[rubygems/rubygems] Display mfa warnings on gem signin

https://github.com/rubygems/rubygems/commit/4dc77b7099

Co-authored-by: Jenny Shen <jenny.shen@shopify.com>
This commit is contained in:
Ashley Ellis Pierce 2022-07-22 13:11:52 -04:00 committed by git
parent e199ae3edc
commit 244bda7efd
2 changed files with 33 additions and 16 deletions

View File

@ -163,8 +163,12 @@ module Gem::GemcutterUtilities
key_name = get_key_name(scope)
scope_params = get_scope_params(scope)
mfa_params = get_mfa_params(email, password)
profile = get_user_profile(email, password)
mfa_params = get_mfa_params(profile)
all_params = scope_params.merge(mfa_params)
warning = profile["warning"]
say "#{warning}\n" if warning
response = rubygems_api_request(:post, "api/v1/api_key",
sign_in_host, scope: scope) do |request|
@ -273,10 +277,20 @@ module Gem::GemcutterUtilities
self.host == Gem::DEFAULT_HOST
end
def get_mfa_params(email, password)
def get_user_profile(email, password)
return {} unless default_host?
mfa_level = get_user_mfa_level(email, password)
response = rubygems_api_request(:get, "api/v1/profile/me.yaml") do |request|
request.basic_auth email, password
end
with_response response do |resp|
Gem::SafeYAML.load clean_text(resp.body)
end
end
def get_mfa_params(profile)
mfa_level = profile["mfa"]
params = {}
if mfa_level == "ui_only" || mfa_level == "ui_and_gem_signin"
selected = ask_yes_no("Would you like to enable MFA for this key? (strongly recommended)")
@ -285,17 +299,6 @@ module Gem::GemcutterUtilities
params
end
def get_user_mfa_level(email, password)
response = rubygems_api_request(:get, "api/v1/profile/me.yaml") do |request|
request.basic_auth email, password
end
with_response response do |resp|
body = Gem::SafeYAML.load clean_text(resp.body)
body["mfa"]
end
end
def get_key_name(scope)
hostname = Socket.gethostname || "unknown-host"
user = ENV["USER"] || ENV["USERNAME"] || "unknown-user"

View File

@ -159,6 +159,20 @@ class TestGemCommandsSigninCommand < Gem::TestCase
assert_equal api_key, credentials[:rubygems_api_key]
end
def test_execute_with_warnings
email = "you@example.com"
password = "secret"
api_key = "1234"
fetcher = Gem::RemoteFetcher.fetcher
mfa_level = "disabled"
warning = "/[WARNING/] For protection of your account and gems"
key_name_ui = Gem::MockGemUi.new "#{email}\n#{password}\ntest-key\n\ny\n\n\n\n\n\ny"
util_capture(key_name_ui, nil, api_key, fetcher, mfa_level, warning) { @cmd.execute }
assert_match warning, key_name_ui.output
end
def test_execute_on_gemserver_without_profile_me_endpoint
host = "http://some-gemcutter-compatible-host.org"
@ -193,10 +207,10 @@ class TestGemCommandsSigninCommand < Gem::TestCase
# Utility method to capture IO/UI within the block passed
def util_capture(ui_stub = nil, host = nil, api_key = nil, fetcher = Gem::FakeFetcher.new, mfa_level = "disabled")
def util_capture(ui_stub = nil, host = nil, api_key = nil, fetcher = Gem::FakeFetcher.new, mfa_level = "disabled", warning = nil)
api_key ||= "a5fdbb6ba150cbb83aad2bb2fede64cf040453903"
response = [api_key, 200, "OK"]
profile_response = [ "mfa: #{mfa_level}\n" , 200, "OK"]
profile_response = [ "mfa: #{mfa_level}\nwarning: #{warning}" , 200, "OK"]
email = "you@example.com"
password = "secret"