NotificationsYou must be signed in to change notification settings
Fork1.1k
Star11.6k

Commit9922240

authored

feat: enable masking password inputs instead of blocking echo (#17469)

1 parent614a7d0 commit9922240Copy full SHA for 9922240

File tree

4 files changed

+116

-26

lines changed

4 files changed

+116

-26

lines changed

`‎cli/cliui/prompt.go‎`

Lines changed: 65 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,26 +1,29 @@`
`1`	`1`	`package cliui`
`2`	`2`
`3`	`3`	`import (`
	`4`	`+"bufio"`
`4`	`5`	`"bytes"`
`5`	`6`	`"encoding/json"`
`6`	`7`	`"fmt"`
`7`	`8`	`"io"`
`8`	`9`	`"os"`
`9`	`10`	`"os/signal"`
`10`	`11`	`"strings"`
	`12`	`+"unicode"`
`11`	`13`
`12`		`-"github.com/bgentry/speakeasy"`
`13`	`14`	`"github.com/mattn/go-isatty"`
`14`	`15`	`"golang.org/x/xerrors"`
`15`	`16`
	`17`	`+"github.com/coder/coder/v2/pty"`
`16`	`18`	`"github.com/coder/pretty"`
`17`	`19`	`"github.com/coder/serpent"`
`18`	`20`	`)`
`19`	`21`
`20`	`22`	`// PromptOptions supply a set of options to the prompt.`
`21`	`23`	`typePromptOptionsstruct {`
`22`		`-Textstring`
`23`		`-Defaultstring`
	`24`	`+Textstring`
	`25`	`+Defaultstring`
	`26`	`+// When true, the input will be masked with asterisks.`
`24`	`27`	`Secretbool`
`25`	`28`	`IsConfirmbool`
`26`	`29`	`Validatefunc(string)error`
`@@ -88,14 +91,13 @@ func Prompt(inv *serpent.Invocation, opts PromptOptions) (string, error) {`
`88`	`91`	`varlinestring`
`89`	`92`	`varerrerror`
`90`	`93`
	`94`	`+signal.Notify(interrupt,os.Interrupt)`
	`95`	`+defersignal.Stop(interrupt)`
	`96`	`+`
`91`	`97`	`inFile,isInputFile:=inv.Stdin.(*os.File)`
`92`	`98`	`ifopts.Secret&&isInputFile&&isatty.IsTerminal(inFile.Fd()) {`
`93`		`-// we don't install a signal handler here because speakeasy has its own`
`94`		`-line,err=speakeasy.Ask("")`
	`99`	`+line,err=readSecretInput(inFile,inv.Stdout)`
`95`	`100`	`}else {`
`96`		`-signal.Notify(interrupt,os.Interrupt)`
`97`		`-defersignal.Stop(interrupt)`
`98`		`-`
`99`	`101`	`line,err=readUntil(inv.Stdin,'\n')`
`100`	`102`
`101`	`103`	`// Check if the first line beings with JSON object or array chars.`
`@@ -204,3 +206,58 @@ func readUntil(r io.Reader, delim byte) (string, error) {`
`204`	`206`	`}`
`205`	`207`	`}`
`206`	`208`	`}`
	`209`	`+`
	`210`	`+// readSecretInput reads secret input from the terminal rune-by-rune,`
	`211`	`+// masking each character with an asterisk.`
	`212`	`+funcreadSecretInput(f*os.File,w io.Writer) (string,error) {`
	`213`	`+// Put terminal into raw mode (no echo, no line buffering).`
	`214`	`+oldState,err:=pty.MakeInputRaw(f.Fd())`
	`215`	`+iferr!=nil {`
	`216`	`+return"",err`
	`217`	`+}`
	`218`	`+deferfunc() {`
	`219`	`+_=pty.RestoreTerminal(f.Fd(),oldState)`
	`220`	`+}()`
	`221`	`+`
	`222`	`+reader:=bufio.NewReader(f)`
	`223`	`+varrunes []rune`
	`224`	`+`
	`225`	`+for {`
	`226`	`+r,_,err:=reader.ReadRune()`
	`227`	`+iferr!=nil {`
	`228`	`+return"",err`
	`229`	`+}`
	`230`	`+`
	`231`	`+switch {`
	`232`	`+caser=='\r'\|\|r=='\n':`
	`233`	`+// Finish on Enter`
	`234`	`+if_,err:=fmt.Fprint(w,"\r\n");err!=nil {`
	`235`	`+return"",err`
	`236`	`+}`
	`237`	`+returnstring(runes),nil`
	`238`	`+`
	`239`	`+caser==3:`
	`240`	`+// Ctrl+C`
	`241`	`+return"",ErrCanceled`
	`242`	`+`
	`243`	`+caser==127\|\|r=='\b':`
	`244`	`+// Backspace/Delete: remove last rune`
	`245`	`+iflen(runes)>0 {`
	`246`	`+// Erase the last '*' on the screen`
	`247`	`+if_,err:=fmt.Fprint(w,"\b\b");err!=nil {`
	`248`	`+return"",err`
	`249`	`+}`
	`250`	`+runes=runes[:len(runes)-1]`
	`251`	`+}`
	`252`	`+`
	`253`	`+default:`
	`254`	`+// Only mask printable, non-control runes`
	`255`	`+if!unicode.IsControl(r) {`
	`256`	`+runes=append(runes,r)`
	`257`	`+if_,err:=fmt.Fprint(w,"*");err!=nil {`
	`258`	`+return"",err`
	`259`	`+}`
	`260`	`+}`
	`261`	`+}`
	`262`	`+}`
	`263`	`+}`

`‎cli/cliui/prompt_test.go‎`

Lines changed: 51 additions & 15 deletions

Original file line number	Diff line number	Diff line change
`@@ -6,14 +6,14 @@ import (`
`6`	`6`	`"io"`
`7`	`7`	`"os"`
`8`	`8`	`"os/exec"`
	`9`	`+"runtime"`
`9`	`10`	`"testing"`
`10`	`11`
`11`	`12`	`"github.com/stretchr/testify/assert"`
`12`	`13`	`"github.com/stretchr/testify/require"`
`13`	`14`	`"golang.org/x/xerrors"`
`14`	`15`
`15`	`16`	`"github.com/coder/coder/v2/cli/cliui"`
`16`		`-"github.com/coder/coder/v2/pty"`
`17`	`17`	`"github.com/coder/coder/v2/pty/ptytest"`
`18`	`18`	`"github.com/coder/coder/v2/testutil"`
`19`	`19`	`"github.com/coder/serpent"`
`@@ -181,6 +181,48 @@ func TestPrompt(t *testing.T) {`
`181`	`181`	`resp:=testutil.TryReceive(ctx,t,doneChan)`
`182`	`182`	`require.Equal(t,"valid",resp)`
`183`	`183`	`})`
	`184`	`+`
	`185`	`+t.Run("MaskedSecret",func(t*testing.T) {`
	`186`	`+t.Parallel()`
	`187`	`+ctx:=testutil.Context(t,testutil.WaitShort)`
	`188`	`+ptty:=ptytest.New(t)`
	`189`	`+doneChan:=make(chanstring)`
	`190`	`+gofunc() {`
	`191`	`+resp,err:=newPrompt(ctx,ptty, cliui.PromptOptions{`
	`192`	`+Text:"Password:",`
	`193`	`+Secret:true,`
	`194`	`+},nil)`
	`195`	`+assert.NoError(t,err)`
	`196`	`+doneChan<-resp`
	`197`	`+}()`
	`198`	`+ptty.ExpectMatch("Password: ")`
	`199`	`+`
	`200`	`+ptty.WriteLine("test")`
	`201`	`+`
	`202`	`+resp:=testutil.TryReceive(ctx,t,doneChan)`
	`203`	`+require.Equal(t,"test",resp)`
	`204`	`+})`
	`205`	`+`
	`206`	`+t.Run("UTF8Password",func(t*testing.T) {`
	`207`	`+t.Parallel()`
	`208`	`+ctx:=testutil.Context(t,testutil.WaitShort)`
	`209`	`+ptty:=ptytest.New(t)`
	`210`	`+doneChan:=make(chanstring)`
	`211`	`+gofunc() {`
	`212`	`+resp,err:=newPrompt(ctx,ptty, cliui.PromptOptions{`
	`213`	`+Text:"Password:",`
	`214`	`+Secret:true,`
	`215`	`+},nil)`
	`216`	`+assert.NoError(t,err)`
	`217`	`+doneChan<-resp`
	`218`	`+}()`
	`219`	`+ptty.ExpectMatch("Password: ")`
	`220`	`+`
	`221`	`+ptty.WriteLine("和製漢字")`
	`222`	`+`
	`223`	`+resp:=testutil.TryReceive(ctx,t,doneChan)`
	`224`	`+require.Equal(t,"和製漢字",resp)`
	`225`	`+})`
`184`	`226`	`}`
`185`	`227`
`186`	`228`	`funcnewPrompt(ctx context.Context,pttyptytest.PTY,opts cliui.PromptOptions,invOptfunc(invserpent.Invocation)) (string,error) {`
`@@ -209,13 +251,12 @@ func TestPasswordTerminalState(t *testing.T) {`
`209`	`251`	`passwordHelper()`
`210`	`252`	`return`
`211`	`253`	`}`
	`254`	`+ifruntime.GOOS=="windows" {`
	`255`	`+t.Skip("Skipping on windows. PTY doesn't read ptty.Write correctly.")`
	`256`	`+}`
`212`	`257`	`t.Parallel()`
`213`	`258`
`214`	`259`	`ptty:=ptytest.New(t)`
`215`		`-ptyWithFlags,ok:=ptty.PTY.(pty.WithFlags)`
`216`		`-if!ok {`
`217`		`-t.Skip("unable to check PTY local echo on this platform")`
`218`		`-}`
`219`	`260`
`220`	`261`	`cmd:=exec.Command(os.Args[0],"-test.run=TestPasswordTerminalState")//nolint:gosec`
`221`	`262`	`cmd.Env=append(os.Environ(),"TEST_SUBPROCESS=1")`
`@@ -229,21 +270,16 @@ func TestPasswordTerminalState(t *testing.T) {`
`229`	`270`	`deferprocess.Kill()`
`230`	`271`
`231`	`272`	`ptty.ExpectMatch("Password: ")`
`232`		`-`
`233`		`-require.Eventually(t,func()bool {`
`234`		`-echo,err:=ptyWithFlags.EchoEnabled()`
`235`		`-returnerr==nil&&!echo`
`236`		`-},testutil.WaitShort,testutil.IntervalMedium,"echo is on while reading password")`
	`273`	`+ptty.Write('t')`
	`274`	`+ptty.Write('e')`
	`275`	`+ptty.Write('s')`
	`276`	`+ptty.Write('t')`
	`277`	`+ptty.ExpectMatch("****")`
`237`	`278`
`238`	`279`	`err=process.Signal(os.Interrupt)`
`239`	`280`	`require.NoError(t,err)`
`240`	`281`	`_,err=process.Wait()`
`241`	`282`	`require.NoError(t,err)`
`242`		`-`
`243`		`-require.Eventually(t,func()bool {`
`244`		`-echo,err:=ptyWithFlags.EchoEnabled()`
`245`		`-returnerr==nil&&echo`
`246`		`-},testutil.WaitShort,testutil.IntervalMedium,"echo is off after reading password")`
`247`	`283`	`}`
`248`	`284`
`249`	`285`	`// nolint:unused`

`‎go.mod‎`

Lines changed: 0 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -83,7 +83,6 @@ require (`
`83`	`83`	`github.com/armon/circbufv0.0.0-20190214190532-5111143e8da2`
`84`	`84`	`github.com/awalterschulze/gographvizv2.0.3+incompatible`
`85`	`85`	`github.com/aws/smithy-gov1.22.3`
`86`		`-github.com/bgentry/speakeasyv0.2.0`
`87`	`86`	`github.com/bramvdbogaerde/go-scpv1.5.0`
`88`	`87`	`github.com/briandowns/spinnerv1.23.0`
`89`	`88`	`github.com/cakturk/go-netstatv0.0.0-20200220111822-e5b49efee7a5`

`‎go.sum‎`

Lines changed: 0 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -815,8 +815,6 @@ github.com/bep/tmc v0.5.1/go.mod h1:tGYHN8fS85aJPhDLgXETVKp+PR382OvFi2+q2GkGsq0=`
`815`	`815`	`github.com/bgentry/go-netrcv0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas=`
`816`	`816`	`github.com/bgentry/go-netrcv0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4=`
`817`	`817`	`github.com/bgentry/speakeasyv0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=`
`818`		`-github.com/bgentry/speakeasyv0.2.0 h1:tgObeVOf8WAvtuAX6DhJ4xks4CFNwPDZiqzGqIHE51E=`
`819`		`-github.com/bgentry/speakeasyv0.2.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=`
`820`	`818`	`github.com/bmatcuk/doublestar/v4v4.8.1 h1:54Bopc5c2cAvhLRAzqOGCYHYyhcDHsFF4wWIR5wKP38=`
`821`	`819`	`github.com/bmatcuk/doublestar/v4v4.8.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=`
`822`	`820`	`github.com/bool64/sharedv0.1.5 h1:fp3eUhBsrSjNCQPcSdQqZxxh9bBwrYiZ+zOKFkM0/2E=`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit9922240

File tree

4 files changed

4 files changed

`‎cli/cliui/prompt.go‎`

`‎cli/cliui/prompt_test.go‎`

`‎go.mod‎`

`‎go.sum‎`

0 commit comments