[server] add ScmService to be used by ScmServiceAPI (and WS API)

Author: AlexTugarev

components/gitpod-protocol/src/protocol.ts

@@ -891,13 +891,6 @@ export interface GuessGitTokenScopesParams {
     host: string;
     repoUrl: string;
     gitCommand: string;
-    currentToken: GitToken;
-}
-
-export interface GitToken {
-    token: string;
-    user: string;
-    scopes: string[];
 }
 
 export interface GuessedGitTokenScopes {

components/gitpod-protocol/src/public-api-converter.ts

@@ -43,6 +43,7 @@ import {
     EnvironmentVariableAdmission,
     UserEnvironmentVariable,
 } from "@gitpod/public-api/lib/gitpod/v1/envvar_pb";
+import { SCMToken, SuggestedRepository } from "@gitpod/public-api/lib/gitpod/v1/scm_pb";
 import { ContextURL } from "./context-url";
 import { ApplicationError, ErrorCode, ErrorCodes } from "./messaging/error";
 import {
@@ -57,6 +58,8 @@ import {
     WorkspaceInfo,
     UserEnvVarValue,
     ProjectEnvVar,
+    Token,
+    SuggestedRepository as SuggestedRepositoryProtocol,
 } from "./protocol";
 import {
     OrgMemberInfo,
@@ -542,4 +545,25 @@ export class PublicAPIConverter {
                 return ""; // not allowed
         }
     }
+
+    toSCMToken(t: Token): SCMToken {
+        return new SCMToken({
+            username: t.username,
+            value: t.value,
+            refreshToken: t.refreshToken,
+            expiryDate: t.expiryDate ? Timestamp.fromDate(new Date(t.expiryDate)) : undefined,
+            updateDate: t.updateDate ? Timestamp.fromDate(new Date(t.updateDate)) : undefined,
+            scopes: t.scopes,
+            idToken: t.idToken,
+        });
+    }
+
+    toSuggestedRepository(r: SuggestedRepositoryProtocol): SuggestedRepository {
+        return new SuggestedRepository({
+            url: r.url,
+            repoName: r.repositoryName,
+            configurationId: r.projectId,
+            configurationName: r.projectName,
+        });
+    }
 }

components/server/src/api/scm-service-api.ts

@@ -0,0 +1,93 @@
+/**
+ * Copyright (c) 2023 Gitpod GmbH. All rights reserved.
+ * Licensed under the GNU Affero General Public License (AGPL).
+ * See License.AGPL.txt in the project root for license information.
+ */
+
+import { HandlerContext, ServiceImpl } from "@connectrpc/connect";
+import { SCMService as ScmServiceInterface } from "@gitpod/public-api/lib/gitpod/v1/scm_connect";
+import { inject, injectable } from "inversify";
+import { PublicAPIConverter } from "@gitpod/gitpod-protocol/lib/public-api-converter";
+import { ScmService } from "../scm/scm-service";
+import {
+    GetSCMTokenRequest,
+    GetSCMTokenResponse,
+    GuessTokenScopesRequest,
+    GuessTokenScopesResponse,
+    SearchRepositoriesRequest,
+    SearchRepositoriesResponse,
+    ListSuggestedRepositoriesRequest,
+    ListSuggestedRepositoriesResponse,
+} from "@gitpod/public-api/lib/gitpod/v1/scm_pb";
+import { ctxUserId } from "../util/request-context";
+import { ApplicationError, ErrorCodes } from "@gitpod/gitpod-protocol/lib/messaging/error";
+import { validate as uuidValidate } from "uuid";
+import { ProjectsService } from "../projects/projects-service";
+import { WorkspaceService } from "../workspace/workspace-service";
+import { PaginationResponse } from "@gitpod/public-api/lib/gitpod/v1/pagination_pb";
+
+@injectable()
+export class ScmServiceAPI implements ServiceImpl<typeof ScmServiceInterface> {
+    constructor(
+        @inject(PublicAPIConverter) private readonly apiConverter: PublicAPIConverter,
+        @inject(ScmService) private readonly scmService: ScmService,
+        @inject(ProjectsService) private readonly projectService: ProjectsService,
+        @inject(WorkspaceService) private readonly workspaceService: WorkspaceService,
+    ) {}
+
+    async getSCMToken(request: GetSCMTokenRequest, _: HandlerContext): Promise<GetSCMTokenResponse> {
+        const userId = ctxUserId();
+        try {
+            const token = await this.scmService.getToken(userId, request);
+            return new GetSCMTokenResponse({ token: this.apiConverter.toSCMToken(token) });
+        } catch (error) {
+            throw new ApplicationError(ErrorCodes.NOT_FOUND, "Token not found.");
+        }
+    }
+
+    async guessTokenScopes(request: GuessTokenScopesRequest, _: HandlerContext): Promise<GuessTokenScopesResponse> {
+        const userId = ctxUserId();
+        const { scopes, message } = await this.scmService.guessTokenScopes(userId, request);
+        return new GuessTokenScopesResponse({
+            scopes,
+            message,
+        });
+    }
+
+    async searchRepositories(
+        request: SearchRepositoriesRequest,
+        _: HandlerContext,
+    ): Promise<SearchRepositoriesResponse> {
+        const userId = ctxUserId();
+        const repos = await this.scmService.searchRepositories(userId, {
+            searchString: request.searchString,
+            limit: request.limit,
+        });
+        return new SearchRepositoriesResponse({
+            repositories: repos.map((r) => this.apiConverter.toSuggestedRepository(r)),
+        });
+    }
+
+    async listSuggestedRepositories(
+        request: ListSuggestedRepositoriesRequest,
+        _: HandlerContext,
+    ): Promise<ListSuggestedRepositoriesResponse> {
+        const userId = ctxUserId();
+        const { organizationId } = request;
+
+        if (!uuidValidate(organizationId)) {
+            throw new ApplicationError(ErrorCodes.BAD_REQUEST, "organizationId must be a valid UUID");
+        }
+
+        const projectsPromise = this.projectService.getProjects(userId, organizationId);
+        const workspacesPromise = this.workspaceService.getWorkspaces(userId, { organizationId });
+        const repos = await this.scmService.listSuggestedRepositories(userId, { projectsPromise, workspacesPromise });
+        return new ListSuggestedRepositoriesResponse({
+            repositories: repos.map((r) => this.apiConverter.toSuggestedRepository(r)),
+            pagination: new PaginationResponse({
+                nextToken: "",
+                total: repos.length,
+            }),
+        });
+    }
+}

components/server/src/api/server.ts

@@ -51,6 +51,8 @@ import { EnvironmentVariableServiceAPI } from "./envvar-service-api";
 import { Unauthenticated } from "./unauthenticated";
 import { SubjectId } from "../auth/subject-id";
 import { BearerAuth } from "../auth/bearer-authenticator";
+import { ScmServiceAPI } from "./scm-service-api";
+import { SCMService } from "@gitpod/public-api/lib/gitpod/v1/scm_connect";
 
 decorate(injectable(), PublicAPIConverter);
 
@@ -67,6 +69,7 @@ export class API {
     @inject(ConfigurationServiceAPI) private readonly configurationServiceApi: ConfigurationServiceAPI;
     @inject(AuthProviderServiceAPI) private readonly authProviderServiceApi: AuthProviderServiceAPI;
     @inject(EnvironmentVariableServiceAPI) private readonly envvarServiceApi: EnvironmentVariableServiceAPI;
+    @inject(ScmServiceAPI) private readonly scmServiceAPI: ScmServiceAPI;
     @inject(StatsServiceAPI) private readonly tatsServiceApi: StatsServiceAPI;
     @inject(HelloServiceAPI) private readonly helloServiceApi: HelloServiceAPI;
     @inject(SessionHandler) private readonly sessionHandler: SessionHandler;
@@ -121,6 +124,7 @@ export class API {
                         service(ConfigurationService, this.configurationServiceApi),
                         service(AuthProviderService, this.authProviderServiceApi),
                         service(EnvironmentVariableService, this.envvarServiceApi),
+                        service(SCMService, this.scmServiceAPI),
                     ]) {
                         router.service(type, new Proxy(impl, this.interceptService(type)));
                     }
@@ -372,6 +376,7 @@ export class API {
         bind(ConfigurationServiceAPI).toSelf().inSingletonScope();
         bind(AuthProviderServiceAPI).toSelf().inSingletonScope();
         bind(EnvironmentVariableServiceAPI).toSelf().inSingletonScope();
+        bind(ScmServiceAPI).toSelf().inSingletonScope();
         bind(StatsServiceAPI).toSelf().inSingletonScope();
         bind(API).toSelf().inSingletonScope();
     }

components/server/src/api/teams.spec.db.ts

@@ -29,6 +29,7 @@ import { ProjectsService } from "../projects/projects-service";
 import { AuthProviderService } from "../auth/auth-provider-service";
 import { BearerAuth } from "../auth/bearer-authenticator";
 import { EnvVarService } from "../user/env-var-service";
+import { ScmService } from "../scm/scm-service";
 
 const expect = chai.expect;
 
@@ -55,6 +56,7 @@ export class APITeamsServiceSpec {
         this.container.bind(ProjectsService).toConstantValue({} as ProjectsService);
         this.container.bind(AuthProviderService).toConstantValue({} as AuthProviderService);
         this.container.bind(EnvVarService).toConstantValue({} as EnvVarService);
+        this.container.bind(ScmService).toConstantValue({} as ScmService);
 
         // Clean-up database
         const typeorm = testContainer.get<TypeORM>(TypeORM);

components/server/src/auth/auth-provider-service.ts

@@ -86,44 +86,52 @@ export class AuthProviderService {
         return result.map(toPublic);
     }
 
+    async findAuthProviderDescription(user: User, host: string): Promise<AuthProviderInfo | undefined> {
+        const provider =
+            this.config.authProviderConfigs.find((p) => p.host.toLowerCase() === host?.toLowerCase()) ||
+            (await this.getAllAuthProviderParams()).find((p) => p.host.toLowerCase() === host?.toLowerCase());
+        return provider ? this.toInfo(provider) : undefined;
+    }
+
+    // explicitly copy to avoid bleeding sensitive details
+    private toInfo(ap: AuthProviderParams): AuthProviderInfo {
+        return {
+            authProviderId: ap.id,
+            authProviderType: ap.type,
+            ownerId: ap.ownerId,
+            organizationId: ap.organizationId,
+            verified: ap.verified,
+            host: ap.host,
+            icon: ap.icon,
+            hiddenOnDashboard: ap.hiddenOnDashboard,
+            disallowLogin: ap.disallowLogin,
+            description: ap.description,
+            scopes: getScopesOfProvider(ap),
+            requirements: getRequiredScopes(ap),
+        };
+    }
+
     async getAuthProviderDescriptions(user: User): Promise<AuthProviderInfo[]> {
         const { builtinAuthProvidersConfigured } = this.config;
 
         const authProviders = [...(await this.getAllAuthProviderParams()), ...this.config.authProviderConfigs];
 
-        // explicitly copy to avoid bleeding sensitive details
-        const toInfo = (ap: AuthProviderParams) =>
-            <AuthProviderInfo>{
-                authProviderId: ap.id,
-                authProviderType: ap.type,
-                ownerId: ap.ownerId,
-                organizationId: ap.organizationId,
-                verified: ap.verified,
-                host: ap.host,
-                icon: ap.icon,
-                hiddenOnDashboard: ap.hiddenOnDashboard,
-                disallowLogin: ap.disallowLogin,
-                description: ap.description,
-                scopes: getScopesOfProvider(ap),
-                requirements: getRequiredScopes(ap),
-            };
-
         const result: AuthProviderInfo[] = [];
         for (const p of authProviders) {
             const identity = user.identities.find((i) => i.authProviderId === p.id);
             if (identity) {
-                result.push(toInfo(p));
+                result.push(this.toInfo(p));
                 continue;
             }
             if (p.ownerId === user.id) {
-                result.push(toInfo(p));
+                result.push(this.toInfo(p));
                 continue;
             }
             if (builtinAuthProvidersConfigured && !this.isBuiltIn(p)) {
                 continue;
             }
             if (this.isNotHidden(p) && this.isVerified(p)) {
-                result.push(toInfo(p));
+                result.push(this.toInfo(p));
             }
         }
         return result;

components/server/src/container-module.ts

@@ -86,7 +86,6 @@ import { IncrementalWorkspaceService } from "./prebuilds/incremental-workspace-s
 import { PrebuildManager } from "./prebuilds/prebuild-manager";
 import { PrebuildStatusMaintainer } from "./prebuilds/prebuilt-status-maintainer";
 import { ProjectsService } from "./projects/projects-service";
-import { ScmService } from "./projects/scm-service";
 import { RedisMutex } from "./redis/mutex";
 import { Server } from "./server";
 import { SessionHandler } from "./session-handler";
@@ -128,6 +127,7 @@ import { WorkspaceStartController } from "./workspace/workspace-start-controller
 import { WorkspaceStarter } from "./workspace/workspace-starter";
 import { DefaultWorkspaceImageValidator } from "./orgs/default-workspace-image-validator";
 import { ContextAwareAnalyticsWriter } from "./analytics";
+import { ScmService } from "./scm/scm-service";
 
 export const productionContainerModule = new ContainerModule(
     (bind, unbind, isBound, rebind, unbindAsync, onActivation, onDeactivation) => {

components/server/src/projects/projects-service.ts

@@ -28,8 +28,8 @@ import { ErrorCodes, ApplicationError } from "@gitpod/gitpod-protocol/lib/messag
 import { URL } from "url";
 import { Authorizer, SYSTEM_USER } from "../authorization/authorizer";
 import { TransactionalContext } from "@gitpod/gitpod-db/lib/typeorm/transactional-db-impl";
-import { ScmService } from "./scm-service";
 import { daysBefore, isDateSmaller } from "@gitpod/gitpod-protocol/lib/util/timeutil";
+import { ScmService } from "../scm/scm-service";
 
 const MAX_PROJECT_NAME_LENGTH = 100;