feat(IDE-1701): settings page auth flow — bridge persist and forward apiUrl#795
Open
nick-y-snyk wants to merge 2 commits intomasterfrom
Open
feat(IDE-1701): settings page auth flow — bridge persist and forward apiUrl#795nick-y-snyk wants to merge 2 commits intomasterfrom
nick-y-snyk wants to merge 2 commits intomasterfrom
Conversation
…rotocol version to 25 [IDE-1701] - Add ExecuteCommandBridge class as the single shared implementation of the __ideExecuteCommand__ JS↔IDE contract, used by both the HTML tree view and the settings page - Remove duplicated bridge script and dispatch logic from SaveConfigHandler and TreeViewBridgeHandler; both now delegate to ExecuteCommandBridge - Remove ALLOWED_COMMANDS allowlist from TreeViewBridgeHandler — the LS-generated HTML is trusted and both panels now share the same open bridge - Add SaveConfigHandlerExecuteCommandTest covering snyk.login/snyk.logout routing and callback invocation - Bump requiredLsProtocolVersion 24 → 25
… flag - Remove persist field from HasAuthenticatedParam — always saves token and apiUrl - Revert persist conditional in hasAuthenticated — always writes to pluginSettings and triggers scan on first login (blank old token) - Add HTMLSettingsPanel.instance static reference for direct token injection - Add setAuthToken(token, apiUrl) on HTMLSettingsPanel — called from hasAuthenticated so the settings page webview shows the token immediately after auth - Remove updateConfiguration(false) call before snyk.login in ExecuteCommandBridge - Add bridge persist in ExecuteCommandBridge.dispatch: when snyk.login called with 3+ args, save authMethod/endpoint/ignoreUnknownCA to pluginSettings before forwarding to LS (no updateConfiguration → no didChangeConfiguration loop) - Remove updateConfiguration test; add bridge persist test verifying settings written - Remove persist-related tests from SnykLanguageClientTest; keep setAuthToken test - Extend executeCommandWithArgs timeout param to support 120s for snyk.login
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
Contributor
Code Coverage
|
nick-y-snyk
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & Why
The settings page drives authentication via
snyk.loginwith[authMethod, endpoint, insecure]args. Before forwarding to the LS, the IDE must persist these values locally so they survive a page close. Additionally,$/snyk.hasAuthenticatednow carriesapiUrlwhich is forwarded to the settings panel webview so the settings page can update both fields after auth.Bridge persist written directly to
pluginSettings()properties — noupdateConfiguration()call means nodidChangeConfigurationloop.Changes
ExecuteCommandBridge.kt(new shared class)LOGIN_TIMEOUT_MS = 120_000L;LONG_RUNNING_COMMANDS = setOf("snyk.login")— login waits up to 2 min for browser OAuth__ideLogin__/__ideLogout__withwindow.__ideExecuteCommand__(cmd, args, callback)bridgels.executeCommandWithArgs, whencommand == "snyk.login"andargs.size >= 3, callssaveLoginArgs(args):args[0]→AuthenticationType("oauth"→OAUTH2,"pat"→PAT,"token"→API_TOKEN)pluginSettings().authenticationType,.customEndpointUrl,.ignoreUnknownCAupdateConfiguration()call → nodidChangeConfigurationsent to LSLanguageServerWrapper.executeCommandWithArgsgainstimeoutMillis: Long = 5_000paramHTMLSettingsPanel.ktcompanion object { @Volatile var instance: HTMLSettingsPanel? = null }— set ininit, cleared indispose()setAuthToken(token: String, apiUrl: String?)— escapes both, executeswindow.setAuthToken(safeToken, safeApiUrl)via JCEF oninvokeLaterwithModalityState.any()SnykLanguageClient.ktCalls
HTMLSettingsPanel.instance?.setAuthToken(param.token ?: "", param.apiUrl)before saving topluginSettings()— settings page webview updates immediately after auth.SaveConfigHandler.ktRemoves the
messageBus.subscribe(SnykSettingsListener.SNYK_SETTINGS_TOPIC, ...)block that pushed token updates to the browser — replaced by the directHTMLSettingsPanel.instance?.setAuthToken(...)call inSnykLanguageClient.Tests
SaveConfigHandlerExecuteCommandTest.kt: bridge persist test added (sendssnyk.loginwith["pat", "https://api.eu.snyk.io", true], assertsauthenticationType == PAT,customEndpointUrl,ignoreUnknownCA); allexecuteCommandWithArgsverify calls include timeout argSnykLanguageClientTest.kt:setAuthTokencalled onHTMLSettingsPanel.instancewhen panel is open (new test)Test plan
didChangeConfigurationsent when bridge saves auth params./gradlew test