From fac2982d7ab20949249a3c04755b3d84ce1393bc Mon Sep 17 00:00:00 2001
From: Amir Omidi <amomidi@microsoft.com>
Date: Tue, 14 Apr 2020 14:33:24 -0700
Subject: [PATCH] Allow users to use file based keychain if they have to
 (#9952)

---
 .../src/account-provider/simpleTokenCache.ts  | 69 +++++++++----------
 1 file changed, 34 insertions(+), 35 deletions(-)

diff --git a/extensions/azurecore/src/account-provider/simpleTokenCache.ts b/extensions/azurecore/src/account-provider/simpleTokenCache.ts
index 2547360af0..a8c3d58e20 100644
--- a/extensions/azurecore/src/account-provider/simpleTokenCache.ts
+++ b/extensions/azurecore/src/account-provider/simpleTokenCache.ts
@@ -3,9 +3,10 @@
  *  Licensed under the Source EULA. See License.txt in the project root for license information.
  *--------------------------------------------------------------------------------------------*/
 import * as keytarType from 'keytar';
-import { join } from 'path';
+import { join, parse } from 'path';
 import { FileDatabase } from './utils/fileDatabase';
 import * as azdata from 'azdata';
+import * as crypto from 'crypto';
 
 function getSystemKeytar(): Keytar | undefined | null {
 	try {
@@ -22,45 +23,43 @@ export type MultipleAccountsResponse = { account: string, password: string }[];
 const separator = '§';
 
 async function getFileKeytar(filePath: string, credentialService: azdata.CredentialProvider): Promise<Keytar | undefined> {
-	// Comment alias: amomidi, PR: 9743 March 26th 2020
-	// const fileName = parse(filePath).base;
-	// const iv = await credentialService.readCredential(`${fileName}-iv`);
-	// const key = await credentialService.readCredential(`${fileName}-key`);
-	// let ivBuffer: Buffer;
-	// let keyBuffer: Buffer;
-	// if (!iv?.password || !key?.password) {
-	// 	ivBuffer = crypto.randomBytes(16);
-	// 	keyBuffer = crypto.randomBytes(32);
-	// 	try {
-	// 		await credentialService.saveCredential(`${fileName}-iv`, ivBuffer.toString('hex'));
-	// 		await credentialService.saveCredential(`${fileName}-key`, keyBuffer.toString('hex'));
-	// 	} catch (ex) {
-	// 		console.log(ex);
-	// 	}
-	// } else {
-	// 	ivBuffer = Buffer.from(iv.password, 'hex');
-	// 	keyBuffer = Buffer.from(key.password, 'hex');
-	// }
+	const fileName = parse(filePath).base;
+	const iv = await credentialService.readCredential(`${fileName}-iv`);
+	const key = await credentialService.readCredential(`${fileName}-key`);
+	let ivBuffer: Buffer;
+	let keyBuffer: Buffer;
+	if (!iv?.password || !key?.password) {
+		ivBuffer = crypto.randomBytes(16);
+		keyBuffer = crypto.randomBytes(32);
+		try {
+			await credentialService.saveCredential(`${fileName}-iv`, ivBuffer.toString('hex'));
+			await credentialService.saveCredential(`${fileName}-key`, keyBuffer.toString('hex'));
+		} catch (ex) {
+			console.log(ex);
+		}
+	} else {
+		ivBuffer = Buffer.from(iv.password, 'hex');
+		keyBuffer = Buffer.from(key.password, 'hex');
+	}
 
-	// const fileSaver = async (content: string): Promise<string> => {
-	// 	const cipherIv = crypto.createCipheriv('aes-256-gcm', keyBuffer, ivBuffer);
-	// 	return `${cipherIv.update(content, 'utf8', 'hex')}${cipherIv.final('hex')}%${cipherIv.getAuthTag().toString('hex')}`;
-	// };
+	const fileSaver = async (content: string): Promise<string> => {
+		const cipherIv = crypto.createCipheriv('aes-256-gcm', keyBuffer, ivBuffer);
+		return `${cipherIv.update(content, 'utf8', 'hex')}${cipherIv.final('hex')}%${cipherIv.getAuthTag().toString('hex')}`;
+	};
 
-	// const fileOpener = async (content: string): Promise<string> => {
-	// 	const decipherIv = crypto.createDecipheriv('aes-256-gcm', keyBuffer, ivBuffer);
+	const fileOpener = async (content: string): Promise<string> => {
+		const decipherIv = crypto.createDecipheriv('aes-256-gcm', keyBuffer, ivBuffer);
 
-	// 	const split = content.split('%');
-	// 	if (split.length !== 2) {
-	// 		throw new Error('File didn\'t contain the auth tag.');
-	// 	}
-	// 	decipherIv.setAuthTag(Buffer.from(split[1], 'hex'));
+		const split = content.split('%');
+		if (split.length !== 2) {
+			throw new Error('File didn\'t contain the auth tag.');
+		}
+		decipherIv.setAuthTag(Buffer.from(split[1], 'hex'));
 
-	// 	return `${decipherIv.update(split[0], 'hex', 'utf8')}${decipherIv.final('utf8')}`;
-	// };
+		return `${decipherIv.update(split[0], 'hex', 'utf8')}${decipherIv.final('utf8')}`;
+	};
 
-	// const db = new FileDatabase(filePath, fileOpener, fileSaver);
-	const db = new FileDatabase(filePath);
+	const db = new FileDatabase(filePath, fileOpener, fileSaver);
 	await db.initialize();
 
 	const fileKeytar: Keytar = {