permitio / permit-cli

A command line utility from Permit.io to work with everything IAM and Authorization. A one-stop-shop to manage all your Authorization tools (OPA, OPAL, CEDAR, AVP, openFGA, ...) as well as the Permit Service.
4 stars 11 forks source link

Refactoring Login Flow and Handling Errors #13

Open gemanor opened 1 day ago

gemanor commented 1 day ago

Before attempting this issue, review the code, try the feature, and understand the requirements. Attemptemt requires a detailed design proposal for the refactoring work. There’s no first come, first serve for this bounty; the maintenance team will select the best design proposal.

ATM, the login flow and select environment in Permit is written in a long spaghetti component that needs to be broken into the following pure components:

The login flow should be kept as it is today. Start with the login flow and end with storing the API key from the selected environment.

Acceptance criteria:

gemanor commented 1 day ago

/bounty 300

algora-pbc[bot] commented 1 day ago

💎 $300 bounty • Permit.io

Steps to solve:

  1. Start working: Comment /attempt #13 with your implementation plan
  2. Submit work: Create a pull request including /claim #13 in the PR body to claim the bounty
  3. Receive payment: 100% of the bounty is received 2-5 days post-reward. Make sure you are eligible for payouts

Thank you for contributing to permitio/permit-cli!

Add a bountyShare on socials

Attempt Started (GMT+0) Solution
🔴 @vikashsprem Oct 28, 2024, 3:56:23 PM WIP
🟢 @varshith257 Oct 28, 2024, 3:58:54 PM WIP
vikashsprem commented 1 day ago

/attempt #13

Algora profile Completed bounties Tech Active attempts Options
@vikashsprem 2 bounties from 2 projects
TypeScript, JavaScript,
Go & more
Cancel attempt
varshith257 commented 1 day ago

/attempt #13

Algora profile Completed bounties Tech Active attempts Options
@varshith257 17 bounties from 9 projects
Go, Rust,
Scala & more
Cancel attempt
35C4n0r commented 11 hours ago

@gemanor Here is my proposal

Hello Gabriel, this is my proposal for https://github.com/permitio/permit-cli/issues/13,

We break the current login.tsx in to 6 components, namely:

  • LoginFlow - Handles opening the browser for authentication or validating the API key.
  • EnvironmentSelection - Selects the organization, project, and environment.
  • SelectWorkspace - Selects the workspace if needed.
  • SelectProject - Selects the project.
  • SelectEnvironment - Selects the environment.
  • StoreKeychain - Stores the key in the keychain.

The new login.tsx component would look something like this:

  return (
    <>
      {state === 'login' && (
        <LoginFlow 
          apiKey={key} 
          onSuccess={handleLoginSuccess} 
          onError={handleLoginError} 
        />
      )}

      {state === 'selectEnvironment' && accessToken && cookie && (
        <EnvironmentSelection 
          accessToken={accessToken} 
          cookie={cookie} 
          workspace={workspace} 
          onComplete={handleEnvironmentSelectionComplete} 
        />
      )}

      {state === 'done' && secret && (
        <>
          <StoreKeychain secret={secret} />
          <Text>Login complete and API key stored!</Text>
        </>
      )}

      {state === 'done' && authError && (
        <Text color="red">{authError}</Text>
      )}
    </>
  );

I also found a bug while working on Windows,

netsh interface ipv4 show excludedportrange protocol=tcp

Protocol tcp Port Exclusion Ranges

Start Port    End Port
----------    --------
     50000       50059     *
     51742       51841
     51842       51941
     55869       55968
     55969       56068
     56069       56168
     56169       56268
     56269       56368
     56369       56468
     56469       56568
     62092       62191
     62192       62291
     62292       62391
     62392       62491
     62492       62591
     62592       62691
     62696       62795

* - Administered port exclusions.

We currently use 62419 in browser auth0 authentication (redirection_uri) which leads to this error

⠋ Logging in...
node:events:497
      throw er; // Unhandled 'error' event
      ^

Error: listen EACCES: permission denied ::1:62419
    at Server.setupListenHandle [as _listen2] (node:net:1881:21)
    at listenInCluster (node:net:1946:12)
    at GetAddrInfoReqWrap.doListen [as callback] (node:net:2116:7)
    at GetAddrInfoReqWrap.onlookup [as oncomplete] (node:dns:111:8)
Emitted 'error' event on Server instance at:
    at emitErrorNT (node:net:1925:8)
    at process.processTicksAndRejections (node:internal/process/task_queues:82:21) {
  code: 'EACCES',
  errno: -4092,
  syscall: 'listen',
  address: '::1',
  port: 62419
}

I'll also include a solution in my PR to solve this issue. My proposal is to choose another port, like 62692, for Windows. This will also require you to add this URL to the whitelist in auth0.

I've played around with the code I can ensure a quick turnaround time for this project.