Merge from vscode 5e80bf449c995aa32a59254c0ff845d37da11b70 (#9317)

extensions/github-authentication/src/common/clientRegistrar.ts

@@ -0,0 +1,87 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the Source EULA. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+import { Uri } from 'vscode';
+
+export interface ClientDetails {
+	id?: string;
+	secret?: string;
+}
+
+export interface ClientConfig {
+	OSS: ClientDetails;
+	INSIDERS: ClientDetails;
+	STABLE: ClientDetails;
+	EXPLORATION: ClientDetails;
+
+	VSO: ClientDetails;
+	VSO_PPE: ClientDetails;
+	VSO_DEV: ClientDetails;
+}
+
+export class Registrar {
+	private _config: ClientConfig;
+
+	constructor() {
+		try {
+			this._config = require('./config.json') as ClientConfig;
+		} catch (e) {
+			this._config = {
+				OSS: {},
+				INSIDERS: {},
+				STABLE: {},
+				EXPLORATION: {},
+				VSO: {},
+				VSO_PPE: {},
+				VSO_DEV: {}
+			};
+		}
+	}
+	getClientDetails(callbackUri: Uri): ClientDetails {
+		let details: ClientDetails | undefined;
+		switch (callbackUri.scheme) {
+			case 'code-oss':
+				details = this._config.OSS;
+				break;
+
+			case 'vscode-insiders':
+				details = this._config.INSIDERS;
+				break;
+
+			case 'vscode':
+				details = this._config.STABLE;
+				break;
+
+			case 'vscode-exploration':
+				details = this._config.EXPLORATION;
+				break;
+
+			case 'https':
+				switch (callbackUri.authority) {
+					case 'online.visualstudio.com':
+						details = this._config.VSO;
+						break;
+					case 'online-ppe.core.vsengsaas.visualstudio.com':
+						details = this._config.VSO_PPE;
+						break;
+					case 'online.dev.core.vsengsaas.visualstudio.com':
+						details = this._config.VSO_DEV;
+						break;
+				}
+
+			default:
+				throw new Error(`Unrecognized callback ${callbackUri}`);
+		}
+
+		if (!details.id || !details.secret) {
+			throw new Error(`No client configuration available for ${callbackUri}`);
+		}
+
+		return details;
+	}
+}
+
+const ClientRegistrar = new Registrar();
+export default ClientRegistrar;

extensions/github-authentication/src/common/keychain.ts

@@ -0,0 +1,73 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the Source EULA. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+// keytar depends on a native module shipped in vscode, so this is
+// how we load it
+import * as keytarType from 'keytar';
+import { env } from 'vscode';
+import Logger from './logger';
+
+function getKeytar(): Keytar | undefined {
+	try {
+		return require('keytar');
+	} catch (err) {
+		console.log(err);
+	}
+
+	return undefined;
+}
+
+export type Keytar = {
+	getPassword: typeof keytarType['getPassword'];
+	setPassword: typeof keytarType['setPassword'];
+	deletePassword: typeof keytarType['deletePassword'];
+};
+
+const SERVICE_ID = `${env.uriScheme}-github.login`;
+const ACCOUNT_ID = 'account';
+
+export class Keychain {
+	private keytar: Keytar;
+
+	constructor() {
+		const keytar = getKeytar();
+		if (!keytar) {
+			throw new Error('System keychain unavailable');
+		}
+
+		this.keytar = keytar;
+	}
+
+	async setToken(token: string): Promise<void> {
+		try {
+			return await this.keytar.setPassword(SERVICE_ID, ACCOUNT_ID, token);
+		} catch (e) {
+			// Ignore
+			Logger.error(`Setting token failed: ${e}`);
+		}
+	}
+
+	async getToken(): Promise<string | null | undefined> {
+		try {
+			return await this.keytar.getPassword(SERVICE_ID, ACCOUNT_ID);
+		} catch (e) {
+			// Ignore
+			Logger.error(`Getting token failed: ${e}`);
+			return Promise.resolve(undefined);
+		}
+	}
+
+	async deleteToken(): Promise<boolean | undefined> {
+		try {
+			return await this.keytar.deletePassword(SERVICE_ID, ACCOUNT_ID);
+		} catch (e) {
+			// Ignore
+			Logger.error(`Deleting token failed: ${e}`);
+			return Promise.resolve(undefined);
+		}
+	}
+}
+
+export const keychain = new Keychain();

extensions/github-authentication/src/common/logger.ts

@@ -0,0 +1,55 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the Source EULA. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+import * as vscode from 'vscode';
+
+type LogLevel = 'Trace' | 'Info' | 'Error';
+
+class Log {
+	private output: vscode.OutputChannel;
+
+	constructor() {
+		this.output = vscode.window.createOutputChannel('GitHub Authentication');
+	}
+
+	private data2String(data: any): string {
+		if (data instanceof Error) {
+			return data.stack || data.message;
+		}
+		if (data.success === false && data.message) {
+			return data.message;
+		}
+		return data.toString();
+	}
+
+	public info(message: string, data?: any): void {
+		this.logLevel('Info', message, data);
+	}
+
+	public error(message: string, data?: any): void {
+		this.logLevel('Error', message, data);
+	}
+
+	public logLevel(level: LogLevel, message: string, data?: any): void {
+		this.output.appendLine(`[${level}  - ${this.now()}] ${message}`);
+		if (data) {
+			this.output.appendLine(this.data2String(data));
+		}
+	}
+
+	private now(): string {
+		const now = new Date();
+		return padLeft(now.getUTCHours() + '', 2, '0')
+			+ ':' + padLeft(now.getMinutes() + '', 2, '0')
+			+ ':' + padLeft(now.getUTCSeconds() + '', 2, '0') + '.' + now.getMilliseconds();
+	}
+}
+
+function padLeft(s: string, n: number, pad = ' ') {
+	return pad.repeat(Math.max(0, n - s.length)) + s;
+}
+
+const Logger = new Log();
+export default Logger;

extensions/github-authentication/src/common/utils.ts

@@ -0,0 +1,73 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the Source EULA. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+import { Event, Disposable } from 'vscode';
+
+export function filterEvent<T>(event: Event<T>, filter: (e: T) => boolean): Event<T> {
+	return (listener, thisArgs = null, disposables?) => event(e => filter(e) && listener.call(thisArgs, e), null, disposables);
+}
+
+export function onceEvent<T>(event: Event<T>): Event<T> {
+	return (listener, thisArgs = null, disposables?) => {
+		const result = event(e => {
+			result.dispose();
+			return listener.call(thisArgs, e);
+		}, null, disposables);
+
+		return result;
+	};
+}
+
+
+export interface PromiseAdapter<T, U> {
+	(
+		value: T,
+		resolve:
+			(value?: U | PromiseLike<U>) => void,
+		reject:
+			(reason: any) => void
+	): any;
+}
+
+const passthrough = (value: any, resolve: (value?: any) => void) => resolve(value);
+
+/**
+ * Return a promise that resolves with the next emitted event, or with some future
+ * event as decided by an adapter.
+ *
+ * If specified, the adapter is a function that will be called with
+ * `(event, resolve, reject)`. It will be called once per event until it resolves or
+ * rejects.
+ *
+ * The default adapter is the passthrough function `(value, resolve) => resolve(value)`.
+ *
+ * @param event the event
+ * @param adapter controls resolution of the returned promise
+ * @returns a promise that resolves or rejects as specified by the adapter
+ */
+export async function promiseFromEvent<T, U>(
+	event: Event<T>,
+	adapter: PromiseAdapter<T, U> = passthrough): Promise<U> {
+	let subscription: Disposable;
+	return new Promise<U>((resolve, reject) =>
+		subscription = event((value: T) => {
+			try {
+				Promise.resolve(adapter(value, resolve, reject))
+					.catch(reject);
+			} catch (error) {
+				reject(error);
+			}
+		})
+	).then(
+		(result: U) => {
+			subscription.dispose();
+			return result;
+		},
+		error => {
+			subscription.dispose();
+			throw error;
+		}
+	);
+}

extensions/github-authentication/src/extension.ts

@@ -0,0 +1,43 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the Source EULA. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+import * as vscode from 'vscode';
+import { GitHubAuthenticationProvider, onDidChangeSessions } from './github';
+import { uriHandler } from './githubServer';
+import Logger from './common/logger';
+
+export async function activate(context: vscode.ExtensionContext) {
+
+	context.subscriptions.push(vscode.window.registerUriHandler(uriHandler));
+	const loginService = new GitHubAuthenticationProvider();
+
+	await loginService.initialize();
+
+	vscode.authentication.registerAuthenticationProvider({
+		id: 'GitHub',
+		displayName: 'GitHub',
+		onDidChangeSessions: onDidChangeSessions.event,
+		getSessions: () => Promise.resolve(loginService.sessions),
+		login: async (scopes: string[]) => {
+			try {
+				const session = await loginService.login(scopes.join(' '));
+				Logger.info('Login success!');
+				return session;
+			} catch (e) {
+				vscode.window.showErrorMessage(`Sign in failed: ${e}`);
+				Logger.error(e);
+				throw e;
+			}
+		},
+		logout: async (id: string) => {
+			return loginService.logout(id);
+		}
+	});
+
+	return;
+}
+
+// this method is called when your extension is deactivated
+export function deactivate() { }

extensions/github-authentication/src/github.ts

@@ -0,0 +1,113 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the Source EULA. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+import * as vscode from 'vscode';
+import { keychain } from './common/keychain';
+import { GitHubServer } from './githubServer';
+import Logger from './common/logger';
+
+export const onDidChangeSessions = new vscode.EventEmitter<void>();
+
+export class GitHubAuthenticationProvider {
+	private _sessions: vscode.AuthenticationSession[] = [];
+	private _githubServer = new GitHubServer();
+
+	public async initialize(): Promise<void> {
+		this._sessions = await this.readSessions();
+		this.pollForChange();
+	}
+
+	private pollForChange() {
+		setTimeout(async () => {
+			const storedSessions = await this.readSessions();
+			let didChange = false;
+
+			storedSessions.forEach(session => {
+				const matchesExisting = this._sessions.some(s => s.id === session.id);
+				// Another window added a session to the keychain, add it to our state as well
+				if (!matchesExisting) {
+					this._sessions.push(session);
+					didChange = true;
+				}
+			});
+
+			this._sessions.map(session => {
+				const matchesExisting = storedSessions.some(s => s.id === session.id);
+				// Another window has logged out, remove from our state
+				if (!matchesExisting) {
+					const sessionIndex = this._sessions.findIndex(s => s.id === session.id);
+					if (sessionIndex > -1) {
+						this._sessions.splice(sessionIndex, 1);
+					}
+
+					didChange = true;
+				}
+			});
+
+			if (didChange) {
+				onDidChangeSessions.fire();
+			}
+
+			this.pollForChange();
+		}, 1000 * 30);
+	}
+
+	private async readSessions(): Promise<vscode.AuthenticationSession[]> {
+		const storedSessions = await keychain.getToken();
+		if (storedSessions) {
+			try {
+				return JSON.parse(storedSessions);
+			} catch (e) {
+				Logger.error(`Error reading sessions: ${e}`);
+			}
+		}
+
+		return [];
+	}
+
+	private async storeSessions(): Promise<void> {
+		await keychain.setToken(JSON.stringify(this._sessions));
+	}
+
+	get sessions(): vscode.AuthenticationSession[] {
+		return this._sessions;
+	}
+
+	public async login(scopes: string): Promise<vscode.AuthenticationSession> {
+		const token = await this._githubServer.login(scopes);
+		const session = await this.tokenToSession(token, scopes.split(' '));
+		await this.setToken(session);
+		return session;
+	}
+
+	private async tokenToSession(token: string, scopes: string[]): Promise<vscode.AuthenticationSession> {
+		const userInfo = await this._githubServer.getUserInfo(token);
+		return {
+			id: userInfo.id,
+			accessToken: () => Promise.resolve(token),
+			accountName: userInfo.accountName,
+			scopes: scopes
+		};
+	}
+	private async setToken(session: vscode.AuthenticationSession): Promise<void> {
+		const sessionIndex = this._sessions.findIndex(s => s.id === session.id);
+		if (sessionIndex > -1) {
+			this._sessions.splice(sessionIndex, 1, session);
+		} else {
+			this._sessions.push(session);
+		}
+
+		this.storeSessions();
+	}
+
+	public async logout(id: string) {
+		const sessionIndex = this._sessions.findIndex(session => session.id === id);
+		if (sessionIndex > -1) {
+			this._sessions.splice(sessionIndex, 1);
+		}
+
+		this.storeSessions();
+	}
+}

extensions/github-authentication/src/githubServer.ts

@@ -0,0 +1,114 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the Source EULA. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+import * as https from 'https';
+import * as vscode from 'vscode';
+import * as uuid from 'uuid';
+import { PromiseAdapter, promiseFromEvent } from './common/utils';
+import Logger from './common/logger';
+import ClientRegistrar, { ClientDetails } from './common/clientRegistrar';
+
+class UriEventHandler extends vscode.EventEmitter<vscode.Uri> implements vscode.UriHandler {
+	public handleUri(uri: vscode.Uri) {
+		this.fire(uri);
+	}
+}
+
+export const uriHandler = new UriEventHandler;
+
+const exchangeCodeForToken: (state: string, clientDetails: ClientDetails) => PromiseAdapter<vscode.Uri, string> =
+	(state, clientDetails) => async (uri, resolve, reject) => {
+		Logger.info('Exchanging code for token...');
+		const query = parseQuery(uri);
+		const code = query.code;
+
+		if (query.state !== state) {
+			reject('Received mismatched state');
+			return;
+		}
+
+		const post = https.request({
+			host: 'github.com',
+			path: `/login/oauth/access_token?client_id=${clientDetails.id}&client_secret=${clientDetails.secret}&state=${query.state}&code=${code}`,
+			method: 'POST',
+			headers: {
+				Accept: 'application/json'
+			}
+		}, result => {
+			const buffer: Buffer[] = [];
+			result.on('data', (chunk: Buffer) => {
+				buffer.push(chunk);
+			});
+			result.on('end', () => {
+				if (result.statusCode === 200) {
+					const json = JSON.parse(Buffer.concat(buffer).toString());
+					Logger.info('Token exchange success!');
+					resolve(json.access_token);
+				} else {
+					reject(new Error(result.statusMessage));
+				}
+			});
+		});
+
+		post.end();
+		post.on('error', err => {
+			reject(err);
+		});
+	};
+
+function parseQuery(uri: vscode.Uri) {
+	return uri.query.split('&').reduce((prev: any, current) => {
+		const queryString = current.split('=');
+		prev[queryString[0]] = queryString[1];
+		return prev;
+	}, {});
+}
+
+export class GitHubServer {
+	public async login(scopes: string): Promise<string> {
+		Logger.info('Logging in...');
+		const state = uuid();
+		const callbackUri = await vscode.env.asExternalUri(vscode.Uri.parse(`${vscode.env.uriScheme}://vscode.github-authentication/did-authenticate`));
+		const clientDetails = ClientRegistrar.getClientDetails(callbackUri);
+		const uri = vscode.Uri.parse(`https://github.com/login/oauth/authorize?redirect_uri=${encodeURIComponent(callbackUri.toString())}&scope=${scopes}&state=${state}&client_id=${clientDetails.id}`);
+
+		vscode.env.openExternal(uri);
+		return promiseFromEvent(uriHandler.event, exchangeCodeForToken(state, clientDetails));
+	}
+
+	public async getUserInfo(token: string): Promise<{ id: string, accountName: string }> {
+		return new Promise((resolve, reject) => {
+			Logger.info('Getting account info...');
+			const post = https.request({
+				host: 'api.github.com',
+				path: `/user`,
+				method: 'GET',
+				headers: {
+					Authorization: `token ${token}`,
+					'User-Agent': 'Visual-Studio-Code'
+				}
+			}, result => {
+				const buffer: Buffer[] = [];
+				result.on('data', (chunk: Buffer) => {
+					buffer.push(chunk);
+				});
+				result.on('end', () => {
+					if (result.statusCode === 200) {
+						const json = JSON.parse(Buffer.concat(buffer).toString());
+						Logger.info('Got account info!');
+						resolve({ id: json.id, accountName: json.login });
+					} else {
+						reject(new Error(result.statusMessage));
+					}
+				});
+			});
+
+			post.end();
+			post.on('error', err => {
+				reject(err);
+			});
+		});
+	}
+}

extensions/github-authentication/src/typings/ref.d.ts

@@ -0,0 +1,7 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the Source EULA. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+/// <reference path='../../../../src/vs/vscode.d.ts'/>
+/// <reference path='../../../../src/vs/vscode.proposed.d.ts'/>