1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145

//! This module is related to loading remote.it credentials from the user's home directory.
//! This is of course not the most secure way to store credentials, but it is the most convenient and recommended by remote.it.
//! If you store your credentials in a different way, you can pass them to the functions in this module directly instead of using this module to load them.

use bon::{bon, builder};
use std::collections::HashMap;
use std::path::PathBuf;

#[cfg(feature = "credentials_loader")]
#[derive(thiserror::Error, Debug)]
pub enum Error {
    #[error("The user's home directory could not be found. Please refer to the `dirs` crate for more information.")]
    HomeDirNotFound,
    #[error("The credentials file could not be loaded: {0}")]
    CouldNotReadCredentials(#[from] std::io::Error),
    #[error("The credentials file could not be parsed: {0}")]
    CredentialsParse(#[from] config::ConfigError),
}

/// A remote.it credentials file contains zero or more profiles, each containing a set of credentials.
type CredentialsFile = HashMap<String, Credentials>;

#[builder]
#[derive(
    Debug, Clone, PartialOrd, PartialEq, Eq, Ord, Hash, serde::Deserialize, serde::Serialize,
)]
pub struct Credentials {
    pub(crate) r3_access_key_id: String,
    pub(crate) r3_secret_access_key: String,
}

#[cfg(feature = "credentials_loader")]
#[bon]
impl Credentials {
    /// Attempts to load the remote.it credentials from the user's home directory.
    /// The default location is `~/.remoteit/credentials`.
    ///
    /// # Errors
    /// * [`Error::HomeDirNotFound`], when the [`dirs`] create cannot find the user's home directory.
    /// * [`Error::CouldNotReadCredentials`], when the credentials file could not be parsed by the [`figment`] crate.
    #[cfg(feature = "credentials_loader")]
    #[builder]
    pub fn load_from_disk(
        custom_credentials_path: Option<PathBuf>,
    ) -> Result<CredentialsFile, Error> {
        let credentials_path = custom_credentials_path.unwrap_or(
            dirs::home_dir()
                .ok_or(Error::HomeDirNotFound)?
                .join(".remoteit")
                .join("credentials"),
        );

        let profiles: CredentialsFile = config::Config::builder()
            .add_source(config::File::new(
                credentials_path
                    .to_str()
                    .expect("It is highly unlikely, that there would be a "),
                config::FileFormat::Ini,
            ))
            .build()?
            .try_deserialize()?;

        Ok(profiles)
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use std::io::Write;

    #[test]
    fn test_credentials_builder() {
        let credentials = Credentials::builder()
            .r3_access_key_id("foo")
            .r3_secret_access_key("bar")
            .build();

        assert_eq!(credentials.r3_access_key_id, "foo");
        assert_eq!(credentials.r3_secret_access_key, "bar");
    }

    #[test]
    fn test_load_from_disk_empty() {
        let file = tempfile::NamedTempFile::new().unwrap();

        let credentials = Credentials::load_from_disk()
            .custom_credentials_path(file.path().to_path_buf())
            .call();

        assert!(credentials.is_ok());
        let credentials = credentials.unwrap();
        assert!(credentials.is_empty());
    }

    #[test]
    fn test_load_from_disk_one() {
        let credentials = r"
            [default]
            R3_ACCESS_KEY_ID=foo
            R3_SECRET_ACCESS_KEY=bar
        ";

        let mut file = tempfile::NamedTempFile::new().unwrap();
        file.write_all(credentials.as_bytes()).unwrap();

        let credentials = Credentials::load_from_disk()
            .custom_credentials_path(file.path().to_path_buf())
            .call();

        assert!(credentials.is_ok());
        let credentials = credentials.unwrap();
        assert_eq!(credentials.len(), 1);
        assert_eq!(credentials["default"].r3_access_key_id, "foo");
        assert_eq!(credentials["default"].r3_secret_access_key, "bar");
    }

    #[test]
    fn test_load_from_disk_two() {
        let credentials = r"
            [default]
            R3_ACCESS_KEY_ID=foo
            R3_SECRET_ACCESS_KEY=bar

            [other]
            R3_ACCESS_KEY_ID=baz
            R3_SECRET_ACCESS_KEY=qux
        ";

        let mut file = tempfile::NamedTempFile::new().unwrap();
        file.write_all(credentials.as_bytes()).unwrap();

        let credentials = Credentials::load_from_disk()
            .custom_credentials_path(file.path().to_path_buf())
            .call();

        assert!(credentials.is_ok());
        let credentials = credentials.unwrap();
        assert_eq!(credentials.len(), 2);
        assert_eq!(credentials["default"].r3_access_key_id, "foo");
        assert_eq!(credentials["default"].r3_secret_access_key, "bar");
        assert_eq!(credentials["other"].r3_access_key_id, "baz");
        assert_eq!(credentials["other"].r3_secret_access_key, "qux");
    }
}