Remove password reader and mock AskSecret wherever needed

Author: Marton6

internals/cli/ui/ask.go

@@ -51,7 +51,7 @@ func AskWithDefault(io IO, question, defaultValue string) (string, error) {
 
 // AskSecret prints out the question and reads back the input,
 // without echoing it back. Useful for passwords and other sensitive inputs.
-func AskSecret(io IO, passwordReader PasswordReader, question string) (string, error) {
+func AskSecret(io IO, question string) (string, error) {
 	promptIn, promptOut, err := io.Prompts()
 	if err != nil {
 		return "", err
@@ -62,7 +62,7 @@ func AskSecret(io IO, passwordReader PasswordReader, question string) (string, e
 		return "", err
 	}
 
-	secret, err := passwordReader.read(promptIn)
+	secret, err := readPassword(promptIn)
 	if err != nil {
 		return "", ErrReadInput(err)
 	}
@@ -145,14 +145,14 @@ func ConfirmCaseInsensitive(io IO, question string, expected ...string) (bool, e
 // the answers still haven't matched after trying n times, the error
 // ErrPassphrasesDoNotMatch is returned. For the empty answer ("") no
 // confirmation is asked.
-func AskPassphrase(io IO, passwordReader PasswordReader, question string, repeatPhrase string, n int) (string, error) {
+func AskPassphrase(io IO, question string, repeatPhrase string, n int) (string, error) {
 	_, promptOut, err := io.Prompts()
 	if err != nil {
 		return "", err
 	}
 
 	for i := 0; i < n; i++ {
-		answer, err := AskSecret(io, passwordReader, question)
+		answer, err := AskSecret(io, question)
 		if err != nil {
 			return "", err
 		}
@@ -161,7 +161,7 @@ func AskPassphrase(io IO, passwordReader PasswordReader, question string, repeat
 			return answer, nil
 		}
 
-		confirmed, err := AskSecret(io, passwordReader, repeatPhrase)
+		confirmed, err := AskSecret(io, repeatPhrase)
 		if err != nil {
 			return "", err
 		}

internals/cli/ui/io.go

@@ -75,19 +75,8 @@ func (o UserIO) IsStdoutPiped() bool {
 	return isPiped(o.Output)
 }
 
-type PasswordReader interface {
-	read(reader io.Reader) (string, error)
-}
-
-type passwordReader struct{}
-
-// NewPasswordReader returns a reader that reads a string from the terminal without echoing the user input.
-func NewPasswordReader() PasswordReader {
-	return &passwordReader{}
-}
-
-// Read reads one line of input from the terminal without echoing the user input.
-func (pr *passwordReader) read(r io.Reader) (string, error) {
+// readPassword reads one line of input from the terminal without echoing the user input.
+func readPassword(r io.Reader) (string, error) {
 	file, ok := r.(*os.File)
 	if !ok {
 		return "", ErrCannotAsk

internals/secrethub/account_init.go

@@ -36,7 +36,6 @@ var (
 // AccountInitCommand creates, stores and outputs a credential.
 type AccountInitCommand struct {
 	io              ui.IO
-	passwordReader  ui.PasswordReader
 	useClipboard    bool
 	noWait          bool
 	isContinue      bool
@@ -51,7 +50,6 @@ type AccountInitCommand struct {
 func NewAccountInitCommand(io ui.IO, newClient newClientFunc, credentialStore CredentialConfig) *AccountInitCommand {
 	return &AccountInitCommand{
 		io:              io,
-		passwordReader:  ui.NewPasswordReader(),
 		credentialStore: credentialStore,
 		clipper:         clip.NewClipboard(),
 		progressPrinter: progress.NewPrinter(io.Stdout(), 500*time.Millisecond),
@@ -162,7 +160,7 @@ func (cmd *AccountInitCommand) Run() error {
 		var passphrase string
 		if !cmd.credentialStore.IsPassphraseSet() && !cmd.force {
 			var err error
-			passphrase, err = ui.AskPassphrase(cmd.io, cmd.passwordReader, "Please enter a passphrase to protect your local credential (leave empty for no passphrase): ", "Enter the same passphrase again: ", 3)
+			passphrase, err = ui.AskPassphrase(cmd.io, "Please enter a passphrase to protect your local credential (leave empty for no passphrase): ", "Enter the same passphrase again: ", 3)
 			if err != nil {
 				return err
 			}

internals/secrethub/config_update_passphrase.go

@@ -11,15 +11,13 @@ import (
 
 type ConfigUpdatePassphraseCommand struct {
 	io              ui.IO
-	passwordReader  ui.PasswordReader
 	credentialStore CredentialConfig
 }
 
 // NewConfigUpdatePassphraseCommand creates a new ConfigUpdatePassphraseCommand.
 func NewConfigUpdatePassphraseCommand(io ui.IO, credentialStore CredentialConfig) *ConfigUpdatePassphraseCommand {
 	return &ConfigUpdatePassphraseCommand{
 		io:              io,
-		passwordReader:  ui.NewPasswordReader(),
 		credentialStore: credentialStore,
 	}
 }
@@ -60,7 +58,7 @@ func (cmd *ConfigUpdatePassphraseCommand) Run() error {
 		return err
 	}
 
-	passphrase, err := ui.AskPassphrase(cmd.io, cmd.passwordReader, "Please enter a passphrase to (re)encrypt your local credential (leave empty for no passphrase): ", "Enter the same passphrase again: ", 3)
+	passphrase, err := ui.AskPassphrase(cmd.io, "Please enter a passphrase to (re)encrypt your local credential (leave empty for no passphrase): ", "Enter the same passphrase again: ", 3)
 	if err != nil {
 		return err
 	}

internals/secrethub/init.go

@@ -19,7 +19,6 @@ type InitCommand struct {
 	backupCode                  string
 	force                       bool
 	io                          ui.IO
-	passwordReader              ui.PasswordReader
 	newClient                   newClientFunc
 	newClientWithoutCredentials func(credentials.Provider) (secrethub.ClientInterface, error)
 	credentialStore             CredentialConfig
@@ -30,7 +29,6 @@ type InitCommand struct {
 func NewInitCommand(io ui.IO, newClient newClientFunc, newClientWithoutCredentials func(credentials.Provider) (secrethub.ClientInterface, error), credentialStore CredentialConfig) *InitCommand {
 	return &InitCommand{
 		io:                          io,
-		passwordReader:              ui.NewPasswordReader(),
 		newClient:                   newClient,
 		newClientWithoutCredentials: newClientWithoutCredentials,
 		credentialStore:             credentialStore,
@@ -169,7 +167,7 @@ func (cmd *InitCommand) Run() error {
 		var passphrase string
 		if !cmd.credentialStore.IsPassphraseSet() && !cmd.force {
 			var err error
-			passphrase, err = ui.AskPassphrase(cmd.io, cmd.passwordReader, "Please enter a passphrase to protect your local credential (leave empty for no passphrase): ", "Enter the same passphrase again: ", 3)
+			passphrase, err = ui.AskPassphrase(cmd.io, "Please enter a passphrase to protect your local credential (leave empty for no passphrase): ", "Enter the same passphrase again: ", 3)
 			if err != nil {
 				return err
 			}

internals/secrethub/keyring.go

@@ -44,12 +44,11 @@ type PassphraseReader interface {
 
 // passphraseReader provides passphrase reading capability to the CLI.
 type passphraseReader struct {
-	tries          int
-	hasAsked       bool
-	io             ui.IO
-	passwordReader ui.PasswordReader
-	FlagValue      string
-	Cache          *PassphraseCache
+	tries     int
+	hasAsked  bool
+	io        ui.IO
+	FlagValue string
+	Cache     *PassphraseCache
 }
 
 func (pr *passphraseReader) Read() ([]byte, error) {
@@ -74,10 +73,9 @@ func NewPassphraseReader(io ui.IO, credentialPassphrase string, credentialPassph
 	keyring := NewKeyring()
 
 	return &passphraseReader{
-		io:             io,
-		passwordReader: ui.NewPasswordReader(),
-		FlagValue:      credentialPassphrase,
-		Cache:          NewPassphraseCache(ttl, cleaner, keyring),
+		io:        io,
+		FlagValue: credentialPassphrase,
+		Cache:     NewPassphraseCache(ttl, cleaner, keyring),
 	}
 }
 
@@ -106,9 +104,9 @@ func (pr *passphraseReader) get() (string, error) {
 	var err error
 	var passphrase string
 	if pr.hasAsked {
-		passphrase, err = ui.AskSecret(pr.io, pr.passwordReader, "Incorrect passphrase, try again:")
+		passphrase, err = ui.AskSecret(pr.io, "Incorrect passphrase, try again:")
 	} else {
-		passphrase, err = ui.AskSecret(pr.io, pr.passwordReader, "Please put in the passphrase to unlock your credential:")
+		passphrase, err = ui.AskSecret(pr.io, "Please put in the passphrase to unlock your credential:")
 	}
 	if err == ui.ErrCannotAsk {
 		return "", ErrPassphraseFlagNotSet // if we cannot ask, users should use the --passphrase flag

internals/secrethub/service_deploy_winrm.go

@@ -38,23 +38,21 @@ var (
 
 // ServiceDeployWinRmCommand creates a service and installs the configuration using WinRM.
 type ServiceDeployWinRmCommand struct {
-	resourceURI    *url.URL
-	authType       string
-	username       string
-	password       string
-	clientCert     string
-	clientKey      string
-	caCert         string
-	noVerify       bool
-	io             ui.IO
-	passwordReader ui.PasswordReader
+	resourceURI *url.URL
+	authType    string
+	username    string
+	password    string
+	clientCert  string
+	clientKey   string
+	caCert      string
+	noVerify    bool
+	io          ui.IO
 }
 
 // NewServiceDeployWinRmCommand creates a new ServiceDeployWinRmCommand.
 func NewServiceDeployWinRmCommand(io ui.IO) *ServiceDeployWinRmCommand {
 	return &ServiceDeployWinRmCommand{
-		io:             io,
-		passwordReader: ui.NewPasswordReader(),
+		io: io,
 	}
 }
 
@@ -133,7 +131,7 @@ func (cmd *ServiceDeployWinRmCommand) Run() error {
 		}
 
 		if cmd.password == "" {
-			cmd.password, err = ui.AskSecret(cmd.io, cmd.passwordReader, fmt.Sprintf("What is the password for user %s?\n", cmd.username))
+			cmd.password, err = ui.AskSecret(cmd.io, fmt.Sprintf("What is the password for user %s?\n", cmd.username))
 			if err != nil {
 				return err
 			}

internals/secrethub/signup.go

@@ -27,7 +27,6 @@ type SignUpCommand struct {
 	orgDescription  string
 	force           bool
 	io              ui.IO
-	passwordReader  ui.PasswordReader
 	newClient       newClientFunc
 	credentialStore CredentialConfig
 	progressPrinter progress.Printer
@@ -37,7 +36,6 @@ type SignUpCommand struct {
 func NewSignUpCommand(io ui.IO, newClient newClientFunc, credentialStore CredentialConfig) *SignUpCommand {
 	return &SignUpCommand{
 		io:              io,
-		passwordReader:  ui.NewPasswordReader(),
 		newClient:       newClient,
 		credentialStore: credentialStore,
 		progressPrinter: progress.NewPrinter(io.Stdout(), 500*time.Millisecond),
@@ -132,7 +130,7 @@ func (cmd *SignUpCommand) Run() error {
 	var passphrase string
 	if !cmd.credentialStore.IsPassphraseSet() && !cmd.force {
 		var err error
-		passphrase, err = ui.AskPassphrase(cmd.io, cmd.passwordReader, "Please enter a passphrase to protect your local credential (leave empty for no passphrase): ", "Enter the same passphrase again: ", 3)
+		passphrase, err = ui.AskPassphrase(cmd.io, "Please enter a passphrase to protect your local credential (leave empty for no passphrase): ", "Enter the same passphrase again: ", 3)
 		if err != nil {
 			return err
 		}

internals/secrethub/write.go

@@ -21,24 +21,24 @@ var (
 
 // WriteCommand is a command to write content to a secret.
 type WriteCommand struct {
-	io             ui.IO
-	passwordReader ui.PasswordReader
-	path           api.SecretPath
-	inFile         string
-	multiline      bool
-	useClipboard   bool
-	noTrim         bool
-	clipper        clip.Clipper
-	newClient      newClientFunc
+	io           ui.IO
+	askSecret    func(io ui.IO, question string) (string, error)
+	path         api.SecretPath
+	inFile       string
+	multiline    bool
+	useClipboard bool
+	noTrim       bool
+	clipper      clip.Clipper
+	newClient    newClientFunc
 }
 
 // NewWriteCommand creates a new WriteCommand.
 func NewWriteCommand(io ui.IO, newClient newClientFunc) *WriteCommand {
 	return &WriteCommand{
-		clipper:        clip.NewClipboard(),
-		io:             io,
-		passwordReader: ui.NewPasswordReader(),
-		newClient:      newClient,
+		clipper:   clip.NewClipboard(),
+		io:        io,
+		askSecret: ui.AskSecret,
+		newClient: newClient,
 	}
 }
 
@@ -96,7 +96,7 @@ func (cmd *WriteCommand) Run() error {
 			return err
 		}
 	} else {
-		str, err := ui.AskSecret(cmd.io, cmd.passwordReader, "Please type in the value of the secret, followed by an [ENTER]:")
+		str, err := cmd.askSecret(cmd.io, "Please type in the value of the secret, followed by an [ENTER]:")
 		if err != nil {
 			return err
 		}

internals/secrethub/write_test.go

@@ -1,6 +1,7 @@
 package secrethub
 
 import (
+	"bufio"
 	"bytes"
 	"testing"
 
@@ -18,6 +19,19 @@ import (
 func TestWriteCommand_Run(t *testing.T) {
 	testErr := errio.Namespace("test").Code("test").Error("test error")
 
+	fakeAskSecretFunc := func(io ui.IO, question string) (s string, err error) {
+		reader, writer, err := io.Prompts()
+		if err != nil {
+			return "", err
+		}
+		_, err = writer.Write([]byte(question + "\n"))
+		if err != nil {
+			return "", err
+		}
+		line, _, err := bufio.NewReader(reader).ReadLine()
+		return string(line), err
+	}
+
 	cases := map[string]struct {
 		cmd       WriteCommand
 		writeFunc func(path string, data []byte) (*api.SecretVersion, error)
@@ -121,8 +135,8 @@ func TestWriteCommand_Run(t *testing.T) {
 		},
 		"ask secret success": {
 			cmd: WriteCommand{
-				path:           "namespace/repo/secret",
-				passwordReader: ui.FakePasswordReader{},
+				path:      "namespace/repo/secret",
+				askSecret: fakeAskSecretFunc,
 			},
 			promptIn:  "asked secret value",
 			promptOut: "Please type in the value of the secret, followed by an [ENTER]:\n",
@@ -138,8 +152,8 @@ func TestWriteCommand_Run(t *testing.T) {
 		},
 		"ask secret error": {
 			cmd: WriteCommand{
-				path:           "namespace/repo/secret",
-				passwordReader: ui.FakePasswordReader{},
+				path:      "namespace/repo/secret",
+				askSecret: fakeAskSecretFunc,
 			},
 			promptErr: testErr,
 			err:       testErr,