cody icon indicating copy to clipboard operation
cody copied to clipboard
verified publisher icon sourcegraph

feat(jetbrains): Improve password management in jetbrains

Open pkukielka opened this issue 10 months ago • 2 comments

Changes

This PR partially mitigates the issue where users faces multiple prompt passwords if they change the endpoints in different IDEs. To fully solve that issue it would need to be done on the JetBrains level, as I described there: https://platform.jetbrains.com/t/group-keyring-access-for-all-ides-from-jetbrains-familly/1002

With my changes only password to Cody secret store is stored in a keyring using PasswordSafe, and all secrets are stored in a custom java KeyStore. That means password need to be typed only once per different IntelliJ executable (no matter between how many endpoints user switches).

This is second attempt to deploy that changes. Compared to previous one I added some safeguards:

  1. we notify user if password storage is memory only
  2. we notify user if secure storage is corrupted, password from password store does not match, or if secure storage need to be recreated for any other reason
  3. we automatically recreate secure storage if needed

Test plan

Backward compatibility test

  1. Open your keychain settings and search for IntelliJ Platform Sourcegraph, and then delete all entries image
  2. Open first IDE (e.g. IntelliJ Community) with old version of Cody installed (without this changes)
  3. Login to sourcegraph.com
  4. Switch to some private instance (e.g. to sg02)
  5. Open second, but different, IntelliJ IDE, e.g. Pycharm, with new version of Cody installed (with this changes)
  6. IntelliJ should ask you about password to the keyring (twice!) and then log you in to your second instance
  7. In the second IDE switch back to sourcegraph.com
  8. IntelliJ should ask you about password to the keyring AGAIN (and twice as well) and then log you in to sourcegraph.com

Only new version test

  1. Open your keychain settings and search for IntelliJ Platform Sourcegraph, and then delete all entries
  2. Open first IDE (e.g. IntelliJ Community) with new version of Cody installed (with this changes)
  3. Login to sourcegraph.com
  4. Switch to some private instance (e.g. to sg02)
  5. Open second, but different, IntelliJ IDE, e.g. Pycharm, with new version of Cody installed (with this changes)
  6. IntelliJ should ask you about password to the keyring (once!) and then log you in to your second instance
  7. In the second IDE switch back to sourcegraph.com
  8. IntelliJ should NOT ask you about any password anymore an just switch the account without any fuss

pkukielka avatar Apr 07 '25 15:04 pkukielka