Class: Boxen::Preflight::Creds
- Inherits:
-
Boxen::Preflight
- Object
- Check
- Boxen::Preflight
- Boxen::Preflight::Creds
- Defined in:
- lib/boxen/preflight/creds.rb
Instance Attribute Summary collapse
-
#otp ⇒ Object
readonly
Returns the value of attribute otp.
-
#password ⇒ Object
readonly
Returns the value of attribute password.
Attributes inherited from Check
Instance Method Summary collapse
- #get_otp ⇒ Object
-
#get_tokens ⇒ Object
Attempt to use the username+password to get a list of the user’s OAuth authorizations from the API.
- #headers ⇒ Object
- #ok? ⇒ Boolean
- #run ⇒ Object
- #tmp_api ⇒ Object
Methods inherited from Check
#abort, checks, #initialize, register, run, #warn
Constructor Details
This class inherits a constructor from Boxen::Check
Instance Attribute Details
#otp ⇒ Object (readonly)
Returns the value of attribute otp.
13 14 15 |
# File 'lib/boxen/preflight/creds.rb', line 13 def otp @otp end |
#password ⇒ Object (readonly)
Returns the value of attribute password.
14 15 16 |
# File 'lib/boxen/preflight/creds.rb', line 14 def password @password end |
Instance Method Details
#get_otp ⇒ Object
35 36 37 38 39 40 41 42 43 44 |
# File 'lib/boxen/preflight/creds.rb', line 35 def get_otp console = HighLine.new # junk API call to send OTP until we implement PUT tmp_api. rescue nil @otp = console.ask "One time password (via SMS or device):" do |q| q.echo = '*' end end |
#get_tokens ⇒ Object
Attempt to use the username+password to get a list of the user’s OAuth authorizations from the API. If it fails because of 2FA, ask the user for her OTP and try again.
Returns a list of authorizations
51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
# File 'lib/boxen/preflight/creds.rb', line 51 def get_tokens begin tmp_api.(:headers => headers) rescue Octokit::Unauthorized abort "Sorry, I can't auth you on GitHub.", "Please check your credentials and teams and give it another try." rescue Octokit::OneTimePasswordRequired puts if otp.nil? warn "It looks like you have two-factor auth enabled." else warn "That one time password didn't work. Let's try again." end get_otp get_tokens end end |
#headers ⇒ Object
31 32 33 |
# File 'lib/boxen/preflight/creds.rb', line 31 def headers otp.nil? ? {} : {"X-GitHub-OTP" => otp} end |
#ok? ⇒ Boolean
16 17 18 19 20 21 22 23 24 25 |
# File 'lib/boxen/preflight/creds.rb', line 16 def ok? if config.token && config.api.user # There was a period of time when login wasn't geting set on first run. # This should correct that. config.login = config.api.user.login true end rescue nil end |
#run ⇒ Object
69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# File 'lib/boxen/preflight/creds.rb', line 69 def run fetch_login_and_password tokens = get_tokens # Boxen now supports the updated GitHub Authorizations API by using a unique # `fingerprint` for each Boxen installation for a user. We delete any older # authorization that does not make use of `fingerprint` so that the "legacy" # authorization doesn't persist in the user's list of personal access # tokens. legacy_auth = tokens.detect { |a| a.note == "Boxen" && a.fingerprint == nil } tmp_api.(legacy_auth.id, :headers => headers) if legacy_auth # The updated GitHub authorizations API, in order to improve security, no # longer returns a plaintext `token` for existing authorizations. So, if an # authorization already exists for this machine we need to first delete it # so that we can create a new one. auth = tokens.detect { |a| a.note == note && a.fingerprint == fingerprint } tmp_api.(auth.id, :headers => headers) if auth auth = tmp_api.( :note => note, :scopes => %w(repo user), :fingerprint => fingerprint, :headers => headers ) config.token = auth.token unless ok? puts abort "Something went terribly wrong.", "I was able to get your OAuth token, but was unable to use it." end end |
#tmp_api ⇒ Object
27 28 29 |
# File 'lib/boxen/preflight/creds.rb', line 27 def tmp_api @tmp_api ||= Octokit::Client.new :login => config.login, :password => password, :auto_paginate => true end |