Implement login manager (#910)

Implement login manager

Signed-off-by: Mykola Morhun <mmorhun@redhat.com>

package.json

@@ -17,7 +17,7 @@
     "@oclif/plugin-update": "^1.3.10",
     "@types/command-exists": "^1.2.0",
     "@types/fs-extra": "^9.0.1",
-    "@types/js-yaml": "^3.12.5",
+    "@types/inquirer": "^7.3.1",
     "@types/node-notifier": "^8.0.0",
     "@types/request": "^2.48.5",
     "@types/websocket": "^1.0.1",
@@ -36,13 +36,15 @@
     "execa": "^4.0.3",
     "fancy-test": "^1.4.9",
     "fs-extra": "^9.0.1",
+    "inquirer": "^7.3.3",
     "js-yaml": "^3.14.0",
     "listr": "^0.14.3",
     "listr-verbose-renderer": "^0.6.0",
     "lodash": "^4.17.20",
     "mkdirp": "^1.0.4",
     "node-forge": "^0.10.0",
     "node-notifier": "^8.0.0",
+    "querystring": "^0.2.0",
     "stream-buffers": "^3.0.2",
     "tslib": "^1"
   },
@@ -53,6 +55,7 @@
     "@oclif/tslint": "^3",
     "@types/chai": "^4",
     "@types/jest": "26.0.14",
+    "@types/js-yaml": "^3.12.5",
     "@types/listr": "^0.14.2",
     "@types/node": "^12",
     "@types/node-forge": "^0.9.5",
@@ -95,11 +98,14 @@
       "@oclif/plugin-update"
     ],
     "topics": {
+      "auth": {
+        "description": "Manage Eclipse Che server login sessions"
+      },
       "server": {
-        "description": "control Eclipse Che server"
+        "description": "Control Eclipse Che server"
       },
       "workspace": {
-        "description": "control Che workspaces"
+        "description": "Control Che workspaces"
       }
     },
     "update": {

src/api/che-api-client.ts

@@ -44,18 +44,16 @@ export class CheApiClient {
     return instance
   }
 
-  private static normalizeCheApiEndpointUrl(url: string | undefined) {
-    if (url) {
-      if (!url.includes('://')) {
-        url = 'https://' + url
-      }
-      const u = new URL(url)
-      url = 'https://' + u.host + u.pathname
-      if (url.endsWith('/')) {
-        url = url.slice(0, -1)
-      }
-      return url
+  public static normalizeCheApiEndpointUrl(url: string) {
+    if (!url.includes('://')) {
+      url = 'https://' + url
     }
+    const u = new URL(url)
+    url = 'https://' + u.host + u.pathname
+    if (url.endsWith('/')) {
+      url = url.slice(0, -1)
+    }
+    return url
   }
 
   /**
@@ -101,9 +99,7 @@ export class CheApiClient {
     } catch (error) {
       throw this.getCheApiError(error, endpoint)
     }
-    if (!response || response.status !== 200 || !response.data || !response.data.status) {
-      throw new Error('E_BAD_RESP_CHE_API')
-    }
+    this.checkResponse(response, endpoint)
     return response.data.status
   }
 
@@ -236,9 +232,7 @@ export class CheApiClient {
       }
     }
 
-    if (!response || response.status !== 200 || !response.data) {
-      throw new Error('E_BAD_RESP_CHE_API')
-    }
+    this.checkResponse(response, endpoint)
   }
 
   async stopWorkspace(workspaceId: string, accessToken?: string): Promise<void> {
@@ -298,9 +292,31 @@ export class CheApiClient {
     }
   }
 
+  /**
+   * Returns Keycloak settings or undefined for single user mode.
+   */
+  async getKeycloakSettings(responseTimeoutMs = this.defaultCheResponseTimeoutMs): Promise<any | undefined> {
+    const endpoint = `${this.cheApiEndpoint}/keycloak/settings`
+    let response
+    try {
+      response = await this.axios.get(endpoint, { timeout: responseTimeoutMs })
+    } catch (error) {
+      if (error.response && error.response.status === 404) {
+        return
+      }
+      throw this.getCheApiError(error, endpoint)
+    }
+    this.checkResponse(response, endpoint)
+    if (!response.data['che.keycloak.token.endpoint']) {
+      // The response is not keycloak response, but a default fallback
+      throw new Error('E_BAD_CHE_API_URL')
+    }
+    return response.data
+  }
+
   async isAuthenticationEnabled(responseTimeoutMs = this.defaultCheResponseTimeoutMs): Promise<boolean> {
     const endpoint = `${this.cheApiEndpoint}/keycloak/settings`
-    let response = null
+    let response
     try {
       response = await this.axios.get(endpoint, { timeout: responseTimeoutMs })
     } catch (error) {
@@ -310,13 +326,21 @@ export class CheApiClient {
         throw this.getCheApiError(error, endpoint)
       }
     }
-    if (!response || response.status !== 200 || !response.data) {
-      throw new Error('E_BAD_RESP_CHE_API')
+    this.checkResponse(response, endpoint)
+    if (!response.data['che.keycloak.token.endpoint']) {
+      // The response is not keycloak response, but a default fallback
+      return false
     }
     return true
   }
 
-  getCheApiError(error: any, endpoint: string): Error {
+  private checkResponse(response: any, endpoint?: string): void {
+    if (!response || response.status !== 200 || !response.data) {
+      throw new Error(`E_BAD_RESP_CHE_API - Response code: ${response.status}` + endpoint ? `, endpoint: ${endpoint}` : '')
+    }
+  }
+
+  private getCheApiError(error: any, endpoint: string): Error {
     if (error.response) {
       const status = error.response.status
       if (status === 403) {
@@ -325,6 +349,8 @@ export class CheApiClient {
         return new Error(`E_CHE_API_UNAUTHORIZED - Endpoint: ${endpoint} - Message: ${JSON.stringify(error.response.data)}`)
       } else if (status === 404) {
         return new Error(`E_CHE_API_NOTFOUND - Endpoint: ${endpoint} - Message: ${JSON.stringify(error.response.data)}`)
+      } else if (status === 503) {
+        return new Error(`E_CHE_API_UNAVAIL - Endpoint: ${endpoint} returned 503 code`)
       } else {
         // The request was made and the server responded with a status code
         // that falls out of the range of 2xx