From 790f109e66a72e5b5f82936479ca8850ea3e160e Mon Sep 17 00:00:00 2001
From: Matthew Penner <me@matthewp.io>
Date: Sat, 17 Jul 2021 17:22:47 -0600
Subject: [PATCH] api(remote): update sftp auth controller

---
 .../Api/Remote/SftpAuthenticationController.php       | 11 ++++++++---
 .../Api/Remote/SftpAuthenticationFormRequest.php      |  1 +
 routes/api-remote.php                                 |  1 +
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/Api/Remote/SftpAuthenticationController.php b/app/Http/Controllers/Api/Remote/SftpAuthenticationController.php
index b97040f1e..304b91494 100644
--- a/app/Http/Controllers/Api/Remote/SftpAuthenticationController.php
+++ b/app/Http/Controllers/Api/Remote/SftpAuthenticationController.php
@@ -70,8 +70,14 @@ class SftpAuthenticationController extends Controller
             ['username', '=', $connection['username']],
         ]);
 
+        if ($request->input('type') === 'publicKey') {
+            $verified = true;
+        } else {
+            $verified = password_verify($request->input('password'), $user->password);
+        }
+
         $server = $this->serverRepository->getByUuid($connection['server'] ?? '');
-        if (!password_verify($request->input('password'), $user->password) || $server->node_id !== $node->id) {
+        if (!$verified || $server->node_id !== $node->id) {
             $this->incrementLoginAttempts($request);
 
             throw new HttpForbiddenException('Authorization credentials were not correct, please try again.');
@@ -88,9 +94,8 @@ class SftpAuthenticationController extends Controller
         $server->validateCurrentState();
 
         return new JsonResponse([
+            'ssh_keys' => $user->sshKeys->pluck('public_key')->toArray(),
             'server' => $server->uuid,
-            // Deprecated, but still needed at the moment for Wings.
-            'token' => '',
             'permissions' => $permissions ?? ['*'],
         ]);
     }
diff --git a/app/Http/Requests/Api/Remote/SftpAuthenticationFormRequest.php b/app/Http/Requests/Api/Remote/SftpAuthenticationFormRequest.php
index 041ff197f..8454075d5 100644
--- a/app/Http/Requests/Api/Remote/SftpAuthenticationFormRequest.php
+++ b/app/Http/Requests/Api/Remote/SftpAuthenticationFormRequest.php
@@ -26,6 +26,7 @@ class SftpAuthenticationFormRequest extends FormRequest
         return [
             'username' => 'required|string',
             'password' => 'required|string',
+            'type' => 'required|in:password,publicKey'
         ];
     }
 
diff --git a/routes/api-remote.php b/routes/api-remote.php
index 8fc1997e9..743bd771f 100644
--- a/routes/api-remote.php
+++ b/routes/api-remote.php
@@ -11,6 +11,7 @@ use Illuminate\Support\Facades\Route;
 |
 */
 Route::post('/sftp/auth', 'SftpAuthenticationController');
+Route::put('/sftp/auth', 'SftpAuthenticationController@getSSHKeys');
 
 Route::get('/servers', 'Servers\ServerDetailsController@list');
 Route::post('/servers/reset', 'Servers\ServerDetailsController@resetState');