mirror of
https://github.com/VSCodium/vscodium.git
synced 2024-12-14 09:43:15 +03:00
304 lines
12 KiB
Diff
304 lines
12 KiB
Diff
diff --git a/extensions/github-authentication/src/githubServer.ts b/extensions/github-authentication/src/githubServer.ts
|
|
index 49a523b..d68588e 100644
|
|
--- a/extensions/github-authentication/src/githubServer.ts
|
|
+++ b/extensions/github-authentication/src/githubServer.ts
|
|
@@ -6,23 +6,14 @@
|
|
import * as nls from 'vscode-nls';
|
|
import * as vscode from 'vscode';
|
|
import fetch, { Response } from 'node-fetch';
|
|
-import { v4 as uuid } from 'uuid';
|
|
-import { PromiseAdapter, promiseFromEvent } from './common/utils';
|
|
import { ExperimentationTelemetry } from './experimentationService';
|
|
import { AuthProviderType } from './github';
|
|
import { Log } from './common/logger';
|
|
-import { isSupportedEnvironment } from './common/env';
|
|
|
|
const localize = nls.loadMessageBundle();
|
|
const CLIENT_ID = '01ab8ac9400c4e429b23';
|
|
-const GITHUB_AUTHORIZE_URL = 'https://github.com/login/oauth/authorize';
|
|
-// TODO: change to stable when that happens
|
|
-const GITHUB_TOKEN_URL = 'https://vscode.dev/codeExchangeProxyEndpoints/github/login/oauth/access_token';
|
|
const NETWORK_ERROR = 'network error';
|
|
|
|
-const REDIRECT_URL_STABLE = 'https://vscode.dev/redirect';
|
|
-const REDIRECT_URL_INSIDERS = 'https://insiders.vscode.dev/redirect';
|
|
-
|
|
class UriEventHandler extends vscode.EventEmitter<vscode.Uri> implements vscode.UriHandler {
|
|
constructor(private readonly Logger: Log) {
|
|
super();
|
|
@@ -110,10 +101,7 @@ async function getUserInfo(token: string, serverUri: vscode.Uri, logger: Log): P
|
|
export class GitHubServer implements IGitHubServer {
|
|
friendlyName = 'GitHub';
|
|
type = AuthProviderType.github;
|
|
- private _onDidManuallyProvideToken = new vscode.EventEmitter<string | undefined>();
|
|
|
|
- private _pendingNonces = new Map<string, string[]>();
|
|
- private _codeExchangePromises = new Map<string, { promise: Promise<string>; cancel: vscode.EventEmitter<void> }>();
|
|
private _disposable: vscode.Disposable;
|
|
private _uriHandler = new UriEventHandler(this._logger);
|
|
|
|
@@ -125,87 +113,31 @@ export class GitHubServer implements IGitHubServer {
|
|
this._disposable.dispose();
|
|
}
|
|
|
|
- // TODO@joaomoreno TODO@TylerLeonhardt
|
|
- private async isNoCorsEnvironment(): Promise<boolean> {
|
|
- const uri = await vscode.env.asExternalUri(vscode.Uri.parse(`${vscode.env.uriScheme}://vscode.github-authentication/dummy`));
|
|
- return (uri.scheme === 'https' && /^((insiders\.)?vscode|github)\./.test(uri.authority)) || (uri.scheme === 'http' && /^localhost/.test(uri.authority));
|
|
- }
|
|
-
|
|
public async login(scopes: string): Promise<string> {
|
|
this._logger.info(`Logging in for the following scopes: ${scopes}`);
|
|
|
|
- const nonce = uuid();
|
|
- const callbackUri = await vscode.env.asExternalUri(vscode.Uri.parse(`${vscode.env.uriScheme}://vscode.github-authentication/did-authenticate?nonce=${encodeURIComponent(nonce)}`));
|
|
-
|
|
- if (!isSupportedEnvironment(callbackUri)) {
|
|
- const token = this._supportDeviceCodeFlow
|
|
- ? await this.doDeviceCodeFlow(scopes)
|
|
- : await vscode.window.showInputBox({ prompt: 'GitHub Personal Access Token', ignoreFocusOut: true });
|
|
+ const token = this._supportDeviceCodeFlow
|
|
+ ? await this.doDeviceCodeFlow(scopes)
|
|
+ : await vscode.window.showInputBox({ prompt: 'GitHub Personal Access Token', ignoreFocusOut: true });
|
|
|
|
- if (!token) { throw new Error('No token provided'); }
|
|
+ if (!token) { throw new Error('No token provided'); }
|
|
|
|
- const tokenScopes = await getScopes(token, this.getServerUri('/'), this._logger); // Example: ['repo', 'user']
|
|
- const scopesList = scopes.split(' '); // Example: 'read:user repo user:email'
|
|
- if (!scopesList.every(scope => {
|
|
- const included = tokenScopes.includes(scope);
|
|
- if (included || !scope.includes(':')) {
|
|
- return included;
|
|
- }
|
|
-
|
|
- return scope.split(':').some(splitScopes => {
|
|
- return tokenScopes.includes(splitScopes);
|
|
- });
|
|
- })) {
|
|
- throw new Error(`The provided token does not match the requested scopes: ${scopes}`);
|
|
+ const tokenScopes = await getScopes(token, this.getServerUri('/'), this._logger); // Example: ['repo', 'user']
|
|
+ const scopesList = scopes.split(' '); // Example: 'read:user repo user:email'
|
|
+ if (!scopesList.every(scope => {
|
|
+ const included = tokenScopes.includes(scope);
|
|
+ if (included || !scope.includes(':')) {
|
|
+ return included;
|
|
}
|
|
|
|
- return token;
|
|
+ return scope.split(':').some(splitScopes => {
|
|
+ return tokenScopes.includes(splitScopes);
|
|
+ });
|
|
+ })) {
|
|
+ throw new Error(`The provided token does not match the requested scopes: ${scopes}`);
|
|
}
|
|
|
|
- const existingNonces = this._pendingNonces.get(scopes) || [];
|
|
- this._pendingNonces.set(scopes, [...existingNonces, nonce]);
|
|
-
|
|
- const proxyEndpoints: { [providerId: string]: string } | undefined = await vscode.commands.executeCommand('workbench.getCodeExchangeProxyEndpoints');
|
|
- // If we are running in insiders vscode.dev, then ensure we use the redirect route on that.
|
|
- const redirectUri = proxyEndpoints?.github?.includes('https://insiders.vscode.dev') ? REDIRECT_URL_INSIDERS : REDIRECT_URL_STABLE;
|
|
- const searchParams = new URLSearchParams([
|
|
- ['client_id', CLIENT_ID],
|
|
- ['redirect_uri', redirectUri],
|
|
- ['scope', scopes],
|
|
- ['state', encodeURIComponent(callbackUri.toString(true))]
|
|
- ]);
|
|
- const uri = vscode.Uri.parse(`${GITHUB_AUTHORIZE_URL}?${searchParams.toString()}`);
|
|
-
|
|
- return vscode.window.withProgress({
|
|
- location: vscode.ProgressLocation.Window,
|
|
- title: localize('signingIn', " $(mark-github) Signing in to github.com..."),
|
|
- }, async () => {
|
|
- await vscode.env.openExternal(uri);
|
|
-
|
|
- // Register a single listener for the URI callback, in case the user starts the login process multiple times
|
|
- // before completing it.
|
|
- let codeExchangePromise = this._codeExchangePromises.get(scopes);
|
|
- if (!codeExchangePromise) {
|
|
- codeExchangePromise = promiseFromEvent(this._uriHandler.event, this.exchangeCodeForToken(scopes));
|
|
- this._codeExchangePromises.set(scopes, codeExchangePromise);
|
|
- }
|
|
-
|
|
- return Promise.race([
|
|
- codeExchangePromise.promise,
|
|
- promiseFromEvent<string | undefined, string>(this._onDidManuallyProvideToken.event, (token: string | undefined, resolve, reject): void => {
|
|
- if (!token) {
|
|
- reject('Cancelled');
|
|
- } else {
|
|
- resolve(token);
|
|
- }
|
|
- }).promise,
|
|
- new Promise<string>((_, reject) => setTimeout(() => reject('Cancelled'), 60000))
|
|
- ]).finally(() => {
|
|
- this._pendingNonces.delete(scopes);
|
|
- codeExchangePromise?.cancel.fire();
|
|
- this._codeExchangePromises.delete(scopes);
|
|
- });
|
|
- });
|
|
+ return token;
|
|
}
|
|
|
|
private async doDeviceCodeFlow(scopes: string): Promise<string> {
|
|
@@ -299,57 +231,6 @@ export class GitHubServer implements IGitHubServer {
|
|
throw new Error('Cancelled');
|
|
}
|
|
|
|
- private exchangeCodeForToken: (scopes: string) => PromiseAdapter<vscode.Uri, string> =
|
|
- (scopes) => async (uri, resolve, reject) => {
|
|
- const query = new URLSearchParams(uri.query);
|
|
- const code = query.get('code');
|
|
-
|
|
- const acceptedNonces = this._pendingNonces.get(scopes) || [];
|
|
- const nonce = query.get('nonce');
|
|
- if (!nonce) {
|
|
- this._logger.error('No nonce in response.');
|
|
- return;
|
|
- }
|
|
- if (!acceptedNonces.includes(nonce)) {
|
|
- // A common scenario of this happening is if you:
|
|
- // 1. Trigger a sign in with one set of scopes
|
|
- // 2. Before finishing 1, you trigger a sign in with a different set of scopes
|
|
- // In this scenario we should just return and wait for the next UriHandler event
|
|
- // to run as we are probably still waiting on the user to hit 'Continue'
|
|
- this._logger.info('Nonce not found in accepted nonces. Skipping this execution...');
|
|
- return;
|
|
- }
|
|
-
|
|
- this._logger.info('Exchanging code for token...');
|
|
-
|
|
- const proxyEndpoints: { [providerId: string]: string } | undefined = await vscode.commands.executeCommand('workbench.getCodeExchangeProxyEndpoints');
|
|
- const endpointUrl = proxyEndpoints?.github ? `${proxyEndpoints.github}login/oauth/access_token` : GITHUB_TOKEN_URL;
|
|
-
|
|
- try {
|
|
- const body = `code=${code}`;
|
|
- const result = await fetch(endpointUrl, {
|
|
- method: 'POST',
|
|
- headers: {
|
|
- Accept: 'application/json',
|
|
- 'Content-Type': 'application/x-www-form-urlencoded',
|
|
- 'Content-Length': body.toString()
|
|
-
|
|
- },
|
|
- body
|
|
- });
|
|
-
|
|
- if (result.ok) {
|
|
- const json = await result.json();
|
|
- this._logger.info('Token exchange success!');
|
|
- resolve(json.access_token);
|
|
- } else {
|
|
- reject(result.statusText);
|
|
- }
|
|
- } catch (ex) {
|
|
- reject(ex);
|
|
- }
|
|
- };
|
|
-
|
|
private getServerUri(path: string = '') {
|
|
const apiUri = vscode.Uri.parse('https://api.github.com');
|
|
return vscode.Uri.parse(`${apiUri.scheme}://${apiUri.authority}${path}`);
|
|
@@ -359,44 +240,7 @@ export class GitHubServer implements IGitHubServer {
|
|
return getUserInfo(token, this.getServerUri('/user'), this._logger);
|
|
}
|
|
|
|
- public async sendAdditionalTelemetryInfo(token: string): Promise<void> {
|
|
- if (!vscode.env.isTelemetryEnabled) {
|
|
- return;
|
|
- }
|
|
- const nocors = await this.isNoCorsEnvironment();
|
|
-
|
|
- if (nocors) {
|
|
- return;
|
|
- }
|
|
-
|
|
- try {
|
|
- const result = await fetch('https://education.github.com/api/user', {
|
|
- headers: {
|
|
- Authorization: `token ${token}`,
|
|
- 'faculty-check-preview': 'true',
|
|
- 'User-Agent': 'Visual-Studio-Code'
|
|
- }
|
|
- });
|
|
-
|
|
- if (result.ok) {
|
|
- const json: { student: boolean; faculty: boolean } = await result.json();
|
|
-
|
|
- /* __GDPR__
|
|
- "session" : {
|
|
- "isEdu": { "classification": "NonIdentifiableDemographicInfo", "purpose": "FeatureInsight" }
|
|
- }
|
|
- */
|
|
- this._telemetryReporter.sendTelemetryEvent('session', {
|
|
- isEdu: json.student
|
|
- ? 'student'
|
|
- : json.faculty
|
|
- ? 'faculty'
|
|
- : 'none'
|
|
- });
|
|
- }
|
|
- } catch (e) {
|
|
- // No-op
|
|
- }
|
|
+ public async sendAdditionalTelemetryInfo(_: string): Promise<void> {
|
|
}
|
|
|
|
public async checkEnterpriseVersion(token: string): Promise<void> {
|
|
diff --git a/src/vs/workbench/browser/parts/activitybar/activitybarActions.ts b/src/vs/workbench/browser/parts/activitybar/activitybarActions.ts
|
|
index 36647e6..55e722b 100644
|
|
--- a/src/vs/workbench/browser/parts/activitybar/activitybarActions.ts
|
|
+++ b/src/vs/workbench/browser/parts/activitybar/activitybarActions.ts
|
|
@@ -271,7 +271,7 @@ export class AccountsActivityActionViewItem extends MenuActivityActionViewItem {
|
|
}
|
|
});
|
|
|
|
- if (providers.length && !menus.length) {
|
|
+ if (!menus.length) {
|
|
const noAccountsAvailableAction = disposables.add(new Action('noAccountsAvailable', localize('noAccounts', "You are not signed in to any accounts"), undefined, false));
|
|
menus.push(noAccountsAvailableAction);
|
|
}
|
|
diff --git a/src/vs/workbench/services/authentication/browser/authenticationService.ts b/src/vs/workbench/services/authentication/browser/authenticationService.ts
|
|
index 5f7431d..278cd3d 100644
|
|
--- a/src/vs/workbench/services/authentication/browser/authenticationService.ts
|
|
+++ b/src/vs/workbench/services/authentication/browser/authenticationService.ts
|
|
@@ -13,7 +13,6 @@ import { isString } from 'vs/base/common/types';
|
|
import * as nls from 'vs/nls';
|
|
import { MenuId, MenuRegistry } from 'vs/platform/actions/common/actions';
|
|
import { CommandsRegistry } from 'vs/platform/commands/common/commands';
|
|
-import { ContextKeyExpr } from 'vs/platform/contextkey/common/contextkey';
|
|
import { ICredentialsService } from 'vs/platform/credentials/common/credentials';
|
|
import { IDialogService } from 'vs/platform/dialogs/common/dialogs';
|
|
import { registerSingleton } from 'vs/platform/instantiation/common/extensions';
|
|
@@ -197,13 +196,6 @@ export class AuthenticationService extends Disposable implements IAuthentication
|
|
@IQuickInputService private readonly quickInputService: IQuickInputService
|
|
) {
|
|
super();
|
|
- this._placeholderMenuItem = MenuRegistry.appendMenuItem(MenuId.AccountsContext, {
|
|
- command: {
|
|
- id: 'noAuthenticationProviders',
|
|
- title: nls.localize('loading', "Loading..."),
|
|
- precondition: ContextKeyExpr.false()
|
|
- },
|
|
- });
|
|
|
|
authenticationExtPoint.setHandler((extensions, { added, removed }) => {
|
|
added.forEach(point => {
|
|
@@ -272,16 +264,6 @@ export class AuthenticationService extends Disposable implements IAuthentication
|
|
this.removeAccessRequest(id, extensionId);
|
|
});
|
|
}
|
|
-
|
|
- if (!this._authenticationProviders.size) {
|
|
- this._placeholderMenuItem = MenuRegistry.appendMenuItem(MenuId.AccountsContext, {
|
|
- command: {
|
|
- id: 'noAuthenticationProviders',
|
|
- title: nls.localize('loading', "Loading..."),
|
|
- precondition: ContextKeyExpr.false()
|
|
- },
|
|
- });
|
|
- }
|
|
}
|
|
|
|
async sessionsUpdate(id: string, event: AuthenticationSessionsChangeEvent): Promise<void> {
|