feat: download alerts in background and save github token in PasswordStore

Author: TheCK

build.gradle.kts

@@ -4,7 +4,7 @@ plugins {
 }
 
 group = "org.ck"
-version = "0.1.0"
+version = "0.2.0"
 
 repositories {
     mavenCentral()

src/main/java/org/ck/githubsecurityscanalerts/action/DownloadAction.java

@@ -1,7 +1,11 @@
 package org.ck.githubsecurityscanalerts.action;
 
+import com.intellij.ide.passwordSafe.PasswordSafe;
+import com.intellij.notification.NotificationGroupManager;
+import com.intellij.notification.NotificationType;
 import com.intellij.openapi.actionSystem.ActionUpdateThread;
 import com.intellij.openapi.actionSystem.AnActionEvent;
+import com.intellij.openapi.application.ApplicationManager;
 import com.intellij.openapi.diagnostic.Logger;
 import com.intellij.openapi.project.DumbAwareAction;
 import com.intellij.openapi.wm.ToolWindow;
@@ -13,6 +17,7 @@
 import org.ck.githubsecurityscanalerts.store.alerts.AlertsStore;
 import org.ck.githubsecurityscanalerts.store.settings.ProjectSettings;
 import org.ck.githubsecurityscanalerts.store.settings.ProjectSettingsStore;
+import org.ck.githubsecurityscanalerts.store.settings.StoreUtil;
 import org.ck.githubsecurityscanalerts.ui.tool.AlertsPanel;
 import org.jetbrains.annotations.NotNull;
 
@@ -31,40 +36,57 @@ public void update(AnActionEvent e) {
         .setEnabled(
             !state.getGithubRepo().isEmpty()
                 && !state.getGithubOwner().isEmpty()
-                && !state.getGithubToken().isEmpty());
+                && PasswordSafe.getInstance()
+                        .getPassword(StoreUtil.getTokenAttributes(e.getProject()))
+                    != null);
   }
 
   @Override
   public void actionPerformed(AnActionEvent e) {
-    final ProjectSettings state = e.getProject().getService(ProjectSettingsStore.class).getState();
-    final Alerts savedAlerts = e.getProject().getService(AlertsStore.class).getState();
-
-    Set<Alert> alerts =
-        new GithubClient(state.getGithubToken())
-            .fetchAlerts(state.getGithubOwner(), state.getGithubRepo());
-
-    LOGGER.warn("fetched %d alerts".formatted(alerts.size()));
-
-    savedAlerts.setAlerts(
-        alerts.stream()
-            .map(
-                alert ->
-                    new org.ck.githubsecurityscanalerts.store.alerts.Alert(
-                        alert.rule().id(),
-                        getRuleName(alert),
-                        alert.most_recent_instance().location().path(),
-                        alert.most_recent_instance().location().start_line(),
-                        alert.most_recent_instance().location().start_column()))
-            .toList());
-
-    ToolWindowManager toolWindowManager = ToolWindowManager.getInstance(e.getProject());
-    ToolWindow gitHubSecurityAlerts =
-        toolWindowManager.getToolWindow("GitHub Security Scan Alerts");
-    for (Content content : gitHubSecurityAlerts.getContentManager().getContents()) {
-      if (content.getComponent() instanceof AlertsPanel alertsPanel) {
-        alertsPanel.init();
-      }
-    }
+    ApplicationManager.getApplication()
+        .executeOnPooledThread(
+            () -> {
+              final ProjectSettings state =
+                  e.getProject().getService(ProjectSettingsStore.class).getState();
+              final Alerts savedAlerts = e.getProject().getService(AlertsStore.class).getState();
+
+              Set<Alert> alerts =
+                  new GithubClient(
+                          PasswordSafe.getInstance()
+                              .getPassword(StoreUtil.getTokenAttributes(e.getProject())))
+                      .fetchAlerts(state.getGithubOwner(), state.getGithubRepo());
+
+              LOGGER.warn("fetched %d alerts".formatted(alerts.size()));
+
+              savedAlerts.setAlerts(
+                  alerts.stream()
+                      .map(
+                          alert ->
+                              new org.ck.githubsecurityscanalerts.store.alerts.Alert(
+                                  alert.rule().id(),
+                                  getRuleName(alert),
+                                  alert.most_recent_instance().location().path(),
+                                  alert.most_recent_instance().location().start_line(),
+                                  alert.most_recent_instance().location().start_column()))
+                      .toList());
+
+              NotificationGroupManager.getInstance()
+                  .getNotificationGroup("GitHub Security Scan Alerts")
+                  .createNotification(
+                      "Downloaded %d alerts".formatted(savedAlerts.getAlerts().size()),
+                      NotificationType.INFORMATION)
+                  .setImportant(true)
+                  .notify(e.getProject());
+
+              ToolWindowManager toolWindowManager = ToolWindowManager.getInstance(e.getProject());
+              ToolWindow gitHubSecurityAlerts =
+                  toolWindowManager.getToolWindow("GitHub Security Scan Alerts");
+              for (Content content : gitHubSecurityAlerts.getContentManager().getContents()) {
+                if (content.getComponent() instanceof AlertsPanel alertsPanel) {
+                  alertsPanel.init();
+                }
+              }
+            });
   }
 
   @Override

src/main/java/org/ck/githubsecurityscanalerts/store/settings/ProjectSettings.java

@@ -2,18 +2,9 @@
 
 public final class ProjectSettings {
 
-  private String githubToken = "";
   private String githubOwner = "";
   private String githubRepo = "";
 
-  public String getGithubToken() {
-    return githubToken;
-  }
-
-  public void setGithubToken(final String githubToken) {
-    this.githubToken = githubToken;
-  }
-
   public String getGithubOwner() {
     return githubOwner;
   }

src/main/java/org/ck/githubsecurityscanalerts/store/settings/StoreUtil.java

@@ -0,0 +1,10 @@
+package org.ck.githubsecurityscanalerts.store.settings;
+
+import com.intellij.credentialStore.CredentialAttributes;
+import com.intellij.openapi.project.Project;
+
+public class StoreUtil {
+  public static CredentialAttributes getTokenAttributes(Project project) {
+    return new CredentialAttributes("GitHub Code Scanning Alerts - Token - " + project.getName());
+  }
+}

src/main/java/org/ck/githubsecurityscanalerts/ui/settings/SettingsPanel.java

@@ -1,5 +1,7 @@
 package org.ck.githubsecurityscanalerts.ui.settings;
 
+import com.intellij.credentialStore.Credentials;
+import com.intellij.ide.passwordSafe.PasswordSafe;
 import com.intellij.notification.NotificationGroupManager;
 import com.intellij.notification.NotificationType;
 import com.intellij.openapi.project.Project;
@@ -9,6 +11,7 @@
 import org.ck.githubsecurityscanalerts.github.GithubClient;
 import org.ck.githubsecurityscanalerts.store.settings.ProjectSettings;
 import org.ck.githubsecurityscanalerts.store.settings.ProjectSettingsStore;
+import org.ck.githubsecurityscanalerts.store.settings.StoreUtil;
 
 import javax.swing.*;
 import java.awt.*;
@@ -18,6 +21,8 @@
 import static java.awt.GridBagConstraints.*;
 
 public class SettingsPanel {
+
+  private final Project project;
   private final JPanel root;
 
   private JBTextField githubToken;
@@ -29,6 +34,7 @@ public class SettingsPanel {
   private JButton testButton;
 
   public SettingsPanel(Project project) {
+    this.project = project;
     root = new JPanel(new BorderLayout());
 
     JPanel grid = new JPanel(new GridBagLayout());
@@ -64,19 +70,22 @@ public SettingsPanel(Project project) {
           @Override
           public void actionPerformed(ActionEvent e) {
             final Optional<Long> alertCount =
-                new GithubClient(getGithubToken()).getAlertCount(getGithubOwner(), getGithubRepo());
+                new GithubClient(
+                        PasswordSafe.getInstance()
+                            .getPassword(StoreUtil.getTokenAttributes(project)))
+                    .getAlertCount(getGithubOwner(), getGithubRepo());
 
             if (alertCount.isPresent()) {
               NotificationGroupManager.getInstance()
-                  .getNotificationGroup("GitHub Security Scan Alerts: Connection Test")
+                  .getNotificationGroup("GitHub Security Scan Alerts")
                   .createNotification(
                       "Connection OK: %d alerts found".formatted(alertCount.get()),
                       NotificationType.INFORMATION)
                   .setImportant(true)
                   .notify(project);
             } else {
               NotificationGroupManager.getInstance()
-                  .getNotificationGroup("GitHub Security Scan Alerts: Connection Test")
+                  .getNotificationGroup("GitHub Security Scan Alerts")
                   .createNotification("Connection failed", NotificationType.WARNING)
                   .setImportant(true)
                   .notify(project);
@@ -95,19 +104,26 @@ public JPanel getRootPane() {
   }
 
   public void load(ProjectSettings projectSettings) {
-    githubToken.setText(projectSettings.getGithubToken());
+    if (PasswordSafe.getInstance().getPassword(StoreUtil.getTokenAttributes(project)) != null) {
+      githubToken.getEmptyText().setText("< Saved Github token >");
+    }
+
     githubOwner.setText(projectSettings.getGithubOwner());
     githubRepo.setText(projectSettings.getGithubRepo());
   }
 
   public void save(ProjectSettings projectSettings) {
-    projectSettings.setGithubToken(getGithubToken());
+    if (!getGithubToken().isEmpty()) {
+      Credentials credentials = new Credentials(null, getGithubToken());
+      PasswordSafe.getInstance().set(StoreUtil.getTokenAttributes(project), credentials);
+    }
+
     projectSettings.setGithubOwner(getGithubOwner());
     projectSettings.setGithubRepo(getGithubRepo());
   }
 
   public boolean isModified(ProjectSettings projectSettings) {
-    return !projectSettings.getGithubToken().equals(getGithubToken())
+    return !getGithubToken().isEmpty()
         || !projectSettings.getGithubOwner().equals(getGithubOwner())
         || !projectSettings.getGithubRepo().equals(getGithubRepo());
   }

src/main/resources/META-INF/plugin.xml

@@ -32,8 +32,7 @@
         <projectService serviceImplementation="org.ck.githubsecurityscanalerts.store.settings.ProjectSettingsStore"/>
         <projectService serviceImplementation="org.ck.githubsecurityscanalerts.store.alerts.AlertsStore"/>
 
-        <notificationGroup id="GitHub Security Scan Alerts: Connection Test"
-                           displayType="BALLOON"/>
+        <notificationGroup id="GitHub Security Scan Alerts" displayType="BALLOON"/>
     </extensions>
 
     <actions>