Refactored config management strategy for spc

2025-12-14 05:17:22 +00:00 · 2019-06-02 01:47:19 -07:00 · 2019-06-02 01:47:19 -07:00 · 30e514cb88
commit 30e514cb88
parent 3d3206ddfe
10 changed files with 225 additions and 123 deletions
--- a/cli/commands/decrypt.go
+++ b/cli/commands/decrypt.go
@ -7,13 +7,13 @@ import (
 	"os"

 	"github.com/spf13/cobra"
-	"github.com/spf13/viper"

+	"github.com/mitchell/selfpass/cli/types"
 	"github.com/mitchell/selfpass/credentials/commands"
 	"github.com/mitchell/selfpass/crypto"
 )

-func makeDecrypt(masterpass string, cfg *viper.Viper) *cobra.Command {
+func makeDecrypt(repo types.ConfigRepo) *cobra.Command {
 	decryptCmd := &cobra.Command{
 		Use:   "decrypt [file]",
 		Short: "Decrypt a file using your masterpass and secret key",
@ -22,6 +22,9 @@ the new file.`,
 		Args: cobra.ExactArgs(1),

 		Run: func(cmd *cobra.Command, args []string) {
+			masterpass, cfg, err := repo.OpenConfig()
+			check(err)
+
 			file := args[0]
 			fileout := file

--- a/cli/commands/decrypt_cfg.go
+++ b/cli/commands/decrypt_cfg.go
@ -0,0 +1,24 @@
+package commands
+
+import (
+	"github.com/spf13/cobra"
+
+	"github.com/mitchell/selfpass/cli/types"
+)
+
+func makeDecryptCfg(repo types.ConfigRepo) *cobra.Command {
+	decryptCfg := &cobra.Command{
+		Use:   "decrypt-cfg",
+		Short: "Decrypt your config file",
+		Long:  "Decrypt your config file, so you can access your private key, host, and certs.",
+
+		Run: func(cmd *cobra.Command, args []string) {
+			_, _, err := repo.OpenConfig()
+			check(err)
+
+			repo.DecryptConfig()
+		},
+	}
+
+	return decryptCfg
+}
--- a/cli/commands/encrypt.go
+++ b/cli/commands/encrypt.go
@ -7,13 +7,13 @@ import (
 	"os"

 	"github.com/spf13/cobra"
-	"github.com/spf13/viper"

+	"github.com/mitchell/selfpass/cli/types"
 	"github.com/mitchell/selfpass/credentials/commands"
 	"github.com/mitchell/selfpass/crypto"
 )

-func makeEncrypt(masterpass string, cfg *viper.Viper) *cobra.Command {
+func makeEncrypt(repo types.ConfigRepo) *cobra.Command {
 	encryptCmd := &cobra.Command{
 		Use:   "encrypt [file]",
 		Short: "Encrypt a file using your masterpass and secret key",
@ -22,6 +22,9 @@ new file.`,
 		Args: cobra.ExactArgs(1),

 		Run: func(cmd *cobra.Command, args []string) {
+			masterpass, cfg, err := repo.OpenConfig()
+			check(err)
+
 			file := args[0]
 			fileEnc := file + ".enc"

--- a/cli/commands/init.go
+++ b/cli/commands/init.go
@ -8,13 +8,13 @@ import (
 	"github.com/google/uuid"
 	"github.com/mitchellh/go-homedir"
 	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
 	"gopkg.in/AlecAivazis/survey.v1"

+	"github.com/mitchell/selfpass/cli/types"
 	"github.com/mitchell/selfpass/credentials/commands"
 )

-func makeInit(cfg *viper.Viper) *cobra.Command {
+func makeInit(repo types.ConfigRepo) *cobra.Command {
 	initCmd := &cobra.Command{
 		Use:   "init",
 		Short: "This command initializes SPC for the first time",
@ -32,6 +32,7 @@ the users private key, and server certificates. (All of which will be encrypted)
 				prompt      survey.Prompt
 				privateKey  = strings.Replace(uuid.New().String(), "-", "", -1)
 			)
+			_, cfg, _ := repo.OpenConfig()

 			prompt = &survey.Password{Message: "New master password:"}
 			check(survey.AskOne(prompt, &masterpass, nil))
@ -42,6 +43,8 @@ the users private key, and server certificates. (All of which will be encrypted)
 				check(fmt.Errorf("master passwords didn't match"))
 			}

+			repo.SetMasterpass(masterpass)
+
 			prompt = &survey.Input{Message: "Selfpass server address:"}
 			check(survey.AskOne(prompt, &target, nil))

@ -49,7 +52,7 @@ the users private key, and server certificates. (All of which will be encrypted)
 			check(survey.AskOne(prompt, &hasPK, nil))

 			if hasPK {
-				prompt = &survey.Input{Message: "Private key:"}
+				prompt = &survey.Password{Message: "Private key:"}
 				check(survey.AskOne(prompt, &privateKey, nil))
 				privateKey = strings.Replace(privateKey, "-", "", -1)
 			}
@ -86,8 +89,6 @@ the users private key, and server certificates. (All of which will be encrypted)
 				cfg.SetConfigFile(home + "/.spc.toml")
 				fmt.Println("Wrote new config to: " + home + "/.spc.toml")
 			}
-
-			encryptConfig(masterpass, cfg)
 		},
 	}

--- a/cli/commands/root.go
+++ b/cli/commands/root.go
@ -3,21 +3,18 @@ package commands
 import (
 	"context"
 	"fmt"
-	"io/ioutil"
 	"os"
-	"strings"

-	"github.com/mitchellh/go-homedir"
 	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
-	"gopkg.in/AlecAivazis/survey.v1"

+	"github.com/mitchell/selfpass/cli/repositories"
+	"github.com/mitchell/selfpass/cli/types"
 	"github.com/mitchell/selfpass/credentials/commands"
+	credrepos "github.com/mitchell/selfpass/credentials/repositories"
 	credtypes "github.com/mitchell/selfpass/credentials/types"
-	"github.com/mitchell/selfpass/crypto"
 )

-func Execute(initClient credtypes.CredentialClientInit) {
+func Execute() {
 	rootCmd := &cobra.Command{
 		Use:   "spc",
 		Short: "This is the CLI client for Selfpass.",
@ -25,42 +22,31 @@ func Execute(initClient credtypes.CredentialClientInit) {
 can interact with the entire Selfpass API.`,
 		Version: "v0.1.0",
 	}
-	rootCmd.InitDefaultHelpFlag()
-	rootCmd.InitDefaultVersionFlag()

 	cfgFile := rootCmd.PersistentFlags().String("config", "", "config file (default is $HOME/.spc.toml)")
-	decryptCfg := rootCmd.Flags().Bool("decrypt-cfg", false, "decrypt config file")
-	check(rootCmd.ParseFlags(os.Args))
-	encryptCfg := !*decryptCfg

-	var masterpass string
-	var cfg *viper.Viper
-	needsCfg := (len(os.Args) > 1 && !strings.Contains(strings.Join(os.Args, "--"), "--help")) || *decryptCfg
+	mgr := repositories.NewConfigManager(cfgFile)
+	defer mgr.CloseConfig()

-	if needsCfg {
-		masterpass, cfg = openConfig(*cfgFile)
-		if encryptCfg && masterpass != "" {
-			defer encryptConfig(masterpass, cfg)
-		}
-		if *decryptCfg {
-			fmt.Println("Decrypting config file. It will auto-encrypt when you next run of spc.")
-			return
-		}
-	}
+	clientInit := credrepos.NewCredentialServiceClient

-	rootCmd.AddCommand(makeInit(cfg))
-	rootCmd.AddCommand(makeEncrypt(masterpass, cfg))
-	rootCmd.AddCommand(makeDecrypt(masterpass, cfg))
-	rootCmd.AddCommand(commands.MakeList(makeInitClient(cfg, initClient)))
-	rootCmd.AddCommand(commands.MakeCreate(masterpass, cfg, makeInitClient(cfg, initClient)))
-	rootCmd.AddCommand(commands.MakeGet(masterpass, cfg, makeInitClient(cfg, initClient)))
-	rootCmd.AddCommand(commands.MakeDelete(makeInitClient(cfg, initClient)))
+	rootCmd.AddCommand(makeInit(mgr))
+	rootCmd.AddCommand(makeEncrypt(mgr))
+	rootCmd.AddCommand(makeDecrypt(mgr))
+	rootCmd.AddCommand(makeDecryptCfg(mgr))
+	rootCmd.AddCommand(commands.MakeList(makeInitClient(mgr, clientInit)))
+	rootCmd.AddCommand(commands.MakeCreate(mgr, makeInitClient(mgr, clientInit)))
+	rootCmd.AddCommand(commands.MakeGet(mgr, makeInitClient(mgr, clientInit)))
+	rootCmd.AddCommand(commands.MakeDelete(makeInitClient(mgr, clientInit)))

 	check(rootCmd.Execute())
 }

-func makeInitClient(cfg *viper.Viper, initClient credtypes.CredentialClientInit) commands.CredentialClientInit {
+func makeInitClient(repo types.ConfigRepo, initClient credtypes.CredentialClientInit) commands.CredentialClientInit {
 	return func(ctx context.Context) credtypes.CredentialClient {
+		_, cfg, err := repo.OpenConfig()
+		check(err)
+
 		connConfig := cfg.GetStringMapString(keyConnConfig)

 		client, err := initClient(
@ -70,86 +56,12 @@ func makeInitClient(cfg *viper.Viper, initClient credtypes.CredentialClientInit)
 			connConfig["cert"],
 			connConfig["key"],
 		)
-		if err != nil {
-			fmt.Printf("Please run 'init' command before running API commands.\nError Message: %s\n", err)
-			os.Exit(1)
-		}
+		check(err)

 		return client
 	}
 }

-func openConfig(cfgFile string) (masterpass string, v *viper.Viper) {
-	v = viper.New()
-	v.SetConfigType("toml")
-
-	if cfgFile != "" {
-		// Use config file from the flag.
-		v.SetConfigFile(cfgFile)
-	} else {
-		// Find home directory.
-		home, err := homedir.Dir()
-		check(err)
-
-		// Search config in home directory with name ".spc" (without extension).
-		v.AddConfigPath(home)
-		v.SetConfigName(".spc")
-
-		cfgFile = home + "/.spc.toml"
-	}
-
-	if _, err := os.Open(cfgFile); !os.IsNotExist(err) {
-		prompt := &survey.Password{Message: "Master password:"}
-		check(survey.AskOne(prompt, &masterpass, nil))
-
-		decryptConfig(masterpass, cfgFile)
-	}
-
-	//v.AutomaticEnv() // read in environment variables that match
-
-	// If a config file is found, read it in.
-	if err := v.ReadInConfig(); err == nil {
-		fmt.Println("Using config file:", v.ConfigFileUsed())
-	}
-
-	return masterpass, v
-}
-
-func decryptConfig(masterpass string, cfgFile string) {
-	contents, err := ioutil.ReadFile(cfgFile)
-	check(err)
-
-	passkey, err := crypto.GenerateKeyFromPassword([]byte(masterpass))
-	check(err)
-
-	contents, err = crypto.CBCDecrypt(passkey, contents)
-	if err != nil && err.Error() == "Padding incorrect" {
-		fmt.Println("incorrect master password")
-		os.Exit(1)
-	} else if err != nil && err.Error() == "ciphertext is not a multiple of the block size" {
-		fmt.Println("Config wasn't encrypted.")
-		return
-	}
-	check(err)
-
-	check(ioutil.WriteFile(cfgFile, contents, 0600))
-}
-
-func encryptConfig(masterpass string, cfg *viper.Viper) {
-	contents, err := ioutil.ReadFile(cfg.ConfigFileUsed())
-	if os.IsNotExist(err) {
-		return
-	}
-
-	keypass, err := crypto.GenerateKeyFromPassword([]byte(masterpass))
-	check(err)
-
-	contents, err = crypto.CBCEncrypt(keypass, contents)
-	check(err)
-
-	check(ioutil.WriteFile(cfg.ConfigFileUsed(), contents, 0600))
-}
-
 func check(err error) {
 	if err != nil {
 		fmt.Println(err)