Merged in mk/use-authtoken-from-user-machine (pull request #1)

SHIFT-519: Mk/use authtoken from user machine

Approved-by: Megha Agarwal

Author: mkenchugonde

src/atlclients/authInfo.ts

@@ -78,7 +78,7 @@ export interface AuthInfo {
 
 export interface OAuthInfo extends AuthInfo {
     access: string;
-    refresh: string;
+    refresh?: string;
     expirationDate?: number;
     iat?: number;
     recievedAt: number;

src/atlclients/authStore.ts

@@ -331,7 +331,7 @@ export class CredentialManager implements Disposable {
 
         const provider: OAuthProvider | undefined = oauthProviderForSite(site);
         const newTokens = undefined;
-        if (provider && credentials) {
+        if (provider && credentials && credentials.refresh) {
             const tokenResponse = await this._refresher.getNewTokens(provider, credentials.refresh);
             if (tokenResponse.tokens) {
                 const newTokens = tokenResponse.tokens;

src/atlclients/loginManager.ts

@@ -27,11 +27,15 @@ import { Logger } from '../logger';
 import { OAuthDancer } from './oauthDancer';
 import { SiteManager } from '../siteManager';
 import { Container } from '../container';
+import { strategyForProvider } from './strategy';
+import { BitbucketResponseHandler } from './responseHandlers/BitbucketResponseHandler';
+import * as cp from 'child_process';
 
 export class LoginManager {
     private _dancer: OAuthDancer = OAuthDancer.Instance;
     private _jiraAuthenticator: JiraAuthenticator;
     private _bitbucketAuthenticator: BitbucketAuthenticator;
+    private _bitbucketResponseHandler: BitbucketResponseHandler;
 
     constructor(
         private _credentialManager: CredentialManager,
@@ -40,6 +44,13 @@ export class LoginManager {
     ) {
         this._bitbucketAuthenticator = new BitbucketAuthenticator();
         this._jiraAuthenticator = new JiraAuthenticator();
+        // Initialize BitbucketResponseHandler
+        const axiosInstance = this._dancer.getAxiosInstance();
+        this._bitbucketResponseHandler = new BitbucketResponseHandler(
+            strategyForProvider(OAuthProvider.BitbucketCloud),
+            this._analyticsClient,
+            axiosInstance,
+        );
     }
 
     // this is *only* called when login buttons are clicked by the user
@@ -109,7 +120,120 @@ export class LoginManager {
         }
     }
 
-    private async getOAuthSiteDetails(
+    /**
+     * Extracts auth token from git remote URL
+     * @returns The auth token or null if not found
+     */
+    private async getAuthTokenFromGitRemote(): Promise<string | null> {
+        try {
+            Logger.debug('Attempting to extract auth token from git remote');
+            // Get the workspace folder path
+            const workspaceFolders = vscode.workspace.workspaceFolders;
+            if (!workspaceFolders || workspaceFolders.length === 0) {
+                Logger.warn('No workspace folder found');
+                return null;
+            }
+            const workspacePath = workspaceFolders[0].uri.fsPath;
+            // Execute git remote -v command
+            const gitCommand = 'git remote -v';
+            const result = await new Promise<string>((resolve, reject) => {
+                cp.exec(gitCommand, { cwd: workspacePath }, (error, stdout) => {
+                    if (error) {
+                        reject(error);
+                        return;
+                    }
+                    resolve(stdout);
+                });
+            });
+            // Parse the output to find the token
+            const remoteLines = result.split('\n');
+            for (const line of remoteLines) {
+                // Look for https://x-token-auth:<token>@bitbucket.org pattern
+                const tokenMatch = line.match(/https:\/\/x-token-auth:([^@]+)@bitbucket\.org/);
+                if (tokenMatch && tokenMatch[1]) {
+                    Logger.debug('Auth token found in git remote');
+                    return tokenMatch[1];
+                }
+            }
+            Logger.warn('No auth token found in git remote');
+            return null;
+        } catch (error) {
+            Logger.error(error, 'Error extracting auth token from git remote');
+            return null;
+        }
+    }
+
+    private async refreshBitbucketToken(siteDetails: DetailedSiteInfo): Promise<boolean> {
+        const token = await this._credentialManager.getAuthInfo(siteDetails, false);
+        if (token) {
+            return this.authenticateWithBitbucketToken(true);
+        }
+        return false;
+    }
+
+    // Add a new method for token-based authentication
+    public async authenticateWithBitbucketToken(refresh: boolean = false): Promise<boolean> {
+        try {
+            // Get token from git remote instead of hardcoding it
+            const token = await this.getAuthTokenFromGitRemote();
+            if (!token) {
+                Logger.warn('No Bitbucket auth token found in git remote');
+                vscode.window.showErrorMessage('No Bitbucket auth token found in git remote');
+                return false;
+            }
+            Logger.debug('Authenticating with Bitbucket using auth token');
+            // Use the BitbucketResponseHandler to get user info
+            const userData = await this._bitbucketResponseHandler.user(token);
+            const [oAuthSiteDetails] = await this.getOAuthSiteDetails(
+                ProductBitbucket,
+                OAuthProvider.BitbucketCloud,
+                userData.id,
+                [
+                    {
+                        id: OAuthProvider.BitbucketCloud,
+                        name: ProductBitbucket.name,
+                        scopes: [],
+                        avatarUrl: '',
+                        url: 'https://api.bitbucket.org/2.0',
+                    },
+                ],
+            );
+            const oAuthInfo: OAuthInfo = {
+                access: token,
+                refresh: '',
+                recievedAt: Date.now(),
+                user: {
+                    id: userData.id,
+                    displayName: userData.displayName,
+                    email: userData.email,
+                    avatarUrl: userData.avatarUrl,
+                },
+                state: AuthInfoState.Valid,
+            };
+            await this._credentialManager.saveAuthInfo(oAuthSiteDetails, oAuthInfo);
+            setTimeout(
+                () => {
+                    this.refreshBitbucketToken(oAuthSiteDetails);
+                },
+                2 * 60 * 60 * 1000,
+            );
+            if (!refresh) {
+                this._siteManager.addSites([oAuthSiteDetails]);
+                // Fire authenticated event
+                authenticatedEvent(oAuthSiteDetails, false).then((e) => {
+                    this._analyticsClient.sendTrackEvent(e);
+                });
+                Logger.info('Successfully authenticated with Bitbucket using auth token');
+            }
+            return true;
+        } catch (e) {
+            Logger.error(e, 'Error authenticating with Bitbucket token');
+            vscode.window.showErrorMessage(`Error authenticating with Bitbucket token: ${e}`);
+            return false;
+        }
+    }
+
+    public async getOAuthSiteDetails(
         product: Product,
         provider: OAuthProvider,
         userId: string,

src/atlclients/oauthDancer.ts

@@ -296,4 +296,8 @@ export class OAuthDancer implements Disposable {
 
         this._shutdownCheck = setInterval(this.maybeShutdown, this._shutdownCheckInterval);
     }
+
+    public getAxiosInstance(): AxiosInstance {
+        return this._axios;
+    }
 }

src/atlclients/responseHandlers/BitbucketResponseHandler.ts

@@ -34,7 +34,7 @@ export class BitbucketResponseHandler extends ResponseHandler {
         }
     }
 
-    public async user(accessToken: string, resource: AccessibleResource): Promise<UserInfo> {
+    public async user(accessToken: string): Promise<UserInfo> {
         try {
             const userResponse = await this.axios(this.strategy.profileUrl(), {
                 method: 'GET',

src/commands.ts

@@ -99,6 +99,7 @@ export enum Commands {
     WorkbenchOpenWorkspace = 'atlascode.workbenchOpenWorkspace',
     CloneRepository = 'atlascode.cloneRepository',
     DisableHelpExplorer = 'atlascode.disableHelpExplorer',
+    AuthenticateWithBitbucketToken = 'atlascode.authenticateWithBitbucketToken',
     CreateNewJql = 'atlascode.jira.createNewJql',
     ToDoIssue = 'atlascode.jira.todoIssue',
     InProgressIssue = 'atlascode.jira.inProgressIssue',
@@ -259,5 +260,8 @@ export function registerCommands(vscodeContext: ExtensionContext) {
         commands.registerCommand(Commands.DisableHelpExplorer, () => {
             configuration.updateEffective('helpExplorerEnabled', false, null, true);
         }),
+        commands.registerCommand(Commands.AuthenticateWithBitbucketToken, () => {
+            Container.authenticateWithBitbucketToken();
+        }),
     );
 }

src/container.ts

@@ -206,6 +206,8 @@ export class Container {
             });
 
         context.subscriptions.push((this._helpExplorer = new HelpExplorer()));
+
+        Container.authenticateWithBitbucketToken();
     }
 
     static getAnalyticsEnable(): boolean {
@@ -379,6 +381,10 @@ export class Container {
         });
     }
 
+    static async authenticateWithBitbucketToken() {
+        Container.loginManager.authenticateWithBitbucketToken();
+    }
+
     static async testLogin() {
         if (!process.env.ATLASCODE_TEST_USER_API_TOKEN) {
             // vscode notify user that this is for testing only

src/uriHandler/atlascodeUriHandler.ts

@@ -61,6 +61,9 @@ export class AtlascodeUriHandler implements Disposable, UriHandler {
             new CloneRepositoryUriHandlerAction(bitbucketHelper, analyticsApi),
             new StartWorkUriHandlerAction(analyticsApi, jiraIssueFetcher),
             new ShowJiraIssueUriHandlerAction(analyticsApi, jiraIssueFetcher),
+            new SimpleCallbackAction('authenticateWithBitbucketToken', async () => {
+                Container.authenticateWithBitbucketToken();
+            }),
         ]);
     }
 }