Add GitHub authentication (#874)

Author: shati-patel

extensions/ql-vscode/.eslintrc.js

@@ -22,6 +22,7 @@ module.exports = {
       },
     ],
     "@typescript-eslint/explicit-function-return-type": "off",
+    "@typescript-eslint/explicit-module-boundary-types": "off",
     "@typescript-eslint/no-non-null-assertion": "off",
     "@typescript-eslint/no-explicit-any": "off",
     "@typescript-eslint/no-floating-promises": [ "error", { ignoreVoid: true } ],

extensions/ql-vscode/package-lock.json

@@ -13,7 +13,7 @@
     "url": "https://github.com/github/vscode-codeql"
   },
   "engines": {
-    "vscode": "^1.43.0"
+    "vscode": "^1.48.0"
   },
   "categories": [
     "Programming Languages"
@@ -28,6 +28,7 @@
     "onView:codeQLAstViewer",
     "onView:test-explorer",
     "onCommand:codeQL.checkForUpdatesToCLI",
+    "onCommand:codeQL.authenticateToGitHub",
     "onCommand:codeQLDatabases.chooseDatabaseFolder",
     "onCommand:codeQLDatabases.chooseDatabaseArchive",
     "onCommand:codeQLDatabases.chooseDatabaseInternet",
@@ -226,6 +227,10 @@
       }
     },
     "commands": [
+      {
+        "command": "codeQL.authenticateToGitHub",
+        "title": "CodeQL: Authenticate to GitHub"
+      },
       {
         "command": "codeQL.runQuery",
         "title": "CodeQL: Run Query"
@@ -858,6 +863,7 @@
     "format-staged": "lint-staged"
   },
   "dependencies": {
+    "@octokit/rest": "^18.5.6",
     "child-process-promise": "^2.2.1",
     "classnames": "~2.2.6",
     "fs-extra": "^9.0.1",
@@ -906,11 +912,11 @@
     "@types/through2": "^2.0.36",
     "@types/tmp": "^0.1.0",
     "@types/unzipper": "~0.10.1",
-    "@types/vscode": "^1.43.0",
+    "@types/vscode": "^1.48.0",
     "@types/webpack": "^4.32.1",
     "@types/xml2js": "~0.4.4",
-    "@typescript-eslint/eslint-plugin": "~2.23.0",
-    "@typescript-eslint/parser": "~2.23.0",
+    "@typescript-eslint/eslint-plugin": "^4.26.0",
+    "@typescript-eslint/parser": "^4.26.0",
     "ansi-colors": "^4.1.1",
     "applicationinsights": "^1.8.7",
     "chai": "^4.2.0",
@@ -938,7 +944,7 @@
     "ts-loader": "^8.1.0",
     "ts-node": "^8.3.0",
     "ts-protoc-gen": "^0.9.0",
-    "typescript": "~3.8.3",
+    "typescript": "^4.3.2",
     "typescript-formatter": "^7.2.2",
     "vsce": "^1.65.0",
     "vscode-test": "^1.4.0",

extensions/ql-vscode/package.json

@@ -56,7 +56,7 @@ class AstViewerDataProvider extends DisposableObject implements TreeDataProvider
   }
 
   refresh(): void {
-    this._onDidChangeTreeData.fire();
+    this._onDidChangeTreeData.fire(undefined);
   }
   getChildren(item?: AstItem): ProviderResult<AstItem[]> {
     const children = item ? item.children : this.roots;

extensions/ql-vscode/src/astViewer.ts

@@ -0,0 +1,59 @@
+import * as vscode from 'vscode';
+import * as Octokit from '@octokit/rest';
+
+const GITHUB_AUTH_PROVIDER_ID = 'github';
+
+// 'repo' scope should be enough for triggering workflows. For a comprenhensive list, see:
+// https://docs.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps
+const SCOPES = ['repo'];
+
+/** 
+ * Handles authentication to GitHub, using the VS Code [authentication API](https://code.visualstudio.com/api/references/vscode-api#authentication).
+ */
+export class Credentials {
+  private octokit: Octokit.Octokit | undefined;
+
+  // Explicitly make the constructor private, so that we can't accidentally call the constructor from outside the class
+  // without also initializing the class.
+  // eslint-disable-next-line @typescript-eslint/no-empty-function
+  private constructor() { }
+
+  static async initialize(context: vscode.ExtensionContext): Promise<Credentials> {
+    const c = new Credentials();
+    c.registerListeners(context);
+    c.octokit = await c.createOctokit(false);
+    return c;
+  }
+
+  private async createOctokit(createIfNone: boolean): Promise<Octokit.Octokit | undefined> {
+    const session = await vscode.authentication.getSession(GITHUB_AUTH_PROVIDER_ID, SCOPES, { createIfNone });
+
+    return session
+      ? new Octokit.Octokit({
+        auth: session.accessToken
+      }) : undefined;
+  }
+
+  registerListeners(context: vscode.ExtensionContext): void {
+    // Sessions are changed when a user logs in or logs out.
+    context.subscriptions.push(vscode.authentication.onDidChangeSessions(async e => {
+      if (e.provider.id === GITHUB_AUTH_PROVIDER_ID) {
+        this.octokit = await this.createOctokit(false);
+      }
+    }));
+  }
+
+  async getOctokit(): Promise<Octokit.Octokit> {
+    if (this.octokit) {
+      return this.octokit;
+    }
+
+    this.octokit = await this.createOctokit(true);
+    // octokit shouldn't be undefined, since we've set "createIfNone: true".
+    // The following block is mainly here to prevent a compiler error.
+    if (!this.octokit) {
+      throw new Error('Did not initialize Octokit.');
+    }
+    return this.octokit;
+  }
+}

extensions/ql-vscode/src/authentication.ts

@@ -1,4 +1,3 @@
-/* eslint-disable @typescript-eslint/camelcase */
 import * as cpp from 'child-process-promise';
 import * as child_process from 'child_process';
 import * as fs from 'fs-extra';

extensions/ql-vscode/src/cli.ts

@@ -21,7 +21,7 @@ const emptyComparison: SetComparisonsMessage = {
   message: 'Empty comparison'
 };
 
-export function Compare(_: {}): JSX.Element {
+export function Compare(_: Record<string, never>): JSX.Element {
   const [comparison, setComparison] = useState<SetComparisonsMessage>(
     emptyComparison
   );
@@ -66,8 +66,8 @@ export function Compare(_: {}): JSX.Element {
         {hasRows ? (
           <CompareTable comparison={comparison}></CompareTable>
         ) : (
-            <div className="vscode-codeql__compare-message">{message}</div>
-          )}
+          <div className="vscode-codeql__compare-message">{message}</div>
+        )}
       </>
     );
   } catch (err) {

extensions/ql-vscode/src/compare/view/Compare.tsx

@@ -147,7 +147,7 @@ export abstract class ConfigListener extends DisposableObject {
 
   protected abstract handleDidChangeConfiguration(e: ConfigurationChangeEvent): void;
   private updateConfiguration(): void {
-    this._onDidChangeConfiguration.fire();
+    this._onDidChangeConfiguration.fire(undefined);
   }
 
   public get onDidChangeConfiguration(): Event<void> {
@@ -189,7 +189,7 @@ export class QueryServerConfigListener extends ConfigListener implements QuerySe
       config.push(distributionManager.onDidChangeDistribution(async () => {
         const codeQlPath = await distributionManager.getCodeQlPathWithoutVersionCheck();
         config._codeQlPath = codeQlPath!;
-        config._onDidChangeConfiguration.fire();
+        config._onDidChangeConfiguration.fire(undefined);
       }));
     }
     return config;

extensions/ql-vscode/src/config.ts

@@ -179,7 +179,7 @@ class DatabaseTreeDataProvider extends DisposableObject
 
   public set sortOrder(newSortOrder: SortOrder) {
     this._sortOrder = newSortOrder;
-    this._onDidChangeTreeData.fire();
+    this._onDidChangeTreeData.fire(undefined);
   }
 }
 

extensions/ql-vscode/src/databases-ui.ts

@@ -70,6 +70,8 @@ import {
 } from './commandRunner';
 import { CodeQlStatusBarHandler } from './status-bar';
 
+import { Credentials } from './authentication';
+
 /**
  * extension.ts
  * ------------
@@ -148,7 +150,7 @@ export interface CodeQLExtensionInterface {
  *
  * @returns CodeQLExtensionInterface
  */
-export async function activate(ctx: ExtensionContext): Promise<CodeQLExtensionInterface | {}> {
+export async function activate(ctx: ExtensionContext): Promise<CodeQLExtensionInterface | Record<string, never>> {
   void logger.log(`Starting ${extensionId} extension`);
   if (extension === undefined) {
     throw new Error(`Can't find extension ${extensionId}`);
@@ -298,13 +300,13 @@ export async function activate(ctx: ExtensionContext): Promise<CodeQLExtensionIn
 
   async function installOrUpdateThenTryActivate(
     config: DistributionUpdateConfig
-  ): Promise<CodeQLExtensionInterface | {}> {
+  ): Promise<CodeQLExtensionInterface | Record<string, never>> {
 
     await installOrUpdateDistribution(config);
 
     // Display the warnings even if the extension has already activated.
     const distributionResult = await getDistributionDisplayingDistributionWarnings();
-    let extensionInterface: CodeQLExtensionInterface | {} = {};
+    let extensionInterface: CodeQLExtensionInterface | Record<string, never> = {};
     if (!beganMainExtensionActivation && distributionResult.kind !== FindDistributionResultKind.NoDistribution) {
       extensionInterface = await activateWithInstalledDistribution(
         ctx,
@@ -498,8 +500,7 @@ async function activateWithInstalledDistribution(
         void helpers.showAndLogErrorMessage(
           'Jumping from a .qlref file to the .ql file it references is not '
           + 'supported with the CLI version you are running.\n'
-          + `Please upgrade your CLI to version ${
-          CliVersionConstraint.CLI_VERSION_WITH_RESOLVE_QLREF
+          + `Please upgrade your CLI to version ${CliVersionConstraint.CLI_VERSION_WITH_RESOLVE_QLREF
           } or later to use this feature.`);
       }
     }
@@ -713,6 +714,18 @@ async function activateWithInstalledDistribution(
       void helpers.showAndLogInformationMessage(text);
     }));
 
+  /**
+   * Credentials for authenticating to GitHub.
+   * Currently unused, but will be useful in the future when making API calls.
+   */
+  const credentials = await Credentials.initialize(ctx);
+
+  ctx.subscriptions.push(
+    commandRunner('codeQL.authenticateToGitHub', async () => {
+      const octokit = await credentials.getOctokit();
+      const userInfo = await octokit.users.getAuthenticated();
+      void helpers.showAndLogInformationMessage(`Authenticated to GitHub as user: ${userInfo.data.login}`);
+    }));
 
   void logger.log('Starting language server.');
   ctx.subscriptions.push(client.start());