public-mirrors/composer
1
0
Fork 0
mirror of https://github.com/composer/composer synced 2025-05-10 09:02:59 +00:00
Code Activity
composer/src/Composer/Util/GitHub.php
Jordi Boggiano ac497feaba CS fixes
2014-06-10 16:13:12 +02:00

197 lines
7.7 KiB
PHP
Raw Blame History

<?php
/*
* This file is part of Composer.
*
* (c) Nils Adermann <naderman@naderman.de>
* Jordi Boggiano <j.boggiano@seld.be>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Composer\Util;
use Composer\IO\IOInterface;
use Composer\Config;
use Composer\Downloader\TransportException;
use Composer\Json\JsonFile;
/**
* @author Jordi Boggiano <j.boggiano@seld.be>
*/
class GitHub
{
protected $io;
protected $config;
protected $process;
protected $remoteFilesystem;
/**
* Constructor.
*
* @param IOInterface $io The IO instance
* @param Config $config The composer configuration
* @param ProcessExecutor $process Process instance, injectable for mocking
* @param RemoteFilesystem $remoteFilesystem Remote Filesystem, injectable for mocking
*/
public function __construct(IOInterface $io, Config $config, ProcessExecutor $process = null, RemoteFilesystem $remoteFilesystem = null)
{
$this->io = $io;
$this->config = $config;
$this->process = $process ?: new ProcessExecutor;
$this->remoteFilesystem = $remoteFilesystem ?: new RemoteFilesystem($io, $config);
}
/**
* Attempts to authorize a GitHub domain via OAuth
*
* @param string $originUrl The host this GitHub instance is located at
* @return bool true on success
*/
public function authorizeOAuth($originUrl)
{
if (!in_array($originUrl, $this->config->get('github-domains'))) {
return false;
}
// if available use token from git config
if (0 === $this->process->execute('git config github.accesstoken', $output)) {
$this->io->setAuthentication($originUrl, trim($output), 'x-oauth-basic');
return true;
}
return false;
}
/**
* Authorizes a GitHub domain interactively via OAuth
*
* @param string $originUrl The host this GitHub instance is located at
* @param string $message The reason this authorization is required
* @throws \RuntimeException
* @throws TransportException|\Exception
* @return bool true on success
*/
public function authorizeOAuthInteractively($originUrl, $message = null)
{
$attemptCounter = 0;
$apiUrl = ('github.com' === $originUrl) ? 'api.github.com' : $originUrl . '/api/v3';
if ($message) {
$this->io->write($message);
}
$this->io->write('The credentials will be swapped for an OAuth token stored in '.$this->config->getAuthConfigSource()->getName().', your password will not be stored');
$this->io->write('To revoke access to this token you can visit https://github.com/settings/applications');
while ($attemptCounter++ < 5) {
try {
if (empty($otp) || !$this->io->hasAuthentication($originUrl)) {
$username = $this->io->ask('Username: ');
$password = $this->io->askAndHideAnswer('Password: ');
$otp = null;
$this->io->setAuthentication($originUrl, $username, $password);
}
// build up OAuth app name
$appName = 'Composer';
if (0 === $this->process->execute('hostname', $output)) {
$appName .= ' on ' . trim($output);
}
$headers = array();
if ($otp) {
$headers = array('X-GitHub-OTP: ' . $otp);
}
// try retrieving an existing token with the same name
$contents = null;
$auths = JsonFile::parseJson($this->remoteFilesystem->getContents($originUrl, 'https://'. $apiUrl . '/authorizations', false, array(
'retry-auth-failure' => false,
'http' => array(
'header' => $headers
)
)));
foreach ($auths as $auth) {
if (
isset($auth['app']['name'])
&& 0 === strpos($auth['app']['name'], $appName)
&& $auth['app']['url'] === 'https://getcomposer.org/'
) {
$this->io->write('An existing OAuth token for Composer is present and will be reused');
$contents['token'] = $auth['token'];
break;
}
}
// no existing token, create one
if (empty($contents['token'])) {
$headers[] = 'Content-Type: application/json';
$contents = JsonFile::parseJson($this->remoteFilesystem->getContents($originUrl, 'https://'. $apiUrl . '/authorizations', false, array(
'retry-auth-failure' => false,
'http' => array(
'method' => 'POST',
'follow_location' => false,
'header' => $headers,
'content' => json_encode(array(
'scopes' => array('repo'),
'note' => $appName,
'note_url' => 'https://getcomposer.org/',
)),
)
)));
$this->io->write('Token successfully created');
}
} catch (TransportException $e) {
if (in_array($e->getCode(), array(403, 401))) {
// 401 when authentication was supplied, handle 2FA if required.
if ($this->io->hasAuthentication($originUrl)) {
$headerNames = array_map(function ($header) {
return strtolower(strstr($header, ':', true));
}, $e->getHeaders());
if ($key = array_search('x-github-otp', $headerNames)) {
$headers = $e->getHeaders();
list($required, $method) = array_map('trim', explode(';', substr(strstr($headers[$key], ':'), 1)));
if ('required' === $required) {
$this->io->write('Two-factor Authentication');
if ('app' === $method) {
$this->io->write('Open the two-factor authentication app on your device to view your authentication code and verify your identity.');
}
if ('sms' === $method) {
$this->io->write('You have been sent an SMS message with an authentication code to verify your identity.');
}
$otp = $this->io->ask('Authentication Code: ');
continue;
}
}
}
$this->io->write('Invalid credentials.');
continue;
}
throw $e;
}
$this->io->setAuthentication($originUrl, $contents['token'], 'x-oauth-basic');
// store value in user config
$this->config->getConfigSource()->removeConfigSetting('github-oauth.'.$originUrl);
$this->config->getAuthConfigSource()->addConfigSetting('github-oauth.'.$originUrl, $contents['token']);
return true;
}
throw new \RuntimeException("Invalid GitHub credentials 5 times in a row, aborting.");
}
}
View git blame Copy permalink