public function didInitializeNewCredential(PhabricatorUser $actor, PassphraseCredential $credential)
{
$pair = PhabricatorSSHKeyGenerator::generateKeypair();
list($public_key, $private_key) = $pair;
$credential->attachSecret(new PhutilOpaqueEnvelope($private_key));
return $credential;
}
public function handleRequest(AphrontRequest $request)
{
$viewer = $this->getViewer();
$key = $this->newKeyForObjectPHID($request->getStr('objectPHID'));
if (!$key) {
return new Aphront404Response();
}
$cancel_uri = $key->getObject()->getSSHPublicKeyManagementURI($viewer);
$token = id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession($viewer, $request, $cancel_uri);
if ($request->isFormPost()) {
$default_name = $key->getObject()->getSSHKeyDefaultName();
$keys = PhabricatorSSHKeyGenerator::generateKeypair();
list($public_key, $private_key) = $keys;
$file = PhabricatorFile::buildFromFileDataOrHash($private_key, array('name' => $default_name . '.key', 'ttl' => time() + 60 * 10, 'viewPolicy' => $viewer->getPHID()));
$public_key = PhabricatorAuthSSHPublicKey::newFromRawKey($public_key);
$type = $public_key->getType();
$body = $public_key->getBody();
$key->setName($default_name)->setKeyType($type)->setKeyBody($body)->setKeyComment(pht('Generated'))->save();
// NOTE: We're disabling workflow on submit so the download works. We're
// disabling workflow on cancel so the page reloads, showing the new
// key.
return $this->newDialog()->setTitle(pht('Download Private Key'))->setDisableWorkflowOnCancel(true)->setDisableWorkflowOnSubmit(true)->setSubmitURI($file->getDownloadURI())->appendParagraph(pht('A keypair has been generated, and the public key has been ' . 'added as a recognized key. Use the button below to download ' . 'the private key.'))->appendParagraph(pht('After you download the private key, it will be destroyed. ' . 'You will not be able to retrieve it if you lose your copy.'))->addSubmitButton(pht('Download Private Key'))->addCancelButton($cancel_uri, pht('Done'));
}
try {
PhabricatorSSHKeyGenerator::assertCanGenerateKeypair();
return $this->newDialog()->setTitle(pht('Generate New Keypair'))->addHiddenInput('objectPHID', $key->getObject()->getPHID())->appendParagraph(pht('This workflow will generate a new SSH keypair, add the public ' . 'key, and let you download the private key.'))->appendParagraph(pht('Phabricator will not retain a copy of the private key.'))->addSubmitButton(pht('Generate New Keypair'))->addCancelButton($cancel_uri);
} catch (Exception $ex) {
return $this->newDialog()->setTitle(pht('Unable to Generate Keys'))->appendParagraph($ex->getMessage())->addCancelButton($cancel_uri);
}
}
private function processGenerate(AphrontRequest $request)
{
$user = $this->getUser();
$viewer = $request->getUser();
$token = id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession($viewer, $request, $this->getPanelURI());
$is_self = $user->getPHID() == $viewer->getPHID();
if ($request->isFormPost()) {
$keys = PhabricatorSSHKeyGenerator::generateKeypair();
list($public_key, $private_key) = $keys;
$file = PhabricatorFile::buildFromFileDataOrHash($private_key, array('name' => 'id_rsa_phabricator.key', 'ttl' => time() + 60 * 10, 'viewPolicy' => $viewer->getPHID()));
list($type, $body, $comment) = self::parsePublicKey($public_key);
$key = id(new PhabricatorUserSSHKey())->setUserPHID($user->getPHID())->setName('id_rsa_phabricator')->setKeyType($type)->setKeyBody($body)->setKeyHash(md5($body))->setKeyComment(pht('Generated'))->save();
// NOTE: We're disabling workflow on submit so the download works. We're
// disabling workflow on cancel so the page reloads, showing the new
// key.
if ($is_self) {
$what_happened = pht('The public key has been associated with your Phabricator ' . 'account. Use the button below to download the private key.');
} else {
$what_happened = pht('The public key has been associated with the %s account. ' . 'Use the button below to download the private key.', phutil_tag('strong', array(), $user->getUsername()));
}
$dialog = id(new AphrontDialogView())->setTitle(pht('Download Private Key'))->setUser($viewer)->setDisableWorkflowOnCancel(true)->setDisableWorkflowOnSubmit(true)->setSubmitURI($file->getDownloadURI())->appendParagraph(pht('Successfully generated a new keypair.'))->appendParagraph($what_happened)->appendParagraph(pht('After you download the private key, it will be destroyed. ' . 'You will not be able to retrieve it if you lose your copy.'))->addSubmitButton(pht('Download Private Key'))->addCancelButton($this->getPanelURI(), pht('Done'));
return id(new AphrontDialogResponse())->setDialog($dialog);
}
$dialog = id(new AphrontDialogView())->setUser($viewer)->addCancelButton($this->getPanelURI());
try {
PhabricatorSSHKeyGenerator::assertCanGenerateKeypair();
if ($is_self) {
$explain = pht('This will generate an SSH keypair, associate the public key ' . 'with your account, and let you download the private key.');
} else {
$explain = pht('This will generate an SSH keypair, associate the public key with ' . 'the %s account, and let you download the private key.', phutil_tag('strong', array(), $user->getUsername()));
}
$dialog->addHiddenInput('generate', true)->setTitle(pht('Generate New Keypair'))->appendParagraph($explain)->appendParagraph(pht('Phabricator will not retain a copy of the private key.'))->addSubmitButton(pht('Generate Keypair'));
} catch (Exception $ex) {
$dialog->setTitle(pht('Unable to Generate Keys'))->appendParagraph($ex->getMessage());
}
return id(new AphrontDialogResponse())->setDialog($dialog);
}
