From 394ce3bea36d5707efe4c4bce0f28c35bcd9cfd9 Mon Sep 17 00:00:00 2001
From: Kelvin Schoofs <schoofs.kelvin@gmail.com>
Date: Sun, 6 May 2018 17:33:00 +0200
Subject: [PATCH] Allow to prompt for password/passphrase

---
 README.md      | 19 +++++++++++++------
 package.json   |  4 ++--
 src/manager.ts | 16 ++++++++++++++++
 3 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index 76d04f6..2bd1ea1 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,7 @@ This extension makes use of the new FileSystemProvider, added in version 1.23.0
 ## Features
 * Use a remote directory (over SSH) as workspace folder
 * Use agents, including Pageant for Windows
+* Get prompted for a password/passphrase (no plain text password in settings)
 * Easily create configurations that mirror a PuTTY session
 * Have multiple SSH workspace folders at once
 
@@ -29,17 +30,21 @@ Add SSH FS configs to "sshfs.configs" in your User Settings:
 
         // Path to ssh-agent's UNIX socket (cygwin ones should work too)
         // or 'pageant' when using Pageant on Windows
-        "agent": "pageant"
+        "agent": "pageant",
         
         // Instead of using an agent, we can also just use a password
-        "password": "CorrectHorseBatteryStaple"
+        "password": "CorrectHorseBatteryStaple",
+        // We can also make the extension prompt us for it instead
+        "password": true,
         
 
         // Or a private key (raw key, OpenSSH format)
         // (can also be a public key for host-based authentication)
         "privateKey": "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnN...",
         // Should the private key be encrypted
-        "passphrase": "CorrectHorseBatteryStaple"
+        "passphrase": "CorrectHorseBatteryStaple",
+        // Same as with the password, we can let it prompt us
+        "passphrase": true
     },
     {
         // If you're on Windows and have PuTTY installed
@@ -100,7 +105,8 @@ This will add a Workspace folder linked to a SSH (SFTP) session:
     * Currently it'll open a new default configuration file for it
 * Better error handling
     * Everything *seems* fine, but I haven't tested (a lot of) error situations
-    * Handles wrong password/key/... properly
+    * ~~Handle wrong password/key/... properly~~ **DONE**
+        * Maybe prompt for a password when one's needed but not configured? (**TODO**)
     * Doesn't report when `root` is set to a non-existant directory
     * Doesn't (always?) report errors related to lacking permissions
 * Offer reconnecting if the User Settings change
@@ -113,9 +119,10 @@ This will add a Workspace folder linked to a SSH (SFTP) session:
     * Variant for the above two for deleted configurations
 * Better authentication methods
     * Currently (basically) everything is directly passed to [ssh2](https://www.npmjs.com/package/ssh2#client-methods)
-    * Add `promptForPasswordOrPassphrase` *(self-explanatory)*
+    * ~~Add `promptForPasswordOrPassphrase` *(self-explanatory)*~~ **DONE**
+        * Both `password` and `passphrase` can be set to `true` to prompt
     * Add `privateKeyPath` *(or auto-detect `privateKey` as a path)*
-    * Prompt the user for a passworf if the server prompts
+    * Prompt the user for a password if the server prompts
         * This would be the `tryKeyboard` option for ssh2's Client.connect
         * Would need to hook into the keyboard request and show a prompt
 * Add an option to open a SSH terminal *(might as well)*
diff --git a/package.json b/package.json
index 68cc24d..a48b5f1 100644
--- a/package.json
+++ b/package.json
@@ -194,7 +194,7 @@
                                 "description": "Username for authentication"
                             },
                             "password": {
-                                "type": "string",
+                                "type": ["string", "boolean"],
                                 "description": "Password for password-based user authentication"
                             },
                             "agent": {
@@ -206,7 +206,7 @@
                                 "description": "String that contains a private key for either key-based or hostbased user authentication (OpenSSH format)"
                             },
                             "passphrase": {
-                                "type": "string",
+                                "type": ["string", "boolean"],
                                 "description": "For an encrypted private key, this is the passphrase used to decrypt it"
                             },
                             "putty": {
diff --git a/src/manager.ts b/src/manager.ts
index dc1bcca..f639839 100644
--- a/src/manager.ts
+++ b/src/manager.ts
@@ -162,6 +162,22 @@ export class Manager implements vscode.FileSystemProvider, vscode.TreeDataProvid
           }
         }
       }
+      if ((config.password as any) === true) {
+        config.passphrase = await vscode.window.showInputBox({
+          password: true,
+          ignoreFocusOut: true,
+          placeHolder: 'Password',
+          prompt: 'Password for the provided username',
+        });
+      }
+      if ((config.passphrase as any) === true) {
+        config.passphrase = await vscode.window.showInputBox({
+          password: true,
+          ignoreFocusOut: true,
+          placeHolder: 'Passphrase',
+          prompt: 'Passphrase for the provided public/private key',
+        });
+      }
       const client = new Client();
       client.on('ready', () => {
         client.sftp((err, sftp) => {