public function didInitializeNewCredential(PhabricatorUser $actor, PassphraseCredential $credential) { $pair = PhabricatorSSHKeyGenerator::generateKeypair(); list($public_key, $private_key) = $pair; $credential->attachSecret(new PhutilOpaqueEnvelope($private_key)); return $credential; }
public function processRequest(AphrontRequest $request) { $user = $this->getUser(); $viewer = $request->getUser(); $keys = id(new PhabricatorAuthSSHKeyQuery())->setViewer($viewer)->withObjectPHIDs(array($user->getPHID()))->execute(); $table = id(new PhabricatorAuthSSHKeyTableView())->setUser($viewer)->setKeys($keys)->setCanEdit(true)->setNoDataString(pht("You haven't added any SSH Public Keys.")); $panel = new PHUIObjectBoxView(); $header = new PHUIHeaderView(); $upload_icon = id(new PHUIIconView())->setIconFont('fa-upload'); $upload_button = id(new PHUIButtonView())->setText(pht('Upload Public Key'))->setHref('/auth/sshkey/upload/?objectPHID=' . $user->getPHID())->setWorkflow(true)->setTag('a')->setIcon($upload_icon); try { PhabricatorSSHKeyGenerator::assertCanGenerateKeypair(); $can_generate = true; } catch (Exception $ex) { $can_generate = false; } $generate_icon = id(new PHUIIconView())->setIconFont('fa-lock'); $generate_button = id(new PHUIButtonView())->setText(pht('Generate Keypair'))->setHref('/auth/sshkey/generate/?objectPHID=' . $user->getPHID())->setTag('a')->setWorkflow(true)->setDisabled(!$can_generate)->setIcon($generate_icon); $header->setHeader(pht('SSH Public Keys')); $header->addActionLink($generate_button); $header->addActionLink($upload_button); $panel->setHeader($header); $panel->setTable($table); return $panel; }
public function handleRequest(AphrontRequest $request) { $viewer = $this->getViewer(); $key = $this->newKeyForObjectPHID($request->getStr('objectPHID')); if (!$key) { return new Aphront404Response(); } $cancel_uri = $key->getObject()->getSSHPublicKeyManagementURI($viewer); $token = id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession($viewer, $request, $cancel_uri); if ($request->isFormPost()) { $default_name = $key->getObject()->getSSHKeyDefaultName(); $keys = PhabricatorSSHKeyGenerator::generateKeypair(); list($public_key, $private_key) = $keys; $file = PhabricatorFile::buildFromFileDataOrHash($private_key, array('name' => $default_name . '.key', 'ttl' => time() + 60 * 10, 'viewPolicy' => $viewer->getPHID())); $public_key = PhabricatorAuthSSHPublicKey::newFromRawKey($public_key); $type = $public_key->getType(); $body = $public_key->getBody(); $key->setName($default_name)->setKeyType($type)->setKeyBody($body)->setKeyComment(pht('Generated'))->save(); // NOTE: We're disabling workflow on submit so the download works. We're // disabling workflow on cancel so the page reloads, showing the new // key. return $this->newDialog()->setTitle(pht('Download Private Key'))->setDisableWorkflowOnCancel(true)->setDisableWorkflowOnSubmit(true)->setSubmitURI($file->getDownloadURI())->appendParagraph(pht('A keypair has been generated, and the public key has been ' . 'added as a recognized key. Use the button below to download ' . 'the private key.'))->appendParagraph(pht('After you download the private key, it will be destroyed. ' . 'You will not be able to retrieve it if you lose your copy.'))->addSubmitButton(pht('Download Private Key'))->addCancelButton($cancel_uri, pht('Done')); } try { PhabricatorSSHKeyGenerator::assertCanGenerateKeypair(); return $this->newDialog()->setTitle(pht('Generate New Keypair'))->addHiddenInput('objectPHID', $key->getObject()->getPHID())->appendParagraph(pht('This workflow will generate a new SSH keypair, add the public ' . 'key, and let you download the private key.'))->appendParagraph(pht('Phabricator will not retain a copy of the private key.'))->addSubmitButton(pht('Generate New Keypair'))->addCancelButton($cancel_uri); } catch (Exception $ex) { return $this->newDialog()->setTitle(pht('Unable to Generate Keys'))->appendParagraph($ex->getMessage())->addCancelButton($cancel_uri); } }
public static function newKeyActionsMenu(PhabricatorUser $viewer, PhabricatorSSHPublicKeyInterface $object) { $can_edit = PhabricatorPolicyFilter::hasCapability($viewer, $object, PhabricatorPolicyCapability::CAN_EDIT); try { PhabricatorSSHKeyGenerator::assertCanGenerateKeypair(); $can_generate = true; } catch (Exception $ex) { $can_generate = false; } $object_phid = $object->getPHID(); $generate_uri = "/auth/sshkey/generate/?objectPHID={$object_phid}"; $upload_uri = "/auth/sshkey/upload/?objectPHID={$object_phid}"; $view_uri = "/auth/sshkey/for/{$object_phid}/"; $action_view = id(new PhabricatorActionListView())->setUser($viewer)->addAction(id(new PhabricatorActionView())->setHref($upload_uri)->setWorkflow(true)->setDisabled(!$can_edit)->setName(pht('Upload Public Key'))->setIcon('fa-upload'))->addAction(id(new PhabricatorActionView())->setHref($generate_uri)->setWorkflow(true)->setDisabled(!$can_edit || !$can_generate)->setName(pht('Generate Keypair'))->setIcon('fa-lock'))->addAction(id(new PhabricatorActionView())->setHref($view_uri)->setName(pht('View History'))->setIcon('fa-list-ul')); return id(new PHUIButtonView())->setTag('a')->setText(pht('SSH Key Actions'))->setHref('#')->setIcon('fa-gear')->setDropdownMenu($action_view); }
private function buildSSHKeysTable(AlmanacDevice $device) { $viewer = $this->getViewer(); $id = $device->getID(); $device_phid = $device->getPHID(); $can_edit = PhabricatorPolicyFilter::hasCapability($viewer, $device, PhabricatorPolicyCapability::CAN_EDIT); $keys = id(new PhabricatorAuthSSHKeyQuery())->setViewer($viewer)->withObjectPHIDs(array($device_phid))->execute(); $table = id(new PhabricatorAuthSSHKeyTableView())->setUser($viewer)->setKeys($keys)->setCanEdit($can_edit)->setShowID(true)->setShowTrusted(true)->setNoDataString(pht('This device has no associated SSH public keys.')); try { PhabricatorSSHKeyGenerator::assertCanGenerateKeypair(); $can_generate = true; } catch (Exception $ex) { $can_generate = false; } $generate_uri = '/auth/sshkey/generate/?objectPHID=' . $device_phid; $upload_uri = '/auth/sshkey/upload/?objectPHID=' . $device_phid; $header = id(new PHUIHeaderView())->setHeader(pht('SSH PUBLIC KEYS'))->addActionLink(id(new PHUIButtonView())->setTag('a')->setHref($generate_uri)->setWorkflow(true)->setDisabled(!$can_edit || !$can_generate)->setText(pht('Generate Keypair'))->setIcon(id(new PHUIIconView())->setIcon('fa-lock')))->addActionLink(id(new PHUIButtonView())->setTag('a')->setHref($upload_uri)->setWorkflow(true)->setDisabled(!$can_edit)->setText(pht('Upload Public Key'))->setIcon(id(new PHUIIconView())->setIcon('fa-upload'))); return id(new PHUIObjectBoxView())->setHeader($header)->setBackground(PHUIObjectBoxView::BLUE_PROPERTY)->setTable($table); }
private function processGenerate(AphrontRequest $request) { $user = $this->getUser(); $viewer = $request->getUser(); $token = id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession($viewer, $request, $this->getPanelURI()); $is_self = $user->getPHID() == $viewer->getPHID(); if ($request->isFormPost()) { $keys = PhabricatorSSHKeyGenerator::generateKeypair(); list($public_key, $private_key) = $keys; $file = PhabricatorFile::buildFromFileDataOrHash($private_key, array('name' => 'id_rsa_phabricator.key', 'ttl' => time() + 60 * 10, 'viewPolicy' => $viewer->getPHID())); list($type, $body, $comment) = self::parsePublicKey($public_key); $key = id(new PhabricatorUserSSHKey())->setUserPHID($user->getPHID())->setName('id_rsa_phabricator')->setKeyType($type)->setKeyBody($body)->setKeyHash(md5($body))->setKeyComment(pht('Generated'))->save(); // NOTE: We're disabling workflow on submit so the download works. We're // disabling workflow on cancel so the page reloads, showing the new // key. if ($is_self) { $what_happened = pht('The public key has been associated with your Phabricator ' . 'account. Use the button below to download the private key.'); } else { $what_happened = pht('The public key has been associated with the %s account. ' . 'Use the button below to download the private key.', phutil_tag('strong', array(), $user->getUsername())); } $dialog = id(new AphrontDialogView())->setTitle(pht('Download Private Key'))->setUser($viewer)->setDisableWorkflowOnCancel(true)->setDisableWorkflowOnSubmit(true)->setSubmitURI($file->getDownloadURI())->appendParagraph(pht('Successfully generated a new keypair.'))->appendParagraph($what_happened)->appendParagraph(pht('After you download the private key, it will be destroyed. ' . 'You will not be able to retrieve it if you lose your copy.'))->addSubmitButton(pht('Download Private Key'))->addCancelButton($this->getPanelURI(), pht('Done')); return id(new AphrontDialogResponse())->setDialog($dialog); } $dialog = id(new AphrontDialogView())->setUser($viewer)->addCancelButton($this->getPanelURI()); try { PhabricatorSSHKeyGenerator::assertCanGenerateKeypair(); if ($is_self) { $explain = pht('This will generate an SSH keypair, associate the public key ' . 'with your account, and let you download the private key.'); } else { $explain = pht('This will generate an SSH keypair, associate the public key with ' . 'the %s account, and let you download the private key.', phutil_tag('strong', array(), $user->getUsername())); } $dialog->addHiddenInput('generate', true)->setTitle(pht('Generate New Keypair'))->appendParagraph($explain)->appendParagraph(pht('Phabricator will not retain a copy of the private key.'))->addSubmitButton(pht('Generate Keypair')); } catch (Exception $ex) { $dialog->setTitle(pht('Unable to Generate Keys'))->appendParagraph($ex->getMessage()); } return id(new AphrontDialogResponse())->setDialog($dialog); }