Revert "Login requires a http/https login URL and revmoe SSH as a login method. SSH will be optional (#826)" (#891)

This reverts commit 90f8624ae7.

Fixes: #890

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/tea/pulls/891
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Michal Suchanek <msuchanek@suse.de>
Co-committed-by: Michal Suchanek <msuchanek@suse.de>

modules/context/context.go

@@ -105,7 +105,7 @@ func InitCommand(cmd *cli.Command) *TeaContext {
 	// override config user with env variable
 	envLogin := GetLoginByEnvVar()
 	if envLogin != nil {
-		_, err := utils.ValidateAuthenticationMethod(envLogin.URL, envLogin.Token, "", "")
+		_, err := utils.ValidateAuthenticationMethod(envLogin.URL, envLogin.Token, "", "", false, "", "")
 		if err != nil {
 			log.Fatal(err.Error())
 		}

modules/interact/login.go

@@ -86,7 +86,7 @@ func CreateLogin() error {
 
 	printTitleAndContent("Name of new Login: ", name)
 
-	loginMethod, err := promptSelectV2("Login with: ", []string{"token", "oauth"})
+	loginMethod, err := promptSelectV2("Login with: ", []string{"token", "ssh-key/certificate", "oauth"})
 	if err != nil {
 		return err
 	}
@@ -104,7 +104,7 @@ func CreateLogin() error {
 		printTitleAndContent("Allow Insecure connections:", strconv.FormatBool(insecure))
 
 		return auth.OAuthLoginWithOptions(name, giteaURL, insecure)
-	case "token":
+	default: // token
 		var hasToken bool
 		if err := huh.NewConfirm().
 			Title("Do you have an access token?").
@@ -154,7 +154,7 @@ func CreateLogin() error {
 				Value(&tokenScopes).
 				Validate(func(s []string) error {
 					if len(s) == 0 {
-						return errors.New("at least one scope is required")
+						return errors.New("At least one scope is required")
 					}
 					return nil
 				}).
@@ -176,36 +176,26 @@ func CreateLogin() error {
 			}
 			printTitleAndContent("OTP (if applicable):", otp)
 		}
-	default:
+	case "ssh-key/certificate":
-		return fmt.Errorf("unknown login method: %s", loginMethod)
+		if err := huh.NewInput().
-	}
+			Title("SSH Key/Certificate Path (leave empty for auto-discovery in ~/.ssh and ssh-agent):").
-
+			Value(&sshKey).
-	var optSettings bool
+			WithTheme(theme.GetTheme()).
-	if err := huh.NewConfirm().
+			Run(); err != nil {
-		Title("Set Optional settings:").
-		Value(&optSettings).
-		WithTheme(theme.GetTheme()).
-		Run(); err != nil {
-		return err
-	}
-	printTitleAndContent("Set Optional settings:", strconv.FormatBool(optSettings))
-
-	if optSettings {
-		pubKeys := task.ListSSHPubkey()
-		emptyOpt := "Auto-discovery SSH Key in ~/.ssh and ssh-agent"
-		pubKeys = append([]string{emptyOpt}, pubKeys...)
-
-		sshKey, err = promptSelect("Select ssh-key: ", pubKeys, "", "", "")
-		if err != nil {
 			return err
 		}
-		if sshKey == emptyOpt {
+		printTitleAndContent("SSH Key/Certificate Path (leave empty for auto-discovery in ~/.ssh and ssh-agent):", sshKey)
-			sshKey = ""
-		}
 
-		printTitleAndContent("SSH Key Path (leave empty for auto-discovery) in ~/.ssh and ssh-agent):", sshKey)
+		if sshKey == "" {
-
+			pubKeys := task.ListSSHPubkey()
-		if sshKey != "" {
+			if len(pubKeys) == 0 {
+				fmt.Println("No SSH keys found in ~/.ssh or ssh-agent")
+				return nil
+			}
+			sshKey, err = promptSelect("Select ssh-key: ", pubKeys, "", "", "")
+			if err != nil {
+				return err
+			}
 			printTitleAndContent("Selected ssh-key:", sshKey)
 
 			// ssh certificate
@@ -229,6 +219,27 @@ func CreateLogin() error {
 				}
 			}
 		}
+	}
+
+	var optSettings bool
+	if err := huh.NewConfirm().
+		Title("Set Optional settings:").
+		Value(&optSettings).
+		WithTheme(theme.GetTheme()).
+		Run(); err != nil {
+		return err
+	}
+	printTitleAndContent("Set Optional settings:", strconv.FormatBool(optSettings))
+
+	if optSettings {
+		if err := huh.NewInput().
+			Title("SSH Key Path (leave empty for auto-discovery):").
+			Value(&sshKey).
+			WithTheme(theme.GetTheme()).
+			Run(); err != nil {
+			return err
+		}
+		printTitleAndContent("SSH Key Path (leave empty for auto-discovery):", sshKey)
 
 		if err := huh.NewConfirm().
 			Title("Allow Insecure connections:").

modules/task/login_create.go

@@ -68,6 +68,9 @@ func CreateLogin(name, token, user, passwd, otp, scopes, sshKey, giteaURL, sshCe
 		token,
 		user,
 		passwd,
+		sshAgent,
+		sshKey,
+		sshCertPrincipal,
 	)
 	if err != nil {
 		return err
@@ -92,7 +95,7 @@ func CreateLogin(name, token, user, passwd, otp, scopes, sshKey, giteaURL, sshCe
 		VersionCheck:      versionCheck,
 	}
 
-	if len(token) == 0 {
+	if len(token) == 0 && sshCertPrincipal == "" && !sshAgent && sshKey == "" {
 		if login.Token, err = generateToken(login, user, passwd, otp, scopes); err != nil {
 			return err
 		}

modules/utils/validate.go

@@ -14,21 +14,25 @@ func ValidateAuthenticationMethod(
 	token string,
 	user string,
 	passwd string,
+	sshAgent bool,
+	sshKey string,
+	sshCertPrincipal string,
 ) (*url.URL, error) {
 	// Normalize URL
 	serverURL, err := NormalizeURL(giteaURL)
 	if err != nil {
-		return nil, fmt.Errorf("unable to parse URL: %s", err)
+		return nil, fmt.Errorf("Unable to parse URL: %s", err)
 	}
 
-	// .. if we have enough information to authenticate
+	if !sshAgent && sshCertPrincipal == "" && sshKey == "" {
-	if len(token) == 0 && (len(user)+len(passwd)) == 0 {
+		// .. if we have enough information to authenticate
-		return nil, fmt.Errorf("no token set")
+		if len(token) == 0 && (len(user)+len(passwd)) == 0 {
-	} else if len(user) != 0 && len(passwd) == 0 {
+			return nil, fmt.Errorf("No token set")
-		return nil, fmt.Errorf("no password set")
+		} else if len(user) != 0 && len(passwd) == 0 {
-	} else if len(user) == 0 && len(passwd) != 0 {
+			return nil, fmt.Errorf("No password set")
-		return nil, fmt.Errorf("no user set")
+		} else if len(user) == 0 && len(passwd) != 0 {
+			return nil, fmt.Errorf("No user set")
+		}
 	}
-
 	return serverURL, nil
 }