[rubygems/rubygems] Display mfa warnings on gem signin
https://github.com/rubygems/rubygems/commit/4dc77b7099 Co-authored-by: Jenny Shen <jenny.shen@shopify.com>
This commit is contained in:
parent
e199ae3edc
commit
244bda7efd
@ -163,8 +163,12 @@ module Gem::GemcutterUtilities
|
||||
|
||||
key_name = get_key_name(scope)
|
||||
scope_params = get_scope_params(scope)
|
||||
mfa_params = get_mfa_params(email, password)
|
||||
profile = get_user_profile(email, password)
|
||||
mfa_params = get_mfa_params(profile)
|
||||
all_params = scope_params.merge(mfa_params)
|
||||
warning = profile["warning"]
|
||||
|
||||
say "#{warning}\n" if warning
|
||||
|
||||
response = rubygems_api_request(:post, "api/v1/api_key",
|
||||
sign_in_host, scope: scope) do |request|
|
||||
@ -273,10 +277,20 @@ module Gem::GemcutterUtilities
|
||||
self.host == Gem::DEFAULT_HOST
|
||||
end
|
||||
|
||||
def get_mfa_params(email, password)
|
||||
def get_user_profile(email, password)
|
||||
return {} unless default_host?
|
||||
|
||||
mfa_level = get_user_mfa_level(email, password)
|
||||
response = rubygems_api_request(:get, "api/v1/profile/me.yaml") do |request|
|
||||
request.basic_auth email, password
|
||||
end
|
||||
|
||||
with_response response do |resp|
|
||||
Gem::SafeYAML.load clean_text(resp.body)
|
||||
end
|
||||
end
|
||||
|
||||
def get_mfa_params(profile)
|
||||
mfa_level = profile["mfa"]
|
||||
params = {}
|
||||
if mfa_level == "ui_only" || mfa_level == "ui_and_gem_signin"
|
||||
selected = ask_yes_no("Would you like to enable MFA for this key? (strongly recommended)")
|
||||
@ -285,17 +299,6 @@ module Gem::GemcutterUtilities
|
||||
params
|
||||
end
|
||||
|
||||
def get_user_mfa_level(email, password)
|
||||
response = rubygems_api_request(:get, "api/v1/profile/me.yaml") do |request|
|
||||
request.basic_auth email, password
|
||||
end
|
||||
|
||||
with_response response do |resp|
|
||||
body = Gem::SafeYAML.load clean_text(resp.body)
|
||||
body["mfa"]
|
||||
end
|
||||
end
|
||||
|
||||
def get_key_name(scope)
|
||||
hostname = Socket.gethostname || "unknown-host"
|
||||
user = ENV["USER"] || ENV["USERNAME"] || "unknown-user"
|
||||
|
@ -159,6 +159,20 @@ class TestGemCommandsSigninCommand < Gem::TestCase
|
||||
assert_equal api_key, credentials[:rubygems_api_key]
|
||||
end
|
||||
|
||||
def test_execute_with_warnings
|
||||
email = "you@example.com"
|
||||
password = "secret"
|
||||
api_key = "1234"
|
||||
fetcher = Gem::RemoteFetcher.fetcher
|
||||
mfa_level = "disabled"
|
||||
warning = "/[WARNING/] For protection of your account and gems"
|
||||
|
||||
key_name_ui = Gem::MockGemUi.new "#{email}\n#{password}\ntest-key\n\ny\n\n\n\n\n\ny"
|
||||
util_capture(key_name_ui, nil, api_key, fetcher, mfa_level, warning) { @cmd.execute }
|
||||
|
||||
assert_match warning, key_name_ui.output
|
||||
end
|
||||
|
||||
def test_execute_on_gemserver_without_profile_me_endpoint
|
||||
host = "http://some-gemcutter-compatible-host.org"
|
||||
|
||||
@ -193,10 +207,10 @@ class TestGemCommandsSigninCommand < Gem::TestCase
|
||||
|
||||
# Utility method to capture IO/UI within the block passed
|
||||
|
||||
def util_capture(ui_stub = nil, host = nil, api_key = nil, fetcher = Gem::FakeFetcher.new, mfa_level = "disabled")
|
||||
def util_capture(ui_stub = nil, host = nil, api_key = nil, fetcher = Gem::FakeFetcher.new, mfa_level = "disabled", warning = nil)
|
||||
api_key ||= "a5fdbb6ba150cbb83aad2bb2fede64cf040453903"
|
||||
response = [api_key, 200, "OK"]
|
||||
profile_response = [ "mfa: #{mfa_level}\n" , 200, "OK"]
|
||||
profile_response = [ "mfa: #{mfa_level}\nwarning: #{warning}" , 200, "OK"]
|
||||
email = "you@example.com"
|
||||
password = "secret"
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user