Skip to content

Commit

Permalink
Add account id to authentication session object
Browse files Browse the repository at this point in the history
  • Loading branch information
Rachel Macfarlane committed Apr 23, 2020
1 parent c622be7 commit 2e5312c
Show file tree
Hide file tree
Showing 9 changed files with 99 additions and 45 deletions.
57 changes: 47 additions & 10 deletions extensions/github-authentication/src/github.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,12 +12,27 @@ import Logger from './common/logger';
export const onDidChangeSessions = new vscode.EventEmitter<vscode.AuthenticationSessionsChangeEvent>();

interface SessionData {
id: string;
account?: {
displayName: string;
id: string;
}
scopes: string[];
accessToken: string;
}

// TODO remove
interface OldSessionData {
id: string;
accountName: string;
scopes: string[];
accessToken: string;
}

function isOldSessionData(x: any): x is OldSessionData {
return !!x.accountName;
}

export class GitHubAuthenticationProvider {
private _sessions: vscode.AuthenticationSession[] = [];
private _githubServer = new GitHubServer();
Expand Down Expand Up @@ -68,15 +83,34 @@ export class GitHubAuthenticationProvider {
const storedSessions = await keychain.getToken();
if (storedSessions) {
try {
const sessionData: SessionData[] = JSON.parse(storedSessions);
return sessionData.map(session => {
return {
id: session.id,
accountName: session.accountName,
scopes: session.scopes,
getAccessToken: () => Promise.resolve(session.accessToken)
};
const sessionData: (SessionData | OldSessionData)[] = JSON.parse(storedSessions);
const sessionPromises = sessionData.map(async (session: SessionData | OldSessionData): Promise<vscode.AuthenticationSession | undefined> => {
try {
const needsUserInfo = isOldSessionData(session) || !session.account;
let userInfo: { id: string, accountName: string };
if (needsUserInfo) {
userInfo = await this._githubServer.getUserInfo(session.accessToken);
}

return {
id: session.id,
account: {
displayName: isOldSessionData(session)
? session.accountName
: session.account?.displayName ?? userInfo!.accountName,
id: isOldSessionData(session)
? userInfo!.id
: session.account?.id ?? userInfo!.id
},
scopes: session.scopes,
getAccessToken: () => Promise.resolve(session.accessToken)
};
} catch (e) {
return undefined;
}
});

return (await Promise.all(sessionPromises)).filter((x: vscode.AuthenticationSession | undefined): x is vscode.AuthenticationSession => !!x);
} catch (e) {
Logger.error(`Error reading sessions: ${e}`);
}
Expand All @@ -90,7 +124,7 @@ export class GitHubAuthenticationProvider {
const resolvedAccessToken = await session.getAccessToken();
return {
id: session.id,
accountName: session.accountName,
account: session.account,
scopes: session.scopes,
accessToken: resolvedAccessToken
};
Expand Down Expand Up @@ -125,7 +159,10 @@ export class GitHubAuthenticationProvider {
return {
id: uuid(),
getAccessToken: () => Promise.resolve(token),
accountName: userInfo.accountName,
account: {
displayName: userInfo.accountName,
id: userInfo.id
},
scopes: scopes
};
}
Expand Down
1 change: 1 addition & 0 deletions extensions/github-authentication/src/githubServer.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,7 @@ export class GitHubServer {
Logger.info('Got account info!');
resolve({ id: json.id, accountName: json.login });
} else {
Logger.error('Getting account info failed');
reject(new Error(result.statusMessage));
}
});
Expand Down
26 changes: 18 additions & 8 deletions extensions/vscode-account/src/AADHelper.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,10 @@ interface IToken {
expiresAt?: number; // UNIX epoch time at which token will expire
refreshToken: string;

accountName: string;
account: {
displayName: string;
id: string;
};
scope: string;
sessionId: string; // The account id + the scope
}
Expand All @@ -44,7 +47,10 @@ interface IStoredSession {
id: string;
refreshToken: string;
scope: string; // Scopes are alphabetized and joined with a space
accountName: string;
account: {
displayName: string,
id: string
}
}

function parseQuery(uri: vscode.Uri) {
Expand Down Expand Up @@ -93,7 +99,10 @@ export class AzureActiveDirectoryService {
this._tokens.push({
accessToken: undefined,
refreshToken: session.refreshToken,
accountName: session.accountName,
account: {
displayName: session.account.displayName,
id: session.account.id
},
scope: session.scope,
sessionId: session.id
});
Expand Down Expand Up @@ -125,7 +134,7 @@ export class AzureActiveDirectoryService {
id: token.sessionId,
refreshToken: token.refreshToken,
scope: token.scope,
accountName: token.accountName
account: token.account
};
});

Expand Down Expand Up @@ -199,7 +208,7 @@ export class AzureActiveDirectoryService {
return {
id: token.sessionId,
getAccessToken: () => this.resolveAccessToken(token),
accountName: token.accountName,
account: token.account,
scopes: token.scope.split(' ')
};
}
Expand All @@ -223,8 +232,6 @@ export class AzureActiveDirectoryService {
} catch (e) {
throw new Error('Unavailable due to network problems');
}

throw new Error('Unavailable due to network problems');
}

private getTokenClaims(accessToken: string): ITokenClaims {
Expand Down Expand Up @@ -419,7 +426,10 @@ export class AzureActiveDirectoryService {
refreshToken: json.refresh_token,
scope,
sessionId: existingId || `${claims.tid}/${(claims.oid || (claims.altsecid || '' + claims.ipd || ''))}/${uuid()}`,
accountName: claims.email || claims.unique_name || 'user@example.com'
account: {
displayName: claims.email || claims.unique_name || 'user@example.com',
id: `${claims.tid}/${(claims.oid || (claims.altsecid || '' + claims.ipd || ''))}`
}
};
}

Expand Down
2 changes: 1 addition & 1 deletion extensions/vscode-account/src/extension.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ export async function activate(context: vscode.ExtensionContext) {
const selectedSession = await vscode.window.showQuickPick(sessions.map(session => {
return {
id: session.id,
label: session.accountName
label: session.account.displayName
};
}));

Expand Down
5 changes: 4 additions & 1 deletion src/vs/editor/common/modes.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1412,7 +1412,10 @@ export interface RenameProvider {
export interface AuthenticationSession {
id: string;
getAccessToken(): Thenable<string>;
accountName: string;
account: {
displayName: string;
id: string;
}
}

/**
Expand Down
5 changes: 4 additions & 1 deletion src/vs/vscode.proposed.d.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,10 @@ declare module 'vscode' {
export interface AuthenticationSession {
id: string;
getAccessToken(): Thenable<string>;
accountName: string;
account: {
displayName: string;
id: string;
};
scopes: string[]
}

Expand Down
34 changes: 17 additions & 17 deletions src/vs/workbench/api/browser/mainThreadAuthentication.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,21 +129,21 @@ export class MainThreadAuthenticationProvider extends Disposable {
}

private registerSession(session: modes.AuthenticationSession) {
this._sessions.set(session.id, session.accountName);
this._sessions.set(session.id, session.account.displayName);

const existingSessionsForAccount = this._accounts.get(session.accountName);
const existingSessionsForAccount = this._accounts.get(session.account.displayName);
if (existingSessionsForAccount) {
this._accounts.set(session.accountName, existingSessionsForAccount.concat(session.id));
this._accounts.set(session.account.displayName, existingSessionsForAccount.concat(session.id));
return;
} else {
this._accounts.set(session.accountName, [session.id]);
this._accounts.set(session.account.displayName, [session.id]);
}

const menuItem = MenuRegistry.appendMenuItem(MenuId.AccountsContext, {
group: '1_accounts',
command: {
id: `configureSessions${session.id}`,
title: `${session.accountName} (${this.displayName})`
title: `${session.account.displayName} (${this.displayName})`
},
order: 3
});
Expand All @@ -170,11 +170,11 @@ export class MainThreadAuthenticationProvider extends Disposable {
}

if (selected.label === manage) {
this.manageTrustedExtensions(quickInputService, storageService, session.accountName);
this.manageTrustedExtensions(quickInputService, storageService, session.account.displayName);
}

if (selected.label === showUsage) {
this.showUsage(quickInputService, session.accountName);
this.showUsage(quickInputService, session.account.displayName);
}

quickPick.dispose();
Expand All @@ -188,28 +188,28 @@ export class MainThreadAuthenticationProvider extends Disposable {
},
});

this._sessionMenuItems.set(session.accountName, [menuItem, manageCommand]);
this._sessionMenuItems.set(session.account.displayName, [menuItem, manageCommand]);
}

async signOut(dialogService: IDialogService, session: modes.AuthenticationSession): Promise<void> {
const providerUsage = accountUsages.get(this.id);
const accountUsage = (providerUsage || {})[session.accountName] || [];
const sessionsForAccount = this._accounts.get(session.accountName);
const accountUsage = (providerUsage || {})[session.account.displayName] || [];
const sessionsForAccount = this._accounts.get(session.account.displayName);

// Skip dialog if nothing is using the account
if (!accountUsage.length) {
accountUsages.set(this.id, { [session.accountName]: [] });
accountUsages.set(this.id, { [session.account.displayName]: [] });
sessionsForAccount?.forEach(sessionId => this.logout(sessionId));
return;
}

const result = await dialogService.confirm({
title: nls.localize('signOutConfirm', "Sign out of {0}", session.accountName),
message: nls.localize('signOutMessage', "The account {0} is currently used by: \n\n{1}\n\n Sign out of these features?", session.accountName, accountUsage.join('\n'))
title: nls.localize('signOutConfirm', "Sign out of {0}", session.account.displayName),
message: nls.localize('signOutMessage', "The account {0} is currently used by: \n\n{1}\n\n Sign out of these features?", session.account.displayName, accountUsage.join('\n'))
});

if (result.confirmed) {
accountUsages.set(this.id, { [session.accountName]: [] });
accountUsages.set(this.id, { [session.account.displayName]: [] });
sessionsForAccount?.forEach(sessionId => this.logout(sessionId));
}
}
Expand All @@ -218,9 +218,9 @@ export class MainThreadAuthenticationProvider extends Disposable {
return (await this._proxy.$getSessions(this.id)).map(session => {
return {
id: session.id,
accountName: session.accountName,
account: session.account,
getAccessToken: () => {
addAccountUsage(this.id, session.accountName, nls.localize('sync', "Preferences Sync"));
addAccountUsage(this.id, session.account.displayName, nls.localize('sync', "Preferences Sync"));
return this._proxy.$getSessionAccessToken(this.id, session.id);
}
};
Expand Down Expand Up @@ -258,7 +258,7 @@ export class MainThreadAuthenticationProvider extends Disposable {
return this._proxy.$login(this.id, scopes).then(session => {
return {
id: session.id,
accountName: session.accountName,
account: session.account,
getAccessToken: () => this._proxy.$getSessionAccessToken(this.id, session.id)
};
});
Expand Down
10 changes: 5 additions & 5 deletions src/vs/workbench/api/common/extHostAuthentication.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,12 +47,12 @@ export class ExtHostAuthentication implements ExtHostAuthenticationShape {
.map(session => {
return {
id: session.id,
accountName: session.accountName,
account: session.account,
scopes: session.scopes,
getAccessToken: async () => {
const isAllowed = await this._proxy.$getSessionsPrompt(
provider.id,
session.accountName,
session.account.displayName,
provider.displayName,
extensionId,
requestingExtension.displayName || requestingExtension.name);
Expand Down Expand Up @@ -80,15 +80,15 @@ export class ExtHostAuthentication implements ExtHostAuthenticationShape {
}

const session = await provider.login(scopes);
await this._proxy.$setTrustedExtension(provider.id, session.accountName, ExtensionIdentifier.toKey(requestingExtension.identifier), extensionName);
await this._proxy.$setTrustedExtension(provider.id, session.account.displayName, ExtensionIdentifier.toKey(requestingExtension.identifier), extensionName);
return {
id: session.id,
accountName: session.accountName,
account: session.account,
scopes: session.scopes,
getAccessToken: async () => {
const isAllowed = await this._proxy.$getSessionsPrompt(
provider.id,
session.accountName,
session.account.displayName,
provider.displayName,
ExtensionIdentifier.toKey(requestingExtension.identifier),
requestingExtension.displayName || requestingExtension.name);
Expand Down
4 changes: 2 additions & 2 deletions src/vs/workbench/contrib/userDataSync/browser/userDataSyncAccount.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@ export class UserDataSyncAccounts extends Disposable {

const sessions = await this.authenticationService.getSessions(authenticationProviderId) || [];
for (const session of sessions) {
const account: IUserDataSyncAccount = { authenticationProviderId, sessionId: session.id, accountName: session.accountName };
const account: IUserDataSyncAccount = { authenticationProviderId, sessionId: session.id, accountName: session.account.displayName };
accounts.set(account.accountName, account);
if (this.isCurrentAccount(account)) {
currentAccount = account;
Expand Down Expand Up @@ -196,7 +196,7 @@ export class UserDataSyncAccounts extends Disposable {
if (isAuthenticationProvider(result)) {
const session = await this.authenticationService.login(result.id, result.scopes);
sessionId = session.id;
accountName = session.accountName;
accountName = session.account.displayName;
} else {
sessionId = result.sessionId;
accountName = result.accountName;
Expand Down

0 comments on commit 2e5312c

Please sign in to comment.