feat: support oauth authentication flow (#132)

Co-authored-by: Bastian Doetsch <bastian.doetsch@snyk.io>

Author: j-luong

plugin/src/main/java/io/snyk/eclipse/plugin/EnvironmentConstants.java

@@ -5,4 +5,6 @@ public interface EnvironmentConstants {
   String ENV_SNYK_TOKEN = "SNYK_TOKEN";
   String ENV_SNYK_ORG = "SNYK_CFG_ORG";
   String ENV_DISABLE_ANALYTICS = "SNYK_CFG_DISABLE_ANALYTICS";
+  String ENV_INTERNAL_SNYK_OAUTH_ENABLED = "INTERNAL_SNYK_OAUTH_ENABLED";
+  String ENV_INTERNAL_OAUTH_TOKEN_STORAGE = "INTERNAL_OAUTH_TOKEN_STORAGE";
 }

plugin/src/main/java/io/snyk/eclipse/plugin/SnykStartup.java

@@ -1,18 +1,15 @@
 package io.snyk.eclipse.plugin;
 
-import io.snyk.eclipse.plugin.properties.preferences.Preferences;
-import io.snyk.eclipse.plugin.utils.SnykLogger;
-import io.snyk.eclipse.plugin.views.SnykView;
-import io.snyk.eclipse.plugin.wizards.SnykWizard;
-import io.snyk.languageserver.LsRuntimeEnvironment;
-import io.snyk.languageserver.SnykLanguageServer;
-import io.snyk.languageserver.download.HttpClientFactory;
-import io.snyk.languageserver.download.LsBinaries;
-import io.snyk.languageserver.download.LsDownloader;
+import static io.snyk.eclipse.plugin.utils.SnykLogger.logError;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.nio.file.Files;
+import java.nio.file.attribute.BasicFileAttributes;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
 
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClients;
-import org.eclipse.core.net.proxy.IProxyData;
 import org.eclipse.core.runtime.ILog;
 import org.eclipse.core.runtime.IProgressMonitor;
 import org.eclipse.core.runtime.IStatus;
@@ -26,15 +23,15 @@
 import org.eclipse.ui.PartInitException;
 import org.eclipse.ui.PlatformUI;
 
-import java.io.File;
-import java.io.IOException;
-import java.net.URISyntaxException;
-import java.nio.file.Files;
-import java.nio.file.attribute.BasicFileAttributes;
-import java.time.Instant;
-import java.time.temporal.ChronoUnit;
-
-import static io.snyk.eclipse.plugin.utils.SnykLogger.logError;
+import io.snyk.eclipse.plugin.properties.preferences.Preferences;
+import io.snyk.eclipse.plugin.utils.SnykLogger;
+import io.snyk.eclipse.plugin.views.SnykView;
+import io.snyk.eclipse.plugin.wizards.SnykWizard;
+import io.snyk.languageserver.LsRuntimeEnvironment;
+import io.snyk.languageserver.SnykLanguageServer;
+import io.snyk.languageserver.download.HttpClientFactory;
+import io.snyk.languageserver.download.LsBinaries;
+import io.snyk.languageserver.download.LsDownloader;
 
 public class SnykStartup implements IStartup {
   private LsRuntimeEnvironment runtimeEnvironment;

plugin/src/main/java/io/snyk/eclipse/plugin/properties/preferences/ApiClient.java

@@ -5,6 +5,8 @@
 
 import io.snyk.languageserver.LsRuntimeEnvironment;
 import io.snyk.languageserver.download.HttpClientFactory;
+import io.snyk.languageserver.protocolextension.SnykExtendedLanguageClient;
+import io.snyk.languageserver.protocolextension.messageObjects.OAuthToken;
 
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.protocol.HttpClientContext;
@@ -42,7 +44,14 @@ public boolean checkSnykCodeEnablement() {
         url += "?org=" + org;
       }
       var httpGet = new HttpGet(endpoint + url);
-      httpGet.addHeader("Authorization", "token " + prefs.getAuthToken());
+      if (prefs.getPref(Preferences.AUTHENTICATION_METHOD).equals(Preferences.AUTH_METHOD_TOKEN)) {
+        httpGet.addHeader("Authorization", "token " + prefs.getAuthToken());        
+      } else {
+        // first refresh token
+        SnykExtendedLanguageClient.getInstance().refreshOAuthToken();
+        var oauthToken = objectMapper.readValue(prefs.getAuthToken(), OAuthToken.class);
+        httpGet.addHeader("Authorization", "bearer " + oauthToken.getAccessToken());
+      }
       httpGet.addHeader("Content-Type", "application/json");
       var response = httpClient.execute(httpGet, context);
 

plugin/src/main/java/io/snyk/eclipse/plugin/properties/preferences/Preferences.java

@@ -46,7 +46,9 @@ public static synchronized Preferences getInstance(PreferenceStore store) {
   public static final String ENABLE_TELEMETRY = EnvironmentConstants.ENV_DISABLE_ANALYTICS;
   public static final String MANAGE_BINARIES_AUTOMATICALLY = "SNYK_CFG_MANAGE_BINARIES_AUTOMATICALLY";
   public static final String ORGANIZATION_KEY = EnvironmentConstants.ENV_SNYK_ORG;
-
+  public static final String AUTHENTICATION_METHOD = "AUTHENTICATION_METHOD";
+  public static final String AUTH_METHOD_TOKEN = "token";
+  public static final String AUTH_METHOD_OAUTH = "oauth";
 
   private final PreferenceStore store;
 
@@ -76,6 +78,11 @@ public static synchronized Preferences getInstance(PreferenceStore store) {
     if (getPref(LSP_VERSION) == null) {
       store(LSP_VERSION, "1");
     }
+    
+    if (getPref(AUTHENTICATION_METHOD) == null || getPref(AUTHENTICATION_METHOD).isBlank()) {
+      store(AUTHENTICATION_METHOD, AUTH_METHOD_TOKEN);
+    }
+    
     if (getPref(LS_BINARY_KEY) == null || getPref(LS_BINARY_KEY).equals("")) {
       store(LS_BINARY_KEY, getDefaultLsPath());
     }

plugin/src/main/java/io/snyk/eclipse/plugin/runner/AuthResponse.java

@@ -31,7 +31,7 @@ public class ProcessRunner {
 
   private static final String HOME = System.getProperty("user.home");
   private static final String DEFAULT_MAC_PATH = "/usr/local/bin:/usr/bin:/bin:/sbin:/usr/sbin:" + HOME + "/bin:"
-    + HOME + "/.cargo/bin:" + System.getenv("GOPATH") + "/bin" + System.getenv("GOROOT") + "/bin";
+      + HOME + "/.cargo/bin:" + System.getenv("GOPATH") + "/bin" + System.getenv("GOROOT") + "/bin";
   private static final String DEFAULT_LINUX_PATH = DEFAULT_MAC_PATH;
   private static final String DEFAULT_WIN_PATH = "";
 
@@ -89,8 +89,8 @@ private ProcessBuilder getProcessBuilder(List<String> params, Optional<String> p
     // TODO: move to runtimeEnvironment
     if (path.isPresent() && !path.get().isBlank()) {
       pb.environment().put("PATH",
-        path.map(p -> p + File.pathSeparator + defaultPathForOS).orElse(defaultPathForOS)
-          + File.pathSeparator + System.getenv("PATH"));
+          path.map(p -> p + File.pathSeparator + defaultPathForOS).orElse(defaultPathForOS)
+              + File.pathSeparator + System.getenv("PATH"));
     }
     return pb;
   }
@@ -120,9 +120,14 @@ private void setupProcessBuilderBase(ProcessBuilder pb) {
       }
     }
 
+    String authMethod = Preferences.getInstance().getPref(Preferences.AUTHENTICATION_METHOD);
     String token = Preferences.getInstance().getAuthToken();
-    if (token != null)
-      pb.environment().put(EnvironmentConstants.ENV_SNYK_TOKEN, Preferences.getInstance().getAuthToken());
+    if (token != null && authMethod.equals(Preferences.AUTH_METHOD_OAUTH)) {      
+      pb.environment().put(EnvironmentConstants.ENV_INTERNAL_SNYK_OAUTH_ENABLED, "1");
+      pb.environment().put(EnvironmentConstants.ENV_INTERNAL_OAUTH_TOKEN_STORAGE, token);
+    } else {      
+      pb.environment().put(EnvironmentConstants.ENV_SNYK_TOKEN, token);
+    }
 
     String insecure = Preferences.getInstance().getPref(Preferences.INSECURE_KEY);
     if (insecure != null && insecure.equalsIgnoreCase("true"))
@@ -150,7 +155,7 @@ public ProcessBuilder createWinProcessBuilder(List<String> params, Optional<Stri
     ProcessBuilder pb = new ProcessBuilder(cmd);
     setupProcessBuilderBase(pb);
     pb.environment().put("PATH", path.map(p -> p + ";" + DEFAULT_WIN_PATH).orElse(DEFAULT_WIN_PATH)
-      + File.pathSeparator + System.getenv("PATH"));
+        + File.pathSeparator + System.getenv("PATH"));
 
     // debug logging on windows machines
     IStatus[] statuses = new IStatus[] {