00
bridge: make github 2FA work 2018-09-21 15:38:44 +03:00			`resp, err := requestToken(note, username, password)`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`if err != nil {`
			`return nil, err`
			`}`

			`defer resp.Body.Close()`

			`// Handle 2FA is needed`
			`OTPHeader := resp.Header.Get("X-GitHub-OTP")`
			`if resp.StatusCode == http.StatusUnauthorized && OTPHeader != "" {`
			`otpCode, err := prompt2FA()`
			`if err != nil {`
			`return nil, err`
			`}`

bridge: make github 2FA work 2018-09-21 15:38:44 +03:00			`resp, err = requestTokenWith2FA(note, username, password, otpCode)`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`if err != nil {`
			`return nil, err`
			`}`

bridge: make github 2FA work 2018-09-21 15:38:44 +03:00			`defer resp.Body.Close()`
bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`}`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00
bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`if resp.StatusCode == http.StatusCreated {`
			`token, err := decodeBody(resp.Body)`
			`if err != nil {`
			`return nil, err`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`}`
bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`conf[keyToken] = token`
			`return conf, nil`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`}`

			`b, _ := ioutil.ReadAll(resp.Body)`
			`fmt.Printf("Error %v: %v\n", resp.StatusCode, string(b))`

			`return nil, nil`
			`}`

bridge: make github 2FA work 2018-09-21 15:38:44 +03:00			`func requestToken(note, username, password string) (*http.Response, error) {`
			`return requestTokenWith2FA(note, username, password, "")`
			`}`

			`func requestTokenWith2FA(note, username, password, otpCode string) (*http.Response, error) {`
			`url := fmt.Sprintf("%s/authorizations", githubV3Url)`
			`params := struct {`
			Scopes []string `json:"scopes"`
			Note string `json:"note"`
			Fingerprint string `json:"fingerprint"`
			`}{`
			`// Scopes: []string{"repo"},`
			`Note: note,`
			`Fingerprint: randomFingerprint(),`
			`}`

			`data, err := json.Marshal(params)`
			`if err != nil {`
			`return nil, err`
			`}`

			`req, err := http.NewRequest("POST", url, bytes.NewBuffer(data))`
			`if err != nil {`
			`return nil, err`
			`}`

			`req.SetBasicAuth(username, password)`
			`req.Header.Set("Content-Type", "application/json")`

			`if otpCode != "" {`
			`req.Header.Set("X-GitHub-OTP", otpCode)`
			`}`

			`client := http.Client{}`

			`return client.Do(req)`
			`}`

bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`func decodeBody(body io.ReadCloser) (string, error) {`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`data, _ := ioutil.ReadAll(body)`

			`aux := struct {`
			Token string `json:"token"`
			`}{}`

			`err := json.Unmarshal(data, &aux)`
			`if err != nil {`
bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`return "", err`
			`}`

			`if aux.Token == "" {`
			`return "", fmt.Errorf("no token found in response: %s", string(data))`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`}`

bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`return aux.Token, nil`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`}`

			`func randomFingerprint() string {`
			`// Doesn't have to be crypto secure, it's just to avoid token collision`
			`rand.Seed(time.Now().UnixNano())`
			`var letterRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")`
			`b := make([]rune, 32)`
			`for i := range b {`
			`b[i] = letterRunes[rand.Intn(len(letterRunes))]`
			`}`
			`return string(b)`
			`}`

			`func promptUsername() (string, error) {`
			`for {`
bridge: big refactor and cleanup 2018-09-24 16:25:15 +03:00			`fmt.Print("username: ")`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00
			`line, err := bufio.NewReader(os.Stdin).ReadString('\n')`
			`if err != nil {`
			`return "", err`
			`}`

			`line = strings.TrimRight(line, "\n")`

			`ok, err := validateUsername(line)`
			`if err != nil {`
			`return "", err`
			`}`
			`if ok {`
			`return line, nil`
			`}`

			`fmt.Println("invalid username")`
			`}`
			`}`

bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`func promptURL() (string, string, error) {`
			`for {`
bridge: big refactor and cleanup 2018-09-24 16:25:15 +03:00			`fmt.Print("Github project URL: ")`
bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00
			`line, err := bufio.NewReader(os.Stdin).ReadString('\n')`
			`if err != nil {`
			`return "", "", err`
			`}`

			`line = strings.TrimRight(line, "\n")`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00
bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`if line == "" {`
			`fmt.Println("URL is empty")`
			`continue`
			`}`

			`projectUser, projectName, err := splitURL(line)`

			`if err != nil {`
			`fmt.Println(err)`
			`continue`
			`}`

			`return projectUser, projectName, nil`
			`}`
			`}`

			`func splitURL(url string) (string, string, error) {`
			re, err := regexp.Compile(`github\.com\/([^\/])\/([^\/])`)
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`if err != nil {`
commands: add "bridge rm" 2018-09-24 17:24:38 +03:00			`panic(err)`
bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`}`

			`res := re.FindStringSubmatch(url)`

			`if res == nil {`
			`return "", "", fmt.Errorf("bad github project url")`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`}`

bridge: better interfaces, working github configurator 2018-09-21 19:23:46 +03:00			`return res[1], res[2], nil`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`}`

			`func validateUsername(username string) (bool, error) {`
			`url := fmt.Sprintf("%s/users/%s", githubV3Url, username)`

			`resp, err := http.Get(url)`
			`if err != nil {`
			`return false, err`
			`}`

			`err = resp.Body.Close()`
			`if err != nil {`
			`return false, err`
			`}`

			`return resp.StatusCode == http.StatusOK, nil`
			`}`

			`func promptPassword() (string, error) {`
			`for {`
bridge: big refactor and cleanup 2018-09-24 16:25:15 +03:00			`fmt.Print("password: ")`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00
			`bytePassword, err := terminal.ReadPassword(int(syscall.Stdin))`
bridge: big refactor and cleanup 2018-09-24 16:25:15 +03:00			`// new line for coherent formatting, ReadPassword clip the normal new line`
			`// entered by the user`
			`fmt.Println()`

bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00			`if err != nil {`
			`return "", err`
			`}`

			`if len(bytePassword) > 0 {`
			`return string(bytePassword), nil`
			`}`

			`fmt.Println("password is empty")`
			`}`
			`}`

			`func prompt2FA() (string, error) {`
			`for {`
bridge: big refactor and cleanup 2018-09-24 16:25:15 +03:00			`fmt.Print("two-factor authentication code: ")`
bridge: add the beginning of a github importer 2018-09-21 13:54:48 +03:00
			`byte2fa, err := terminal.ReadPassword(int(syscall.Stdin))`
			`if err != nil {`
			`return "", err`
			`}`

			`if len(byte2fa) > 0 {`
			`return string(byte2fa), nil`
			`}`

			`fmt.Println("code is empty")`
			`}`
			`}`