Implement a native TTY interface for POSIX platforms

Replace the `Console.Read/Write` interface for terminal prompts with a
system-native implementation that uses /dev/tty directly. This allows us
to read and write to the terminal even when our stdin/out/err streams
have been redirected by parent processes. We can also now exercise
control over the TTY echo which is useful for hiding user input of
passwords and other secrets.

Author: mjcheetham

src/shared/GitHub/GitHubAuthentication.cs

@@ -27,10 +27,10 @@ public bool TryGetCredentials(Uri targetUri, out string userName, out string pas
         {
             EnsureTerminalPromptsEnabled();
 
-            _context.StdError.WriteLine("Enter credentials for '{0}'...", targetUri);
+            _context.Terminal.WriteLine("Enter credentials for '{0}'...", targetUri);
 
-            userName = _context.Prompt("Username");
-            password = _context.PromptSecret("Password");
+            userName = _context.Terminal.Prompt("Username");
+            password = _context.Terminal.PromptSecret("Password");
 
             return !string.IsNullOrWhiteSpace(userName) && !string.IsNullOrWhiteSpace(password);
         }
@@ -39,18 +39,18 @@ public bool TryGetAuthenticationCode(Uri targetUri, bool isSms, out string authe
         {
             EnsureTerminalPromptsEnabled();
 
-            _context.StdError.WriteLine("Two-factor authentication is enabled and an authentication code is required.");
+            _context.Terminal.WriteLine("Two-factor authentication is enabled and an authentication code is required.");
 
             if (isSms)
             {
-                _context.StdError.WriteLine("An SMS containing the authentication code has been sent to your registered device.");
+                _context.Terminal.WriteLine("An SMS containing the authentication code has been sent to your registered device.");
             }
             else
             {
-                _context.StdError.WriteLine("Use your registered authentication app to generate an authentication code.");
+                _context.Terminal.WriteLine("Use your registered authentication app to generate an authentication code.");
             }
 
-            authenticationCode = _context.Prompt("Authentication code");
+            authenticationCode = _context.Terminal.Prompt("Authentication code");
             return !string.IsNullOrWhiteSpace(authenticationCode);
         }
 

src/shared/Microsoft.Git.CredentialManager.Tests/Authentication/TtyPromptBasicAuthenticationTests.cs

@@ -28,10 +28,8 @@ public void TtyPromptBasicAuthentication_GetCredentials_ResourceAndUserName_Pass
             const string testUserName = "john.doe";
             const string testPassword = "letmein123";
 
-            var context = new TestCommandContext
-            {
-                SecretPrompts = {["Password"] = testPassword}
-            };
+            var context = new TestCommandContext();
+            context.Terminal.SecretPrompts["Password"] = testPassword;
 
             var basicAuth = new TtyPromptBasicAuthentication(context);
 
@@ -48,11 +46,9 @@ public void TtyPromptBasicAuthentication_GetCredentials_Resource_UserPassPromptR
             const string testUserName = "john.doe";
             const string testPassword = "letmein123";
 
-            var context = new TestCommandContext
-            {
-                Prompts       = {["Username"] = testUserName},
-                SecretPrompts = {["Password"] = testPassword}
-            };
+            var context = new TestCommandContext();
+            context.Terminal.Prompts["Username"] = testUserName;
+            context.Terminal.SecretPrompts["Password"] = testPassword;
 
             var basicAuth = new TtyPromptBasicAuthentication(context);
 

src/shared/Microsoft.Git.CredentialManager/Authentication/BasicAuthentication.cs

@@ -43,21 +43,21 @@ public GitCredential GetCredentials(string resource, string userName)
                 throw new InvalidOperationException("Cannot show basic credential prompt because terminal prompts have been disabled.");
             }
 
-            _context.StdError.WriteLine("Enter credentials for '{0}':", resource);
+            _context.Terminal.WriteLine("Enter credentials for '{0}':", resource);
 
             if (!string.IsNullOrWhiteSpace(userName))
             {
                 // Don't need to prompt for the username if it has been specified already
-                _context.StdError.WriteLine("Username: {0}", userName);
+                _context.Terminal.WriteLine("Username: {0}", userName);
             }
             else
             {
                 // Prompt for username
-                userName = _context.Prompt("Username");
+                userName = _context.Terminal.Prompt("Username");
             }
 
             // Prompt for password
-            string password = _context.PromptSecret("Password");
+            string password = _context.Terminal.PromptSecret("Password");
 
             return new GitCredential(userName, password);
         }

src/shared/Microsoft.Git.CredentialManager/CommandContext.cs

@@ -6,6 +6,7 @@
 using System.IO;
 using System.Text;
 using Microsoft.Git.CredentialManager.Interop.MacOS;
+using Microsoft.Git.CredentialManager.Interop.Posix;
 using Microsoft.Git.CredentialManager.Interop.Windows;
 
 namespace Microsoft.Git.CredentialManager
@@ -31,23 +32,9 @@ public interface ICommandContext
         TextWriter StdError { get; }
 
         /// <summary>
-        /// Shows a prompt and reads input.
+        /// The attached terminal (TTY) to this process tree.
         /// </summary>
-        /// <param name="prompt">The prompt text to show.</param>
-        /// <returns>The result from the prompt.</returns>
-        string Prompt(string prompt);
-
-        /// <summary>
-        /// Shows a prompt for capturing secret/sensitive information such as passwords, suppresses key echo,
-        /// and reads the input.
-        /// </summary>
-        /// <param name="prompt">The prompt text to show.</param>
-        /// <returns>The result from the prompt.</returns>
-        /// <exception cref="T:System.InvalidOperationException">
-        /// If <see cref="echo"/> is false, and the <see cref="System.Console.In"/> property is redirected from some
-        /// stream other than the console.
-        /// </exception>
-        string PromptSecret(string prompt);
+        ITerminal Terminal { get; }
 
         /// <summary>
         /// Application tracing system.
@@ -83,6 +70,7 @@ public class CommandContext : ICommandContext
         private TextReader _stdIn;
         private TextWriter _stdOut;
         private TextWriter _stdErr;
+        private ITerminal _terminal;
 
         #region ICommandContext
 
@@ -133,44 +121,9 @@ public TextWriter StdError
             }
         }
 
-        public string Prompt(string prompt)
-        {
-            StdError.Write($"{prompt}: ");
-
-            return StdIn.ReadLine();
-        }
-
-        public string PromptSecret(string prompt)
+        public ITerminal Terminal
         {
-            StdError.Write($"{prompt}: ");
-
-            var value = new StringBuilder();
-            bool done = false;
-
-            do
-            {
-                // TODO: Can & should we directly disable 'stdin echo' and then just use a
-                // inStream/StdIn.ReadLine() call rather than needing to use Console.ReadKey?
-                ConsoleKeyInfo keyInfo = Console.ReadKey(intercept: true);
-                switch (keyInfo.Key)
-                {
-                    case ConsoleKey.Enter:
-                        done = true;
-                        StdError.WriteLine();
-                        break;
-                    case ConsoleKey.Backspace:
-                        if (value.Length > 0)
-                        {
-                            value.Remove(value.Length - 1, 1);
-                        }
-                        break;
-                    default:
-                        value.Append(keyInfo.KeyChar);
-                        break;
-                }
-            } while (!done);
-
-            return value.ToString();
+            get { return _terminal ?? (_terminal = CreateTerminal()); }
         }
 
         public ITrace Trace { get; } = new Trace();
@@ -210,6 +163,21 @@ public IReadOnlyDictionary<string, string> GetEnvironmentVariables()
 
         #endregion
 
+        private ITerminal CreateTerminal()
+        {
+            if (PlatformUtils.IsPosix())
+            {
+                return new PosixTerminal(Trace);
+            }
+
+            if (PlatformUtils.IsWindows())
+            {
+                throw new NotImplementedException();
+            }
+
+            throw new PlatformNotSupportedException();
+        }
+
         private static ICredentialStore CreateCredentialStore()
         {
             if (PlatformUtils.IsMacOS())

src/shared/Microsoft.Git.CredentialManager/ITerminal.cs

@@ -0,0 +1,39 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license.
+using Microsoft.Git.CredentialManager.Interop;
+
+namespace Microsoft.Git.CredentialManager
+{
+    /// <summary>
+    /// Represents a terminal (TTY) interface.
+    /// </summary>
+    public interface ITerminal
+    {
+        /// <summary>
+        /// Write a message to the terminal screen.
+        /// </summary>
+        /// <param name="format">Format message to print to the terminal.</param>
+        /// <param name="args">Format argument values.</param>
+        /// <exception cref="InteropException">Throw if an error occurs interacting with the native terminal device.</exception>
+        void WriteLine(string format, params object[] args);
+
+        /// <summary>
+        /// Prompt for user input.
+        /// </summary>
+        /// <param name="prompt">Prompt message.</param>
+        /// <returns>User input.</returns>
+        /// <exception cref="InteropException">Throw if an error occurs interacting with the native terminal device.</exception>
+        string Prompt(string prompt);
+
+        /// <summary>
+        /// Prompt for secret user input.
+        /// </summary>
+        /// <remarks>
+        /// Typed user input is masked or hidden.
+        /// </remarks>
+        /// <param name="prompt">Prompt message.</param>
+        /// <returns>Secret user input.</returns>
+        /// <exception cref="InteropException">Throw if an error occurs interacting with the native terminal device.</exception>
+        string PromptSecret(string prompt);
+    }
+}

src/shared/Microsoft.Git.CredentialManager/Interop/Posix/Native/Fcntl.cs

@@ -0,0 +1,35 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license.
+using System;
+using System.Runtime.InteropServices;
+
+namespace Microsoft.Git.CredentialManager.Interop.Posix.Native
+{
+    public static class Fcntl
+    {
+        [DllImport("libc", CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        public static extern int open(string pathname, OpenFlags flags);
+    }
+
+    [Flags]
+    public enum OpenFlags
+    {
+        O_RDONLY    = 0,
+        O_WRONLY    = 1,
+        O_RDWR      = 2,
+        O_CREAT     = 64,
+        O_EXCL      = 128,
+        O_NOCTTY    = 256,
+        O_TRUNC     = 512,
+        O_APPEND    = 1024,
+        O_NONBLOCK  = 2048,
+        O_SYNC      = 4096,
+        O_NOFOLLOW  = 131072,
+        O_DIRECTORY = 65536,
+        O_DIRECT    = 16384,
+        O_ASYNC     = 8192,
+        O_LARGEFILE = 32768,
+        O_CLOEXEC   = 524288,
+        O_PATH      = 2097152,
+    }
+}

src/shared/Microsoft.Git.CredentialManager/Interop/Posix/Native/Signal.cs

@@ -0,0 +1,37 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license.
+using System.Runtime.InteropServices;
+
+namespace Microsoft.Git.CredentialManager.Interop.Posix.Native
+{
+    public static class Signal
+    {
+        /// <summary>
+        /// Interrupt.
+        /// </summary>
+        public const int SIGINT  = 2;
+
+        /// <summary>
+        /// Quit.
+        /// </summary>
+        public const int SIGQUIT = 3;
+
+        /// <summary>
+        /// Abort.
+        /// </summary>
+        public const int SIGABRT = 6;
+
+        /// <summary>
+        /// Kill (cannot be caught or ignored).
+        /// </summary>
+        public const int SIGKILL = 9;
+
+        /// <summary>
+        /// Software termination signal from kill.
+        /// </summary>
+        public const int SIGTERM = 15;
+
+        [DllImport("libc", CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        public static extern void kill(int pid, int sig);
+    }
+}

src/shared/Microsoft.Git.CredentialManager/Interop/Posix/Native/Stdio.cs

@@ -0,0 +1,34 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license.
+using System;
+using System.Runtime.InteropServices;
+using System.Text;
+
+namespace Microsoft.Git.CredentialManager.Interop.Posix.Native
+{
+    public static class Stdio
+    {
+        public const int EOF = -1;
+
+        [DllImport("libc", CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        public static extern IntPtr fgets(StringBuilder sb, int size, IntPtr stream);
+
+        [DllImport("libc", CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        public static extern int fputc(int c, IntPtr stream);
+
+        [DllImport("libc", CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        public static extern int fprintf(IntPtr stream, string format, string message);
+
+        [DllImport("libc", CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        public static extern int fgetc(IntPtr stream);
+
+        [DllImport("libc", CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        public static extern int fputs(string str, IntPtr stream);
+
+        [DllImport("libc", CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        public static extern void setbuf(IntPtr stream, int size);
+
+        [DllImport("libc", CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)]
+        public static extern IntPtr fdopen(int fd, string mode);
+    }
+}