add ssh-key command

edualb · mislav · commit e26a1b98a1ad · 2021-01-20T20:23:38.000+01:00
diff --git a/api/client.go b/api/client.go
@@ -203,9 +203,10 @@ func (c Client) HasMinimumScopes(hostname string) error {
 	}
 
 	search := map[string]bool{
-		"repo":      false,
-		"read:org":  false,
-		"admin:org": false,
+		"repo":            false,
+		"read:org":        false,
+		"admin:org":       false,
+		"read:public_key": false,
 	}
 	for _, s := range strings.Split(scopesHeader, ",") {
 		search[strings.TrimSpace(s)] = true
@@ -220,6 +221,10 @@ func (c Client) HasMinimumScopes(hostname string) error {
 		missingScopes = append(missingScopes, "read:org")
 	}
 
+	if !search["read:public_key"] && !search["admin:public_key"] {
+		missingScopes = append(missingScopes, "read:public_key")
+	}
+
 	if len(missingScopes) > 0 {
 		return &MissingScopesError{MissingScopes: missingScopes}
 	}
diff --git a/internal/authflow/flow.go b/internal/authflow/flow.go
@@ -65,7 +65,7 @@ func authFlow(oauthHost string, IO *iostreams.IOStreams, notice string, addition
 		httpClient.Transport = api.VerboseLog(IO.ErrOut, logTraffic, IO.ColorEnabled())(httpClient.Transport)
 	}
 
-	minimumScopes := []string{"repo", "read:org", "gist", "workflow"}
+	minimumScopes := []string{"repo", "read:org", "gist", "workflow", "read:public_key"}
 	scopes := append(minimumScopes, additionalScopes...)
 
 	callbackURI := "http://127.0.0.1/callback"
diff --git a/pkg/cmd/auth/login/login_test.go b/pkg/cmd/auth/login/login_test.go
@@ -210,7 +210,7 @@ func Test_loginRun_nontty(t *testing.T) {
 				Token:    "abc123",
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org"))
+				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 			},
 			wantHosts: "albert.wesker:\n    oauth_token: abc123\n",
 		},
@@ -221,7 +221,7 @@ func Test_loginRun_nontty(t *testing.T) {
 				Token:    "abc456",
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("read:org"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("read:org,read:public_key"))
 			},
 			wantErr: `could not validate token: missing required scope 'repo'`,
 		},
@@ -243,7 +243,7 @@ func Test_loginRun_nontty(t *testing.T) {
 				Token:    "abc456",
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,admin:org"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,admin:org,read:public_key"))
 			},
 			wantHosts: "github.com:\n    oauth_token: abc456\n",
 		},
@@ -274,7 +274,7 @@ func Test_loginRun_nontty(t *testing.T) {
 			if tt.httpStubs != nil {
 				tt.httpStubs(reg)
 			} else {
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 			}
 
 			mainBuf := bytes.Buffer{}
@@ -315,7 +315,7 @@ func Test_loginRun_Survey(t *testing.T) {
 				_ = cfg.Set("github.com", "oauth_token", "ghi789")
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"jillv"}}}`))
@@ -341,7 +341,7 @@ func Test_loginRun_Survey(t *testing.T) {
 				as.StubOne(false)    // cache credentials
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"jillv"}}}`))
@@ -363,7 +363,7 @@ func Test_loginRun_Survey(t *testing.T) {
 				as.StubOne(false)          // cache credentials
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"jillv"}}}`))
@@ -436,7 +436,7 @@ func Test_loginRun_Survey(t *testing.T) {
 			if tt.httpStubs != nil {
 				tt.httpStubs(reg)
 			} else {
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"jillv"}}}`))
diff --git a/pkg/cmd/auth/status/status_test.go b/pkg/cmd/auth/status/status_test.go
@@ -91,7 +91,7 @@ func Test_statusRun(t *testing.T) {
 				_ = c.Set("github.com", "oauth_token", "abc123")
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"tess"}}}`))
@@ -106,8 +106,8 @@ func Test_statusRun(t *testing.T) {
 				_ = c.Set("github.com", "oauth_token", "abc123")
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,"))
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"tess"}}}`))
@@ -124,7 +124,7 @@ func Test_statusRun(t *testing.T) {
 			},
 			httpStubs: func(reg *httpmock.Registry) {
 				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.StatusStringResponse(400, "no bueno"))
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"tess"}}}`))
@@ -140,8 +140,8 @@ func Test_statusRun(t *testing.T) {
 				_ = c.Set("github.com", "oauth_token", "abc123")
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,"))
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,read:public_key"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"tess"}}}`))
@@ -159,8 +159,8 @@ func Test_statusRun(t *testing.T) {
 				_ = c.Set("github.com", "oauth_token", "xyz456")
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,"))
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,read:public_key"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"tess"}}}`))
@@ -180,8 +180,8 @@ func Test_statusRun(t *testing.T) {
 				_ = c.Set("github.com", "oauth_token", "xyz456")
 			},
 			httpStubs: func(reg *httpmock.Registry) {
-				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,"))
-				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,"))
+				reg.Register(httpmock.REST("GET", "api/v3/"), httpmock.ScopesResponder("repo,read:org,read:public_key"))
+				reg.Register(httpmock.REST("GET", ""), httpmock.ScopesResponder("repo,read:org,read:public_key"))
 				reg.Register(
 					httpmock.GraphQL(`query UserCurrent\b`),
 					httpmock.StringResponse(`{"data":{"viewer":{"login":"tess"}}}`))
diff --git a/pkg/cmd/root/root.go b/pkg/cmd/root/root.go
@@ -20,6 +20,7 @@ import (
 	repoCmd "github.com/cli/cli/pkg/cmd/repo"
 	creditsCmd "github.com/cli/cli/pkg/cmd/repo/credits"
 	secretCmd "github.com/cli/cli/pkg/cmd/secret"
+	sshKeyCmd "github.com/cli/cli/pkg/cmd/ssh-key"
 	versionCmd "github.com/cli/cli/pkg/cmd/version"
 	"github.com/cli/cli/pkg/cmdutil"
 	"github.com/spf13/cobra"
@@ -76,6 +77,7 @@ func NewCmdRoot(f *cmdutil.Factory, version, buildDate string) *cobra.Command {
 	cmd.AddCommand(gistCmd.NewCmdGist(f))
 	cmd.AddCommand(completionCmd.NewCmdCompletion(f.IOStreams))
 	cmd.AddCommand(secretCmd.NewCmdSecret(f))
+	cmd.AddCommand(sshKeyCmd.NewCmdSSHKey(f))
 
 	// the `api` command should not inherit any extra HTTP headers
 	bareHTTPCmdFactory := *f
diff --git a/pkg/cmd/ssh-key/list/list.go b/pkg/cmd/ssh-key/list/list.go
@@ -0,0 +1,152 @@
+package list
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"net/http"
+
+	"github.com/cli/cli/internal/ghinstance"
+	"github.com/cli/cli/utils"
+
+	"github.com/MakeNowJust/heredoc"
+	"github.com/cli/cli/api"
+	"github.com/cli/cli/internal/config"
+	"github.com/cli/cli/pkg/cmdutil"
+	"github.com/cli/cli/pkg/iostreams"
+	"github.com/spf13/cobra"
+)
+
+// ListOptions struct for list command
+type ListOptions struct {
+	HTTPClient func() (*http.Client, error)
+	IO         *iostreams.IOStreams
+	Config     func() (config.Config, error)
+
+	ListMsg []string
+}
+
+// NewCmdList creates a command for list all SSH Keys
+func NewCmdList(f *cmdutil.Factory, runF func(*ListOptions) error) *cobra.Command {
+	opts := &ListOptions{
+		HTTPClient: f.HttpClient,
+		IO:         f.IOStreams,
+		Config:     f.Config,
+
+		ListMsg: []string{},
+	}
+
+	cmd := &cobra.Command{
+		Use:   "list",
+		Args:  cobra.ExactArgs(0),
+		Short: "Lists currently added ssh keys",
+		Long: heredoc.Doc(`Lists currently added ssh keys.
+
+			This interactive command lists all SSH keys associated with your account
+		`),
+		Example: heredoc.Doc(`
+			$ gh ssh-key list
+			# => lists all ssh keys associated with your account
+		`),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			if runF != nil {
+				return runF(opts)
+			}
+			return listRun(opts)
+		},
+	}
+
+	return cmd
+}
+
+func listRun(opts *ListOptions) error {
+	apiClient, err := opts.getAPIClient()
+	if err != nil {
+		opts.printTerminal()
+		return err
+	}
+
+	err = opts.hasMinimumScopes(apiClient)
+	if err != nil {
+		opts.printTerminal()
+		return err
+	}
+
+	type keys struct {
+		Title string
+		Key   string
+	}
+
+	type result []keys
+
+	rs := result{}
+	body := bytes.NewBufferString("")
+
+	err = apiClient.REST(ghinstance.Default(), "GET", "user/keys", body, &rs)
+	if err != nil {
+		opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("%s: Got %s", utils.RedX(), err))
+		opts.printTerminal()
+		return err
+	}
+
+	for _, r := range rs {
+		opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("%s %s: %s \n    %s: %s", utils.Cyan("✹"), utils.Bold("Name"), r.Title, utils.Bold("SSH-KEY"), r.Key))
+	}
+
+	opts.printTerminal()
+
+	return nil
+}
+
+func (opts *ListOptions) getAPIClient() (*api.Client, error) {
+	httpClient, err := opts.HTTPClient()
+	if err != nil {
+		opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("%s: %s", utils.RedX(), err))
+		return nil, err
+	}
+	return api.NewClientFromHTTP(httpClient), nil
+}
+
+func (opts *ListOptions) hasMinimumScopes(apiClient *api.Client) error {
+	cfg, err := opts.Config()
+	if err != nil {
+		opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("%s: %s", utils.RedX(), err))
+		return err
+	}
+
+	hostname := ghinstance.Default()
+
+	_, tokenSource, _ := cfg.GetWithSource(hostname, "oauth_token")
+
+	// TODO: Implement tests for this case when CheckWriteable function checks filesystem permissions
+	tokenIsWriteable := cfg.CheckWriteable(hostname, "oauth_token") == nil
+
+	err = apiClient.HasMinimumScopes(hostname)
+
+	if err != nil {
+		var missingScopes *api.MissingScopesError
+		if errors.As(err, &missingScopes) {
+			opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("%s: %s", utils.RedX(), err))
+			if tokenIsWriteable {
+				opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("- To request missing scopes, run: %s %s", utils.Bold("gh auth refresh -h"), hostname))
+			}
+		} else {
+			opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("%s: authentication failed", utils.RedX()))
+			opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("- The %s token in %s is no longer valid.", utils.Bold(hostname), utils.Bold(tokenSource)))
+			if tokenIsWriteable {
+				opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("- To re-authenticate, run: %s %s", utils.Bold("gh auth login -h"), utils.Bold(hostname)))
+				opts.ListMsg = append(opts.ListMsg, fmt.Sprintf("- To forget about this host, run: %s %s", utils.Bold("gh auth logout -h"), utils.Bold(hostname)))
+			}
+		}
+		return err
+	}
+
+	return nil
+}
+
+func (opts *ListOptions) printTerminal() {
+	stderr := opts.IO.ErrOut
+	for _, line := range opts.ListMsg {
+		fmt.Fprintf(stderr, "  %s\n", line)
+	}
+}
diff --git a/pkg/cmd/ssh-key/list/list_test.go b/pkg/cmd/ssh-key/list/list_test.go
diff --git a/pkg/cmd/ssh-key/ssh-key.go b/pkg/cmd/ssh-key/ssh-key.go

Original file line number	Diff line number	Diff line change
`@@ -203,9 +203,10 @@ func (c Client) HasMinimumScopes(hostname string) error {`
`203`	`203`	`}`
`204`	`204`
`205`	`205`	`search := map[string]bool{`
`206`		`- "repo": false,`
`207`		`- "read:org": false,`
`208`		`- "admin:org": false,`
	`206`	`+ "repo": false,`
	`207`	`+ "read:org": false,`
	`208`	`+ "admin:org": false,`
	`209`	`+ "read:public_key": false,`
`209`	`210`	`}`
`210`	`211`	`for _, s := range strings.Split(scopesHeader, ",") {`
`211`	`212`	`search[strings.TrimSpace(s)] = true`
`@@ -220,6 +221,10 @@ func (c Client) HasMinimumScopes(hostname string) error {`
`220`	`221`	`missingScopes = append(missingScopes, "read:org")`
`221`	`222`	`}`
`222`	`223`
	`224`	`+ if !search["read:public_key"] && !search["admin:public_key"] {`
	`225`	`+ missingScopes = append(missingScopes, "read:public_key")`
	`226`	`+ }`
	`227`	`+`
`223`	`228`	`if len(missingScopes) > 0 {`
`224`	`229`	`return &MissingScopesError{MissingScopes: missingScopes}`
`225`	`230`	`}`
Original file line number	Diff line number	Diff line change
`@@ -65,7 +65,7 @@ func authFlow(oauthHost string, IO *iostreams.IOStreams, notice string, addition`
`65`	`65`	`httpClient.Transport = api.VerboseLog(IO.ErrOut, logTraffic, IO.ColorEnabled())(httpClient.Transport)`
`66`	`66`	`}`
`67`	`67`
`68`		`- minimumScopes := []string{"repo", "read:org", "gist", "workflow"}`
	`68`	`+ minimumScopes := []string{"repo", "read:org", "gist", "workflow", "read:public_key"}`
`69`	`69`	`scopes := append(minimumScopes, additionalScopes...)`
`70`	`70`
`71`	`71`	`callbackURI := "http://127.0.0.1/callback"`