Skip to content

Commit

Permalink
CLI-1212: [auth:logout] remove secrets
Browse files Browse the repository at this point in the history
  • Loading branch information
danepowell committed Nov 28, 2023
1 parent 218c676 commit 7fe3b44
Show file tree
Hide file tree
Showing 7 changed files with 77 additions and 43 deletions.
2 changes: 1 addition & 1 deletion src/Command/Auth/AuthAcsfLoginCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;

#[AsCommand(name: 'auth:acsf-login', description: 'Register your Site Factory API key and secret to use API functionality')]
#[AsCommand(name: 'auth:acsf-login', description: 'Register Acquia Site Factory API credentials')]
final class AuthAcsfLoginCommand extends CommandBase {

protected function configure(): void {
Expand Down
2 changes: 1 addition & 1 deletion src/Command/Auth/AuthAcsfLogoutCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;

#[AsCommand(name: 'auth:acsf-logout', description: 'Remove your Site Factory key and secret from your local machine.')]
#[AsCommand(name: 'auth:acsf-logout', description: 'Remove Acquia Site Factory API credentials')]
final class AuthAcsfLogoutCommand extends CommandBase {

protected function execute(InputInterface $input, OutputInterface $output): int {
Expand Down
2 changes: 1 addition & 1 deletion src/Command/Auth/AuthLoginCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;

#[AsCommand(name: 'auth:login', description: 'Register your Cloud API key and secret to use API functionality', aliases: ['login'])]
#[AsCommand(name: 'auth:login', description: 'Register Acquia Cloud API credentials', aliases: ['login'])]
final class AuthLoginCommand extends CommandBase {

protected function configure(): void {
Expand Down
27 changes: 19 additions & 8 deletions src/Command/Auth/AuthLogoutCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,24 +5,35 @@
namespace Acquia\Cli\Command\Auth;

use Acquia\Cli\Command\CommandBase;
use Acquia\Cli\Exception\AcquiaCliException;
use Symfony\Component\Console\Attribute\AsCommand;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;

#[AsCommand(name: 'auth:logout', description: 'Remove Cloud API key and secret from local machine.', aliases: ['logout'])]
#[AsCommand(name: 'auth:logout', description: 'Remove Acquia Cloud API credentials', aliases: ['logout'])]
final class AuthLogoutCommand extends CommandBase {

protected function configure(): void {
$this->addOption('delete', NULL, InputOption::VALUE_NEGATABLE, 'Delete the active Acquia Cloud API credentials');
}

protected function execute(InputInterface $input, OutputInterface $output): int {
if ($this->cloudApiClientService->isMachineAuthenticated()) {
$answer = $this->io->confirm('Are you sure you\'d like to unset the Acquia Cloud API key for Acquia CLI?');
if (!$answer) {
return Command::SUCCESS;
}
if (!$this->cloudApiClientService->isMachineAuthenticated()) {
throw new AcquiaCliException('You are not authenticated and therefore cannot logout');
}
$activeKey = $this->datastoreCloud->get('acli_key');
$output->writeln("<info>The active key <options=bold>$activeKey</> will be unset. You may also delete the active credentials entirely.</info>");

Check warning on line 27 in src/Command/Auth/AuthLogoutCommand.php

View workflow job for this annotation

GitHub Actions / Mutation Testing

Escaped Mutant for Mutator "MethodCallRemoval": --- Original +++ New @@ @@ throw new AcquiaCliException('You are not authenticated and therefore cannot logout'); } $activeKey = $this->datastoreCloud->get('acli_key'); - $output->writeln("<info>The active key <options=bold>{$activeKey}</> will be unset. You may also delete the active credentials entirely.</info>"); + $delete = $this->determineOption('delete', FALSE, NULL, NULL, TRUE); $this->datastoreCloud->remove('acli_key'); if ($delete) {
$delete = $this->determineOption('delete', FALSE, NULL, NULL, TRUE);

Check warning on line 28 in src/Command/Auth/AuthLogoutCommand.php

View workflow job for this annotation

GitHub Actions / Mutation Testing

Escaped Mutant for Mutator "FalseValue": --- Original +++ New @@ @@ } $activeKey = $this->datastoreCloud->get('acli_key'); $output->writeln("<info>The active key <options=bold>{$activeKey}</> will be unset. You may also delete the active credentials entirely.</info>"); - $delete = $this->determineOption('delete', FALSE, NULL, NULL, TRUE); + $delete = $this->determineOption('delete', true, NULL, NULL, TRUE); $this->datastoreCloud->remove('acli_key'); if ($delete) { $this->datastoreCloud->remove("keys.{$activeKey}");
$this->datastoreCloud->remove('acli_key');

$output->writeln("Unset the Acquia Cloud API key for Acquia CLI</info>");
if ($delete) {
$this->datastoreCloud->remove("keys.$activeKey");
$output->writeln("The active Acquia Cloud API credentials were deleted</info>");
}
else {
$output->writeln("The active Acquia Cloud API credentials were unset</info>");
}

return Command::SUCCESS;
}
Expand Down
23 changes: 19 additions & 4 deletions src/Command/CommandBase.php
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Question\ChoiceQuestion;
use Symfony\Component\Console\Question\ConfirmationQuestion;
use Symfony\Component\Console\Question\Question;
use Symfony\Component\Console\Style\SymfonyStyle;
use Symfony\Component\Console\Terminal;
Expand Down Expand Up @@ -1349,7 +1350,7 @@ protected function determineApiSecret(): string {
* explicitly or by default. In other words, we can't prompt for the value of
* an option that already has a default value.
*/
protected function determineOption(string $optionName, bool $hidden = FALSE, ?Closure $validator = NULL, ?Closure $normalizer = NULL, ?string $default = NULL): string|int|null {
protected function determineOption(string $optionName, bool $hidden = FALSE, ?Closure $validator = NULL, ?Closure $normalizer = NULL, string|bool|null $default = NULL): string|int|bool|null {
if ($optionValue = $this->input->getOption($optionName)) {
if (isset($normalizer)) {
$optionValue = $normalizer($optionValue);
Expand All @@ -1360,18 +1361,32 @@ protected function determineOption(string $optionName, bool $hidden = FALSE, ?Cl
return $optionValue;
}
$option = $this->getDefinition()->getOption($optionName);
if ($option->isNegatable() && $this->input->getOption("no-$optionName")) {
return FALSE;
}
$optionShortcut = $option->getShortcut();
$description = lcfirst($option->getDescription());
if ($optionShortcut) {
$message = "Enter $description (option <options=bold>-$optionShortcut</>, <options=bold>--$optionName</>)";
$optionString = "option <options=bold>-$optionShortcut</>, <options=bold>--$optionName</>";
}
else {
$optionString = "option <options=bold>--$optionName</>";
}
if ($option->acceptValue()) {
$message = "Enter $description ($optionString)";
}
else {
$message = "Enter $description (option <options=bold>--$optionName</>)";
$message = "Do you want to $description ($optionString)?";
}
$optional = $option->isValueOptional();
$message .= $optional ? ' (optional)' : '';
$message .= $hidden ? ' (input will be hidden)' : '';
$question = new Question($message, $default);
if ($option->acceptValue()) {
$question = new Question($message, $default);
}
else {
$question = new ConfirmationQuestion($message, $default);
}
$question->setHidden($this->localMachineHelper->useTty() && $hidden);
$question->setHiddenFallback($hidden);
if (isset($normalizer)) {
Expand Down
8 changes: 4 additions & 4 deletions tests/phpunit/src/Application/KernelTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -60,10 +60,10 @@ private function getEnd(): string {
archive
archive:export Export an archive of the Drupal application including code, files, and database
auth
auth:acsf-login Register your Site Factory API key and secret to use API functionality
auth:acsf-logout Remove your Site Factory key and secret from your local machine.
auth:login [login] Register your Cloud API key and secret to use API functionality
auth:logout [logout] Remove Cloud API key and secret from local machine.
auth:acsf-login Register Acquia Site Factory API credentials
auth:acsf-logout Remove Acquia Site Factory API credentials
auth:login [login] Register Acquia Cloud API credentials
auth:logout [logout] Remove Acquia Cloud API credentials
codestudio
codestudio:php-version Change the PHP version in Code Studio
codestudio:wizard [cs:wizard] Create and/or configure a new Code Studio project for a given Acquia Cloud application
Expand Down
56 changes: 32 additions & 24 deletions tests/phpunit/src/Commands/Auth/AuthLogoutCommandTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
use Acquia\Cli\Command\Auth\AuthLogoutCommand;
use Acquia\Cli\Config\CloudDataConfig;
use Acquia\Cli\DataStore\CloudDataStore;
use Acquia\Cli\Exception\AcquiaCliException;
use Acquia\Cli\Tests\CommandTestBase;
use Symfony\Component\Console\Command\Command;

Expand All @@ -19,36 +20,43 @@ protected function createCommand(): Command {
return $this->injectCommand(AuthLogoutCommand::class);
}

/**
* @return array<mixed>
*/
public function providerTestAuthLogoutCommand(): array {
return [
[FALSE, []],
[
TRUE,
// Are you sure you'd like to remove your Cloud API login credentials from this machine?
['y'],
],
];
public function testAuthLogoutCommand(): void {
$this->executeCommand();
$output = $this->getDisplay();
$this->assertFileExists($this->cloudConfigFilepath);
$config = new CloudDataStore($this->localMachineHelper, new CloudDataConfig(), $this->cloudConfigFilepath);
$this->assertFalse($config->exists('acli_key'));
$this->assertEmpty($config->get('keys'));
$this->assertStringContainsString('The active Acquia Cloud API credentials were deleted', $output);
}

public function testAuthLogoutCommandNotAuthenticated(): void {
$this->clientServiceProphecy->isMachineAuthenticated()->willReturn(FALSE);
$this->removeMockCloudConfigFile();

$this->expectException(AcquiaCliException::class);
$this->expectExceptionMessage('You are not authenticated and therefore cannot logout');
$this->executeCommand();
}

public function testAuthLogoutCommandNoDeleteArg(): void {
$this->executeCommand(['--no-delete' => TRUE]);
$output = $this->getDisplay();
$this->assertFileExists($this->cloudConfigFilepath);
$config = new CloudDataStore($this->localMachineHelper, new CloudDataConfig(), $this->cloudConfigFilepath);
$this->assertFalse($config->exists('acli_key'));
$this->assertNotEmpty($config->get('keys'));
$this->assertStringContainsString('The active Acquia Cloud API credentials were unset', $output);
}

/**
* @dataProvider providerTestAuthLogoutCommand
* @param array $inputs
*/
public function testAuthLogoutCommand(bool $machineIsAuthenticated, array $inputs): void {
if (!$machineIsAuthenticated) {
$this->clientServiceProphecy->isMachineAuthenticated()->willReturn(FALSE);
$this->removeMockCloudConfigFile();
}

$this->executeCommand([], $inputs);
public function testAuthLogoutCommandNoDeleteInput(): void {
$this->executeCommand([], ['n']);
$output = $this->getDisplay();
// Assert creds are removed locally.
$this->assertFileExists($this->cloudConfigFilepath);
$config = new CloudDataStore($this->localMachineHelper, new CloudDataConfig(), $this->cloudConfigFilepath);
$this->assertFalse($config->exists('acli_key'));
$this->assertNotEmpty($config->get('keys'));
$this->assertStringContainsString('The active Acquia Cloud API credentials were unset', $output);
}

}

0 comments on commit 7fe3b44

Please sign in to comment.