Open akhavr opened 1 year ago
Identity management is done in entities/identity
package (https://github.com/MichaelMure/git-bug/blob/master/doc/architecture.md#identity )
Consider handling every nostr identity as remote: see ReadRemote
etc
.. or even straight NewIdentity
and NewIdentityFull
Detailed the desired result
So, investigating how git identity travels through bridge.
PS second task - create git id from cmd line
test comment
Managing github tokens from CLI: commands/bridge/bridge_auth_addtoken.go
$ git bug bridge auth add-token -h
Store a new token
Usage:
git-bug bridge auth add-token [TOKEN] [flags]
Flags:
-t, --target string The target of the bridge. Valid values are [github,gitlab,jira,launchpad-preview]
-l, --login string The login in the remote bug-tracker
-u, --user string The user to add the token to. Default is the current user
-h, --help help for add-token
Managing github tokens from CLI:
commands/bridge/bridge_auth_addtoken.go
user, err = env.Backend.Identities().ResolvePrefix(opts.user)
cache/subcache.go
So, local identities are saved in git repo under refs/identities/
prefix (see entitites/identity/identity.go
)
Hmm.... NostrGit doesn't plan to sync with github now
Basically, when logging in with nostr, we run git bug user new
with the respective keys:
Flags:
-a, --avatar string Avatar URL
-e, --email string Email of the user
-h, --help help for new
-n, --name string Name to identify the user
--non-interactive Do not ask for user input
Optionally let user add his github token.
Perhaps show nostr npub
on the profile page.
Test login with nostr
with Alby
@akhavr, sorry I was not aware of this issue.
Hmm.... NostrGit https://github.com/NostrGit/NostrGit/issues/115#issuecomment-1468351220
I'm not against having github bridges in general, if you want to try to implement them. I just meant (in the issue you linked) that it is not something we have planned as of yet. If you want to try to implement a solution for that, go ahead! :rocket: Sorry for the confusion! Your work has not been for nothing :smile:
@akhavr, sorry I was not aware of this issue.
Hmm.... NostrGit NostrGit/NostrGit#115 (comment)
I'm not against having github bridges in general, if you want to try to implement them. I just meant (in the issue you linked) that it is not something we have planned as of yet.
Yes, I've got it perfectly, no problem.
Hopefully I'll be able to release something working in couple weeks.
So far npub = nip19.npubEncode(hex);
in browser fails with Uncaught TypeError: can't convert BigInt to number
Ok, rebuilding webui from scratch step-by-step to see where it breaks.
So far it fails when trying to add themes:
$ npm install @mui/styles/defaultTheme
[...]
pm ERR! While resolving: my-app@0.1.0
npm ERR! Found: react@18.2.0
npm ERR! node_modules/react
npm ERR! react@"^18.2.0" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer react@"^17.0.0" from @mui/styles@5.11.13
npm ERR! node_modules/@mui/styles
npm ERR! @mui/styles@"*" from the root project
Ok, version issues are resolved. Now working on starting correct graphql
Note this in webui.go
:
// If the webUI is not read-only, use an authentication middleware with a
// fixed identity: the default user of the repo
// TODO: support dynamic authentication with OAuth
if !opts.readOnly {
author, err := identity.GetUserIdentity(env.Repo)
if err != nil {
return err
}
router.Use(auth.Middleware(author.Id()))
}
Ok, so git-bug
actually runs two webservers: one in golang
for git-related stuff and the backend, other - react-based.
Transferring all git-bug
related plumbing from golang
project to react
one just to figure out why it react
can't convert BigInt
somewhere in the cryptographic library is a mess.
Let's go different way: dump existing react webui within git-bug
and add it back with Nostr login, step-by-step, figuring out where it fails.
Uncaught TypeError: can't convert BigInt to number
SWUFpSqrtRatio weierstrass.ts:1068
mapToCurveSimpleSWU weierstrass.ts:1137
node_modules bundle.js:48538
factory react refresh:6
Webpack 19
weierstrass.ts:1068
Bug happens somewhere in @noble/curves/esm/secp256k1.js
"browserslist": {
"production": [
">0.2%",
"not dead",
"not op_mini all"
],
"development": [
"last 1 chrome version",
"last 1 firefox version",
"last 1 safari version"
]
}
in package.json
fixes this
Default page with bug list is rendered in pages/list/ListQuery.txt
User data is retrieved by useCurrentIdentityQuery
defined in components/Identity/CurrentIdentity.generated
which then queries graphql
query CurrentIdentity {
repository {
name
userIdentity {
...Identity
}
}
}
fragment Identity on Identity {
id
humanId
displayName
email
name
avatarUrl
isProtected
login
}
On the other side, webui.go
-> identity_user.go:GetUserIdentity
-> GetUserIdentityId
-> repo.LocalConfig().ReadString(identityConfigKey)
const identityConfigKey = "git-bug.identity"
On the golang side:
api/auth.UserFromCtx({0x13e1da0, 0xc0003a69f0}, 0xc00029e480)
pi/auth/context.go:27 +0x56
api/graphql/resolvers.repoResolver.UserIdentity({}, {0x13e1da0?, 0xc0003a69f0?}, 0x7fc08656a6f0?)
api/graphql/resolvers/repo.go:157 +0x2b
api/graphql/graph.(*executionContext)._Repository_userIdentity.func2({0x13e1da0?, 0xc0003a69f0})
api/graphql/graph/repository.generated.go:541 +0x84
github.com/99designs/gqlgen/graphql/executor.processExtensions.func4({0x13e1da0?, 0xc0003a69f0?}, 0xc0000fe8c0?)
/go/pkg/mod/github.com/99designs/gqlgen@v0.17.20/graphql/executor/extensions.go:72 +0x26
api/graphql/graph.(*executionContext)._Repository_userIdentity(0xc00031a0c0, {0x13e1da0, 0xc0003a6930}, {0xc00029e780?, {0xc00029a8a0?, 0x0?, 0x0?}}, 0xc00031a1c0)
api/graphql/graph/repository.generated.go:539 +0x228
api/graphql/graph.(*executionContext)._Repository.func11({0x13e1da0?, 0xc0003a6930?})
api/graphql/graph/repository.generated.go:773 +0xa9
api/graphql/graph.(*executionContext)._Repository.func12()
api/graphql/graph/repository.generated.go:778 +0x25
github.com/99designs/gqlgen/graphql.(*FieldSet).Dispatch.func1({0x0?, 0xc00029ac00?})
/go/pkg/mod/github.com/99designs/gqlgen@v0.17.20/graphql/fieldset.go:42 +0x3c
created by github.com/99designs/gqlgen/graphql.(*FieldSet).Dispatch
/go/pkg/mod/github.com/99designs/gqlgen@v0.17.20/graphql/fieldset.go:41 +0x265
Hmm.... What rights and permissions nostr-authenticated user should get?...
Possible permissions:
Trying to fit it in this multilayered system
In https://github.com/MichaelMure/git-bug/issues/640 there's a discussion about introducing OAuth support
Reading https://github.com/go-pkgz/auth re oAuth support
Trying this example https://github.com/go-pkgz/auth/blob/master/_example/main.go
3 hackable candidates:
* devauth
Works only to streamline developmenbt
* ~anonymous~ direct provider
Could be used if server-side challenge is sent together with the main page
* custom oauth2 server
Most likely candidate.
Where's the code for login page of this custom oauth2 server?
Where's the code for login page of this custom oauth2 server?
Plan:
func (p Oauth2Handler) AuthHandler(w http.ResponseWriter, r *http.Request) {
oauthClaims, _, err := p.JwtService.Get(r)
Returned oauthClaims
has wrong state
. I don't get something, obviously
Ok, wrong cookie :-/
At what moment does it set the JWT
cookie?
Works. Problem was related to stale cookie and 127.0.0.1
vs localhost
confusion.
* [ ] add oauth2 github + custom login support to git-bug
Current take: upon login attempt check against existing user identities in git-bug
store and reject if not found.
..looking at git bug user new
implementation
id, err := env.Backend.Identities().NewRaw(opts.name, opts.email, "", opts.avatarURL, nil, nil)
/entities/identity/version.go: type version struct
Perhaps nostr pubkey better be stored in a metadata
to stay compatible
Nostr auth might return git-bug user identity id, but this won't be compatible with github oauth authentication.
github.com:go-pkgz/auth
returns claims in the following form (see _example/main.go
):
Validator: token.ValidatorFunc(func(_ string, claims token.Claims) bool { // rejects some tokens
if claims.User != nil {
if strings.HasPrefix(claims.User.ID, "github_") { // allow all users with github auth
return true
}
if strings.HasPrefix(claims.User.ID, "microsoft_") { // allow all users with ms auth
...
Basically, instead of router.Use(auth.Middleware(author.Id()))
which uses fixed used id (see api/auth/middleware.go
, I'd better use https://github.com/go-pkgz/auth#user-info
Le Professionnel crashes compiler while learning new language :)
$ go get github.com/go-pkgz/auth
panic: internal error: can't find reason for requirement on github.com/golang/snappy@v0.0.1
goroutine 1 [running]:
cmd/go/internal/modget.(*resolver).updateBuildList.func1({{0xc000d8ca98?, 0xc000772f00?}, {0xc00011ae80?, 0xc0000114b8?}})
/usr/lib/go-1.18/src/cmd/go/internal/modget/get.go:1760 +0x114
cmd/go/internal/modget.(*resolver).updateBuildList(0xc000332100, {0xadc858, 0xc00011a000}, {0x0, 0x0, 0x0})
/usr/lib/go-1.18/src/cmd/go/internal/modget/get.go:1765 +0x593
cmd/go/internal/modget.(*resolver).applyUpgrades(0xc000332100, {0xadc858, 0xc00011a000}, {0x0?, 0x1?, 0x46fa6f?})
/usr/lib/go-1.18/src/cmd/go/internal/modget/get.go:1312 +0x105
cmd/go/internal/modget.runGet({0xadc858, 0xc00011a000}, 0xc000146450?, {0xc000114170, 0x1, 0x1})
/usr/lib/go-1.18/src/cmd/go/internal/modget/get.go:351 +0x45e
main.invoke(0xdb79a0, {0xc000114160, 0x2, 0x2})
/usr/lib/go-1.18/src/cmd/go/main.go:218 +0x2ee
main.main()
/usr/lib/go-1.18/src/cmd/go/main.go:175 +0x78e
Checking if it would reproduce under golang 1.20.2
Well, the panic does reproduce, but looks like it doesn't matter: compilation passes on both golang versions.
User should be able to login with nostr and have his identity connected to the git one.
What should happen:
alice@nostrya.com
logins with nostr to the web ui (whatever it takes)bridge push
on the background to the githubalice@nostrya.com
in the comments