passforios/pass/Models/PasswordStore.swift

//
//  PasswordStore.swift
//  pass
//
//  Created by Mingshen Sun on 19/1/2017.
//  Copyright © 2017 Bob Sun. All rights reserved.
//

import Foundation
import Result
import CoreData
import UIKit
import SwiftyUserDefaults
import ObjectiveGit

struct GitCredential {
    
    enum Credential {
        case http(userName: String, password: String)
        case ssh(userName: String, password: String, publicKeyFile: URL, privateKeyFile: URL)
    }
    
    var credential: Credential
    
    func credentialProvider() throws -> GTCredentialProvider {
        return GTCredentialProvider { (_, _, _) -> (GTCredential) in
            let credential: GTCredential?
            switch self.credential {
            case let .http(userName, password):
                credential = try? GTCredential(userName: userName, password: password)
            case let .ssh(userName, password, publicKeyFile, privateKeyFile):
                credential = try? GTCredential(userName: userName, publicKeyURL: publicKeyFile, privateKeyURL: privateKeyFile, passphrase: password)
            }
            return credential ?? GTCredential()
        }
    }
}

class PasswordStore {
    static let shared = PasswordStore()
    
    let storeURL = URL(fileURLWithPath: "\(Globals.documentPath)/password-store")
    let tempStoreURL = URL(fileURLWithPath: "\(Globals.documentPath)/password-store-temp")
    var storeRepository: GTRepository?
    var gitCredential: GitCredential?
    
    let pgp: ObjectivePGP = ObjectivePGP()
    
    let context = (UIApplication.shared.delegate as! AppDelegate).persistentContainer.viewContext

    
    private init() {
        do {
            if FileManager.default.fileExists(atPath: storeURL.path) {
                try storeRepository = GTRepository.init(url: storeURL)
            }
        } catch {
            print(error)
        }
        if Defaults[.pgpKeyID] != "" {
            pgp.importKeys(fromFile: Globals.secringPath, allowDuplicates: false)
        }
        if Defaults[.gitRepositoryAuthenticationMethod] == "Password" {
            gitCredential = GitCredential(credential: GitCredential.Credential.http(userName: Defaults[.gitRepositoryUsername], password: Defaults[.gitRepositoryPassword]))
        } else if Defaults[.gitRepositoryAuthenticationMethod] == "SSH Key"{
            gitCredential = GitCredential(credential: GitCredential.Credential.ssh(userName: Defaults[.gitRepositoryUsername], password: Defaults[.gitRepositorySSHPrivateKeyPassphrase]!, publicKeyFile: Globals.sshPublicKeyURL, privateKeyFile: Globals.sshPrivateKeyURL))
        } else {
            gitCredential = nil
        }
        
    }
    
    func initPGP(pgpKeyURL: URL, pgpKeyLocalPath: String) throws {
        let pgpData = try Data(contentsOf: pgpKeyURL)
        try pgpData.write(to: URL(fileURLWithPath: pgpKeyLocalPath), options: .atomic)
        pgp.importKeys(fromFile: pgpKeyLocalPath, allowDuplicates: false)
        let key = pgp.keys[0]
        Defaults[.pgpKeyID] = key.keyID!.shortKeyString
        if let gpgUser = key.users[0] as? PGPUser {
            Defaults[.pgpKeyUserID] = gpgUser.userID
        }
    }
    
    
    func cloneRepository(remoteRepoURL: URL,
                         credential: GitCredential,
                         transferProgressBlock: @escaping (UnsafePointer<git_transfer_progress>, UnsafeMutablePointer<ObjCBool>) -> Void,
                         checkoutProgressBlock: @escaping (String?, UInt, UInt) -> Void) throws {
        let credentialProvider = try credential.credentialProvider()
        let options: [String: Any] = [
            GTRepositoryCloneOptionsCredentialProvider: credentialProvider,
        ]
        storeRepository = try GTRepository.clone(from: remoteRepoURL, toWorkingDirectory: tempStoreURL, options: options, transferProgressBlock:transferProgressBlock, checkoutProgressBlock: checkoutProgressBlock)
        let fm = FileManager.default
        do {
            if fm.fileExists(atPath: storeURL.path) {
                try fm.removeItem(at: storeURL)
            }
            try fm.copyItem(at: tempStoreURL, to: storeURL)
            try fm.removeItem(at: tempStoreURL)
        } catch {
            print(error)
        }
        storeRepository = try GTRepository(url: storeURL)
        updatePasswordEntityCoreData()
        gitCredential = credential
    }
    
    func pullRepository(transferProgressBlock: @escaping (UnsafePointer<git_transfer_progress>, UnsafeMutablePointer<ObjCBool>) -> Void) throws {
        let credentialProvider = try gitCredential!.credentialProvider()
        let options: [String: Any] = [
            GTRepositoryRemoteOptionsCredentialProvider: credentialProvider
        ]
        let remote = try GTRemote(name: "origin", in: storeRepository!)
        try storeRepository?.pull((storeRepository?.currentBranch())!, from: remote, withOptions: options, progress: transferProgressBlock)
        updatePasswordEntityCoreData()
    }
    
    func updatePasswordEntityCoreData() {
        deleteCoreData(entityName: "PasswordEntity")
        deleteCoreData(entityName: "PasswordCategoryEntity")
        
        let fm = FileManager.default
        fm.enumerator(atPath: storeURL.path)?.forEach({ (e) in
            if let e = e as? String, let url = URL(string: e) {
                if url.pathExtension == "gpg" {
                    let passwordEntity = PasswordEntity(context: context)
                    let endIndex =  url.lastPathComponent.index(url.lastPathComponent.endIndex, offsetBy: -4)
                    passwordEntity.name = url.lastPathComponent.substring(to: endIndex)
                    passwordEntity.rawPath = "password-store/\(url.path)"
                    let items = url.path.characters.split(separator: "/").map(String.init)
                    for i in 0 ..< items.count - 1 {
                        let passwordCategoryEntity = PasswordCategoryEntity(context: context)
                        passwordCategoryEntity.category = items[i]
                        passwordCategoryEntity.level = Int16(i)
                        passwordCategoryEntity.password = passwordEntity
                    }
                }
            }
        })
        do {
            try context.save()
        } catch {
            print("Error with save: \(error)")
        }
    }
    
    func fetchPasswordEntityCoreData() -> [PasswordEntity] {
        let passwordEntityFetch = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordEntity")
        do {
            let fetchedPasswordEntities = try context.fetch(passwordEntityFetch) as! [PasswordEntity]
            return fetchedPasswordEntities.sorted { $0.name!.caseInsensitiveCompare($1.name!) == .orderedAscending }
        } catch {
            fatalError("Failed to fetch employees: \(error)")
        }
    }
    
    func fetchPasswordCategoryEntityCoreData(password: PasswordEntity) -> [PasswordCategoryEntity] {
        let passwordCategoryEntityFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordCategoryEntity")
        passwordCategoryEntityFetchRequest.predicate = NSPredicate(format: "password = %@", password)
        passwordCategoryEntityFetchRequest.sortDescriptors = [NSSortDescriptor(key: "level", ascending: true)]
        do {
            let passwordCategoryEntities = try context.fetch(passwordCategoryEntityFetchRequest) as! [PasswordCategoryEntity]
            return passwordCategoryEntities
        } catch {
            fatalError("Failed to fetch employees: \(error)")
        }
    }
    
    func updateRemoteRepo() {
    }
    
    func deleteCoreData(entityName: String) {
        let deleteFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: entityName)
        let deleteRequest = NSBatchDeleteRequest(fetchRequest: deleteFetchRequest)
        
        do {
            try context.execute(deleteRequest)
        } catch let error as NSError {
            print(error)
        }
    }
    
    func erase() {
        Utils.removeFileIfExists(at: storeURL)
        Utils.removeFileIfExists(atPath: Globals.secringPath)
        Utils.removeFileIfExists(at: Globals.sshPrivateKeyURL)
        Utils.removeFileIfExists(at: Globals.sshPublicKeyURL)
        
        deleteCoreData(entityName: "PasswordEntity")
        deleteCoreData(entityName: "PasswordCategoryEntity")
        
        Defaults.eraseAll()
    }
}
first commit 2017-01-19 21:15:47 +08:00			`//`
			`// PasswordStore.swift`
			`// pass`
			`//`
			`// Created by Mingshen Sun on 19/1/2017.`
			`// Copyright © 2017 Bob Sun. All rights reserved.`
			`//`

			`import Foundation`
			`import Result`
			`import CoreData`
			`import UIKit`
change a lot, the structure will be stable this time 2017-01-22 01:42:36 +08:00			`import SwiftyUserDefaults`
use ObjectiveGit instead of SwiftGit2 2017-01-23 16:29:36 +08:00			`import ObjectiveGit`
first commit 2017-01-19 21:15:47 +08:00
try to use username and password credential to clone repository 2017-01-24 01:49:55 +08:00			`struct GitCredential {`

			`enum Credential {`
			`case http(userName: String, password: String)`
			`case ssh(userName: String, password: String, publicKeyFile: URL, privateKeyFile: URL)`
			`}`

			`var credential: Credential`

			`func credentialProvider() throws -> GTCredentialProvider {`
			`return GTCredentialProvider { (_, _, _) -> (GTCredential) in`
			`let credential: GTCredential?`
			`switch self.credential {`
			`case let .http(userName, password):`
			`credential = try? GTCredential(userName: userName, password: password)`
			`case let .ssh(userName, password, publicKeyFile, privateKeyFile):`
			`credential = try? GTCredential(userName: userName, publicKeyURL: publicKeyFile, privateKeyURL: privateKeyFile, passphrase: password)`
			`}`
			`return credential ?? GTCredential()`
			`}`
			`}`
			`}`

first commit 2017-01-19 21:15:47 +08:00			`class PasswordStore {`
			`static let shared = PasswordStore()`

change Globals class to static 2017-02-08 10:15:38 +08:00			`let storeURL = URL(fileURLWithPath: "\(Globals.documentPath)/password-store")`
			`let tempStoreURL = URL(fileURLWithPath: "\(Globals.documentPath)/password-store-temp")`
use ObjectiveGit instead of SwiftGit2 2017-01-23 16:29:36 +08:00			`var storeRepository: GTRepository?`
fix bugs in the first startup 2017-02-02 15:02:57 +08:00			`var gitCredential: GitCredential?`
use ObjectiveGit instead of SwiftGit2 2017-01-23 16:29:36 +08:00
change a lot, the structure will be stable this time 2017-01-22 01:42:36 +08:00			`let pgp: ObjectivePGP = ObjectivePGP()`
first commit 2017-01-19 21:15:47 +08:00
			`let context = (UIApplication.shared.delegate as! AppDelegate).persistentContainer.viewContext`


			`private init() {`
use ObjectiveGit instead of SwiftGit2 2017-01-23 16:29:36 +08:00			`do {`
check if git repository is existed before load 2017-02-06 11:17:56 +08:00			`if FileManager.default.fileExists(atPath: storeURL.path) {`
			`try storeRepository = GTRepository.init(url: storeURL)`
			`}`
use ObjectiveGit instead of SwiftGit2 2017-01-23 16:29:36 +08:00			`} catch {`
			`print(error)`
first commit 2017-01-19 21:15:47 +08:00			`}`
change a lot, the structure will be stable this time 2017-01-22 01:42:36 +08:00			`if Defaults[.pgpKeyID] != "" {`
change Globals class to static 2017-02-08 10:15:38 +08:00			`pgp.importKeys(fromFile: Globals.secringPath, allowDuplicates: false)`
change a lot, the structure will be stable this time 2017-01-22 01:42:36 +08:00			`}`
complete SSH Key authentication 2017-01-31 22:00:50 +08:00			`if Defaults[.gitRepositoryAuthenticationMethod] == "Password" {`
			`gitCredential = GitCredential(credential: GitCredential.Credential.http(userName: Defaults[.gitRepositoryUsername], password: Defaults[.gitRepositoryPassword]))`
fix bugs in the first startup 2017-02-02 15:02:57 +08:00			`} else if Defaults[.gitRepositoryAuthenticationMethod] == "SSH Key"{`
change sshPublicKeyPath to sshPublicKeyURL 2017-02-08 19:31:42 +08:00			`gitCredential = GitCredential(credential: GitCredential.Credential.ssh(userName: Defaults[.gitRepositoryUsername], password: Defaults[.gitRepositorySSHPrivateKeyPassphrase]!, publicKeyFile: Globals.sshPublicKeyURL, privateKeyFile: Globals.sshPrivateKeyURL))`
fix bugs in the first startup 2017-02-02 15:02:57 +08:00			`} else {`
			`gitCredential = nil`
complete SSH Key authentication 2017-01-31 22:00:50 +08:00			`}`
try to use username and password credential to clone repository 2017-01-24 01:49:55 +08:00
first commit 2017-01-19 21:15:47 +08:00			`}`

throws exception from initPGP 2017-02-06 00:59:27 +08:00			`func initPGP(pgpKeyURL: URL, pgpKeyLocalPath: String) throws {`
			`let pgpData = try Data(contentsOf: pgpKeyURL)`
			`try pgpData.write(to: URL(fileURLWithPath: pgpKeyLocalPath), options: .atomic)`
			`pgp.importKeys(fromFile: pgpKeyLocalPath, allowDuplicates: false)`
			`let key = pgp.keys[0]`
			`Defaults[.pgpKeyID] = key.keyID!.shortKeyString`
			`if let gpgUser = key.users[0] as? PGPUser {`
			`Defaults[.pgpKeyUserID] = gpgUser.userID`
change a lot, the structure will be stable this time 2017-01-22 01:42:36 +08:00			`}`
			`}`


show transfer progress 2017-01-23 17:36:10 +08:00			`func cloneRepository(remoteRepoURL: URL,`
try to use username and password credential to clone repository 2017-01-24 01:49:55 +08:00			`credential: GitCredential,`
show transfer progress 2017-01-23 17:36:10 +08:00			`transferProgressBlock: @escaping (UnsafePointer<git_transfer_progress>, UnsafeMutablePointer<ObjCBool>) -> Void,`
add error handling 2017-02-04 14:24:59 +08:00			`checkoutProgressBlock: @escaping (String?, UInt, UInt) -> Void) throws {`
			`let credentialProvider = try credential.credentialProvider()`
			`let options: [String: Any] = [`
			`GTRepositoryCloneOptionsCredentialProvider: credentialProvider,`
			`]`
make cloneRepository robust 2017-02-04 14:59:55 +08:00			`storeRepository = try GTRepository.clone(from: remoteRepoURL, toWorkingDirectory: tempStoreURL, options: options, transferProgressBlock:transferProgressBlock, checkoutProgressBlock: checkoutProgressBlock)`
			`let fm = FileManager.default`
			`do {`
			`if fm.fileExists(atPath: storeURL.path) {`
			`try fm.removeItem(at: storeURL)`
			`}`
			`try fm.copyItem(at: tempStoreURL, to: storeURL)`
			`try fm.removeItem(at: tempStoreURL)`
			`} catch {`
			`print(error)`
			`}`
			`storeRepository = try GTRepository(url: storeURL)`
add error handling 2017-02-04 14:24:59 +08:00			`updatePasswordEntityCoreData()`
			`gitCredential = credential`
use ObjectiveGit instead of SwiftGit2 2017-01-23 16:29:36 +08:00			`}`
pull repository with credential 2017-01-24 16:57:16 +08:00
add error handling 2017-02-04 14:24:59 +08:00			`func pullRepository(transferProgressBlock: @escaping (UnsafePointer<git_transfer_progress>, UnsafeMutablePointer<ObjCBool>) -> Void) throws {`
			`let credentialProvider = try gitCredential!.credentialProvider()`
			`let options: [String: Any] = [`
			`GTRepositoryRemoteOptionsCredentialProvider: credentialProvider`
			`]`
			`let remote = try GTRemote(name: "origin", in: storeRepository!)`
			`try storeRepository?.pull((storeRepository?.currentBranch())!, from: remote, withOptions: options, progress: transferProgressBlock)`
			`updatePasswordEntityCoreData()`
first commit 2017-01-19 21:15:47 +08:00			`}`

			`func updatePasswordEntityCoreData() {`
add erase data function 2017-02-07 16:45:14 +08:00			`deleteCoreData(entityName: "PasswordEntity")`
			`deleteCoreData(entityName: "PasswordCategoryEntity")`

first commit 2017-01-19 21:15:47 +08:00			`let fm = FileManager.default`
			`fm.enumerator(atPath: storeURL.path)?.forEach({ (e) in`
			`if let e = e as? String, let url = URL(string: e) {`
			`if url.pathExtension == "gpg" {`
show password categories 2017-02-06 21:53:54 +08:00			`let passwordEntity = PasswordEntity(context: context)`
exclude .gpg extension in password name 2017-01-23 17:53:49 +08:00			`let endIndex = url.lastPathComponent.index(url.lastPathComponent.endIndex, offsetBy: -4)`
show password categories 2017-02-06 21:53:54 +08:00			`passwordEntity.name = url.lastPathComponent.substring(to: endIndex)`
			`passwordEntity.rawPath = "password-store/\(url.path)"`
			`let items = url.path.characters.split(separator: "/").map(String.init)`
			`for i in 0 ..< items.count - 1 {`
			`let passwordCategoryEntity = PasswordCategoryEntity(context: context)`
			`passwordCategoryEntity.category = items[i]`
sort categories by level 2017-02-07 00:21:22 +08:00			`passwordCategoryEntity.level = Int16(i)`
show password categories 2017-02-06 21:53:54 +08:00			`passwordCategoryEntity.password = passwordEntity`
			`}`
first commit 2017-01-19 21:15:47 +08:00			`}`
			`}`
			`})`
			`do {`
			`try context.save()`
			`} catch {`
			`print("Error with save: \(error)")`
			`}`
			`}`

			`func fetchPasswordEntityCoreData() -> [PasswordEntity] {`
			`let passwordEntityFetch = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordEntity")`
			`do {`
			`let fetchedPasswordEntities = try context.fetch(passwordEntityFetch) as! [PasswordEntity]`
sort password entities case insensitive 2017-02-09 13:38:42 +08:00			`return fetchedPasswordEntities.sorted { $0.name!.caseInsensitiveCompare($1.name!) == .orderedAscending }`
first commit 2017-01-19 21:15:47 +08:00			`} catch {`
			`fatalError("Failed to fetch employees: \(error)")`
			`}`
			`}`

show password categories 2017-02-06 21:53:54 +08:00			`func fetchPasswordCategoryEntityCoreData(password: PasswordEntity) -> [PasswordCategoryEntity] {`
sort categories by level 2017-02-07 00:21:22 +08:00			`let passwordCategoryEntityFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordCategoryEntity")`
			`passwordCategoryEntityFetchRequest.predicate = NSPredicate(format: "password = %@", password)`
			`passwordCategoryEntityFetchRequest.sortDescriptors = [NSSortDescriptor(key: "level", ascending: true)]`
show password categories 2017-02-06 21:53:54 +08:00			`do {`
sort categories by level 2017-02-07 00:21:22 +08:00			`let passwordCategoryEntities = try context.fetch(passwordCategoryEntityFetchRequest) as! [PasswordCategoryEntity]`
show password categories 2017-02-06 21:53:54 +08:00			`return passwordCategoryEntities`
			`} catch {`
			`fatalError("Failed to fetch employees: \(error)")`
			`}`
			`}`

first commit 2017-01-19 21:15:47 +08:00			`func updateRemoteRepo() {`
			`}`
add erase data function 2017-02-07 16:45:14 +08:00
			`func deleteCoreData(entityName: String) {`
			`let deleteFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: entityName)`
			`let deleteRequest = NSBatchDeleteRequest(fetchRequest: deleteFetchRequest)`

			`do {`
			`try context.execute(deleteRequest)`
			`} catch let error as NSError {`
			`print(error)`
			`}`
			`}`

			`func erase() {`
refactor erase function 2017-02-08 19:29:44 +08:00			`Utils.removeFileIfExists(at: storeURL)`
			`Utils.removeFileIfExists(atPath: Globals.secringPath)`
change sshPublicKeyPath to sshPublicKeyURL 2017-02-08 19:31:42 +08:00			`Utils.removeFileIfExists(at: Globals.sshPrivateKeyURL)`
			`Utils.removeFileIfExists(at: Globals.sshPublicKeyURL)`
add erase data function 2017-02-07 16:45:14 +08:00
			`deleteCoreData(entityName: "PasswordEntity")`
			`deleteCoreData(entityName: "PasswordCategoryEntity")`

polish code 2017-02-09 11:31:29 +08:00			`Defaults.eraseAll()`
add erase data function 2017-02-07 16:45:14 +08:00			`}`
first commit 2017-01-19 21:15:47 +08:00			`}`