Class: Boxen::Preflight::Creds

Inherits:
Boxen::Preflight show all
Defined in:
lib/boxen/preflight/creds.rb

Instance Attribute Summary collapse

Attributes inherited from Check

#config

Instance Method Summary collapse

Methods inherited from Check

#abort, checks, #initialize, register, run, #warn

Constructor Details

This class inherits a constructor from Boxen::Check

Instance Attribute Details

#otpObject (readonly)

Returns the value of attribute otp.



13
14
15
 
# File 'lib/boxen/preflight/creds.rb', line 13

def otp
  @otp
end

#passwordObject (readonly)

Returns the value of attribute password.



14
15
16
 
# File 'lib/boxen/preflight/creds.rb', line 14

def password
  @password
end

Instance Method Details

#get_otpObject 



35
36
37
38
39
40
41
42
43
44
 
# File 'lib/boxen/preflight/creds.rb', line 35

def get_otp
  console = HighLine.new

  # junk API call to send OTP until we implement PUT
  tmp_api.create_authorization rescue nil

  @otp = console.ask "One time password (via SMS or device):" do |q|
    q.echo = '*'
  end
end

#get_tokensObject

Attempt to use the username+password to get a list of the user’s OAuth authorizations from the API. If it fails because of 2FA, ask the user for her OTP and try again.

Returns a list of authorizations



51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/boxen/preflight/creds.rb', line 51

def get_tokens
  begin
    tmp_api.authorizations(:headers => headers)
  rescue Octokit::Unauthorized
    abort "Sorry, I can't auth you on GitHub.",
      "Please check your credentials and teams and give it another try."
  rescue Octokit::OneTimePasswordRequired
    puts
    if otp.nil?
      warn "It looks like you have two-factor auth enabled."
    else
      warn "That one time password didn't work. Let's try again."
    end
    get_otp
    get_tokens
  end
end

#headersObject 



31
32
33
 
# File 'lib/boxen/preflight/creds.rb', line 31

def headers
  otp.nil? ? {} : {"X-GitHub-OTP" => otp}
end

#ok?Boolean

Returns:

  • (Boolean) 


16
17
18
19
20
21
22
23
24
25
 
# File 'lib/boxen/preflight/creds.rb', line 16

def ok?
  if config.token && config.api.user
    # There was a period of time when login wasn't geting set on first run.
    # This should correct that.
    config. = config.api.user.
    true
  end
rescue
  nil
end

#runObject 



69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
 
# File 'lib/boxen/preflight/creds.rb', line 69

def run
  
  tokens = get_tokens

  # Boxen now supports the updated GitHub Authorizations API by using a unique
  # `fingerprint` for each Boxen installation for a user. We delete any older
  # authorization that does not make use of `fingerprint` so that the "legacy"
  # authorization doesn't persist in the user's list of personal access
  # tokens.
  legacy_auth = tokens.detect { |a| a.note == "Boxen" && a.fingerprint == nil }
  tmp_api.delete_authorization(legacy_auth.id, :headers => headers) if legacy_auth

  # The updated GitHub authorizations API, in order to improve security, no
  # longer returns a plaintext `token` for existing authorizations. So, if an
  # authorization already exists for this machine we need to first delete it
  # so that we can create a new one.
  auth = tokens.detect { |a| a.note == note && a.fingerprint == fingerprint }
  tmp_api.delete_authorization(auth.id, :headers => headers) if auth

  auth = tmp_api.create_authorization(
    :note => note,
    :scopes => %w(repo user),
    :fingerprint => fingerprint,
    :headers => headers
  )

  config.token = auth.token

  unless ok?
    puts
    abort "Something went terribly wrong.",
      "I was able to get your OAuth token, but was unable to use it."
  end
end

#tmp_apiObject 



27
28
29
 
# File 'lib/boxen/preflight/creds.rb', line 27

def tmp_api
  @tmp_api ||= Octokit::Client.new :login => config., :password => password, :auto_paginate => true
end