Merge pull request #38 from GitGuardian/salomevoltz/load_env_for_configuration

Refacto authentication and add tests suite

Author: salome-voltz

.gitignore

@@ -34,4 +34,8 @@ tsconfig.base.tsbuildinfo%
 out/
 
 # build files
-**/*.vsix
+**/*.vsix
+
+# cache dir
+.cache_ggshield
+.vscode-test/

package.json

@@ -135,13 +135,15 @@
     "@types/glob": "^8.1.0",
     "@types/mocha": "^10.0.1",
     "@types/node": "20.2.5",
+    "@types/simple-mock": "^0.8.6",
     "@types/vscode": "^1.81.0",
     "@typescript-eslint/eslint-plugin": "^5.59.8",
     "@typescript-eslint/parser": "^5.59.8",
     "@vscode/test-electron": "^2.3.2",
     "eslint": "^8.41.0",
     "glob": "^8.1.0",
     "mocha": "^10.2.0",
+    "simple-mock": "^0.8.0",
     "typescript": "^5.1.3"
   },
   "dependencies": {

src/extension.ts

@@ -125,26 +125,31 @@ function registerQuotaViewCommands(view: GitGuardianQuotaWebviewProvider) {
 
 export function activate(context: ExtensionContext) {
   // Check if ggshield if available
+  commands.executeCommand('setContext', 'isAuthenticated', false);
+
   const outputChannel = window.createOutputChannel("GitGuardian");
   let configuration = getConfiguration(context);
-  let authStatus: boolean = false;
+
   const ggshieldResolver = new GGShieldResolver(
     outputChannel,
     context,
     configuration
   );
   const ggshieldViewProvider = new GitGuardianWebviewProvider(
     configuration,
-    context.extensionUri
+    context.extensionUri,
+    context
   );
 
   const ggshieldRemediationMessageViewProvider = new GitGuardianRemediationMessageWebviewProvider(
     configuration,
-    context.extensionUri
+    context.extensionUri,
+    context
   );
   const ggshieldQuotaViewProvider = new GitGuardianQuotaWebviewProvider(
     configuration,
-    context.extensionUri
+    context.extensionUri,
+    context
   );
   window.registerWebviewViewProvider("gitguardianView", ggshieldViewProvider);
   window.registerWebviewViewProvider(
@@ -173,15 +178,16 @@ export function activate(context: ExtensionContext) {
     .checkGGShieldConfiguration()
     .then(() => {
       // Check if ggshield is authenticated
-      authStatus = ggshieldAuthStatus(configuration);
-      const ggshieldApi = ggshieldApiKey(configuration);
-      if (authStatus && ggshieldApi) {
-        commands.executeCommand('setContext', 'isAuthenticated', true);
+      ggshieldAuthStatus(configuration, context);
+      if (context.globalState.get("isAuthenticated", false)) {
         updateStatusBarItem(StatusBarStatus.ready, statusBar);
-        setApiKey(configuration, ggshieldApi);
+        setApiKey(configuration, ggshieldApiKey(configuration));
+        ggshieldViewProvider.refresh();
+        ggshieldRemediationMessageViewProvider.refresh();
+        ggshieldQuotaViewProvider.refresh();
+
       } else {
         updateStatusBarItem(StatusBarStatus.unauthenticated, statusBar);
-        authStatus = false;
       }
     })
     .then(async () => {
@@ -204,7 +210,9 @@ export function activate(context: ExtensionContext) {
         workspace.onDidSaveTextDocument((textDocument) => {
           // Check if the document is inside the workspace
           const workspaceFolder = workspace.getWorkspaceFolder(textDocument.uri);
-          if (authStatus && workspaceFolder) {
+          console.log(context.globalState.get("isAuthenticated", false), workspaceFolder);
+          console.log('»»»»»»»»»»»»»»', context.globalState.get("isAuthenticated", false) && workspaceFolder);
+          if (context.globalState.get("isAuthenticated", false) && workspaceFolder) {
             scanFile(
               textDocument.fileName,
               textDocument.uri,
@@ -247,28 +255,28 @@ export function activate(context: ExtensionContext) {
         ),
         commands.registerCommand("gitguardian.authenticate", async () => {
           commands.executeCommand("gitguardian.openSidebar");
-          const isAuthenticated = await loginGGShield(
+          await loginGGShield(
             ggshieldResolver.configuration,
             outputChannel,
-            ggshieldViewProvider.getView() as WebviewView
-          );
-          if (isAuthenticated) {
-            authStatus = true;
-            updateStatusBarItem(StatusBarStatus.ready, statusBar);
-            commands.executeCommand('setContext', 'isAuthenticated', true);
-            const ggshieldApi = ggshieldApiKey(configuration);
-            setApiKey(configuration, ggshieldApi);
+            ggshieldViewProvider.getView() as WebviewView,
+            context
+          ).then(() => {
+            if (context.globalState.get("isAuthenticated", false)) {
+              updateStatusBarItem(StatusBarStatus.ready, statusBar);
+              setApiKey(configuration, ggshieldApiKey(configuration));
+            } else {
+              updateStatusBarItem(StatusBarStatus.unauthenticated, statusBar);
+            }
             ggshieldViewProvider.refresh();
             ggshieldRemediationMessageViewProvider.refresh();
             ggshieldQuotaViewProvider.refresh();
-          } else {
-            updateStatusBarItem(StatusBarStatus.unauthenticated, statusBar);
-          }
+          }).catch((err) => {
+            outputChannel.appendLine(`Authentication failed: ${err.message}`);
+          });
         }),
         commands.registerCommand("gitguardian.logout", async () => {
-          logoutGGShield(ggshieldResolver.configuration);
+          logoutGGShield(ggshieldResolver.configuration, context);
           updateStatusBarItem(StatusBarStatus.unauthenticated, statusBar);
-          commands.executeCommand('setContext', 'isAuthenticated', false);
           setApiKey(configuration, undefined);
           ggshieldViewProvider.refresh();
           ggshieldRemediationMessageViewProvider.refresh();

src/ggshield-webview/gitguardian-quota-webview.ts

@@ -1,4 +1,4 @@
-import { getAPIquota, ggshieldAuthStatus } from "../lib/ggshield-api";
+import { getAPIquota } from "../lib/ggshield-api";
 import { GGShieldConfiguration } from "../lib/ggshield-configuration";
 import * as vscode from "vscode";
 
@@ -13,7 +13,8 @@ export class GitGuardianQuotaWebviewProvider
 
   constructor(
     private ggshieldConfiguration: GGShieldConfiguration,
-    private readonly _extensionUri: vscode.Uri
+    private readonly _extensionUri: vscode.Uri,
+    private context: vscode.ExtensionContext
   ) {
     this.checkAuthenticationStatus();
     this.updateQuota();
@@ -36,7 +37,7 @@ export class GitGuardianQuotaWebviewProvider
   }
 
   private async checkAuthenticationStatus() {
-    this.isAuthenticated = ggshieldAuthStatus(this.ggshieldConfiguration);
+    this.isAuthenticated = this.context.globalState.get("isAuthenticated", false);
   }
 
   private async updateQuota() {

src/ggshield-webview/gitguardian-remediation-message-view.ts

@@ -1,4 +1,4 @@
-import { getRemediationMessage, ggshieldAuthStatus } from "../lib/ggshield-api";
+import { getRemediationMessage } from "../lib/ggshield-api";
 import { GGShieldConfiguration } from "../lib/ggshield-configuration";
 import * as vscode from "vscode";
 
@@ -13,7 +13,8 @@ export class GitGuardianRemediationMessageWebviewProvider
 
   constructor(
     private ggshieldConfiguration: GGShieldConfiguration,
-    private readonly _extensionUri: vscode.Uri
+    private readonly _extensionUri: vscode.Uri,
+    private context: vscode.ExtensionContext
   ) {
     this.checkAuthenticationStatus();
     this.updateRemediationMessage();
@@ -36,7 +37,7 @@ export class GitGuardianRemediationMessageWebviewProvider
   }
 
   private async checkAuthenticationStatus() {
-    this.isAuthenticated = ggshieldAuthStatus(this.ggshieldConfiguration);
+    this.isAuthenticated = this.context.globalState.get("isAuthenticated", false);
   }
 
   private async updateRemediationMessage() {
@@ -51,7 +52,7 @@ export class GitGuardianRemediationMessageWebviewProvider
     }
   }
 
-  private escapeHtml(unsafe: string):string  {
+  private escapeHtml(unsafe: string): string {
     return unsafe
          .replace(/&/g, "&")
          .replace(/</g, "&lt;")
@@ -97,7 +98,7 @@ ${this.escapeHtml(this.remediationMessage)}
     this.updateWebViewContent(this._view);
 
     await this.checkAuthenticationStatus();
-    console.log("Well authentificated");
+    console.log("Well authenticated");
     await this.updateRemediationMessage();
 
     this.isLoading = false;

src/ggshield-webview/gitguardian-webview-view.ts

@@ -1,6 +1,5 @@
 import * as vscode from "vscode";
 import { GGShieldConfiguration } from "../lib/ggshield-configuration";
-import { ggshieldAuthStatus } from "../lib/ggshield-api";
 
 const projectDiscussionUri = vscode.Uri.parse(
   "https://github.com/GitGuardian/gitguardian-vscode/discussions"
@@ -19,7 +18,8 @@ export class GitGuardianWebviewProvider implements vscode.WebviewViewProvider {
 
   constructor(
     private ggshieldConfiguration: GGShieldConfiguration,
-    private readonly _extensionUri: vscode.Uri
+    private readonly _extensionUri: vscode.Uri,
+    private context: vscode.ExtensionContext
   ) {
     this.checkAuthenticationStatus();
   }
@@ -54,7 +54,7 @@ export class GitGuardianWebviewProvider implements vscode.WebviewViewProvider {
 
 
   private async checkAuthenticationStatus() {
-    this.isAuthenticated = ggshieldAuthStatus(this.ggshieldConfiguration);
+    this.isAuthenticated = this.context.globalState.get("isAuthenticated", false);
   }
 
   private updateWebViewContent(webviewView?: vscode.WebviewView) {

src/lib/ggshield-api.ts

@@ -3,7 +3,7 @@ import {
   SpawnOptionsWithoutStdio,
   spawn,
 } from "child_process";
-import { window, WebviewView } from "vscode";
+import { window, WebviewView, ExtensionContext, commands } from "vscode";
 import axios from 'axios';
 import { GGShieldConfiguration } from "./ggshield-configuration";
 import { GGShieldScanResults } from "./api-types";
@@ -162,7 +162,8 @@ export async function loginGGShield(
   configuration: GGShieldConfiguration,
   outputChannel: any,
   webviewView: WebviewView,
-): Promise<boolean> {
+  context: ExtensionContext
+): Promise<void> {
   const { ggshieldPath, apiUrl, apiKey } = configuration;
 
   let options: SpawnOptionsWithoutStdio = {
@@ -176,9 +177,9 @@ export async function loginGGShield(
     windowsHide: true,
   };
 
-  let args = ["auth", "login", "--method=web"];
+  let args = ["auth", "login", "--method=web", "--debug"];
 
-  return new Promise((resolve) => {
+  return new Promise<void>((resolve, reject) => {
     const proc = spawn(ggshieldPath, args, options);
 
     proc.stdout.on("data", (data) => {
@@ -194,52 +195,59 @@ export async function loginGGShield(
         });
       }
     });
-;
 
     proc.stderr.on("data", (data) => {
       outputChannel.appendLine(`ggshield stderr: ${data.toString()}`);
     });
 
-    proc.on("close", (code) => {
+    proc.on("close", async (code) => {
       if (code !== 0) {
         outputChannel.appendLine(`ggshield process exited with code ${code}`);
-        resolve(false);
+        reject(new Error(`ggshield process exited with code ${code}`));
       } else {
         outputChannel.appendLine("ggshield login completed successfully");
-        resolve(true);
+        commands.executeCommand("setContext", "isAuthenticated", true);
+        await context.globalState.update('isAuthenticated', true);
+        resolve();
       }
     });
 
     proc.on("error", (err) => {
       outputChannel.appendLine(`ggshield process error: ${err.message}`);
-      resolve(false);
+      reject(err);
     });
   });
 }
 
-export function logoutGGShield(
-  configuration: GGShieldConfiguration
-): void {
+
+export async function logoutGGShield(
+  configuration: GGShieldConfiguration,
+  context: ExtensionContext
+): Promise<void> {
   runGGShieldCommand(configuration, ["auth", "logout"]);
+  commands.executeCommand('setContext', 'isAuthenticated', false);
+  await context.globalState.update('isAuthenticated', false);
+
 }
 
-export function ggshieldAuthStatus(
-  configuration: GGShieldConfiguration
-): boolean {
-  const proc = runGGShieldCommand(configuration, ["api-status"]);
-  if (proc.stderr || proc.error) {
-    if (proc.stderr.includes("Config key")){
-      window.showErrorMessage(`Gitguardian: ${proc.stderr}`);
-    }
-    console.log(proc.stderr);
-    return false;
-  } else {
-    if (proc.stdout.includes("unhealthy")) {
-      return false;
+export async function ggshieldAuthStatus(
+  configuration: GGShieldConfiguration,
+  context: ExtensionContext
+  ): Promise<void> {
+    let isAuthenticated: boolean;
+    const proc = runGGShieldCommand(configuration, ["api-status", "--json"]);
+    if (proc.status === 0 && JSON.parse(proc.stdout).status_code === 200) {
+      isAuthenticated = true;
     }
-    console.log(proc.stdout);
-    return true;
-  }
+    else{
+      if (proc.stderr && proc.stderr.includes("Config key")){
+        window.showErrorMessage(`Gitguardian: ${proc.stderr}`);
+      }
+      console.log(proc.stderr);
+      isAuthenticated = false;
+    } 
+    commands.executeCommand('setContext', 'isAuthenticated', isAuthenticated);
+    await context.globalState.update('isAuthenticated', isAuthenticated);
 }
 
 /**

src/lib/ggshield-resolver.ts

@@ -24,8 +24,8 @@ export class GGShieldResolver {
    * Ensures the availability of ggshield by determining the executable path.
    *
    * The function performs the following checks in order:
-   *  2. Checks if a custom path is configured in the settings and uses it.
-   *  3. Else, falls back to using the standalone version bundled with the extension.
+   *  1. Checks if a custom path is configured in the settings and uses it.
+   *  2. Else, falls back to using the standalone version bundled with the extension.
    *
    * @returns {Promise<void>} A promise that resolves once the `ggshield` path is determined.
    */
@@ -56,24 +56,12 @@ export class GGShieldResolver {
   async testConfiguration(
     configuration: GGShieldConfiguration
   ): Promise<void> {
-    let proc = runGGShieldCommand(configuration, ["quota"]);
-    if (proc.error || proc.stderr.length > 0) {
-      if (proc.error) { 
-        if (proc.error.message.includes("ENOENT")) {
-          throw new Error(
-            `GGShield path provided in settings is invalid: ${configuration.ggshieldPath}.`
-          );
-        } else {
-          throw new Error(proc.error.message);
-        }
-      } else if (proc.stderr.includes("Invalid API key")) {
-        throw new Error(
-          `API key provided in settings is invalid.`
-        );
-      }
-    } else {
-      this.configuration = configuration;
-      return;
+    // Check if the ggshield path is valid
+    let proc = runGGShieldCommand(configuration, ["--version"]);
+    if (proc.status !== 0) {
+      window.showErrorMessage(`GitGuardian: Invalid ggshield path. ${proc.stderr}`);
+      throw new Error(proc.stderr);
     }
   }
 }
+