Added hex deauthenticate subcommand

CHANGELOG.md

@@ -188,6 +188,9 @@
   deprecated environment variables.
   ([Surya Rose](https://github.com/GearsDatapacks))
 
+- Added `gleam hex deauthenticate` command.
+  ([Samuel Cristobal](https://github.com/scristobal))
+
 ### Language server
 
 - The code action to add missing labels to function now also works in patterns:

compiler-cli/src/hex.rs

@@ -119,3 +119,28 @@ with a new one?";
     }
     Ok(())
 }
+
+pub(crate) fn deauthenticate() -> Result<()> {
+    let runtime = tokio::runtime::Runtime::new().expect("Unable to start Tokio async runtime");
+    let config = hexpm::Config::new();
+    let mut auth = HexAuthentication::new(&runtime, config.clone());
+
+    let previous = auth.read_stored_api_key()?;
+
+    if previous.is_none() {
+        println!("You must authenticate first");
+        return Ok(());
+    }
+
+    let question = "This will delete and revoke your existing Hex API key. The operation cannot be undone. Do you want to proceed?";
+
+    if !cli::confirm(question)? {
+        return Ok(());
+    };
+
+    if let Some(name) = auth.remove_stored_api_key()? {
+        println!("The Hex API key `{name}` was been removed successfully.")
+    }
+
+    Ok(())
+}

compiler-cli/src/hex/auth.rs

@@ -1,6 +1,8 @@
 use crate::{cli, fs::ConsoleWarningEmitter, http::HttpClient};
 use gleam_core::{
-    Error, Result, Warning, encryption, hex,
+    Error, Result, Warning, encryption,
+    error::wrap,
+    hex,
     paths::global_hexpm_credentials_path,
     warning::{DeprecatedEnvironmentVariable, WarningEmitter},
 };
@@ -149,6 +151,47 @@ encrypt your Hex API key.
             encrypted: encrypted.to_string(),
         }))
     }
+
+    /// Try to remove and revoke existing Hex API key, will return:
+    ///
+    ///  - Error: operation failed
+    ///  - Ok(None): operation successful but there was no key stored, eg. wrong file format
+    ///  - Ok(Some(String)): operation successful, plus the name of key
+    pub fn remove_stored_api_key(&mut self) -> Result<Option<String>> {
+        let path = global_hexpm_credentials_path();
+
+        let Some(EncryptedApiKey { name, .. }) = self.read_stored_api_key()? else {
+            return Ok(None);
+        };
+
+        let text = wrap(
+            "
+We are going to delete and revoke your existing Hex API key.
+In order to do so, we need to use your current local password.",
+        );
+
+        println!("{text}");
+
+        let Some(UnencryptedApiKey { unencrypted }) = self.read_and_decrypt_stored_api_key()?
+        else {
+            return Ok(None);
+        };
+
+        println!("Deleting local Hex API key from disk...");
+        crate::fs::delete_file(&path)?;
+        println!("File {path} deleted successfully.");
+
+        println!("Revoking Hex API key from Hex...");
+        self.runtime.block_on(hex::remove_api_key(
+            &name,
+            &self.hex_config,
+            &unencrypted,
+            &self.http,
+        ))?;
+        println!("Key {name} revoked successfully.");
+
+        Ok(Some(name.to_string()))
+    }
 }
 
 impl Drop for HexAuthentication<'_> {

compiler-cli/src/lib.rs

@@ -449,6 +449,9 @@ enum Hex {
 
     /// Authenticate with Hex
     Authenticate,
+
+    /// Deauthenticate from Hex
+    Deauthenticate,
 }
 
 #[derive(Subcommand, Debug)]
@@ -570,6 +573,8 @@ fn parse_and_run_command() -> Result<(), Error> {
 
         Command::Hex(Hex::Authenticate) => hex::authenticate(),
 
+        Command::Hex(Hex::Deauthenticate) => hex::deauthenticate(),
+
         Command::New(options) => new::create(options, COMPILER_VERSION),
 
         Command::Shell => {