[Enhancement] Auth - Move metadata to the tokens metadata in the secret store (#25)

- Fixes #24 
- Moved all variables/data and "profile data" to the metadata of the
SecretStore secret.
- Access and Refresh tokens get stored as separate secrets in the vault.
- Expiration dates for the two gets stored as metadata on the respective
secret.
- All other data like token type, repo, org, api version etc are stored
on the metadata of the accesstoken as its similar to a profile.

Author: MariusStorhaug

src/GitHub/private/Utilities/ConvertFrom-HashTable.ps1

@@ -0,0 +1,11 @@
+function ConvertFrom-HashTable {
+    [CmdletBinding()]
+    param (
+        [Parameter(
+            Mandatory,
+            ValueFromPipeline
+        )]
+        [object]$InputObject
+    )
+    ([pscustomobject](@{} + $InputObject))
+}

src/GitHub/private/Utilities/ConvertTo-HashTable.ps1

@@ -0,0 +1,17 @@
+function ConvertTo-HashTable {
+    [CmdletBinding()]
+    param (
+        [Parameter(
+            Mandatory,
+            ValueFromPipeline
+        )]
+        [pscustomobject]$InputObject
+    )
+    [hashtable]$hashtable = @{}
+
+    foreach ($item in $InputObject.PSobject.Properties) {
+        Write-Verbose "$($item.Name) : $($item.Value) : $($item.TypeNameOfValue)"
+        $hashtable.$($item.Name) = $item.Value
+    }
+    $hashtable
+}

src/GitHub/private/Utilities/Join-Hashtable.ps1

@@ -0,0 +1,17 @@
+function Join-Hashtable {
+    [OutputType([void])]
+    [Alias('Merge-HashTable')]
+    [CmdletBinding()]
+    param (
+        [hashtable] $Main,
+        [hashtable] $Overrides
+    )
+    $hashtable = @{}
+    $Main.Keys | ForEach-Object {
+        $hashtable[$_] = $Main[$_]
+    }
+    $Overrides.Keys | ForEach-Object {
+        $hashtable[$_] = $Overrides[$_]
+    }
+    $hashtable
+}

src/GitHub/private/Utilities/Remove-HashTableEntries.ps1

@@ -0,0 +1,57 @@
+function Remove-HashtableEntries {
+    [OutputType([void])]
+    [CmdletBinding()]
+    param (
+        [Parameter(
+            Mandatory,
+            ValueFromPipeline
+        )]
+        [hashtable] $Hashtable,
+        [Parameter()]
+        [switch] $NullOrEmptyValues,
+        [Parameter()]
+        [string[]] $RemoveTypes,
+        [Parameter()]
+        [string[]] $RemoveNames,
+        [Parameter()]
+        [string[]] $KeepTypes,
+        [Parameter()]
+        [string[]] $KeepNames
+
+    )
+    if ($NullOrEmptyValues) {
+        Write-Verbose 'Remove keys with null or empty values'
+        ($Hashtable.GetEnumerator() | Where-Object { -not $_.Value }) | ForEach-Object {
+            Write-Verbose " - [$($_.Name)] - Value: [$($_.Value)] - Remove"
+            $Hashtable.Remove($_.Name)
+        }
+    }
+    if ($RemoveTypes) {
+        Write-Verbose "Remove keys of type: [$RemoveTypes]"
+        ($Hashtable.GetEnumerator() | Where-Object { ($_.Value.GetType().Name -in $RemoveTypes) }) | ForEach-Object {
+            Write-Verbose " - [$($_.Name)] - Type: [$($_.Value.GetType().Name)] - Remove"
+            $Hashtable.Remove($_.Name)
+        }
+    }
+    if ($KeepTypes) {
+        Write-Verbose "Remove keys NOT of type: [$KeepTypes]"
+        ($Hashtable.GetEnumerator() | Where-Object { ($_.Value.GetType().Name -notin $KeepTypes) }) | ForEach-Object {
+            Write-Verbose " - [$($_.Name)] - Type: [$($_.Value.GetType().Name)] - Remove"
+            $Hashtable.Remove($_.Name)
+        }
+    }
+    if ($RemoveNames) {
+        Write-Verbose "Remove keys named: [$RemoveNames]"
+        ($Hashtable.GetEnumerator() | Where-Object { $_.Name -in $RemoveNames }) | ForEach-Object {
+            Write-Verbose " - [$($_.Name)] - Remove"
+            $Hashtable.Remove($_.Name)
+        }
+    }
+    if ($KeepNames) {
+        Write-Verbose "Remove keys NOT named: [$KeepNames]"
+        ($Hashtable.GetEnumerator() | Where-Object { $_.Name -notin $KeepNames }) | ForEach-Object {
+            Write-Verbose " - [$($_.Name)] - Remove"
+            $Hashtable.Remove($_.Name)
+        }
+    }
+}

src/GitHub/public/API/Invoke-GitHubAPI.ps1

@@ -30,7 +30,7 @@
 
         # The base URI for the GitHub API. This is usually 'https://api.github.com', but can be adjusted if necessary.
         [Parameter()]
-        [string] $ApiBaseUri = (Get-GitHubConfig -Name ApiBaseUri -AsPlainText),
+        [string] $ApiBaseUri = (Get-GitHubConfig -Name ApiBaseUri),
 
         # The specific endpoint for the API call, e.g., '/repos/user/repo/pulls'.
         [Parameter(Mandatory)]
@@ -62,7 +62,7 @@
 
         # The GitHub API version to be used. By default, it pulls from a configuration script variable.
         [Parameter()]
-        [string] $Version = (Get-GitHubConfig -Name ApiVersion -AsPlainText)
+        [string] $Version = (Get-GitHubConfig -Name ApiVersion)
     )
 
     $functionName = $MyInvocation.MyCommand.Name
@@ -72,7 +72,7 @@
         'X-GitHub-Api-Version' = $Version
     }
 
-    ($headers.GetEnumerator() | Where-Object { -not $_.Value }) | ForEach-Object { $headers.Remove($_.Name) }
+    Remove-HashTableEntries -Hashtable $headers -NullOrEmptyValues
 
     $URI = ("$ApiBaseUri/" -replace '/$', '') + ("/$ApiEndpoint" -replace '^/', '')
 
@@ -88,6 +88,7 @@
         StatusCodeVariable      = 'StatusCode'
         ResponseHeadersVariable = 'ResponseHeaders'
     }
+    Remove-HashTableEntries -Hashtable $APICall -NullOrEmptyValues
 
     if ($Body) {
         if ($Body -is [string]) {

src/GitHub/public/Auth/Connect-GitHubAccount.ps1

@@ -73,11 +73,11 @@
         'DeviceFlow' {
             Write-Verbose 'Logging in using device flow...'
             $clientID = $script:Auth.$Mode.ClientID
-            if ($Mode -ne (Get-GitHubConfig -Name DeviceFlowType -AsPlainText -ea SilentlyContinue)) {
+            if ($Mode -ne (Get-GitHubConfig -Name DeviceFlowType -ErrorAction SilentlyContinue)) {
                 Write-Verbose "Using $Mode authentication..."
                 $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $clientID -Scope $Scope
             } else {
-                $accessTokenValidity = [datetime](Get-GitHubConfig -Name 'AccessTokenExpirationDate' -AsPlainText) - (Get-Date)
+                $accessTokenValidity = [datetime](Get-GitHubConfig -Name 'AccessTokenExpirationDate') - (Get-Date)
                 $accessTokenIsValid = $accessTokenValidity.Seconds -gt 0
                 $accessTokenValidityText = "$($accessTokenValidity.Hours):$($accessTokenValidity.Minutes):$($accessTokenValidity.Seconds)"
                 if ($accessTokenIsValid) {
@@ -91,7 +91,7 @@
                         $tokenResponse = Invoke-GitHubDeviceFlowLogin -ClientID $clientID -RefreshToken (Get-GitHubConfig -Name RefreshToken)
                     }
                 } else {
-                    $refreshTokenValidity = [datetime](Get-GitHubConfig -Name 'RefreshTokenExpirationDate' -AsPlainText) - (Get-Date)
+                    $refreshTokenValidity = [datetime](Get-GitHubConfig -Name 'RefreshTokenExpirationDate') - (Get-Date)
                     $refreshTokenIsValid = $refreshTokenValidity.Seconds -gt 0
                     if ($refreshTokenIsValid) {
                         Write-Host '⚠ ' -ForegroundColor Yellow -NoNewline
@@ -140,14 +140,14 @@
             Write-Host '! ' -ForegroundColor DarkYellow -NoNewline
             Start-Process 'https://github.com/settings/tokens'
             $accessTokenValue = Read-Host -Prompt 'Enter your personal access token' -AsSecureString
-            $prefix = (ConvertFrom-SecureString $accessTokenValue -AsPlainText) -replace '_.*$', '_*'
-            if ($prefix -notmatch '^ghp_|^github_pat_') {
+            $accessTokenType = (ConvertFrom-SecureString $accessTokenValue -AsPlainText) -replace '_.*$', '_*'
+            if ($accessTokenType -notmatch '^ghp_|^github_pat_') {
                 Write-Host '⚠ ' -ForegroundColor Yellow -NoNewline
-                Write-Host "Unexpected access token format: $prefix"
+                Write-Host "Unexpected access token format: $accessTokenType"
             }
             $settings = @{
                 AccessToken     = $accessTokenValue
-                AccessTokenType = $prefix
+                AccessTokenType = $accessTokenType
                 ApiBaseUri      = 'https://api.github.com'
                 ApiVersion      = '2022-11-28'
                 AuthType        = $AuthType

src/GitHub/public/Config/Get-GitHubConfig.ps1

@@ -1,33 +1,42 @@
 function Get-GitHubConfig {
     <#
         .SYNOPSIS
-        Get the current GitHub configuration.
+        Get configuration value.
 
         .DESCRIPTION
-        Get the current GitHub configuration.
-        The configuration is first loaded from the configuration file.
+        Get a named configuration value from the GitHub configuration file.
 
         .EXAMPLE
-        Get-GitHubConfig
-
-        Returns the current GitHub configuration.
+        Get-GitHubConfig -Name ApiBaseUri
 
+        Get the current GitHub configuration for the ApiBaseUri.
     #>
     [Alias('Get-GHConfig')]
     [Alias('GGHC')]
     [OutputType([object])]
     [CmdletBinding()]
     param (
-        [string] $Name,
-        [switch] $AsPlainText
+        # Choose a configuration name to get.
+        [Parameter()]
+        [string] $Name
     )
+
     $prefix = $script:SecretVault.Prefix
-    if ($Name) {
-        $Name = "$prefix$Name"
-        Get-Secret -Name $Name -Vault $script:SecretVault.Name -AsPlainText:$AsPlainText
-    } else {
-        Get-SecretInfo | Where-Object Name -like "$prefix*" | ForEach-Object {
-            Get-Secret -Name $_.Name -Vault $script:SecretVault.Name -AsPlainText:$AsPlainText
+
+    switch($Name) {
+        'AccessToken' {
+            Get-Secret -Name "$prefix`AccessToken"
+        }
+        'RefreshToken' {
+            Get-Secret -Name "$prefix`RefreshToken"
+        }
+        'RefreshTokenExpirationDate' {
+            $RefreshTokenData = Get-SecretInfo -Name "$prefix`RefreshToken"
+            $RefreshTokenData.Metadata | ConvertFrom-HashTable | ConvertTo-HashTable | Select-Object -ExpandProperty $Name
+        }
+        default {
+            $AccessTokenData = Get-SecretInfo -Name "$prefix`AccessToken"
+            $AccessTokenData.Metadata | ConvertFrom-HashTable | ConvertTo-HashTable | Select-Object -ExpandProperty $Name
         }
     }
 }