vercel · kodiakhq · Mar 2, 2022 · Mar 1, 2022 · Mar 2, 2022
@@ -317,3 +317,52 @@ func (c *ApiClient) GetUser() (*UserResponse, error) {
 	}
 	return userResponse, nil
 }
+
+type verificationResponse struct {
+	Token  string `json:"token"`
+	Email  string `json:"email"`
+	TeamID string `json:"teamId,omitempty"`
+}
+
+// VerifiedSSOUser contains data returned from the SSO token verification endpoint
+type VerifiedSSOUser struct {
+	Token  string
+	TeamID string
+}
+
+func (c *ApiClient) VerifySSOToken(token string, tokenName string) (*VerifiedSSOUser, error) {
+	query := make(url.Values)
+	query.Add("token", token)
+	query.Add("tokenName", tokenName)
+	req, err := retryablehttp.NewRequest(http.MethodGet, c.makeUrl("/registration/verify")+"?"+query.Encode(), nil)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("User-Agent", c.UserAgent())
+	resp, err := c.HttpClient.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode == http.StatusNotFound {
+		io.Copy(ioutil.Discard, resp.Body)
+		return nil, fmt.Errorf("404 - Not found") // doesn't exist - not an error
+	} else if resp.StatusCode != http.StatusOK {
+		b, _ := ioutil.ReadAll(resp.Body)
+		return nil, fmt.Errorf("%s", string(b))
+	}
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("could not read JSON response: %s", string(body))
+	}
+	verificationResponse := &verificationResponse{}
+	err = json.Unmarshal(body, verificationResponse)
+	if err != nil {
+		return nil, fmt.Errorf("failed to unmarshall json response: %v", err)
+	}
+	vu := &VerifiedSSOUser{
+		Token:  verificationResponse.Token,
+		TeamID: verificationResponse.TeamID,
+	}
+	return vu, nil
+}
@@ -22,8 +22,8 @@ type TurborepoConfig struct {
 	TeamSlug string `json:"teamSlug,omitempty" envconfig:"team"`
 }
 
-// WriteUserConfigFile writes config file at a path
-func WriteConfigFile(path string, config *TurborepoConfig) error {
+// writeConfigFile writes config file at a path
+func writeConfigFile(path string, config *TurborepoConfig) error {
 	jsonBytes, marhsallError := json.Marshal(config)
 	if marhsallError != nil {
 		return marhsallError
@@ -35,13 +35,21 @@ func WriteConfigFile(path string, config *TurborepoConfig) error {
 	return nil
 }
 
-// WriteUserConfigFile writes a user config file
+// WriteRepoConfigFile is used to write the portion of the config file that is saved
+// within the repository itself.
+func WriteRepoConfigFile(config *TurborepoConfig) error {
+	path := filepath.Join(".turbo", "config.json")
+	return writeConfigFile(path, config)
+}
+
+// WriteUserConfigFile writes a user config file. This may contain a token and so should
+// not be saved within the repository to avoid committing sensitive data
 func WriteUserConfigFile(config *TurborepoConfig) error {
 	path, err := xdg.ConfigFile(filepath.Join("turborepo", "config.json"))
 	if err != nil {
 		return err
 	}
-	return WriteConfigFile(path, config)
+	return writeConfigFile(path, config)
 }
 
 // ReadConfigFile reads a config file at a path

@@ -142,7 +142,7 @@ func (c *LinkCommand) Run(args []string) int {
 		}
 	}
 	fs.EnsureDir(filepath.Join(".turbo", "config.json"))
-	fsErr := config.WriteConfigFile(filepath.Join(".turbo", "config.json"), &config.TurborepoConfig{
+	fsErr := config.WriteRepoConfigFile(&config.TurborepoConfig{
 		TeamId: chosenTeam.ID,
 		ApiUrl: c.Config.ApiUrl,
 	})