Merge pull request #18 from bcmi-labs/fix_login

Fix login

Author: facchinm

auth/auth.go

@@ -24,7 +24,7 @@
  * invalidate any other reasons why the executable file might be covered by
  * the GNU General Public License.
  *
- * Copyright 2017 BCMI LABS SA (http://www.arduino.cc/)
+ * Copyright 2017 ARDUINO AG (http://www.arduino.cc/)
  */
 
 // Package auth uses the `oauth2 authorization_code` flow to authenticate with Arduino
@@ -48,6 +48,7 @@ import (
 	"math/rand"
 	"net/http"
 	"net/url"
+	"regexp"
 	"strings"
 	"time"
 
@@ -202,6 +203,8 @@ func (c *Config) requestAuth(client *http.Client) (string, cookies, error) {
 	return res.Request.URL.String(), cookies, err
 }
 
+var errorRE = regexp.MustCompile(`<div class="error">(?P<error>.*)</div>`)
+
 // authenticate uses the user and pass to pass the authentication challenge and returns the authorization_code
 func (c *Config) authenticate(client *http.Client, cookies cookies, uri, user, pass string) (string, error) {
 	// Find csrf
@@ -215,6 +218,7 @@ func (c *Config) authenticate(client *http.Client, cookies cookies, uri, user, p
 	query.Add("username", user)
 	query.Add("password", pass)
 	query.Add("csrf", csrf)
+	query.Add("g-recaptcha-response", "")
 
 	req, err := http.NewRequest("POST", uri, strings.NewReader(query.Encode()))
 	if err != nil {
@@ -233,7 +237,12 @@ func (c *Config) authenticate(client *http.Client, cookies cookies, uri, user, p
 	}
 
 	if res.StatusCode != 302 {
-		return "", errors.New("authentication failed")
+		body, _ := ioutil.ReadAll(res.Body)
+		errs := errorRE.FindStringSubmatch(string(body))
+		if len(errs) < 2 {
+			return "", errors.New("status = " + res.Status + ", response = " + string(body))
+		}
+		return "", errors.New(errs[1])
 	}
 
 	// Follow redirect to hydra

install.go

@@ -17,8 +17,11 @@ import (
 	"net/http"
 	"os"
 	"strings"
+	"syscall"
 	"time"
 
+	"golang.org/x/crypto/ssh/terminal"
+
 	"github.com/bcmi-labs/arduino-connector/auth"
 	mqtt "github.com/eclipse/paho.mqtt.golang"
 	"github.com/facchinm/service"
@@ -102,12 +105,28 @@ func askCredentials() (token string, err error) {
 	fmt.Println("Insert your arduino username")
 	fmt.Scanln(&user)
 	fmt.Println("Insert your arduino password")
-	fmt.Scanln(&pass)
 
-	auth := auth.New()
-	auth.ClientID = "connector"
-	auth.Scopes = "iot:devices"
-	tok, err := auth.Token(user, pass)
+	bytePassword, err := terminal.ReadPassword(int(syscall.Stdin))
+	if err != nil {
+		return "", err
+	}
+	pass = string(bytePassword)
+
+	authClient := auth.New()
+	authClient.ClientID = "connector"
+	authClient.Scopes = "iot:devices"
+
+	var tok *auth.Token
+	// Handle captcha
+	for {
+		tok, err = authClient.Token(user, pass)
+		if err == nil || !strings.HasPrefix(err.Error(), "authenticate: CAPTCHA") {
+			break
+		}
+		fmt.Println("The authentication requested a captcha! We can't let you solve it in a terminal, so please visit https://auth.arduino.cc/login. When you managed to log in from the browser come back here and press [Enter]")
+		var temp string
+		fmt.Scanln(&temp)
+	}
 	if err != nil {
 		return "", err
 	}