Reprompt inline on auth failure

Status	File	+	-
M	`garcard/src/main.rs`	1	0
M	`garcard/src/polkit_helper.rs`	13	17
M	`garcard/src/prompt.rs`	13	4
M	`garcard/src/prompt_ui.rs`	10	7

garcard/src/main.rsmodified

                      PromptToneArg::Success => prompt_ui::PromptTone::Success,
                      PromptToneArg::Error => prompt_ui::PromptTone::Error,
                  },
 +                feedback_only: false,
              };
              let outcome = match prompt_ui::run_prompt_dialog(request) {

garcard/src/polkit_helper.rsmodified

+                 }
                  HelperEvent::Failure => {
                      if saw_no_session_cookie {
 +                        if let Some(helper) = resolve_direct_helper_path() {
 +                            tracing::warn!(
 +                                helper = %helper.display(),
 +                                "Socket helper reported no session for cookie; falling back to direct helper process"
 +                            );
 +                            return self.authenticate_via_helper_process_with_helper(
 +                                &helper,
 +                                &username_line,
 +                                &cookie_line,
 +                                prompts,
 +                            );
 +                        }
                          tracing::warn!(
 -                            "Socket helper reported no session for cookie; falling back to direct helper process"
 -                        );
 -                        return self.authenticate_via_helper_process(
 -                            &username_line,
 -                            &cookie_line,
 -                            prompts,
 +                            "Socket helper reported no session for cookie and no viable direct helper is available; treating as authentication failure"
                          );
+                     }
                      prompts
+         }
+     }
 -    fn authenticate_via_helper_process<P: PromptProvider>(
 -        &self,
 -        username: &str,
 -        cookie: &str,
 -        prompts: &mut P,
 -    ) -> Result<HelperOutcome> {
 -        let helper = resolve_direct_helper_path()
 -            .context("failed to locate direct polkit helper binary for socket fallback")?;
 -        self.authenticate_via_helper_process_with_helper(&helper, username, cookie, prompts)
 -    }
+-
      fn authenticate_via_helper_process_with_helper<P: PromptProvider>(
          &self,
          helper: &Path,

garcard/src/prompt.rsmodified

      prompt_timeout_secs: u64,
      session: Option<PromptSession>,
      session_unavailable: bool,
 +    next_prompt_tone: Option<PromptTone>,
+ }
  impl Default for CommandPrompt {
              prompt_timeout_secs,
              session: None,
              session_unavailable: false,
 +            next_prompt_tone: None,
+         }
+     }
+ }
  impl CommandPrompt {
      fn run_prompt(&mut self, prompt: &str, visible: bool) -> Result<PromptResponse> {
 +        let tone = self.next_prompt_tone.take().unwrap_or(PromptTone::Default);
++
          if let Some(command) = self.prompt_command.as_deref() {
              tracing::debug!(visible, "Using custom prompt command backend");
              return run_custom_prompt_command(command, prompt, visible);
                          PromptMode::Secret
                      },
                      timeout_secs,
 -                    tone: UiPromptTone::Default,
 +                    tone: to_ui_tone(tone),
 +                    feedback_only: false,
                  };
                  let started = Instant::now();
                  Some((session.run(request), started.elapsed()))
+             }
+         }
 -        match run_gartk_prompt_subcommand(prompt, visible, timeout_secs) {
 +        match run_gartk_prompt_subcommand(prompt, visible, timeout_secs, tone) {
              Ok(response) => {
                  tracing::debug!(visible, response = ?response, "Prompt subprocess completed");
                  Ok(response)
+     }
      fn auth_succeeded(&mut self) -> Result<()> {
 +        self.next_prompt_tone = None;
          self.run_feedback("Authentication succeeded", PromptTone::Success)
+     }
      fn auth_failed(&mut self, message: &str) -> Result<()> {
 -        self.run_feedback(message, PromptTone::Error)
 +        tracing::warn!("polkit helper message: {}", message);
 +        self.next_prompt_tone = Some(PromptTone::Error);
 +        Ok(())
+     }
+ }
      prompt: &str,
      visible: bool,
      timeout_secs: u64,
 +    tone: PromptTone,
  ) -> Result<PromptResponse> {
      let mode = if visible { "plain" } else { "secret" };
      let executable =
          .arg("--timeout-secs")
          .arg(timeout_secs.to_string())
          .arg("--tone")
 -        .arg(PromptTone::Default.as_arg())
 +        .arg(tone.as_arg())
          .output()
          .context("failed to launch garcard prompt subcommand")?;

garcard/src/prompt_ui.rsmodified

  use anyhow::{Context, Result};
  use gartk_core::{Color, InputEvent, Key, KeyEvent, Rect, Theme};
 -use gartk_render::{copy_surface_to_window, Renderer, TextStyle};
 +use gartk_render::{Renderer, TextStyle, copy_surface_to_window};
  use gartk_x11::{
 -    monitor_at_pointer, primary_monitor, Connection, EventLoop, EventLoopConfig, Window,
 -    WindowConfig,
 +    Connection, EventLoop, EventLoopConfig, Window, WindowConfig, monitor_at_pointer,
 +    primary_monitor,
  };
  use std::time::{Duration, Instant};
  use x11rb::connection::Connection as X11Connection;
      pub mode: PromptMode,
      pub timeout_secs: u64,
      pub tone: PromptTone,
 +    pub feedback_only: bool,
+ }
  #[derive(Debug, Clone, PartialEq, Eq)]
              mode: PromptMode::Secret,
              timeout_secs: 0,
              tone: PromptTone::Default,
 +            feedback_only: false,
          };
          let conn = Connection::connect(None).context("failed to connect to X11 display")?;
              mode: PromptMode::Plain,
              timeout_secs,
              tone,
 +            feedback_only: true,
          })?;
          Ok(())
+     }
+     }
      fn handle_key(&mut self, key_event: &KeyEvent) {
 -        if self.request.tone != PromptTone::Default {
 +        if self.request.feedback_only {
              // Feedback dialogs are transient; ignore keypresses so the submit key
              // from the previous prompt cannot dismiss success/error feedback early.
              return;
              .font_family(theme.font_family)
              .font_size(12.0)
              .color(theme.item_description);
 -        let footer_text = if self.request.tone == PromptTone::Default {
 -            "Enter submit   Esc cancel"
 -        } else {
 +        let footer_text = if self.request.feedback_only {
              "Please wait"
 +        } else {
 +            "Enter submit   Esc cancel"
          };
          self.renderer.text(
              footer_text,

gardesk/garcard / `4f454bc`

4 changed files