From e7403b89d0c0be36dacae29f61cb040525ba7246 Mon Sep 17 00:00:00 2001 From: bagtoad <47394200+BagToad@users.noreply.github.com> Date: Wed, 18 Sep 2024 08:42:19 -0600 Subject: [PATCH 1/4] Add HasActiveToken to AuthConfig. Co-authored-by: William Martin --- internal/config/auth_config_test.go | 26 +++++++++++++++++++++++++- internal/config/config.go | 7 +++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/internal/config/auth_config_test.go b/internal/config/auth_config_test.go index ed000ff18..61245c650 100644 --- a/internal/config/auth_config_test.go +++ b/internal/config/auth_config_test.go @@ -52,8 +52,32 @@ func TestTokenFromKeyringForUserErrorsIfUsernameIsBlank(t *testing.T) { require.ErrorContains(t, err, "username cannot be blank") } +func TestHasActiveToken(t *testing.T) { + // Given the user has logged in for a host + authCfg := newTestAuthConfig(t) + _, err := authCfg.Login("github.com", "test-user", "test-token", "", false) + require.NoError(t, err) + + // When we check if that host has an active token + hasActiveToken := authCfg.HasActiveToken("github.com") + + // Then there is an active token + require.True(t, hasActiveToken, "expected there to be an active token") +} + +func TestHasNoActiveToken(t *testing.T) { + // Given there are no users logged in for a host + authCfg := newTestAuthConfig(t) + + // When we check if any host has an active token + hasActiveToken := authCfg.HasActiveToken("github.com") + + // Then there is no active token + require.False(t, hasActiveToken, "expected there to be no active token") +} + func TestTokenStoredInConfig(t *testing.T) { - // When the user has logged in insecurely + // Given the user has logged in insecurely authCfg := newTestAuthConfig(t) _, err := authCfg.Login("github.com", "test-user", "test-token", "", false) require.NoError(t, err) diff --git a/internal/config/config.go b/internal/config/config.go index 29b66b73b..f7c949a46 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -217,6 +217,13 @@ func (c *AuthConfig) ActiveToken(hostname string) (string, string) { return token, source } +// HasActiveToken returns true when a token for the hostname is +// present. +func (c *AuthConfig) HasActiveToken(hostname string) bool { + token, _ := c.ActiveToken(hostname) + return token != "" +} + // HasEnvToken returns true when a token has been specified in an // environment variable, else returns false. func (c *AuthConfig) HasEnvToken() bool { From 88d48f23654838ea7428ed47ed28f64f65405f6a Mon Sep 17 00:00:00 2001 From: bagtoad <47394200+BagToad@users.noreply.github.com> Date: Wed, 18 Sep 2024 10:32:58 -0600 Subject: [PATCH 2/4] Add HasActiveToken method to AuthConfig interface --- internal/gh/gh.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/internal/gh/gh.go b/internal/gh/gh.go index c39734075..e4431fdab 100644 --- a/internal/gh/gh.go +++ b/internal/gh/gh.go @@ -93,6 +93,9 @@ type Migration interface { // with knowledge on how to access encrypted storage when neccesarry. // Behavior is scoped to authentication specific tasks. type AuthConfig interface { + // HasActiveToken returns true when a token for the hostname is present. + HasActiveToken(hostname string) bool + // ActiveToken will retrieve the active auth token for the given hostname, searching environment variables, // general configuration, and finally encrypted storage. ActiveToken(hostname string) (token string, source string) From d8e77d256fe83791cf675e0ff539e1390ffd98d5 Mon Sep 17 00:00:00 2001 From: bagtoad <47394200+BagToad@users.noreply.github.com> Date: Wed, 18 Sep 2024 10:35:11 -0600 Subject: [PATCH 3/4] Use new HasActiveToken method in trustedroot.go --- pkg/cmd/attestation/trustedroot/trustedroot.go | 2 +- .../attestation/trustedroot/trustedroot_test.go | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/pkg/cmd/attestation/trustedroot/trustedroot.go b/pkg/cmd/attestation/trustedroot/trustedroot.go index 7dba916eb..6f741dcd4 100644 --- a/pkg/cmd/attestation/trustedroot/trustedroot.go +++ b/pkg/cmd/attestation/trustedroot/trustedroot.go @@ -74,7 +74,7 @@ func NewTrustedRootCmd(f *cmdutil.Factory, runF func(*Options) error) *cobra.Com return err } - if token, _ := c.Authentication().ActiveToken(opts.Hostname); token == "" { + if !c.Authentication().HasActiveToken(opts.Hostname) { return fmt.Errorf("not authenticated with %s", opts.Hostname) } diff --git a/pkg/cmd/attestation/trustedroot/trustedroot_test.go b/pkg/cmd/attestation/trustedroot/trustedroot_test.go index c3c1818dd..c4a259436 100644 --- a/pkg/cmd/attestation/trustedroot/trustedroot_test.go +++ b/pkg/cmd/attestation/trustedroot/trustedroot_test.go @@ -109,7 +109,7 @@ func TestNewTrustedRootWithTenancy(t *testing.T) { Config: func() (gh.Config, error) { return &ghmock.ConfigMock{ AuthenticationFunc: func() gh.AuthConfig { - return &MockAuthConfig{Token: ""} + return &stubAuthConfig{hasActiveToken: false} }, }, nil }, @@ -136,7 +136,7 @@ func TestNewTrustedRootWithTenancy(t *testing.T) { Config: func() (gh.Config, error) { return &ghmock.ConfigMock{ AuthenticationFunc: func() gh.AuthConfig { - return &MockAuthConfig{Token: "TOKEN"} + return &stubAuthConfig{hasActiveToken: true} }, }, nil }, @@ -186,13 +186,13 @@ func TestGetTrustedRoot(t *testing.T) { } -type MockAuthConfig struct { +type stubAuthConfig struct { config.AuthConfig - Token string + hasActiveToken bool } -var _ gh.AuthConfig = (*MockAuthConfig)(nil) +var _ gh.AuthConfig = (*stubAuthConfig)(nil) -func (c *MockAuthConfig) ActiveToken(host string) (string, string) { - return c.Token, "" +func (c *stubAuthConfig) HasActiveToken(host string) bool { + return c.hasActiveToken } From d24dfbeacfdc87ea108835ee79e9f766fd75f639 Mon Sep 17 00:00:00 2001 From: bagtoad <47394200+BagToad@users.noreply.github.com> Date: Wed, 18 Sep 2024 10:35:35 -0600 Subject: [PATCH 4/4] Update comment formatting --- internal/config/config.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/internal/config/config.go b/internal/config/config.go index f7c949a46..1b56d30b2 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -217,8 +217,7 @@ func (c *AuthConfig) ActiveToken(hostname string) (string, string) { return token, source } -// HasActiveToken returns true when a token for the hostname is -// present. +// HasActiveToken returns true when a token for the hostname is present. func (c *AuthConfig) HasActiveToken(hostname string) bool { token, _ := c.ActiveToken(hostname) return token != ""