Merge pull request #219 from brevdev/get-exeternal-auth-id

carterabdallahbrev · web-flow · commit 339d2a850a74 · 2025-03-11T11:43:01.000-07:00
kas flow if you have been migrated
diff --git a/pkg/cmd/cmderrors/cmderrors.go b/pkg/cmd/cmderrors/cmderrors.go
@@ -2,6 +2,8 @@ package cmderrors
 
 import (
 	"fmt"
+	"os"
+	"os/exec"
 	"strings"
 
 	"github.com/getsentry/sentry-go"
@@ -34,6 +36,26 @@ func DisplayAndHandleError(err error) {
 		case breverrors.WorkspaceNotRunning: // report error to track when this occurs, but don't print stacktrace to user unless in dev mode
 			er.ReportError(err)
 			prettyErr = (t.Yellow(errors.Cause(err).Error()))
+		case *breverrors.NvidiaMigrationError:
+			// Handle nvidia migration error
+			if nvErr, ok := errors.Cause(err).(*breverrors.NvidiaMigrationError); ok {
+				prettyErr = t.Yellow(nvErr.Error() + "\n" + nvErr.Directive())
+
+				// Attempt automatic KAS login
+				fmt.Println("\n This account has been migrated to NVIDIA Auth. Attempting to log in with NVIDIA account...")
+				brevBin, err1 := os.Executable()
+				if err1 == nil {
+					cmd := exec.Command(brevBin, "login", "--auth", "nvidia") // #nosec G204
+					cmd.Stdout = os.Stdout
+					cmd.Stderr = os.Stderr
+					cmd.Stdin = os.Stdin
+					_ = cmd.Run() // Ignore error as it will be handled by the login command
+				}
+			} else {
+				// Fallback in case type assertion fails (shouldn't happen but better safe than sorry)
+				prettyErr = t.Red(errors.Cause(err).Error())
+				er.ReportError(err)
+			}
 		default:
 			if isSneakyValidationErr(err) {
 				prettyErr = (t.Yellow(errors.Cause(err).Error()))
diff --git a/pkg/entity/entity.go b/pkg/entity/entity.go
@@ -167,17 +167,24 @@ const (
 	Standard GlobalUserType = "Standard"
 )
 
+type ExternalIdentity struct {
+	IdentityID string `json:"identity_id,omitempty"`
+	Provider   string `json:"provider,omitempty"`
+	ExternalID string `json:"external_id,omitempty"`
+}
+
 type User struct {
-	ID                string                 `json:"id"`
-	PublicKey         string                 `json:"publicKey,omitempty"`
-	Username          string                 `json:"username"`
-	Name              string                 `json:"name"`
-	Email             string                 `json:"email"`
-	WorkspacePassword string                 `json:"workspacePassword"`
-	BaseWorkspaceRepo string                 `json:"baseWorkspaceRepo"`
-	GlobalUserType    GlobalUserType         `json:"globalUserType"`
-	IdeConfig         IDEConfig              `json:"ideConfig,omitempty"`
-	OnboardingData    map[string]interface{} `json:"onboardingData"`
+	ID                 string                 `json:"id"`
+	PublicKey          string                 `json:"publicKey,omitempty"`
+	Username           string                 `json:"username"`
+	Name               string                 `json:"name"`
+	Email              string                 `json:"email"`
+	WorkspacePassword  string                 `json:"workspacePassword"`
+	BaseWorkspaceRepo  string                 `json:"baseWorkspaceRepo"`
+	GlobalUserType     GlobalUserType         `json:"globalUserType"`
+	IdeConfig          IDEConfig              `json:"ideConfig,omitempty"`
+	OnboardingData     map[string]interface{} `json:"onboardingData"`
+	ExternalIdentities []*ExternalIdentity    `json:"externalIdentities,omitempty"`
 }
 
 type UserKeys struct {
diff --git a/pkg/errors/errors.go b/pkg/errors/errors.go
@@ -277,3 +277,19 @@ func makeErrorMessage(message string, skip int) string {
 }
 
 // logger.L().Error("", zap.Error(err))
+
+type NvidiaMigrationError struct {
+	Message string
+}
+
+func (e NvidiaMigrationError) Error() string {
+	return e.Message
+}
+
+func (e NvidiaMigrationError) Directive() string {
+	return "Please run 'brev login --auth nvidia' to log in with your NVIDIA account"
+}
+
+func NewNvidiaMigrationError(msg string) *NvidiaMigrationError {
+	return &NvidiaMigrationError{Message: msg}
+}
diff --git a/pkg/store/user.go b/pkg/store/user.go
@@ -3,6 +3,7 @@ package store
 import (
 	"fmt"
 
+	"github.com/brevdev/brev-cli/pkg/auth"
 	"github.com/brevdev/brev-cli/pkg/entity"
 	breverrors "github.com/brevdev/brev-cli/pkg/errors"
 )
@@ -22,6 +23,22 @@ func (s AuthHTTPStore) GetCurrentUser() (*entity.User, error) {
 		return nil, NewHTTPResponseError(res)
 	}
 
+	// Check if user has multiple identities and is using Auth0
+	if len(result.ExternalIdentities) > 1 {
+		// Get the current token to check if it's from Auth0
+		currentToken, err := s.authHTTPClient.auth.GetAccessToken()
+		if err != nil {
+			return nil, breverrors.WrapAndTrace(err)
+		}
+
+		// Check if the current token is from Auth0
+		isAuth0Token := auth.IssuerCheck(currentToken, "https://brevdev.us.auth0.com/")
+		if isAuth0Token {
+			// User has multiple identities and is using Auth0, suggest NVIDIA login
+			return nil, breverrors.NewNvidiaMigrationError("This account has an NVIDIA login available")
+		}
+	}
+
 	breverrors.GetDefaultErrorReporter().SetUser(breverrors.ErrorUser{
 		ID:       result.ID,
 		Username: result.Username,
