anchordotdev
diff --git a/‎api/api.go‎
Lines changed: 4 additions & 1 deletion b/‎api/api.go‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎api/apitest/apitest.go‎
Lines changed: 2 additions & 1 deletion b/‎api/apitest/apitest.go‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎api/openapi.gen.go‎
Lines changed: 33 additions & 0 deletions b/‎api/openapi.gen.go‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎auth/signin.go‎
Lines changed: 97 additions & 27 deletions b/‎auth/signin.go‎
Lines changed: 97 additions & 27 deletions
diff --git a/‎auth/signin_test.go‎
Lines changed: 10 additions & 44 deletions b/‎auth/signin_test.go‎
Lines changed: 10 additions & 44 deletions
diff --git a/‎auth/whoami.go‎
Lines changed: 0 additions & 4 deletions b/‎auth/whoami.go‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎auth/whoami_test.go‎
Lines changed: 4 additions & 7 deletions b/‎auth/whoami_test.go‎
Lines changed: 4 additions & 7 deletions
diff --git a/‎command.go‎
Lines changed: 7 additions & 0 deletions b/‎command.go‎
Lines changed: 7 additions & 0 deletions
@@ -85,7 +85,10 @@ func (r responseChecker) RoundTrip(req *http.Request) (*http.Response, error) {
 		return nil, fmt.Errorf("request error %s %s: %w", req.Method, req.URL.Path, err)
 	}
 
-	if res.StatusCode == 500 {
+	switch res.StatusCode {
+	case http.StatusForbidden:
+		return nil, ErrSignedOut
+	case http.StatusInternalServerError:
 		return nil, fmt.Errorf("request failed: %w", err)
 	}
 	if contentType := res.Header.Get("Content-Type"); !jsonMediaTypes.Matches(contentType) {
 
@@ -349,7 +349,8 @@ func RunTUI(ctx context.Context, tui cli.TUI) (*bytes.Buffer, error) {
 	}
 	tty.w = io.MultiWriter(ptmx, &tty.buf)
 
-	output := termenv.NewOutput(tty)
+	output := termenv.NewOutput(tty, termenv.WithProfile(termenv.Ascii))
+	termenv.SetDefaultOutput(output)
 	if err := tui.Run(ctx, output.TTY()); err != nil {
 		return nil, err
 	}
 
@@ -1,15 +1,17 @@
 package auth
 
 import (
+	"bytes"
 	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"net/http"
-	"strings"
+	"time"
 
+	"github.com/cli/browser"
+	"github.com/mattn/go-isatty"
 	"github.com/muesli/termenv"
-	"golang.org/x/term"
 
 	"github.com/anchordotdev/cli"
 	"github.com/anchordotdev/cli/api"
@@ -31,61 +33,129 @@ func (s SignIn) TUI() cli.TUI {
 }
 
 func (s *SignIn) run(ctx context.Context, tty termenv.File) error {
-	if len(s.Config.API.Token) == 0 {
-		fmt.Fprintf(tty, "To complete sign in, please:\n  1. Visit https://anchor.dev/settings and add a new Personal Access Token (PAT).\n  2. Copy the key from the new token and paste it below when prompted.\n")
+	output := termenv.DefaultOutput()
+	cp := output.ColorProfile()
 
-		if _, err := fmt.Fprintf(tty, "Personal Access Token (PAT): "); err != nil {
-			return err
-		}
+	anc, err := api.Client(s.Config)
+	if err != nil && err != api.ErrSignedOut {
+		return err
+	}
 
-		line, err := term.ReadPassword(int(tty.Fd()))
-		if err != nil {
-			return err
-		}
-		pat := strings.TrimSpace(string(line))
-		if !strings.HasPrefix(pat, "ap0_") || len(pat) != 64 {
-			return fmt.Errorf("invalid PAT key")
-		}
+	codesRes, err := anc.Post("/auth/cli/codes", "application/json", nil)
+	if err != nil {
+		return err
+	}
+	if codesRes.StatusCode != http.StatusOK {
+		return fmt.Errorf("unexpected response code: %d", codesRes.StatusCode)
+	}
 
-		s.Config.API.Token = pat
+	var codes *api.AuthCliCodesResponse
+	if err = json.NewDecoder(codesRes.Body).Decode(&codes); err != nil {
+		return err
+	}
 
-		if _, err := fmt.Fprintln(tty); err != nil {
+	fmt.Fprintln(tty)
+	if isatty.IsTerminal(tty.Fd()) {
+		fmt.Fprintln(tty,
+			output.String("!").Foreground(cp.Color("#ff6000")),
+			"First copy your user code:",
+			output.String(codes.UserCode).Background(cp.Color("#7000ff")).Bold(),
+		)
+		fmt.Fprintln(tty,
+			"Then",
+			output.String("Press Enter").Bold(),
+			"to open",
+			output.String(codes.VerificationUri).Faint().Underline(),
+			"in your browser...",
+		)
+		fmt.Scanln()
+
+		if err = browser.OpenURL(codes.VerificationUri); err != nil {
 			return err
 		}
+	} else {
+		fmt.Fprintln(tty,
+			output.String("!").Foreground(cp.Color("#ff6000")),
+			"Open",
+			output.String(codes.VerificationUri).Faint().Underline(),
+			"in a browser and enter your user code:",
+			output.String(codes.UserCode).Bold(),
+		)
 	}
 
-	anc, err := api.Client(s.Config)
-	if err != nil && err != api.ErrSignedOut {
+	var looper = func() error {
+		for {
+			body := new(bytes.Buffer)
+			req := api.CreateCliTokenJSONRequestBody{
+				DeviceCode: codes.DeviceCode,
+			}
+			if err = json.NewEncoder(body).Encode(req); err != nil {
+				return err
+			}
+			tokensRes, err := anc.Post("/auth/cli/pat_tokens", "application/json", body)
+			if err != nil {
+				return err
+			}
+
+			switch tokensRes.StatusCode {
+			case http.StatusOK:
+				var patTokens *api.AuthCliPatTokensResponse
+				if err = json.NewDecoder(tokensRes.Body).Decode(&patTokens); err != nil {
+					return err
+				}
+				s.Config.API.Token = patTokens.PatToken
+				return nil
+			case http.StatusBadRequest:
+				var errorsRes *api.Error
+				if err = json.NewDecoder(tokensRes.Body).Decode(&errorsRes); err != nil {
+					return err
+				}
+				switch errorsRes.Type {
+				case "urn:anchordev:api:cli-auth:authorization-pending":
+					time.Sleep(time.Duration(codes.Interval) * time.Second)
+				case "urn:anchordev:api:cli-auth:incorrect-device-code":
+					return fmt.Errorf("Your authorization request was not found, please try again.")
+				default:
+					return fmt.Errorf("unexpected error: %s", errorsRes.Detail)
+				}
+			default:
+				return fmt.Errorf("unexpected response code: %d", tokensRes.StatusCode)
+			}
+		}
+	}
+	if err := looper(); err != nil {
 		return err
 	}
 
-	req, err := http.NewRequest("GET", "", nil)
+	anc, err = api.Client(s.Config)
 	if err != nil {
 		return err
 	}
-	req.SetBasicAuth(s.Config.API.Token, "")
 
-	res, err := anc.Do(req)
+	res, err := anc.Get("")
 	if err != nil {
 		return err
 	}
-	if res.StatusCode == http.StatusForbidden {
-		return ErrSigninFailed
-	}
 	if res.StatusCode != http.StatusOK {
 		return fmt.Errorf("unexpected response code: %d", res.StatusCode)
 	}
 
 	var userInfo *api.Root
 	if err := json.NewDecoder(res.Body).Decode(&userInfo); err != nil {
-		return fmt.Errorf("decoding userInfo failed: %w", err)
+		return err
 	}
 
 	kr := keyring.Keyring{Config: s.Config}
 	if err := kr.Set(keyring.APIToken, s.Config.API.Token); err != nil {
 		return err
 	}
 
-	fmt.Fprintf(tty, "Success, hello %s!\n", userInfo.Whoami)
+	fmt.Fprintln(tty)
+	fmt.Fprintf(tty,
+		"Success, hello %s!",
+		output.String(userInfo.Whoami).Bold(),
+	)
+	fmt.Fprintln(tty)
+
 	return nil
 }
@@ -1,56 +1,22 @@
 package auth
 
 import (
-	"context"
 	"testing"
-
-	"github.com/anchordotdev/cli"
-	"github.com/anchordotdev/cli/api/apitest"
 )
 
 func TestSignIn(t *testing.T) {
-	ctx, cancel := context.WithCancel(context.Background())
-	defer cancel()
-
-	cfg := new(cli.Config)
-	cfg.API.URL = srv.URL
-	cfg.Keyring.MockMode = true
-
-	t.Run("valid-token", func(t *testing.T) {
-		var err error
-		if cfg.API.Token, err = srv.GeneratePAT("example@example.com"); err != nil {
-			t.Fatal(err)
-		}
-
-		cmd := &SignIn{
-			Config: cfg,
-		}
-
-		buf, err := apitest.RunTUI(ctx, cmd.TUI())
-		if err != nil {
-			t.Fatal(err)
-		}
-
-		if want, got := "Success, hello example@example.com!\n", buf.String(); want != got {
-			t.Errorf("want output %q, got %q", want, got)
-		}
+	t.Run("cli-auth-success", func(t *testing.T) {
+		t.Skip("cli auth test not yet implemented")
+		return
 	})
 
-	t.Run("invalid-token", func(t *testing.T) {
-		if !srv.IsProxy() {
-			t.Skip("server doesn't authenticate in mock mode")
-			return
-		}
-
-		cfg.API.Token = "bad-pat-token"
-
-		cmd := &SignIn{
-			Config: cfg,
-		}
+	t.Run("valid-config-token", func(t *testing.T) {
+		t.Skip("cli auth test not yet implemented")
+		return
+	})
 
-		_, err := apitest.RunTUI(ctx, cmd.TUI())
-		if want, got := ErrSigninFailed, err; want != got {
-			t.Fatalf("want signin failure error %q, got %q", want, got)
-		}
+	t.Run("invalid-config-token", func(t *testing.T) {
+		t.Skip("cli auth test not yet implemented")
+		return
 	})
 }
@@ -25,10 +25,6 @@ func (w WhoAmI) TUI() cli.TUI {
 
 func (w *WhoAmI) run(ctx context.Context, tty termenv.File) error {
 	anc, err := api.Client(w.Config)
-	if err == api.ErrSignedOut {
-		fmt.Fprintf(tty, "Sign-in required!\n")
-		return nil
-	}
 	if err != nil {
 		return err
 	}
 
@@ -5,6 +5,7 @@ import (
 	"testing"
 
 	"github.com/anchordotdev/cli"
+	"github.com/anchordotdev/cli/api"
 	"github.com/anchordotdev/cli/api/apitest"
 )
 
@@ -21,13 +22,9 @@ func TestWhoAmI(t *testing.T) {
 			Config: cfg,
 		}
 
-		buf, err := apitest.RunTUI(ctx, cmd.TUI())
-		if err != nil {
-			t.Fatal(err)
-		}
-
-		if want, got := "Sign-in required!\n", buf.String(); want != got {
-			t.Errorf("want output %q, got %q", want, got)
+		_, err := apitest.RunTUI(ctx, cmd.TUI())
+		if want, got := api.ErrSignedOut, err; want != got {
+			t.Fatalf("want signin failure error %q, got %q", want, got)
 		}
 	})
 
 
@@ -30,6 +30,13 @@ type Command struct {
 func (c *Command) Execute(ctx context.Context, cfg *Config) error {
 	defaults.SetDefaults(cfg)
 
+	// enable ANSI processing for Windows, see: https://github.com/muesli/termenv#platform-support
+	restoreConsole, err := termenv.EnableVirtualTerminalProcessing(termenv.DefaultOutput())
+	if err != nil {
+		panic(err)
+	}
+	defer restoreConsole()
+
 	cmd := c.cobraCommand(ctx, reflect.ValueOf(cfg))
 
 	if err := envdecode.Decode(cfg); err != nil && err != envdecode.ErrNoTargetFieldsAreSet {
Original file line number	Diff line number	Diff line change
`@@ -85,7 +85,10 @@ func (r responseChecker) RoundTrip(req http.Request) (http.Response, error) {`
`85`	`85`	`return nil, fmt.Errorf("request error %s %s: %w", req.Method, req.URL.Path, err)`
`86`	`86`	`}`
`87`	`87`
`88`		`- if res.StatusCode == 500 {`
	`88`	`+ switch res.StatusCode {`
	`89`	`+ case http.StatusForbidden:`
	`90`	`+ return nil, ErrSignedOut`
	`91`	`+ case http.StatusInternalServerError:`
`89`	`92`	`return nil, fmt.Errorf("request failed: %w", err)`
`90`	`93`	`}`
`91`	`94`	`if contentType := res.Header.Get("Content-Type"); !jsonMediaTypes.Matches(contentType) {`
Original file line number	Diff line number	Diff line change
`@@ -349,7 +349,8 @@ func RunTUI(ctx context.Context, tui cli.TUI) (*bytes.Buffer, error) {`
`349`	`349`	`}`
`350`	`350`	`tty.w = io.MultiWriter(ptmx, &tty.buf)`
`351`	`351`
`352`		`- output := termenv.NewOutput(tty)`
	`352`	`+ output := termenv.NewOutput(tty, termenv.WithProfile(termenv.Ascii))`
	`353`	`+ termenv.SetDefaultOutput(output)`
`353`	`354`	`if err := tui.Run(ctx, output.TTY()); err != nil {`
`354`	`355`	`return nil, err`
`355`	`356`	`}`