futucli/cmd/

bind_key.rs

//! `futucli bind-key`: 就地编辑已存在 key 的 `allowed_machines`
//!
//! 不想走 `revoke` + `gen-key` 因为那会换 plaintext —— 客户端都得重新配。
//! 这里支持追加 / 替换 / 清除 / 冻结四种动作：
//!
//! | 动作     | 语义                                     | flag                              |
//! |---------|------------------------------------------|-----------------------------------|
//! | 追加    | 把指纹加进现有白名单（去重，默认行为）   | `--this-machine` / `--machines X` |
//! | 替换    | 用新指纹覆盖整个白名单                   | `--replace`（配合上面任一）        |
//! | 清除    | 把 `allowed_machines` 置 None（解绑）    | `--clear`                         |
//! | 冻结    | 把 `allowed_machines` 置 `[]` 拒绝所有   | `--freeze`                        |
//!
//! 记得 `--clear` / `--freeze` / `--replace` 三者互斥。改完后要让运行中的
//! 网关生效：`kill -HUP $(pgrep futu-opend)`（MCP 同理）。

use std::collections::HashSet;
use std::path::PathBuf;

use anyhow::{Context, Result, anyhow};
use futu_auth::{machine, store};

fn default_keys_path() -> Result<PathBuf> {
    let base =
        dirs::config_dir().ok_or_else(|| anyhow!("cannot resolve config dir (set --keys-file)"))?;
    Ok(base.join("futu").join("keys.json"))
}

// v1.4.106 codex 0608 F5 (P3): parse_fingerprints 移到 cmd::key_enums 模块
// 与 gen-key 共用 (单一 source of truth). Re-export 给 cfg(test) 老 test
// 名称兼容 — 走的是 cmd::key_enums::parse_fingerprints_csv 同实现.
#[cfg(test)]
fn parse_fingerprints(raw: &str) -> Result<Vec<String>> {
    crate::cmd::key_enums::parse_fingerprints_csv(raw)
}

pub struct BindKeyCommand {
    pub id: String,
    pub keys_file: Option<PathBuf>,
    pub this_machine: bool,
    pub machines: Option<String>,
    pub replace: bool,
    pub clear: bool,
    pub freeze: bool,
}

pub async fn run(input: BindKeyCommand) -> Result<()> {
    let BindKeyCommand {
        id,
        keys_file,
        this_machine,
        machines,
        replace,
        clear,
        freeze,
    } = input;

    // 互斥性校验
    let mutating_ops = [clear, freeze, replace].iter().filter(|x| **x).count();
    if mutating_ops > 1 {
        return Err(anyhow!(
            "--clear / --freeze / --replace are mutually exclusive"
        ));
    }
    if clear && (this_machine || machines.is_some()) {
        return Err(anyhow!(
            "--clear does not take --this-machine / --machines (it removes the binding entirely)"
        ));
    }
    if freeze && (this_machine || machines.is_some()) {
        return Err(anyhow!(
            "--freeze does not take --this-machine / --machines (it sets allowed_machines = [])"
        ));
    }
    if !clear && !freeze && !this_machine && machines.is_none() {
        return Err(anyhow!(
            "nothing to do — pass --this-machine / --machines / --clear / --freeze"
        ));
    }

    let path = match keys_file {
        Some(p) => p,
        None => default_keys_path()?,
    };

    // 预先算好要加的指纹（失败早 fail，不要修了一半才报错）
    //
    // v1.4.106 codex 0608 F4 (P2): `--machines ""` / `--machines ", ,"` 显式
    // 传空 CSV (parse 后 0 fingerprint) 且未传 `--this-machine` →
    // **loud reject** (替代旧 silent "no change (already in desired state)"
    // 反馈, 让用户立刻看到错误意图). `--freeze` 独立路径 (允许显式空白名单)
    // — 上面已分支判断 freeze && machines.is_some() 互斥拦截.
    let mut new_fps: Vec<String> = Vec::new();
    if this_machine {
        let fp = machine::fingerprint_for(&id)
            .map_err(|e| anyhow!("compute this machine's fingerprint: {e}"))?;
        new_fps.push(fp);
    }
    if let Some(raw) = machines.as_deref() {
        let parsed = crate::cmd::key_enums::parse_fingerprints_csv(raw)?;
        if parsed.is_empty() && !this_machine {
            return Err(anyhow!(
                "v1.4.106 F4: --machines {raw:?} parsed to empty list \
                 (no --this-machine either). 这是 silent no-op — 与你的意图相反. \
                 如要 \"清除绑定\" 用 --clear; 如要 \"冻结所有\" 用 --freeze; \
                 如要追加机器, 传至少 1 个 64-hex 指纹."
            ));
        }
        new_fps.extend(parsed);
    }

    let changed = store::update_key(&path, &id, |rec| {
        if clear {
            if rec.allowed_machines.is_none() {
                return false;
            }
            rec.allowed_machines = None;
            return true;
        }
        if freeze {
            if matches!(rec.allowed_machines.as_deref(), Some(list) if list.is_empty()) {
                return false;
            }
            rec.allowed_machines = Some(Vec::new());
            return true;
        }
        if replace {
            rec.allowed_machines = Some(new_fps.clone());
            return true;
        }
        // 默认：追加 + 去重
        let mut existing = rec.allowed_machines.clone().unwrap_or_default();
        let mut seen: HashSet<String> = existing.iter().cloned().collect();
        let mut added_any = false;
        for fp in &new_fps {
            if seen.insert(fp.clone()) {
                existing.push(fp.clone());
                added_any = true;
            }
        }
        if !added_any && rec.allowed_machines.is_some() {
            return false;
        }
        rec.allowed_machines = Some(existing);
        true
    })
    .with_context(|| format!("update key in {}", path.display()))?;

    if !changed {
        // 两种情况：key 不存在；或者确实没改动
        let ids = store::list_keys(&path)
            .with_context(|| format!("list keys after no-op update in {}", path.display()))?;
        if !ids.iter().any(|k| k.id == id) {
            return Err(anyhow!("no key with id={id:?} in {}", path.display()));
        }
        println!("no change (already in desired state): id={id:?}");
        return Ok(());
    }

    // 打印结果
    let rec = store::list_keys(&path)
        .context("re-read after update")?
        .into_iter()
        .find(|k| k.id == id)
        .ok_or_else(|| anyhow!("key disappeared after update (race?)"))?;

    println!("updated: id={id:?}  ({})", path.display());
    match rec.allowed_machines.as_deref() {
        None => println!("  bound : (none — unbound, any machine allowed)"),
        Some([]) => println!("  bound : [] (FROZEN — no machine allowed)"),
        Some(list) => {
            println!("  bound : {} machine(s)", list.len());
            for fp in list {
                println!("          {}", &fp[..16]);
            }
        }
    }
    println!();
    println!("note: running gateway must receive SIGHUP to pick up the change. Run:");
    println!("  kill -HUP $(pgrep futu-opend)    # Linux / macOS，shell 会自动探测 pid");
    println!(
        "  # Windows / 没装 pgrep：先 `ps aux | grep futu-opend` 查 pid，再 `kill -HUP <pid>`"
    );
    Ok(())
}

#[cfg(test)]
mod tests;