pijul/pijul - Change 574FXSXKJF6OVHKHGIFKRFNJOR6URJ23JSQQ47YGMN7XGRXDCSGAC

Create basic identity wizard

The identity wizard implemented here is a simple prototype of what will (hopefully) be a better way to manage keys in Pijul. For more information please see the Zulip discussion at https://pijul.zulipchat.com/#narrow/stream/270693-general/topic/Identity.20management

Created by finchie on April 22, 2022

574FXSXKJF6OVHKHGIFKRFNJOR6URJ23JSQQ47YGMN7XGRXDCSGAC

Dependencies

In discussions

#673 DRAFT: Improved identity management

Change contents

Replacement in pijul/src/main.rs at line 128 [6.83981]

B:BD[4.1] → [5.19:57]

B:BD[5.57] → [3.0:8]

∅:D[3.8] → [5.66:197]

B:BD[5.66] → [5.66:197]

∅:D[5.197] → [4.24:38]

B:BD[4.24] → [4.24:38]

    /// Key generation and management
    ///
    /// Pijul keys are separate from a user's SSH keys. More information
    /// can be found in the `Keys` section of the manual.
    Key(Key),

[4.1]

[7.25]

    /// Identity management
    /// 
    /// This is an experimental, interactive way of managing identities
    /// with an aim of simplifying the user experience
    IdentityWizard(IdentityWizard),

Replacement in pijul/src/main.rs at line 256 [6.83981]

∅:D[8.1027] → [4.39:88]

B:BD[9.64] → [4.39:88]

        SubCommand::Key(key) => key.run().await,

[8.1027]

[7.600]

        SubCommand::IdentityWizard(identity_wizard) => identity_wizard.run().await,

Replacement in pijul/src/commands/mod.rs at line 59 [6.133619]
B:BD[10.91] → [4.2522:2547]
```
mod key;
pub use key::*;
```
[10.91]
[4.2547]
```
mod identity_wizard;
pub use identity_wizard::*;
```

File addition: identity_wizard.rs (----------)

[6.93386]

use std::io::Write;
use clap::Parser;
use dialoguer::{Confirm, Input};
use lazy_static::lazy_static;
use regex::Regex;
use crate::key;
const IDENTITY_MESSAGE: &str = "It doesn't look like you have any keys configured!
Each author in Pijul is identified by a unique key to provide greater security & flexibility over names/emails.
To make sure humans (including you!) can easily identify these keys, we need a few personal details.
For more information see https://pijul.org/manual/keys.html";
lazy_static! {
    // Email regex taken from https://emailregex.com/
    static ref EMAIL: Regex = Regex::new(
        r#"(^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)"#
    ).unwrap();
}
struct RemoteAccount {
    user_name: String,
    remote_url: String,
}
struct IdentityConfig {
    identity_name: String,
    full_name: String,
    email: Option<String>,
    remote_account: Option<RemoteAccount>,
}
/// A representation of the state of the user's current identities
#[derive(Debug)]
struct IdentityStateOnDisk {
    /// The configuration directory itself
    config_dir: bool,
    /// The file secretkey.json
    secret_key: bool,
    /// The file publickey.json
    public_key: bool,
    /// At least one identity exists in the identies directory
    one_identity: bool,
}
impl IdentityStateOnDisk {
    fn has_keys(&self) -> bool {
        self.secret_key && self.public_key
    }
    fn full_identity(&self) -> bool {
        self.has_keys() && self.one_identity
    }
}
/// Test if all the required configuration files exist
fn get_identities() -> Result<IdentityStateOnDisk, anyhow::Error> {
    let config_dir = crate::config::global_config_dir().unwrap();
    let identities_dir = config_dir.join("identities").exists();
    Ok(IdentityStateOnDisk {
        config_dir: config_dir.exists(),
        secret_key: config_dir.join("secretkey.json").exists(),
        public_key: config_dir.join("publickey.json").exists(),
        one_identity: if identities_dir {
            config_dir.join("identities").read_dir()?.next().is_some()
        } else {
            false
        },
    })
}
fn create_identity() -> Result<IdentityConfig, anyhow::Error> {
    let mut stderr = std::io::stderr();
    writeln!(stderr, "{IDENTITY_MESSAGE}")?;
    let identity_name: String = Input::new()
        .with_prompt("Identity name")
        .default(whoami::username())
        .interact_text()?;
    let full_name: String = Input::new()
        .with_prompt("Full name")
        .default(whoami::realname())
        .interact_text()?;
    let user_email: String = Input::new()
        .with_prompt("Email (leave blank for none)")
        .allow_empty(true)
        .validate_with(move |input: &String| -> Result<(), &str> {
            if input.is_empty() {
                return Ok(());
            }
            if EMAIL.is_match(&input) {
                Ok(())
            } else {
                Err("Invalid email address")
            }
        })
        .interact_text()?;
    let email: Option<String> = if user_email.len() > 0 {
        Some(user_email)
    } else {
        None
    };
    let link_remote: bool = Confirm::new()
        .with_prompt("Do you want to link this key to a remote?")
        .default(true)
        .interact()?;
    let remote_account: Option<RemoteAccount> = if link_remote {
        Some(RemoteAccount {
            user_name: Input::new()
                .with_prompt("Remote username")
                .default(identity_name.clone())
                .interact_text()?,
            remote_url: Input::new()
                .with_prompt("Remote URL")
                .default(String::from("ssh.pijul.com"))
                .interact_text()?,
        })
    } else {
        None
    };
    Ok(IdentityConfig {
        identity_name,
        full_name,
        email,
        remote_account,
    })
}
#[derive(Parser, Debug)]
pub struct IdentityWizard {}
impl IdentityWizard {
    pub async fn run(self) -> Result<(), anyhow::Error> {
        // Check the user's filesystem to figure out if any identities exist
        let identity_state = get_identities()?;
        let mut stderr = std::io::stderr();
        if !identity_state.full_identity() {
            // User has not set up an identity
            let identity = create_identity()?;
            writeln!(stderr, "Generating key pair with name: {}", identity.identity_name)?;
            key::generate(identity.email, identity.identity_name)?;
            
            if let Some(account) = identity.remote_account {
                let remote = format!("{}@{}", account.user_name, account.remote_url);
                writeln!(stderr, "Linking identity with remote: {remote}")?;
                key::prove(false, remote).await?;
            }
        } else {
            let mut stderr = std::io::stderr();
            writeln!(stderr, "There is nothing to do")?;
        }
        Ok(())
    }
}

Insertion in pijul/Cargo.toml at line 95 [6.196374]
[2.1960]
[11.309]
```
dialoguer = "0.10.0"
```

Insertion in Cargo.lock at line 311 [6.1030385]

[12.3753]

[12.3977]

name = "console"
version = "0.15.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a28b32d32ca44b70c3e4acd7db1babf555fa026e385fb95f18028f88848b3c31"
dependencies = [
 "encode_unicode",
 "libc",
 "once_cell",
 "regex",
 "terminal_size",
 "unicode-width",
 "winapi",
]
[[package]]

Insertion in Cargo.lock at line 474 [6.1030385]

[13.3893]


[[package]]
name = "dialoguer"
version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "349d6b4fabcd9e97e1df1ae15395ac7e49fb144946a0d453959dc2696273b9da"
dependencies = [
 "console",
 "tempfile",
 "zeroize",
]

Insertion in Cargo.lock at line 595 [6.1030385]

[12.9911]

name = "encode_unicode"
version = "0.3.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a357d28ed41a50f9c765dbfe56cbc04a64e53e5fc58ba79fbc34c10ef3df831f"
[[package]]

Insertion in Cargo.lock at line 1594 [6.1030385]
[12.33661]
[12.33661]
```
 "dialoguer",
```

Insertion in Cargo.lock at line 2491 [6.1030385]

[12.54973]

[12.55170]

name = "unicode-width"
version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3ed742d4ea2bd1176e236172c8429aaf54486e7ac098db29ffe6529e0ce50973"