phorge-phorge/src/applications/passphrase/keys/PassphraseAbstractKey.php

<?php

abstract class PassphraseAbstractKey extends Phobject {

  private $credential;

  protected function requireCredential() {
    if (!$this->credential) {
      throw new Exception(pht("Credential is required!"));
    }
    return $this->credential;
  }

  private function loadCredential(
    $phid,
    PhabricatorUser $viewer) {

    $credential = id(new PassphraseCredentialQuery())
      ->setViewer($viewer)
      ->withPHIDs(array($phid))
      ->needSecrets(true)
      ->executeOne();

    if (!$credential) {
      throw new Exception(pht('Failed to load credential "%s"!', $phid));
    }

    return $credential;
  }

  private function validateCredential(
    PassphraseCredential $credential,
    $provides_type) {

    $type = $credential->getCredentialTypeImplementation();

    if (!$type) {
      throw new Exception(
        pht(
          'Credential "%s" is of unknown type "%s"!',
          'K'.$credential->getID(),
          $credential->getCredentialType()));
    }

    if ($type->getProvidesType() !== $provides_type) {
      throw new Exception(
        pht(
          'Credential "%s" must provide "%s", but provides "%s"!',
          'K'.$credential->getID(),
          $provides_type,
          $type->getProvidesType()));
    }
  }

  protected function loadAndValidateFromPHID(
    $phid,
    PhabricatorUser $viewer,
    $type) {

    $credential = $this->loadCredential($phid, $viewer);

    $this->validateCredential($credential, $type);

    $this->credential = $credential;

    return $this;
  }

  public function getUsernameEnvelope() {
    $credential = $this->requireCredential();
    return new PhutilOpaqueEnvelope($credential->getUsername());
  }

}
Add "PassphraseKey" classes for code which needs to actually use credentials Summary: Ref T4122. These classes provide typed, checked access to credentials, so you can say "give me this password, and throw if anything is funky". Test Plan: Used in next revision. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4122 Differential Revision: https://secure.phabricator.com/D7625 2013-11-23 00:23:10 +01:00			`<?php`

			`abstract class PassphraseAbstractKey extends Phobject {`

			`private $credential;`

			`protected function requireCredential() {`
			`if (!$this->credential) {`
			`throw new Exception(pht("Credential is required!"));`
			`}`
			`return $this->credential;`
			`}`

			`private function loadCredential(`
			`$phid,`
			`PhabricatorUser $viewer) {`

			`$credential = id(new PassphraseCredentialQuery())`
			`->setViewer($viewer)`
			`->withPHIDs(array($phid))`
			`->needSecrets(true)`
			`->executeOne();`

			`if (!$credential) {`
			`throw new Exception(pht('Failed to load credential "%s"!', $phid));`
			`}`

			`return $credential;`
			`}`

			`private function validateCredential(`
			`PassphraseCredential $credential,`
			`$provides_type) {`

Migrate repositories to use Passphrase for credential management Summary: Fixes T4122. Ref T2230. Instead of storing credentials on each repository, store them in Passphrase. This allows easy creation/management of many repositories which share credentials. Test Plan: - Upgraded repositories. - Created and edited repositories. - Pulled HTTP and SSH repositories. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T2230, T4122 Differential Revision: https://secure.phabricator.com/D7629 2013-11-23 00:23:33 +01:00			`$type = $credential->getCredentialTypeImplementation();`

			`if (!$type) {`
			`throw new Exception(`
			`pht(`
			`'Credential "%s" is of unknown type "%s"!',`
			`'K'.$credential->getID(),`
			`$credential->getCredentialType()));`
			`}`

			`if ($type->getProvidesType() !== $provides_type) {`
Add "PassphraseKey" classes for code which needs to actually use credentials Summary: Ref T4122. These classes provide typed, checked access to credentials, so you can say "give me this password, and throw if anything is funky". Test Plan: Used in next revision. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4122 Differential Revision: https://secure.phabricator.com/D7625 2013-11-23 00:23:10 +01:00			`throw new Exception(`
			`pht(`
			`'Credential "%s" must provide "%s", but provides "%s"!',`
			`'K'.$credential->getID(),`
			`$provides_type,`
Migrate repositories to use Passphrase for credential management Summary: Fixes T4122. Ref T2230. Instead of storing credentials on each repository, store them in Passphrase. This allows easy creation/management of many repositories which share credentials. Test Plan: - Upgraded repositories. - Created and edited repositories. - Pulled HTTP and SSH repositories. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T2230, T4122 Differential Revision: https://secure.phabricator.com/D7629 2013-11-23 00:23:33 +01:00			`$type->getProvidesType()));`
Add "PassphraseKey" classes for code which needs to actually use credentials Summary: Ref T4122. These classes provide typed, checked access to credentials, so you can say "give me this password, and throw if anything is funky". Test Plan: Used in next revision. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4122 Differential Revision: https://secure.phabricator.com/D7625 2013-11-23 00:23:10 +01:00			`}`
			`}`

			`protected function loadAndValidateFromPHID(`
			`$phid,`
			`PhabricatorUser $viewer,`
			`$type) {`

			`$credential = $this->loadCredential($phid, $viewer);`

			`$this->validateCredential($credential, $type);`

			`$this->credential = $credential;`

			`return $this;`
			`}`

			`public function getUsernameEnvelope() {`
			`$credential = $this->requireCredential();`
			`return new PhutilOpaqueEnvelope($credential->getUsername());`
			`}`

			`}`