Skip to content

Verify the API key when pasted during install (next-microsoft#27)#243

Merged
pedjaradenkovic merged 3 commits into
mainfrom
fix/verify-api-key-27
Jul 8, 2026
Merged

Verify the API key when pasted during install (next-microsoft#27)#243
pedjaradenkovic merged 3 commits into
mainfrom
fix/verify-api-key-27

Conversation

@pedjaradenkovic

@pedjaradenkovic pedjaradenkovic commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

What & why

Fixes Codeplain-ai/next-microsoft#27.

The install scripts accepted whatever the user pasted as an API key and always printed "✓ Sign in successful" — even for a wrong key or one copied with surrounding whitespace/newlines (as happened during testing). Nothing ever confirmed the key worked, and the installer never actually ran the codeplain tool to confirm the install succeeded. This PR trims and verifies the key before proceeding, and runs a final end-to-end check that the installed tool works.

Changes

API key verification during install (install/bash/install.sh, install/powershell/install.ps1)

  • Trim the pasted key (strips leading/trailing spaces, tabs, newlines, CRs).
  • Verify the key via POST /status with {"api_key": "..."} — chosen over /connection_check because it takes only the key and returns a clean 200 (valid) / 401 (invalid), checking only the API key and nothing else about the install.
  • Re-prompt in a loop until a valid key is entered (or empty input to skip). Distinct messages for an invalid key vs. an unreachable API.
  • Existing key that the user keeps (and non-interactive mode) is now verified too — a stale/expired key no longer slips through. If invalid, interactive falls through to enter a new key; non-interactive warns without claiming success. If the API is unreachable, the existing key is kept rather than locking the user out over a transient blip.
  • "Sign in successful" now prints only when a key has actually been verified (tracked via API_KEY_VERIFIED), not merely when a key is present.

API base URL is overridable via CODEPLAIN_API_URL (defaults to https://api.codeplain.ai), matching the existing CODEPLAIN_SCRIPTS_BASE_URL pattern.

Final installation verification (install/bash/install.sh, install/powershell/install.ps1)

  • After install, run codeplain --status as an end-to-end check that the tool launches, is on PATH, and can reach the API.
  • Output is fully suppressed — the user never sees the status payload, only ✓ "Installation verified" or a generic "Something went wrong during installation" followed by a non-zero exit.
  • Placed before the "You're all set!" banner so a failure stops there and stays visible.
  • Runs only when an API key is configured, so users who skip key setup aren't falsely alarmed.
  • bash exports ~/.local/bin onto PATH first so the freshly installed tool is findable; PowerShell already handles PATH earlier.

Client change (plain2code.py)

  • codeplain --status now exits non-zero on failure (missing key, or a failed status fetch); previously it always exited 0. This is what lets the installer map the result to a reliable pass/fail. Human-visible output is unchanged.
  • ⚠️ Behavior change to flag for review: anything scripting codeplain --status will now see a non-zero exit on error. This is correct CLI behavior, but it is a change.

Testing

  • bash -n install/bash/install.sh passes.
  • Trim + /status verification helpers tested against a mock server: valid→200 accepted, wrong→401 rejected, whitespace-padded key trimmed & accepted, offline→000 rejected.
  • Existing-key decision logic tested for all four cases (valid / invalid-interactive / invalid-noninteractive / network-error) — each produced the expected skip/verified state.
  • codeplain --status exit codes verified against the real API: valid key → 0, invalid key (401) → 1, missing key → 1, --version (offline) → 0.
  • Client quality gate: Black, isort, flake8, mypy all clean; 240/240 tests pass.
  • PowerShell mirrors the same logic; pwsh was not available locally to run a syntax check.

The installer accepted whatever the user pasted and always printed
"Sign in successful", even for a wrong or whitespace-padded key.

- Trim the pasted key (a tester copied it with newlines/extra spaces).
- Verify the key via POST /status (200 = valid, 401 = invalid), which
  checks only the API key and nothing else about the install.
- Re-prompt in a loop until a valid key is entered (or empty to skip);
  show a clear "Invalid API key" message, and a distinct message when
  the API cannot be reached.
- Only print "Sign in successful" when a verified key is configured.

Applied to both install.sh and install.ps1.
Previously an already-configured CODEPLAIN_API_KEY that the user chose to
keep was trusted without checking, so a stale/expired key still printed
"Sign in successful".

- Verify the existing key against /status when the user keeps it (and in
  non-interactive mode).
- If invalid: interactive falls through to enter a new key; non-interactive
  warns and does not claim success.
- If the API is unreachable, keep the existing key rather than locking the
  user out over a transient network issue.
- Track verification with API_KEY_VERIFIED and gate the "Sign in
  successful" banner on it (instead of mere key presence).

Applied to both install.sh and install.ps1.
@pedjaradenkovic pedjaradenkovic requested a review from hisenb3rg July 8, 2026 12:01
After installing, run `codeplain --status` as a final end-to-end check
that the tool launches, is on PATH, and can reach the API. Output is
suppressed; the result is mapped to a simple pass/fail. On failure the
installer stops with a generic "something went wrong" message instead of
declaring success.

To make this signal reliable, `codeplain --status` now exits non-zero on
failure (missing key or a failed status fetch); previously it always
exited 0. Human-visible output is unchanged.

The check runs only when an API key is configured, so users who skip key
setup are not falsely told something went wrong.

Applied to both install.sh and install.ps1.
@pedjaradenkovic pedjaradenkovic requested review from kaja-s and zanjonke and removed request for hisenb3rg July 8, 2026 13:32
@pedjaradenkovic pedjaradenkovic merged commit 3f54c00 into main Jul 8, 2026
10 checks passed
@pedjaradenkovic pedjaradenkovic deleted the fix/verify-api-key-27 branch July 8, 2026 14:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants