feat: support PAT based device auth and new public APIs ✨ 🚀 (#140)

Author: siddhant-deepsource

.deepsource.toml

@@ -16,5 +16,5 @@ name = "test-coverage"
 enabled = true
 
 [[transformers]]
-name = "gofmt"
+name = "gofumpt"
 enabled = true

.github/workflows/CI.yml

@@ -15,7 +15,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v2
         with:
-          go-version: ^1.16
+          go-version: ^1.18
 
       - name: Check out code into the Go module directory
         uses: actions/checkout@v2

Makefile

@@ -12,7 +12,7 @@ test:
 	echo "\n====TESTING CONFIG VALIDATOR PACKAGE====\n"
 	go test -v ./configvalidator/... -count=1
 	echo "\n====CALCULATING TEST COVERAGE FOR ENTIRE PACKAGE====\n"
-	go test -v -coverpkg=./... -coverprofile=coverage.out -count=1 ./...
+	go test -v -coverprofile=coverage.out -count=1 ./...
 
 test_setup:
 	mkdir -p ${CODE_PATH}

command/auth/login/login_flow.go

@@ -3,6 +3,8 @@ package login
 import (
 	"context"
 	"fmt"
+	"os"
+	"os/user"
 	"time"
 
 	"github.com/cli/browser"
@@ -33,9 +35,9 @@ func (opts *LoginOptions) startLoginFlow(cfg *config.CLIConfig) error {
 		return err
 	}
 
-	// Fetch the JWT using the device registration resonse
-	var jwtData *auth.JWT
-	jwtData, opts.AuthTimedOut, err = fetchJWT(ctx, deviceRegistrationResponse)
+	// Fetch the PAT using the device registration resonse
+	var tokenData *auth.PAT
+	tokenData, opts.AuthTimedOut, err = fetchPAT(ctx, deviceRegistrationResponse)
 	if err != nil {
 		return err
 	}
@@ -47,11 +49,9 @@ func (opts *LoginOptions) startLoginFlow(cfg *config.CLIConfig) error {
 
 	// Storing the useful data for future reference and usage
 	// in a global config object (Cfg)
-	cfg.User = jwtData.Payload.Email
-	cfg.Token = jwtData.Token
-	cfg.RefreshToken = jwtData.Refreshtoken
-	cfg.RefreshTokenExpiresIn = time.Unix(jwtData.RefreshExpiresIn, 0)
-	cfg.SetTokenExpiry(jwtData.Payload.Exp)
+	cfg.User = tokenData.User.Email
+	cfg.Token = tokenData.Token
+	cfg.SetTokenExpiry(tokenData.Expiry)
 
 	// Having stored the data in the global Cfg object, write it into the config file present in the local filesystem
 	err = cfg.WriteFile()
@@ -79,11 +79,30 @@ func registerDevice(ctx context.Context) (*auth.Device, error) {
 	return res, nil
 }
 
-func fetchJWT(ctx context.Context, deviceRegistrationData *auth.Device) (*auth.JWT, bool, error) {
-	var jwtData *auth.JWT
+func fetchPAT(ctx context.Context, deviceRegistrationData *auth.Device) (*auth.PAT, bool, error) {
+	var tokenData *auth.PAT
 	var err error
+	defaultUserName := "user"
+	defaultHostName := "host"
+	userName := ""
 	authTimedOut := true
 
+	/* ======================================================================= */
+	// The username and hostname to add in the description for the PAT request
+	/* ======================================================================= */
+	userData, err := user.Current()
+	if err != nil {
+		userName = defaultUserName
+	} else {
+		userName = userData.Username
+	}
+
+	hostName, err := os.Hostname()
+	if err != nil {
+		hostName = defaultHostName
+	}
+	userDescription := fmt.Sprintf("CLI PAT for %s@%s", userName, hostName)
+
 	// Fetching DeepSource client in order to interact with SDK
 	deepsource, err := deepsource.New(deepsource.ClientOpts{
 		Token:    config.Cfg.Token,
@@ -97,10 +116,10 @@ func fetchJWT(ctx context.Context, deviceRegistrationData *auth.Device) (*auth.J
 	ticker := time.NewTicker(time.Duration(deviceRegistrationData.Interval) * time.Second)
 	pollStartTime := time.Now()
 
-	// Polling for fetching JWT
+	// Polling for fetching PAT
 	func() {
 		for range ticker.C {
-			jwtData, err = deepsource.Login(ctx, deviceRegistrationData.Code)
+			tokenData, err = deepsource.Login(ctx, deviceRegistrationData.Code, userDescription)
 			if err == nil {
 				authTimedOut = false
 				return
@@ -113,5 +132,5 @@ func fetchJWT(ctx context.Context, deviceRegistrationData *auth.Device) (*auth.J
 		}
 	}()
 
-	return jwtData, authTimedOut, nil
+	return tokenData, authTimedOut, nil
 }

command/auth/refresh/refresh.go

@@ -4,7 +4,6 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"time"
 
 	"github.com/MakeNowJust/heredoc"
 	"github.com/deepsourcelabs/cli/config"
@@ -18,7 +17,6 @@ type RefreshOptions struct{}
 
 // NewCmdRefresh handles the refreshing of authentication credentials
 func NewCmdRefresh() *cobra.Command {
-
 	doc := heredoc.Docf(`
 		Refresh stored authentication credentials.
 
@@ -52,14 +50,6 @@ func (opts *RefreshOptions) Run() error {
 		return errors.New("You are not logged into DeepSource. Run \"deepsource auth login\" to authenticate.")
 	}
 
-	// Check if token as well as refresh token are present since they
-	// are required for refreshing auth
-	if cfg.Token == "" || cfg.RefreshToken == "" {
-		// In case, there is no token as well as refresh token, ask the user to login instead
-		// TODO: Add ability to automatically run `login` command here
-		return fmt.Errorf("You are not logged into DeepSource. Run \"deepsource auth login\" to authenticate.")
-	}
-
 	// Fetching DS Client
 	deepsource, err := deepsource.New(deepsource.ClientOpts{
 		Token:    config.Cfg.Token,
@@ -70,17 +60,15 @@ func (opts *RefreshOptions) Run() error {
 	}
 	ctx := context.Background()
 	// Use the SDK to fetch the new auth data
-	refreshedConfigData, err := deepsource.RefreshAuthCreds(ctx, cfg.RefreshToken)
+	refreshedConfigData, err := deepsource.RefreshAuthCreds(ctx, cfg.Token)
 	if err != nil {
 		return err
 	}
 
 	// Convert incoming config into the local CLI config format
-	cfg.User = refreshedConfigData.Payload.Email
+	cfg.User = refreshedConfigData.User.Email
 	cfg.Token = refreshedConfigData.Token
-	cfg.RefreshToken = refreshedConfigData.Refreshtoken
-	cfg.RefreshTokenExpiresIn = time.Unix(refreshedConfigData.RefreshExpiresIn, 0)
-	cfg.SetTokenExpiry(refreshedConfigData.Payload.Exp)
+	cfg.SetTokenExpiry(refreshedConfigData.Expiry)
 
 	// Having formatted the data, write it to the config file
 	err = cfg.WriteFile()

command/issues/list/list.go

@@ -235,7 +235,7 @@ func (opts *IssuesListOptions) exportJSON(filename string) (err error) {
 		return nil
 	}
 
-	if err = ioutil.WriteFile(filename, data, 0644); err != nil {
+	if err = ioutil.WriteFile(filename, data, 0o644); err != nil {
 		return err
 	}
 

config/config.go

@@ -9,8 +9,10 @@ import (
 	"github.com/pelletier/go-toml"
 )
 
-var configDirFn = os.UserHomeDir
-var readFileFn = os.ReadFile
+var (
+	configDirFn = os.UserHomeDir
+	readFileFn  = os.ReadFile
+)
 
 const (
 	ConfigDirName   = "/.deepsource/"
@@ -19,22 +21,19 @@ const (
 )
 
 type CLIConfig struct {
-	Host                  string    `toml:"host"`
-	User                  string    `toml:"user"`
-	Token                 string    `toml:"token"`
-	RefreshToken          string    `toml:"refresh_token,omitempty"`
-	TokenExpiresIn        time.Time `toml:"token_expires_in,omitempty"`
-	RefreshTokenExpiresIn time.Time `toml:"refresh_token_expires_in,omitempty"`
+	Host           string    `toml:"host"`
+	User           string    `toml:"user"`
+	Token          string    `toml:"token"`
+	TokenExpiresIn time.Time `toml:"token_expires_in,omitempty"`
 }
 
 var Cfg CLIConfig
 
+// Sets the token expiry in the desired format
 // Sets the token expiry in the desired format
 func (cfg *CLIConfig) SetTokenExpiry(str string) {
-	layout := "2006-01-02T15:04:05.999999999"
-	t, _ := time.Parse(layout, str)
-	timeStamp := t.Unix()
-	cfg.TokenExpiresIn = time.Unix(timeStamp, 0)
+	t, _ := time.Parse(time.RFC3339, str)
+	cfg.TokenExpiresIn = t.UTC()
 }
 
 // Checks if the token has expired or not
@@ -63,7 +62,7 @@ func (cfg CLIConfig) configPath() (string, error) {
 	return filepath.Join(home, ConfigFileName), nil
 }
 
-//ReadFile reads the CLI config file.
+// ReadFile reads the CLI config file.
 func (cfg *CLIConfig) ReadConfigFile() error {
 	path, err := cfg.configPath()
 	if err != nil {
@@ -89,7 +88,6 @@ func (cfg *CLIConfig) ReadConfigFile() error {
 }
 
 func GetConfig() (*CLIConfig, error) {
-
 	if Cfg.Token != "" {
 		return &Cfg, nil
 	}
@@ -103,7 +101,6 @@ func GetConfig() (*CLIConfig, error) {
 
 // WriteFile writes the CLI config to file.
 func (cfg *CLIConfig) WriteFile() error {
-
 	data, err := toml.Marshal(cfg)
 	if err != nil {
 		return err
@@ -145,7 +142,6 @@ func (cfg *CLIConfig) Delete() error {
 }
 
 func (cfg *CLIConfig) VerifyAuthentication() error {
-
 	// Checking if the user has authenticated / logged in or not
 	if cfg.Token == "" {
 		return errors.New("You are not logged into DeepSource. Run \"deepsource auth login\" to authenticate.")

config/config_test.go

@@ -8,12 +8,10 @@ import (
 )
 
 var cfg = CLIConfig{
-	Host:                  "deepsource.io",
-	User:                  "test",
-	Token:                 "test_token",
-	RefreshToken:          "test_refresh_token",
-	TokenExpiresIn:        time.Time{},
-	RefreshTokenExpiresIn: time.Time{},
+	Host:           "deepsource.io",
+	User:           "test",
+	Token:          "test_token",
+	TokenExpiresIn: time.Time{},
 }
 
 func TestSetTokenExpiry(t *testing.T) {
@@ -26,9 +24,9 @@ func TestSetTokenExpiry(t *testing.T) {
 	})
 
 	t.Run("must work with valid timestamp", func(t *testing.T) {
-		str := "2021-01-01T00:00:00.999999999"
+		str := "9999-12-31T23:59:59.999999+00:00"
 		cfg.SetTokenExpiry(str)
-		want := "2021-01-01 00:00:00 +0000 UTC"
+		want := "9999-12-31 23:59:59.999999 +0000 UTC"
 
 		assert.Equal(t, cfg.TokenExpiresIn.UTC().String(), want)
 	})

deepsource/auth/device.go

@@ -6,5 +6,5 @@ type Device struct {
 	VerificationURI         string `json:"verificationUri"`         // URL to verify user code
 	VerificationURIComplete string `json:"verificationUriComplete"` // URL to verify user code with the user code being sent as a URL param
 	ExpiresIn               int    `json:"expiresIn"`               // Time in which the device code expires
-	Interval                int    `json:"interval"`                // Interval in which the client needs to poll at the endpoint to receive the JWT
+	Interval                int    `json:"interval"`                // Interval in which the client needs to poll at the endpoint to receive the PAT
 }