support login with AKSK input

Author: lyu571

package.json

@@ -65,8 +65,8 @@
         "views": {
             "tc-terraform-resources": [
                 {
-                    "id": "tcTerraform.sessionExplorer",
-                    "name": "%TcTerraform.view.session.explorer%",
+                    "id": "tcTerraform.loginExplorer",
+                    "name": "%TcTerraform.view.login.explorer%",
                     "contextualTitle": "Session Explorer",
                     "visibility": "collapsed"
                 },
@@ -83,6 +83,12 @@
                 }
             ]
         },
+        "viewsWelcome": [
+            {
+                "view": "tcTerraform.loginExplorer",
+                "contents": "%TcTerraform.view.login.welcome%"
+            }
+        ],
         "languages": [
             {
                 "id": "terraform",
@@ -101,8 +107,7 @@
         "commands": [
             {
                 "command": "tcTerraform.login",
-                "title": "Login",
-                "category": "TencentCloud Terraform"
+                "title": "%TcTerraform.view.login.welcome%"
             },
             {
                 "command": "tcTerraform.init",

package.nls.json

@@ -1,6 +1,9 @@
 {
-    "TcTerraform.title": "TencentCloud Terraofrm",
-    "TcTerraform.view.session.explorer": "Connect to TencentCloud",
+    "TcTerraform.title": "TencentCloud Terraform",
+    "TcTerraform.view.login.explorer": "Login TencentCloud",
+    "TcTerraform.view.login.welcome": "Please login the TencentCloud. If you don't have a account, please [Sign up](https://cloud.tencent.com/register) first.\n[Login TencentCloud](command:tcTerraform.login)",
+    "TcTerraform.view.welcome": "Welcome to use TencentCloud Terraform extension, please wait for the page loading...",
+    "TcTerraform.view.login": "登录腾讯云",
     "TcTerraform.view.template.explorer": "Tempaltes Management",
     "TcTerraform.view.resource.explorer": "Resources Explorer",
     "TcTerraform.view.resource.explorer.cvm": "Import Resouce: CVM",
@@ -9,5 +12,9 @@
     "TcTerraform.view.help.explorer.provider": "TencentCloud Terraform Provider",
     "TcTerraform.view.help.explorer.doc": "Documentation",
     "TcTerraform.view.help.explorer.repo": "GitHub Repository",
+    "TcTerraform.AKSK.title": "API AKSK Login",
+    "TcTerraform.QR.title": "Scan code Login",
+    "TcTerraform.AKSK.title.placeholder": "请输入腾讯云 API 密钥 {0}",
+    "TcTerraform.AKSK.title.verify.empty": "{0}不能为空",
     "TcTerraform.productName": "TcTerraform Toolkit"
-}
+}

src/commons/constants.ts

@@ -8,5 +8,4 @@
 export class Constants {
     // eslint-disable-next-line @typescript-eslint/naming-convention
     public static TerraformTerminalName = "TIAT-Terraform";
-
 }

src/commons/index.ts

@@ -1,11 +1,13 @@
 import * as customerCmd from "./customCmdRegister";
+import { registerTencent } from "./tencent";
 export { tencent } from "./tencent";
 export * from "./container";
 export * from "./context";
 export { cmds } from "./customCmdRegister";
 
 export function registerCommon() {
-    //   registerTencent();
+    registerTencent();
     customerCmd.regHelpCommands();
     customerCmd.regResourceRelatedCommands();
+
 }

src/commons/tencent/commands.ts

@@ -1,13 +1,15 @@
 import { commands } from "vscode";
+import user from "./user";
 
 export function registerCommands() {
-//   commands.registerCommand(command.TENCENT_LOGIN, user.login);
+    commands.registerCommand(command.TENCENT_LOGIN, user.login);
 
-//   commands.registerCommand(command.TENCENT_LOGINOUT, user.loginOut);
+    //   commands.registerCommand(command.TENCENT_LOGINOUT, user.loginOut);
 }
 
 export namespace command {
-  export const TENCENT_LOGIN = "toolkit.tencent.login";
-  /** 退出登录 */
-  export const TENCENT_LOGINOUT = "toolkit.tencent.loginout";
+    // login command
+    export const TENCENT_LOGIN = "tcTerraform.login";
+    // logout command
+    export const TENCENT_LOGINOUT = "tcTerraform.logout";
 }

src/commons/tencent/index.ts

@@ -1,27 +1,25 @@
 import { commands } from "vscode";
 import { registerCommands, command as _command } from "./commands";
 
-// import "./api.localfile";
-// import './api';
-// import _user from "./user";
+import _user from "./user";
 import _tree from "./treeDataProvider";
 
 export async function registerTencent() {
-  registerCommands();
+    registerCommands();
 
-  await initialization();
+    await initialization();
 }
 
 async function initialization() {
-//   commands.executeCommand(
-//     "setContext",
-//     "tencent.login",
-//     !!(await _user.getInfo())
-//   );
+    commands.executeCommand(
+        "setContext",
+        "tencent.login",
+        !!(await _user.getInfo())
+    );
 }
 
 export namespace tencent {
-//   export import user = _user;
-  export import tree = _tree;
-  export import command = _command;
+    export import user = _user;
+    export import tree = _tree;
+    export import command = _command;
 }

src/commons/tencent/user/auth/credentail.ts

@@ -0,0 +1,52 @@
+import MultiStepInput from "../../../multiStepInput";
+import { Credential } from "tencentcloud-sdk-nodejs/tencentcloud/common/interface";
+import { localize } from "vscode-nls-i18n";
+import constant from "../index";
+
+export async function getCredentailByInput() {
+    const title = localize(constant.AKSK_TITLE);
+    async function collectInputs() {
+        const state = {} as Partial<Credential>;
+        await MultiStepInput.run((input) => inputSecretId(input, state));
+        return state as Required<Omit<Credential, "token">>;
+    }
+
+    async function inputSecretId(
+        input: MultiStepInput,
+        state: Partial<Credential>
+    ) {
+        state.secretId = await input.showInputBox({
+            title,
+            step: 1,
+            totalSteps: 2,
+            value: state.secretId || "",
+            placeholder: localize(constant.AKSK_PLACEHOLD, "SecretId"),
+            validate: validateInput.bind({ key: "SecretId " }),
+        });
+        return (input: MultiStepInput) => inpuSecretKey(input, state);
+    }
+
+    async function inpuSecretKey(
+        input: MultiStepInput,
+        state: Partial<Credential>
+    ) {
+        state.secretKey = await input.showInputBox({
+            title,
+            step: 2,
+            totalSteps: 2,
+            value: state.secretKey || "",
+            placeholder: localize(constant.AKSK_PLACEHOLD, "SecretKey"),
+            validate: validateInput.bind({ key: "SecretKey " }),
+        });
+    }
+
+    async function validateInput(this: { key: string }, value: string) {
+        if (!value) {
+            return Promise.reject(localize(constant.AKSK_EMPTY, this.key));
+        }
+
+        return undefined;
+    }
+
+    return collectInputs();
+}

src/commons/tencent/user/auth/index.ts

@@ -0,0 +1 @@
+export { getCredentailByInput } from "./credentail";

src/commons/tencent/user/auth/qr.ts

@@ -0,0 +1,125 @@
+import axios from "axios";
+import { window } from "vscode";
+import { join } from "path";
+import { Credential } from "tencentcloud-sdk-nodejs/tencentcloud/common/interface";
+
+const LOGIN_SERVER = "https://test.ide.cloud.tencent.com";
+
+const client = axios.create({
+    baseURL: LOGIN_SERVER,
+    proxy: {
+        protocol: "http",
+        host: "9.135.97.58",
+        port: 8899,
+    },
+});
+
+function getQrState() {
+    return client.get("/api/public/qcloud/oauth/qrcode").then((res) => {
+        return res.data.data;
+    });
+}
+
+function getQrUrl(state: string) {
+    return `${LOGIN_SERVER}/api/public/qcloud/oauth/scan?state=${state}`;
+}
+
+type State = "WAITING" | "SCANNED" | "OK";
+function getState(state: string): Promise<State> {
+    return client
+        .get("/api/public/qcloud/oauth/status", {
+            params: {
+                state,
+            },
+        })
+        .then((res) => res.data.data)
+        .catch((err) => {
+            return "WAITING";
+        });
+}
+
+type TokenInfo = {
+    scope: string;
+    appId: string;
+    requestId: string;
+    userAccessToken: string;
+    userOpenId: string;
+    expiresAt: string;
+    userRefreshToken: string;
+    userUnionId: string;
+};
+
+function getTokenInfo(state: string): Promise<TokenInfo> {
+    return client
+        .get("/api/public/qcloud/oauth/token", { params: { state } })
+        .then((res) => res.data.data);
+}
+
+interface CredentialsType {
+    credentials: {
+        token: string;
+        tmpSecretId: string;
+        tmpSecretKey: string;
+    };
+    expiredTime: string;
+}
+
+function getSecret(
+    userAccessToken: string,
+    duration = 7200 * 24
+): Promise<CredentialsType> {
+    return client
+        .get("/api/public/qcloud/oauth/federationToken", {
+            params: { userAccessToken, duration },
+        })
+        .then((res) => res.data.data);
+}
+
+function refreshToken(userRefreshToken: string, userOpenId: string) {
+    return client
+        .get("/api/public/qcloud/oauth/refreshToken", {
+            params: { userRefreshToken, userOpenId },
+        })
+        .then((res) => res.data.data);
+}
+
+export async function getCredentailByQr() {
+    const stateCode = await getQrState();
+    const qrUrl = getQrUrl(stateCode);
+
+    const terminal = window.createTerminal({
+        name: "登录腾讯云",
+        shellPath: join(__dirname, "bin/qrcode.js"),
+        shellArgs: [qrUrl],
+        isTransient: true,
+    });
+    terminal.show();
+
+    let state: State = "WAITING";
+
+    while (state !== "OK") {
+        // await delay(500);
+        const newState = await getState(stateCode);
+
+        if (state !== "SCANNED" && newState === "SCANNED") {
+            terminal.sendText("已扫码,等待授权... \n", true);
+        }
+
+        state = newState;
+    }
+
+    terminal.sendText("授权成功 \n", true);
+    terminal.dispose();
+
+    const u = await getTokenInfo(stateCode);
+
+    const {
+        credentials: { token, tmpSecretId, tmpSecretKey },
+    } = await getSecret(u.userAccessToken);
+
+    return {
+        token,
+        secretId: tmpSecretId,
+        secretKey: tmpSecretKey,
+    };
+}

src/commons/tencent/user/index.ts

@@ -0,0 +1,67 @@
+import { localize } from "vscode-nls-i18n";
+import { ExtensionContext, ProgressLocation, window } from "vscode";
+import { AbstractClient } from "tencentcloud-sdk-nodejs/tencentcloud/common/abstract_client";
+import { Credential } from "tencentcloud-sdk-nodejs/tencentcloud/common/interface";
+
+import { container } from "../../container";
+import { Context } from "../../context";
+import { tree } from "../treeDataProvider";
+import { getCredentailByInput } from "./auth";
+
+export namespace user {
+    interface UserInfo {
+        secretId: string;
+        secretKey: string;
+        token?: string;
+        uin: string;
+    }
+
+    export const AKSK_TITLE = "TcTerraform.AKSK.title";
+    export const AKSK_PLACEHOLD = "TcTerraform.AKSK.title.placeholder";
+    export const AKSK_EMPTY = "TcTerraform.AKSK.title.verify.empty";
+
+    const USER_INFO = "USER_INFO";
+
+    export async function login() {
+        const api = localize(AKSK_TITLE);
+        const pick = await window.showQuickPick(["xxxxxxx", api]);
+
+        if (pick) {
+            const credential = await getCredentailByInput();
+            // api === pick ? await getCredentailByInput() : await getCredentailByQr();
+        }
+    }
+
+    export async function getInfo(): Promise<UserInfo | undefined> {
+        const { secrets } = container.get<ExtensionContext>(Context);
+        const userinfo = await secrets.get(USER_INFO);
+
+        if (userinfo) {
+            return JSON.parse(userinfo) as UserInfo;
+        }
+
+        return undefined;
+    }
+
+    export async function loginOut() {
+        const yes = localize("common.yes");
+        const action = await window.showWarningMessage(
+            localize("tencent.loginout.title"),
+            {
+                modal: true,
+                detail: localize("tencent.loginout.detail"),
+            },
+            yes
+        );
+        if (action !== yes) {
+            return;
+        }
+
+        const { secrets } = container.get<ExtensionContext>(Context);
+        await secrets.delete(USER_INFO);
+
+        tree.refreshTreeData();
+    }
+}
+
+export default user;