Files
tolaria/src-tauri/src/github.rs
lucaronin 211c7e5d41 test: add tests for GitHub OAuth device flow types and Settings UI
- Add serialization tests for DeviceFlowStart, DeviceFlowPollResult, GitHubUser
- Add SettingsPanel tests for OAuth section: login button, connected state,
  disconnect, waiting state with user code, no token field
- All 174 Rust + 475 frontend tests pass

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 23:06:46 +01:00

565 lines
18 KiB
Rust

use serde::{Deserialize, Serialize};
use std::path::Path;
use std::process::Command;
/// GitHub OAuth App client ID. Replace with your registered GitHub App's client_id.
const GITHUB_CLIENT_ID: &str = "Ov23liCuBz7Z5hKk6T8c";
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct GithubRepo {
pub name: String,
pub full_name: String,
pub description: Option<String>,
pub private: bool,
pub clone_url: String,
pub html_url: String,
pub updated_at: Option<String>,
}
/// Lists the authenticated user's GitHub repositories.
pub async fn github_list_repos(token: &str) -> Result<Vec<GithubRepo>, String> {
let client = reqwest::Client::new();
let mut all_repos: Vec<GithubRepo> = Vec::new();
let mut page = 1u32;
loop {
let url = format!(
"https://api.github.com/user/repos?per_page=100&sort=updated&page={}",
page
);
let response = client
.get(&url)
.header("Authorization", format!("Bearer {}", token))
.header("Accept", "application/vnd.github+json")
.header("User-Agent", "Laputa-App")
.header("X-GitHub-Api-Version", "2022-11-28")
.send()
.await
.map_err(|e| format!("GitHub API request failed: {}", e))?;
if !response.status().is_success() {
let status = response.status();
let body = response.text().await.unwrap_or_default();
return Err(format!("GitHub API error {}: {}", status, body));
}
let repos: Vec<GithubRepo> = response
.json()
.await
.map_err(|e| format!("Failed to parse GitHub response: {}", e))?;
let count = repos.len();
all_repos.extend(repos);
if count < 100 {
break;
}
page += 1;
if page > 10 {
break; // safety limit: 1000 repos max
}
}
Ok(all_repos)
}
#[derive(Debug, Deserialize, Serialize)]
struct CreateRepoResponse {
name: String,
full_name: String,
description: Option<String>,
private: bool,
clone_url: String,
html_url: String,
updated_at: Option<String>,
}
/// Creates a new GitHub repository for the authenticated user.
pub async fn github_create_repo(
token: &str,
name: &str,
private: bool,
) -> Result<GithubRepo, String> {
let client = reqwest::Client::new();
let body = serde_json::json!({
"name": name,
"private": private,
"auto_init": true,
"description": "Laputa vault"
});
let response = client
.post("https://api.github.com/user/repos")
.header("Authorization", format!("Bearer {}", token))
.header("Accept", "application/vnd.github+json")
.header("User-Agent", "Laputa-App")
.header("X-GitHub-Api-Version", "2022-11-28")
.json(&body)
.send()
.await
.map_err(|e| format!("GitHub API request failed: {}", e))?;
if !response.status().is_success() {
let status = response.status();
let body = response.text().await.unwrap_or_default();
if status.as_u16() == 422 && body.contains("name already exists") {
return Err("Repository name already exists on your account".to_string());
}
return Err(format!("GitHub API error {}: {}", status, body));
}
let created: CreateRepoResponse = response
.json()
.await
.map_err(|e| format!("Failed to parse GitHub response: {}", e))?;
Ok(GithubRepo {
name: created.name,
full_name: created.full_name,
description: created.description,
private: created.private,
clone_url: created.clone_url,
html_url: created.html_url,
updated_at: created.updated_at,
})
}
// --- OAuth Device Flow ---
#[derive(Debug, Serialize, Deserialize)]
pub struct DeviceFlowStart {
pub device_code: String,
pub user_code: String,
pub verification_uri: String,
pub expires_in: u64,
pub interval: u64,
}
#[derive(Debug, Serialize, Deserialize)]
pub struct DeviceFlowPollResult {
pub status: String,
pub access_token: Option<String>,
pub error: Option<String>,
}
#[derive(Debug, Serialize, Deserialize)]
pub struct GitHubUser {
pub login: String,
pub name: Option<String>,
pub avatar_url: String,
}
/// Starts the GitHub OAuth device flow. Returns device code info for user authorization.
pub async fn github_device_flow_start() -> Result<DeviceFlowStart, String> {
let client = reqwest::Client::new();
let response = client
.post("https://github.com/login/device/code")
.header("Accept", "application/json")
.form(&[("client_id", GITHUB_CLIENT_ID), ("scope", "repo")])
.send()
.await
.map_err(|e| format!("Device flow request failed: {}", e))?;
if !response.status().is_success() {
let body = response.text().await.unwrap_or_default();
return Err(format!("Device flow start failed: {}", body));
}
response
.json::<DeviceFlowStart>()
.await
.map_err(|e| format!("Failed to parse device flow response: {}", e))
}
/// Polls GitHub for the device flow authorization result.
pub async fn github_device_flow_poll(device_code: &str) -> Result<DeviceFlowPollResult, String> {
let client = reqwest::Client::new();
let response = client
.post("https://github.com/login/oauth/access_token")
.header("Accept", "application/json")
.form(&[
("client_id", GITHUB_CLIENT_ID),
("device_code", device_code),
(
"grant_type",
"urn:ietf:params:oauth:grant-type:device_code",
),
])
.send()
.await
.map_err(|e| format!("Device flow poll failed: {}", e))?;
if !response.status().is_success() {
let body = response.text().await.unwrap_or_default();
return Err(format!("Device flow poll HTTP error: {}", body));
}
#[derive(Deserialize)]
struct RawResponse {
access_token: Option<String>,
error: Option<String>,
}
let raw: RawResponse = response
.json()
.await
.map_err(|e| format!("Failed to parse poll response: {}", e))?;
if let Some(token) = raw.access_token {
Ok(DeviceFlowPollResult {
status: "complete".to_string(),
access_token: Some(token),
error: None,
})
} else {
let error = raw.error.unwrap_or_else(|| "unknown".to_string());
let status = match error.as_str() {
"authorization_pending" | "slow_down" => "pending",
"expired_token" => "expired",
_ => "error",
};
Ok(DeviceFlowPollResult {
status: status.to_string(),
access_token: None,
error: Some(error),
})
}
}
/// Gets the authenticated GitHub user's profile.
pub async fn github_get_user(token: &str) -> Result<GitHubUser, String> {
let client = reqwest::Client::new();
let response = client
.get("https://api.github.com/user")
.header("Authorization", format!("Bearer {}", token))
.header("Accept", "application/vnd.github+json")
.header("User-Agent", "Laputa-App")
.header("X-GitHub-Api-Version", "2022-11-28")
.send()
.await
.map_err(|e| format!("GitHub user request failed: {}", e))?;
if !response.status().is_success() {
let status = response.status();
let body = response.text().await.unwrap_or_default();
return Err(format!("GitHub API error {}: {}", status, body));
}
response
.json::<GitHubUser>()
.await
.map_err(|e| format!("Failed to parse user response: {}", e))
}
/// Clones a GitHub repo to a local path using HTTPS + token auth.
pub fn clone_repo(url: &str, token: &str, local_path: &str) -> Result<String, String> {
let dest = Path::new(local_path);
if dest.exists()
&& dest
.read_dir()
.map(|mut d| d.next().is_some())
.unwrap_or(false)
{
return Err(format!(
"Destination '{}' already exists and is not empty",
local_path
));
}
// Inject token into HTTPS URL: https://github.com/... → https://oauth2:TOKEN@github.com/...
let auth_url = inject_token_into_url(url, token)?;
let output = Command::new("git")
.args(["clone", "--progress", &auth_url, local_path])
.output()
.map_err(|e| format!("Failed to run git clone: {}", e))?;
if !output.status.success() {
// Clean up partial clone on failure
if dest.exists() {
let _ = std::fs::remove_dir_all(dest);
}
let stderr = String::from_utf8_lossy(&output.stderr);
return Err(format!("git clone failed: {}", stderr));
}
// Configure the remote to use token auth for future pushes
configure_remote_auth(local_path, url, token)?;
Ok(format!("Cloned to {}", local_path))
}
/// Injects an OAuth token into an HTTPS GitHub URL.
fn inject_token_into_url(url: &str, token: &str) -> Result<String, String> {
if let Some(rest) = url.strip_prefix("https://github.com/") {
Ok(format!("https://oauth2:{}@github.com/{}", token, rest))
} else if let Some(rest) = url.strip_prefix("https://") {
// Handle URLs that already have a host
Ok(format!("https://oauth2:{}@{}", token, rest))
} else {
Err(format!(
"Unsupported URL format: {}. Use an HTTPS URL.",
url
))
}
}
/// Sets up the git remote to use token-based HTTPS auth.
fn configure_remote_auth(local_path: &str, original_url: &str, token: &str) -> Result<(), String> {
let auth_url = inject_token_into_url(original_url, token)?;
let vault = Path::new(local_path);
let output = Command::new("git")
.args(["remote", "set-url", "origin", &auth_url])
.current_dir(vault)
.output()
.map_err(|e| format!("Failed to configure remote: {}", e))?;
if !output.status.success() {
let stderr = String::from_utf8_lossy(&output.stderr);
return Err(format!("Failed to set remote URL: {}", stderr));
}
// Also configure git user if not set
let _ = Command::new("git")
.args(["config", "user.email", "laputa@app.local"])
.current_dir(vault)
.output();
let _ = Command::new("git")
.args(["config", "user.name", "Laputa App"])
.current_dir(vault)
.output();
Ok(())
}
#[cfg(test)]
mod tests {
use super::*;
use std::process::Command as StdCommand;
#[test]
fn test_inject_token_basic_github_url() {
let url = "https://github.com/user/repo.git";
let token = "gho_abc123";
let result = inject_token_into_url(url, token).unwrap();
assert_eq!(result, "https://oauth2:gho_abc123@github.com/user/repo.git");
}
#[test]
fn test_inject_token_generic_https_url() {
let url = "https://gitlab.com/user/repo.git";
let token = "glpat-abc";
let result = inject_token_into_url(url, token).unwrap();
assert_eq!(result, "https://oauth2:glpat-abc@gitlab.com/user/repo.git");
}
#[test]
fn test_inject_token_ssh_url_rejected() {
let url = "git@github.com:user/repo.git";
let result = inject_token_into_url(url, "token");
assert!(result.is_err());
assert!(result.unwrap_err().contains("Unsupported URL format"));
}
#[test]
fn test_inject_token_http_url_rejected() {
let url = "http://github.com/user/repo.git";
let result = inject_token_into_url(url, "token");
assert!(result.is_err());
}
#[test]
fn test_inject_token_github_without_dot_git() {
let url = "https://github.com/user/repo";
let result = inject_token_into_url(url, "tok").unwrap();
assert_eq!(result, "https://oauth2:tok@github.com/user/repo");
}
#[test]
fn test_clone_repo_nonempty_dest() {
let dir = tempfile::TempDir::new().unwrap();
let path = dir.path();
std::fs::write(path.join("existing.txt"), "data").unwrap();
let result = clone_repo(
"https://github.com/test/repo.git",
"token",
path.to_str().unwrap(),
);
assert!(result.is_err());
assert!(result.unwrap_err().contains("not empty"));
}
#[test]
fn test_clone_repo_ssh_url_rejected() {
let dir = tempfile::TempDir::new().unwrap();
let dest = dir.path().join("new-clone");
let result = clone_repo(
"git@github.com:user/repo.git",
"token",
dest.to_str().unwrap(),
);
assert!(result.is_err());
assert!(result.unwrap_err().contains("Unsupported URL format"));
}
#[test]
fn test_clone_repo_empty_dest_allowed() {
// An empty existing directory should not be rejected
let dir = tempfile::TempDir::new().unwrap();
let dest = dir.path().join("empty-dir");
std::fs::create_dir(&dest).unwrap();
// This will fail at the git clone step (invalid URL) but should pass the directory check
let result = clone_repo(
"https://github.com/nonexistent/repo.git",
"token",
dest.to_str().unwrap(),
);
assert!(result.is_err());
// Should fail at git clone, not at directory check
assert!(result.unwrap_err().contains("git clone failed"));
}
#[test]
fn test_configure_remote_auth_on_git_repo() {
let dir = tempfile::TempDir::new().unwrap();
let path = dir.path();
// Initialize a git repo
StdCommand::new("git")
.args(["init"])
.current_dir(path)
.output()
.unwrap();
StdCommand::new("git")
.args([
"remote",
"add",
"origin",
"https://github.com/user/repo.git",
])
.current_dir(path)
.output()
.unwrap();
let result = configure_remote_auth(
path.to_str().unwrap(),
"https://github.com/user/repo.git",
"gho_test123",
);
assert!(result.is_ok());
// Verify the remote URL was updated
let output = StdCommand::new("git")
.args(["remote", "get-url", "origin"])
.current_dir(path)
.output()
.unwrap();
let url = String::from_utf8_lossy(&output.stdout).trim().to_string();
assert_eq!(url, "https://oauth2:gho_test123@github.com/user/repo.git");
}
#[test]
fn test_github_repo_serialization() {
let repo = GithubRepo {
name: "test-repo".to_string(),
full_name: "user/test-repo".to_string(),
description: Some("A test repo".to_string()),
private: true,
clone_url: "https://github.com/user/test-repo.git".to_string(),
html_url: "https://github.com/user/test-repo".to_string(),
updated_at: Some("2026-02-20T10:00:00Z".to_string()),
};
let json = serde_json::to_string(&repo).unwrap();
let parsed: GithubRepo = serde_json::from_str(&json).unwrap();
assert_eq!(parsed.name, "test-repo");
assert_eq!(parsed.full_name, "user/test-repo");
assert!(parsed.private);
assert_eq!(parsed.description, Some("A test repo".to_string()));
}
#[test]
fn test_github_repo_deserialization_null_fields() {
let json = r#"{"name":"r","full_name":"u/r","description":null,"private":false,"clone_url":"https://x","html_url":"https://y","updated_at":null}"#;
let repo: GithubRepo = serde_json::from_str(json).unwrap();
assert_eq!(repo.name, "r");
assert!(repo.description.is_none());
assert!(repo.updated_at.is_none());
assert!(!repo.private);
}
#[test]
fn test_device_flow_start_serialization() {
let start = DeviceFlowStart {
device_code: "dc_123".to_string(),
user_code: "ABCD-1234".to_string(),
verification_uri: "https://github.com/login/device".to_string(),
expires_in: 900,
interval: 5,
};
let json = serde_json::to_string(&start).unwrap();
let parsed: DeviceFlowStart = serde_json::from_str(&json).unwrap();
assert_eq!(parsed.device_code, "dc_123");
assert_eq!(parsed.user_code, "ABCD-1234");
assert_eq!(parsed.verification_uri, "https://github.com/login/device");
assert_eq!(parsed.expires_in, 900);
assert_eq!(parsed.interval, 5);
}
#[test]
fn test_device_flow_poll_result_complete() {
let result = DeviceFlowPollResult {
status: "complete".to_string(),
access_token: Some("gho_abc123".to_string()),
error: None,
};
let json = serde_json::to_string(&result).unwrap();
let parsed: DeviceFlowPollResult = serde_json::from_str(&json).unwrap();
assert_eq!(parsed.status, "complete");
assert_eq!(parsed.access_token, Some("gho_abc123".to_string()));
assert!(parsed.error.is_none());
}
#[test]
fn test_device_flow_poll_result_pending() {
let result = DeviceFlowPollResult {
status: "pending".to_string(),
access_token: None,
error: Some("authorization_pending".to_string()),
};
let json = serde_json::to_string(&result).unwrap();
let parsed: DeviceFlowPollResult = serde_json::from_str(&json).unwrap();
assert_eq!(parsed.status, "pending");
assert!(parsed.access_token.is_none());
assert_eq!(
parsed.error,
Some("authorization_pending".to_string())
);
}
#[test]
fn test_github_user_serialization() {
let user = GitHubUser {
login: "lucaong".to_string(),
name: Some("Luca Ongaro".to_string()),
avatar_url: "https://avatars.githubusercontent.com/u/123".to_string(),
};
let json = serde_json::to_string(&user).unwrap();
let parsed: GitHubUser = serde_json::from_str(&json).unwrap();
assert_eq!(parsed.login, "lucaong");
assert_eq!(parsed.name, Some("Luca Ongaro".to_string()));
}
#[test]
fn test_github_user_deserialization_null_name() {
let json = r#"{"login":"bot","name":null,"avatar_url":"https://x"}"#;
let user: GitHubUser = serde_json::from_str(json).unwrap();
assert_eq!(user.login, "bot");
assert!(user.name.is_none());
}
}