fix: allow unauthenticated users

I had assumed that users needed an access token to use the GraphQL API
but the API seems to work without an access token. The extension now
allows users to use the extension without an access token. We still need
to handle the case when users have provided an invalid access token.

Author: olafurpg

src/queries/graphqlQuery.ts

@@ -3,46 +3,70 @@ import { CancellationToken } from 'vscode'
 import { log } from '../log'
 import { debugEnabledSetting } from '../settings/debugEnabledSetting'
 import { endpointHostnameSetting, endpointSetting } from '../settings/endpointSetting'
-import { accessTokenSetting, promptUserForAccessTokenSetting } from '../settings/accessTokenSetting'
+import {
+    accessTokenSetting,
+    deleteAccessTokenSetting,
+    promptUserForAccessTokenSetting,
+} from '../settings/accessTokenSetting'
 
 export function graphqlQuery<A, B>(query: string, variables: A, token: CancellationToken): Promise<B | undefined> {
-    return accessTokenSetting().then(accessToken => graphqlQueryWithAccessToken(query, variables, token, accessToken))
+    return graphqlQueryWithAccessToken(query, variables, token, accessTokenSetting())
 }
 
 export function graphqlQueryWithAccessToken<A, B>(
     query: string,
     variables: A,
     token: CancellationToken,
-    accessToken: string
+    accessToken?: string
 ): Promise<B | undefined> {
-    accessToken = accessToken.trim()
+    if (accessToken) {
+        accessToken = accessToken.trim()
+    }
     return new Promise<B | undefined>((resolve, reject) => {
         const data = JSON.stringify({
             query,
             variables,
         })
+        const headers: any = {
+            'Content-Length': data.length,
+        }
+        log.appendLine(`token: ${accessToken || 'undefined'}`)
+        if (accessToken) {
+            headers.Authorization = `token ${accessToken}`
+        }
         const options: RequestOptions = {
             hostname: endpointHostnameSetting(),
             port: 443,
             path: '/.api/graphql',
             method: 'POST',
-            headers: {
-                Authorization: `token ${accessToken}`,
-                'Content-Length': data.length,
-            },
+            headers,
         }
         const curlCommand = (): string => {
             const data: string = JSON.stringify({ query: query.replace(/\s+/g, '  '), variables })
-            return `curl -H 'Authorization: token ${accessToken}' -d '${data}' ${endpointSetting()}/.api/graphql`
+            const authorization = accessToken ? `-H 'Authorization: token ${accessToken}' ` : ''
+            return `curl ${authorization}-d '${data}' ${endpointSetting()}/.api/graphql`
         }
         const onReject = async (error: any) => {
             if (error === 'Invalid access token.\n') {
                 // Prompt the user to update the access token setting and try again with the new setting.
                 try {
-                    const newToken = await promptUserForAccessTokenSetting('Invalid Sourcegraph Access Token')
-                    const newResult = await graphqlQueryWithAccessToken<A, B>(query, variables, token, newToken)
+                    if (accessToken) {
+                        await deleteAccessTokenSetting(accessToken)
+                    }
+                    const toFixThisProblem =
+                        process.env.SRC_ACCESS_TOKEN === accessToken
+                            ? '. To fix this problem, remove the environment variables SRC_ACCESS_TOKEN and reload VS Code.'
+                            : ''
+                    const newAccessToken = await promptUserForAccessTokenSetting(
+                        'Invalid Sourcegraph Access Token',
+                        `The server at ${endpointHostnameSetting()} is unable to use the access token ${accessToken}.` +
+                            toFixThisProblem
+                    )
+                    log.appendLine(`re-trying GraphQL query with new access token '${newAccessToken}'`)
+                    const newResult = await graphqlQueryWithAccessToken<A, B>(query, variables, token, newAccessToken)
                     resolve(newResult)
                 } catch (newError) {
+                    log.error('failed to get valid access token', error)
                     reject(newError)
                 }
             } else {

src/search/SourcegraphNotebookSerializer.ts

@@ -45,6 +45,10 @@ export class SourcegraphNotebookSerializer implements vscode.NotebookSerializer
     ): Promise<void> {
         for (const cell of cells) {
             const execution = controller.createNotebookCellExecution(cell)
+            execution.token.onCancellationRequested(() => {
+                log.appendLine(`cancelled execution ${cell.index}`)
+                execution.end(false)
+            })
             execution.executionOrder = ++this.order
             try {
                 execution.start(Date.now())

src/settings/accessTokenSetting.ts

@@ -5,82 +5,76 @@ import { currentUserQuery } from '../queries/currentUserQuery'
 import { endpointSetting } from './endpointSetting'
 import { readConfiguration } from './readConfiguration'
 
-let cachedAccessToken: Promise<string> | undefined
+let cachedAccessToken: Promise<string | undefined> | undefined
 const invalidAccessTokens = new Set<string>()
 
-export function accessTokenSetting(): Promise<string> {
-    const fromSettings = readConfiguration().get<string>('accessToken', '')
+export function accessTokenSetting(): string | undefined {
+    const fromSettings = readConfiguration().get<string>('accessToken')
     if (fromSettings) {
-        return Promise.resolve(fromSettings)
+        return fromSettings
     }
 
     const environmentVariable = process.env.SRC_ACCESS_TOKEN
     if (environmentVariable && !invalidAccessTokens.has(environmentVariable)) {
-        return Promise.resolve(environmentVariable)
+        return environmentVariable
     }
 
-    return promptUserForAccessTokenSetting()
+    return undefined
 }
 
 export async function deleteAccessTokenSetting(tokenValueToDelete: string): Promise<void> {
     invalidAccessTokens.add(tokenValueToDelete)
     const currentValue = readConfiguration().get<string>('accessToken')
     if (currentValue === tokenValueToDelete) {
         cachedAccessToken = undefined
-        await readConfiguration().update('accessToken', undefined)
+        await readConfiguration().update('accessToken', undefined, vscode.ConfigurationTarget.Global)
+    } else {
+        log.appendLine(
+            `can't delete access token '${tokenValueToDelete}' because it doesn't match ` +
+                `existing configuration value '${currentValue || 'undefined'}'`
+        )
     }
 }
 
-export async function promptUserForAccessTokenSetting(title?: string): Promise<string> {
+export function promptUserForAccessTokenSetting(title: string, detail: string): Promise<string | undefined> {
     if (!cachedAccessToken) {
-        cachedAccessToken = unconditionallyPromptUserForAccessTokenSetting(title)
+        cachedAccessToken = unconditionallyPromptUserForAccessTokenSetting(title, detail)
         cachedAccessToken.then(
-            () => {},
+            token => {
+                log.appendLine(`new access token from user: ${token || 'undefined'}`)
+            },
             error => {
-                log.error('askUserToCreateAccessToken', error)
+                log.error('promptUserForAccessTokenSetting', error)
                 cachedAccessToken = undefined
             }
         )
     }
     return cachedAccessToken
 }
-async function unconditionallyPromptUserForAccessTokenSetting(title?: string): Promise<string> {
+
+async function unconditionallyPromptUserForAccessTokenSetting(
+    title: string,
+    detail: string
+): Promise<string | undefined> {
     const openBrowserMessage = 'Open browser to create an access token'
-    const learnMore = 'Learn more about access tokens'
-    const pasteAccessToken = 'Paste existing access token'
-    const userChoice = await vscode.window.showErrorMessage(
-        title || 'Missing Sourcegraph Access Token',
-        {
-            modal: true,
-            detail: 'An access token is required to use the Sourcegraph extension. To fix this problem, create a new access token on the Sourcegraph website or set the $SRC_ACCESS_TOKEN environment variable and restart VS Code.',
-        },
-        openBrowserMessage,
-        learnMore,
-        pasteAccessToken
-    )
-    if (userChoice) {
-        const openUrl =
-            userChoice === openBrowserMessage
-                ? `${endpointSetting()}/user/settings/tokens`
-                : userChoice === learnMore
-                ? 'https://docs.sourcegraph.com/cli/how-tos/creating_an_access_token'
-                : undefined
-        if (openUrl) {
-            await open(openUrl)
-        }
-        const token = await vscode.window.showInputBox({
+    const logout = 'Continue without an access token'
+    const userChoice = await vscode.window.showErrorMessage(title, { modal: true, detail }, openBrowserMessage, logout)
+
+    if (userChoice === openBrowserMessage) {
+        await open(`${endpointSetting()}/user/settings/tokens`)
+        const newToken = await vscode.window.showInputBox({
             title: 'Paste your Sourcegraph access token here',
             ignoreFocusOut: true,
         })
-        if (token) {
+        if (newToken) {
             try {
-                const currentUser = await currentUserQuery(token)
+                const currentUser = await currentUserQuery(newToken)
+                await readConfiguration().update('accessToken', newToken, vscode.ConfigurationTarget.Global)
                 const successMessage = `Successfully logged into Sourcegraph as user '${currentUser}'`
                 log.appendLine(successMessage)
                 await vscode.window.showInformationMessage(successMessage)
-                await readConfiguration().update('accessToken', token, vscode.ConfigurationTarget.Global)
                 cachedAccessToken = undefined
-                return token
+                return newToken
             } catch {
                 await vscode.window.showErrorMessage(
                     "Invalid Access Token. To fix this problem, update the 'sourcegraph.accessToken' setting and try again"
@@ -92,7 +86,8 @@ async function unconditionallyPromptUserForAccessTokenSetting(title?: string): P
     } else {
         log.error('askUserToCreateAccessToken - The user decided not to open the browser')
     }
-    throw new Error('No access token')
+
+    return undefined
 }
 
 export async function updateAccessTokenSetting(newValue?: string): Promise<void> {