From 0763c1d4a782be46176fd8620dba796018daa973 Mon Sep 17 00:00:00 2001 From: William Martin Date: Thu, 7 Dec 2023 11:43:05 +0100 Subject: [PATCH] Locally prevent mixup of username and token in refresh --- pkg/cmd/auth/refresh/refresh.go | 18 +++++++++++------- pkg/cmd/auth/refresh/refresh_test.go | 6 +++--- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/pkg/cmd/auth/refresh/refresh.go b/pkg/cmd/auth/refresh/refresh.go index 80bc4d573..a918493e8 100644 --- a/pkg/cmd/auth/refresh/refresh.go +++ b/pkg/cmd/auth/refresh/refresh.go @@ -16,6 +16,9 @@ import ( "github.com/spf13/cobra" ) +type token string +type username string + type RefreshOptions struct { IO *iostreams.IOStreams Config func() (config.Config, error) @@ -29,7 +32,7 @@ type RefreshOptions struct { Scopes []string RemoveScopes []string ResetScopes bool - AuthFlow func(*iostreams.IOStreams, string, []string, bool) (string, string, error) + AuthFlow func(*iostreams.IOStreams, string, []string, bool) (token, username, error) Interactive bool InsecureStorage bool @@ -39,8 +42,9 @@ func NewCmdRefresh(f *cmdutil.Factory, runF func(*RefreshOptions) error) *cobra. opts := &RefreshOptions{ IO: f.IOStreams, Config: f.Config, - AuthFlow: func(io *iostreams.IOStreams, hostname string, scopes []string, interactive bool) (string, string, error) { - return authflow.AuthFlow(hostname, io, "", scopes, interactive, f.Browser) + AuthFlow: func(io *iostreams.IOStreams, hostname string, scopes []string, interactive bool) (token, username, error) { + t, u, err := authflow.AuthFlow(hostname, io, "", scopes, interactive, f.Browser) + return token(t), username(u), err }, HttpClient: &http.Client{}, GitClient: f.GitClient, @@ -181,15 +185,15 @@ func refreshRun(opts *RefreshOptions) error { additionalScopes.RemoveValues(opts.RemoveScopes) - token, username, err := opts.AuthFlow(opts.IO, hostname, additionalScopes.ToSlice(), opts.Interactive) + authedToken, authedUser, err := opts.AuthFlow(opts.IO, hostname, additionalScopes.ToSlice(), opts.Interactive) if err != nil { return err } activeUser, _ := authCfg.ActiveUser(hostname) - if activeUser != "" && activeUser != username { - return fmt.Errorf("error refreshing credentials for %s, received credentials for %s, did you use the correct account in the browser?", activeUser, username) + if activeUser != "" && username(activeUser) != authedUser { + return fmt.Errorf("error refreshing credentials for %s, received credentials for %s, did you use the correct account in the browser?", activeUser, authedUser) } - if _, err := authCfg.Login(hostname, username, token, "", !opts.InsecureStorage); err != nil { + if _, err := authCfg.Login(hostname, string(authedUser), string(authedToken), "", !opts.InsecureStorage); err != nil { return err } diff --git a/pkg/cmd/auth/refresh/refresh_test.go b/pkg/cmd/auth/refresh/refresh_test.go index fb526d38f..51fa66bd6 100644 --- a/pkg/cmd/auth/refresh/refresh_test.go +++ b/pkg/cmd/auth/refresh/refresh_test.go @@ -426,14 +426,14 @@ func Test_refreshRun(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { aa := authArgs{} - tt.opts.AuthFlow = func(_ *iostreams.IOStreams, hostname string, scopes []string, interactive bool) (string, string, error) { + tt.opts.AuthFlow = func(_ *iostreams.IOStreams, hostname string, scopes []string, interactive bool) (token, username, error) { aa.hostname = hostname aa.scopes = scopes aa.interactive = interactive if tt.authOut != (authOut{}) { - return tt.authOut.token, tt.authOut.username, tt.authOut.err + return token(tt.authOut.token), username(tt.authOut.username), tt.authOut.err } - return "xyz456", "test-user", nil + return token("xyz456"), username("test-user"), nil } cfg, _ := config.NewIsolatedTestConfig(t)