Fix getting credentials possibly deadlocking (#2961)

* Move SSO to jetbrains-core so we get access to ProgressIndicator
* Fetch credentials under a modal progress indicator
* Make SSO token pending respect ProgressIndicator cancel
* Throw ProcessCanceledException when user prompts are canceled
* Remove some coroutines usage that led to losing track of the ProgressIndicator

Author: abrooksv

jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/CorrectThreadCredentialsProvider.kt

@@ -19,6 +19,8 @@ import software.aws.toolkits.core.credentials.ToolkitCredentialsProvider
 import software.aws.toolkits.core.region.AwsRegion
 import software.aws.toolkits.core.utils.getLogger
 import software.aws.toolkits.core.utils.tryOrNull
+import software.aws.toolkits.jetbrains.utils.runUnderProgressIfNeeded
+import software.aws.toolkits.resources.message
 import software.aws.toolkits.telemetry.AwsTelemetry
 import java.util.concurrent.ConcurrentHashMap
 import java.util.concurrent.atomic.AtomicInteger
@@ -68,7 +70,9 @@ abstract class CredentialManager : SimpleModificationTracker() {
      * as loading from disk when new values.
      */
     private inner class AwsCredentialProviderProxy(private val providerId: String, private val region: AwsRegion) : AwsCredentialsProvider {
-        override fun resolveCredentials(): AwsCredentials = getOrCreateAwsCredentialsProvider(providerId, region).resolveCredentials()
+        override fun resolveCredentials(): AwsCredentials = runUnderProgressIfNeeded(null, message("credentials.retrieving"), cancelable = true) {
+            getOrCreateAwsCredentialsProvider(providerId, region).resolveCredentials()
+        }
 
         private fun getOrCreateAwsCredentialsProvider(providerId: String, region: AwsRegion): AwsCredentialsProvider {
             // Validate that the provider ID is still valid and get the latest copy

jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/CredentialManager.kt

@@ -4,10 +4,9 @@
 package software.aws.toolkits.jetbrains.core.credentials
 
 import com.intellij.openapi.actionSystem.AnAction
+import com.intellij.openapi.progress.ProcessCanceledException
 import com.intellij.openapi.ui.Messages
-import kotlinx.coroutines.runBlocking
-import kotlinx.coroutines.withContext
-import software.aws.toolkits.jetbrains.core.coroutines.getCoroutineUiContext
+import software.aws.toolkits.jetbrains.utils.computeOnEdt
 import software.aws.toolkits.resources.message
 
 interface MfaRequiredInteractiveCredentials : InteractiveCredential {
@@ -19,12 +18,10 @@ interface MfaRequiredInteractiveCredentials : InteractiveCredential {
     override fun userActionRequired(): Boolean = true
 }
 
-fun promptForMfaToken(name: String, mfaSerial: String): String = runBlocking {
-    withContext(getCoroutineUiContext()) {
-        Messages.showInputDialog(
-            message("credentials.mfa.message", mfaSerial),
-            message("credentials.mfa.title", name),
-            null
-        ) ?: throw IllegalStateException("MFA challenge is required")
-    }
+fun promptForMfaToken(name: String, mfaSerial: String): String = computeOnEdt {
+    Messages.showInputDialog(
+        message("credentials.mfa.message", mfaSerial),
+        message("credentials.mfa.title", name),
+        null
+    ) ?: throw ProcessCanceledException(IllegalStateException("MFA challenge is required"))
 }

jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/MfaSupport.kt

@@ -5,13 +5,13 @@ package software.aws.toolkits.jetbrains.core.credentials
 
 import com.intellij.ide.BrowserUtil
 import com.intellij.openapi.actionSystem.AnAction
+import com.intellij.openapi.progress.ProcessCanceledException
 import com.intellij.openapi.ui.Messages
-import kotlinx.coroutines.withContext
-import software.aws.toolkits.core.credentials.sso.Authorization
-import software.aws.toolkits.core.credentials.sso.DiskCache
-import software.aws.toolkits.core.credentials.sso.SsoCache
-import software.aws.toolkits.core.credentials.sso.SsoLoginCallback
-import software.aws.toolkits.jetbrains.core.coroutines.getCoroutineUiContext
+import software.aws.toolkits.jetbrains.core.credentials.sso.Authorization
+import software.aws.toolkits.jetbrains.core.credentials.sso.DiskCache
+import software.aws.toolkits.jetbrains.core.credentials.sso.SsoCache
+import software.aws.toolkits.jetbrains.core.credentials.sso.SsoLoginCallback
+import software.aws.toolkits.jetbrains.utils.computeOnEdt
 import software.aws.toolkits.jetbrains.utils.notifyError
 import software.aws.toolkits.resources.message
 
@@ -21,8 +21,8 @@ import software.aws.toolkits.resources.message
 val diskCache by lazy { DiskCache() }
 
 object SsoPrompt : SsoLoginCallback {
-    override suspend fun tokenPending(authorization: Authorization) {
-        withContext(getCoroutineUiContext()) {
+    override fun tokenPending(authorization: Authorization) {
+        computeOnEdt {
             val result = Messages.showOkCancelDialog(
                 message("credentials.sso.login.message", authorization.verificationUri, authorization.userCode),
                 message("credentials.sso.login.title"),
@@ -34,7 +34,7 @@ object SsoPrompt : SsoLoginCallback {
             if (result == Messages.OK) {
                 BrowserUtil.browse(authorization.verificationUriComplete)
             } else {
-                throw IllegalStateException(message("credentials.sso.login.cancelled"))
+                throw ProcessCanceledException(IllegalStateException(message("credentials.sso.login.cancelled")))
             }
         }
     }

jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/SsoSupport.kt

@@ -19,12 +19,12 @@ import software.aws.toolkits.core.credentials.CredentialSourceId
 import software.aws.toolkits.core.credentials.CredentialType
 import software.aws.toolkits.core.credentials.CredentialsChangeEvent
 import software.aws.toolkits.core.credentials.CredentialsChangeListener
-import software.aws.toolkits.core.credentials.sso.SsoCache
 import software.aws.toolkits.core.region.AwsRegion
 import software.aws.toolkits.jetbrains.core.credentials.MfaRequiredInteractiveCredentials
 import software.aws.toolkits.jetbrains.core.credentials.SsoRequiredInteractiveCredentials
 import software.aws.toolkits.jetbrains.core.credentials.ToolkitCredentialProcessProvider
 import software.aws.toolkits.jetbrains.core.credentials.diskCache
+import software.aws.toolkits.jetbrains.core.credentials.sso.SsoCache
 import software.aws.toolkits.jetbrains.settings.AwsSettings
 import software.aws.toolkits.jetbrains.settings.ProfilesNotification
 import software.aws.toolkits.jetbrains.utils.createNotificationExpiringAction

jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/profiles/ProfileCredentialProviderFactory.kt

@@ -12,11 +12,11 @@ import software.amazon.awssdk.regions.Region
 import software.amazon.awssdk.services.sso.SsoClient
 import software.amazon.awssdk.services.ssooidc.SsoOidcClient
 import software.amazon.awssdk.utils.SdkAutoCloseable
-import software.aws.toolkits.core.credentials.sso.SsoAccessTokenProvider
-import software.aws.toolkits.core.credentials.sso.SsoCredentialProvider
 import software.aws.toolkits.jetbrains.core.AwsClientManager
 import software.aws.toolkits.jetbrains.core.credentials.SsoPrompt
 import software.aws.toolkits.jetbrains.core.credentials.diskCache
+import software.aws.toolkits.jetbrains.core.credentials.sso.SsoAccessTokenProvider
+import software.aws.toolkits.jetbrains.core.credentials.sso.SsoCredentialProvider
 
 class ProfileSsoProvider(profile: Profile) : AwsCredentialsProvider, SdkAutoCloseable {
     private val ssoClient: SsoClient

jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/profiles/ProfileSsoProvider.kt

@@ -1,7 +1,7 @@
-// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-package software.aws.toolkits.core.credentials.sso
+package software.aws.toolkits.jetbrains.core.credentials.sso
 
 import software.amazon.awssdk.services.sso.SsoClient
 import software.amazon.awssdk.services.ssooidc.SsoOidcClient

core/src/software/aws/toolkits/core/credentials/sso/AccessToken.kt renamed to jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/sso/AccessToken.kt

@@ -1,7 +1,7 @@
 // Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-package software.aws.toolkits.core.credentials.sso
+package software.aws.toolkits.jetbrains.core.credentials.sso
 
 import software.amazon.awssdk.services.ssooidc.SsoOidcClient
 import java.time.Instant

core/src/software/aws/toolkits/core/credentials/sso/Authorization.kt renamed to jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/sso/Authorization.kt

@@ -1,7 +1,7 @@
 // Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-package software.aws.toolkits.core.credentials.sso
+package software.aws.toolkits.jetbrains.core.credentials.sso
 
 import software.amazon.awssdk.services.ssooidc.SsoOidcClient
 import java.time.Instant

core/src/software/aws/toolkits/core/credentials/sso/ClientRegistration.kt renamed to jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/sso/ClientRegistration.kt

@@ -1,7 +1,7 @@
-// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-package software.aws.toolkits.core.credentials.sso
+package software.aws.toolkits.jetbrains.core.credentials.sso
 
 import com.fasterxml.jackson.core.JsonParser
 import com.fasterxml.jackson.databind.DeserializationContext