cargo-faasta 0.2.0

Build and deploy wasi-http wasm to the faasta serverless platform
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220

use anyhow::Error;
use compio::buf::BufResult;
use cyper::Client as HttpClient;
use dirs::config_dir;
use github_app_auth::{GithubAuthParams, InstallationAccessToken};
use http::header::HeaderMap;
use http::header::{HeaderName, HeaderValue};
use serde::{Deserialize, Serialize};
use std::collections::HashMap;
use std::fs;
use std::path::{Path, PathBuf};

const CONFIG_FILE: &str = "faasta/github_auth.json";
const USER_AGENT: &str = "faasta-cli";

#[derive(Debug, Serialize, Deserialize, Default)]
pub struct AuthConfig {
    pub app_id: u64,
    pub installation_id: u64,
    pub private_key: Vec<u8>,
    pub user_id: Option<String>,
    pub project_hmacs: HashMap<String, String>, // project_name -> hmac
}

/// Manages GitHub authentication for the CLI
pub struct GitHubAuth {
    config: AuthConfig,
    token: Option<InstallationAccessToken>,
    config_path: PathBuf,
}

impl GitHubAuth {
    /// Initialize GitHub authentication
    pub async fn new() -> Result<Self, Error> {
        let config_path = Self::get_config_path()?;
        let config = Self::load_config(&config_path).await?;

        Ok(Self {
            config,
            token: None,
            config_path,
        })
    }

    /// Authenticate with GitHub
    pub async fn authenticate(&mut self) -> Result<(), Error> {
        if self.config.app_id == 0
            || self.config.installation_id == 0
            || self.config.private_key.is_empty()
        {
            return Err(anyhow::anyhow!(
                "GitHub App not configured. Run 'cargo faasta auth setup' first."
            ));
        }

        self.token = Some(
            InstallationAccessToken::new(GithubAuthParams {
                user_agent: USER_AGENT.into(),
                private_key: self.config.private_key.clone(),
                app_id: self.config.app_id,
                installation_id: self.config.installation_id,
            })
            .await?,
        );

        // Get user ID if we don't have it yet
        if self.config.user_id.is_none() {
            self.fetch_and_store_user_id().await?;
        }

        Ok(())
    }

    /// Get authentication header for API requests
    pub async fn header(&mut self) -> Result<HeaderMap, Error> {
        if self.token.is_none() {
            self.authenticate().await?;
        }

        // Retrieve the OAuth2 header map and convert to an HTTP header map
        let oauth_headers = self.token.as_mut().unwrap().header().await?;
        let mut headers = HeaderMap::new();
        for (name, value) in oauth_headers.iter() {
            // Convert header name and value into http types
            let hn = HeaderName::from_bytes(name.as_str().as_bytes())?;
            let hv = HeaderValue::from_bytes(value.as_bytes())?;
            headers.insert(hn, hv);
        }
        Ok(headers)
    }

    /// Store project HMAC for ownership verification
    pub async fn store_project_hmac(
        &mut self,
        project_name: &str,
        hmac: &str,
    ) -> Result<(), Error> {
        self.config
            .project_hmacs
            .insert(project_name.to_string(), hmac.to_string());
        self.save_config().await?;
        Ok(())
    }

    /// Get project HMAC if it exists
    pub fn get_project_hmac(&self, project_name: &str) -> Option<&String> {
        self.config.project_hmacs.get(project_name)
    }

    /// Check if a project is owned by the current user
    pub fn owns_project(&self, project_name: &str) -> bool {
        self.config.project_hmacs.contains_key(project_name)
    }

    /// Get the list of projects owned by the user
    pub fn get_owned_projects(&self) -> Vec<String> {
        self.config.project_hmacs.keys().cloned().collect()
    }

    /// Check if user has reached project limit
    pub fn has_reached_project_limit(&self) -> bool {
        self.config.project_hmacs.len() >= 5
    }

    /// Setup GitHub app credentials
    pub async fn setup(
        &mut self,
        app_id: u64,
        installation_id: u64,
        private_key: Vec<u8>,
    ) -> Result<(), Error> {
        self.config.app_id = app_id;
        self.config.installation_id = installation_id;
        self.config.private_key = private_key;
        self.save_config().await?;
        Ok(())
    }

    /// Get user ID from authenticated GitHub instance
    async fn fetch_and_store_user_id(&mut self) -> Result<(), Error> {
        // Retrieve the underlying OAuth2 headers and convert to http HeaderMap
        let oauth_headers = self.token.as_mut().unwrap().header().await?;
        let mut header = HeaderMap::new();
        for (name, value) in oauth_headers.iter() {
            let hn = HeaderName::from_bytes(name.as_str().as_bytes())?;
            let hv = HeaderValue::from_bytes(value.as_bytes())?;
            header.insert(hn, hv);
        }

        // Create authenticated client
        let response = HttpClient::new()
            .get("https://api.github.com/app")?
            .headers(header)
            .send()
            .await?;

        if response.status().is_success() {
            let app_info: serde_json::Value = response.json().await?;
            if let Some(id) = app_info.get("id").and_then(|v| v.as_str()) {
                self.config.user_id = Some(id.to_string());
                self.save_config().await?;
            }
        }

        Ok(())
    }

    /// Get the path to the config file
    fn get_config_path() -> Result<PathBuf, Error> {
        let mut path =
            config_dir().ok_or_else(|| anyhow::anyhow!("Could not find user config directory"))?;

        path.push(CONFIG_FILE);

        // Ensure parent directory exists
        if let Some(parent) = path.parent() {
            if !parent.exists() {
                fs::create_dir_all(parent)?;
            }
        }

        Ok(path)
    }

    /// Load config from disk
    async fn load_config(path: &Path) -> Result<AuthConfig, Error> {
        if path.exists() {
            let data = compio::fs::read(path).await?;
            let content = String::from_utf8(data)?;
            Ok(serde_json::from_str(&content)?)
        } else {
            // Create default config
            let default_config = AuthConfig::default();
            let content = serde_json::to_string_pretty(&default_config)?;
            let BufResult(result, _) = compio::fs::write(path, content.into_bytes()).await;
            result?;
            Ok(default_config)
        }
    }

    /// Save config to disk
    pub async fn save_config(&self) -> Result<(), Error> {
        let content = serde_json::to_string_pretty(&self.config)?;
        let BufResult(result, _) = compio::fs::write(&self.config_path, content.into_bytes()).await;
        result?;
        Ok(())
    }

    /// Check if GitHub app is configured
    pub fn is_configured(&self) -> bool {
        self.config.app_id != 0
            && self.config.installation_id != 0
            && !self.config.private_key.is_empty()
    }

    /// Get user ID if available
    pub fn get_user_id(&self) -> Option<&str> {
        self.config.user_id.as_deref()
    }
}