utterance / utterances

:crystal_ball: A lightweight comments widget built on GitHub issues
https://utteranc.es
MIT License
8.7k stars 565 forks source link

Support for Private Repos #203

Open zchef2k opened 4 years ago

zchef2k commented 4 years ago

What is different about the github API for public and private repos that makes utterances not work for the latter?

Even if a public repo was used to collect issues, separately for a private repo, it's entirely possible that comments in the public issues could leak sensitive information about the private repo.

Thanks.

jdanyow commented 4 years ago

Utterances uses the GitHub API to:

  1. Create issues in your repo using the @utterances-bot GitHub user.
  2. Post comments on your readers behalf using their GitHub account.

To use utterances with a private repo, you'll need to grant @utterances-bot permission to post issues in your repo (make it a collaborator) and ensure anyone who needs to post comments is also a collaborator. In other works, it's no different than if you wanted to allow folks to post issues/comments in your repo using the real GitHub site. This is probably fine if your scenario is an internal blog read by folks on your team but it's not going to work well for something public.

Let me know if this doesn't answer the question, I wasn't sure what your use-case was.

zchef2k commented 4 years ago

Thanks for clarifying. The use case is internal team documentation- modeled after Microsoft's new documentation/feedback system. The nature of the internal documentation is sensitive, so I'm not sure the utterances is going to work. The self-hosted bits are good, but granting contributor access to @utterances-bot might not be appropriate.

zchef2k commented 4 years ago

@jdanyow Is there any chance of self-hosting utterances-bot?

jdanyow commented 4 years ago

if you're self-hosting you can use a personal access token for any account you want, doesn't need to be the utterances-bot account.

On Mon, Oct 7, 2019 at 4:54 AM Zac Durham notifications@github.com wrote:

@jdanyow https://github.com/jdanyow Is there any chance of self-hosting utterances-bot?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/utterance/utterances/issues/203?email_source=notifications&email_token=AAJ7A63CCHYYXRZNPLXNEW3QNMPPXA5CNFSM4I2QIKVKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAQBJJQ#issuecomment-538973350, or mute the thread https://github.com/notifications/unsubscribe-auth/AAJ7A67T7TUO3GQRKW7R2FDQNMPPXANCNFSM4I2QIKVA .

zchef2k commented 4 years ago

No joy. I get a 422 unprocessible from Github.

{ "message": "Validation Failed", "errors": [ { "message": "The listed users and repositories cannot be searched either because the resources do not exist or you do not have permission to view them.", "resource": "Search", "field": "q", "code": "invalid" } ], "documentation_url": "https://developer.github.com/v3/search/" }

The PAT for this user has full permissions and the user himself is the owner of the repo. I honestly don't know why I can't get this to work. Perhaps its still related to the 401 I'm getting from my hosted utterances-oauth instance at /token. The response each time from it is:

"token" cookie is required.

zchef2k commented 4 years ago

@jdanyow any ideas why Github responds with a 422?

zchef2k commented 4 years ago

@jdanyow I have a public instance of utterances configured to use a private repo. Would you mind glancing at it and helping me understand why it's not working?

https://u.zacdurham.com/index.html

Thank you in advance.

jdanyow commented 4 years ago

I think the "422 Unprocessable Entity" response is happening because the repo specified in the query is private:

https://api.github.com/search/issues?q=%22index%22%20type%3Aissue%20in%3Atitle%20repo%3Azchef2k%2Ftest&sort=created&order=asc
                                                                                 ^^^^^^^^^^^^^^^^^^^^^

This means utterances will require changes to support private repos. The user will need to be prompted to sign in before the issue search api call and comments api call can be made.

zchef2k commented 4 years ago

Will anything beyond src/utterances.ts and src/github.ts need to be changed? What is the portion of code that checks whether the user is logged in- I assume that needs to be checked first, a token acquired, then passed in the authorization header for the issue search?

zchef2k commented 4 years ago

I think the "422 Unprocessable Entity" response is happening because the repo specified in the query is private:

https://api.github.com/search/issues?q=%22index%22%20type%3Aissue%20in%3Atitle%20repo%3Azchef2k%2Ftest&sort=created&order=asc
                                                                                 ^^^^^^^^^^^^^^^^^^^^^

This means utterances will require changes to support private repos. The user will need to be prompted to sign in before the issue search api call and comments api call can be made.

Some discoveries...

In src/utterances.ts:34-38, changing the function order solves the problem of logging the user in before the search executes:

let [user, issue] = await Promise.all([ loadUser(); loadIssue(), loadTheme(page.theme, page.origin) ]);

Then, you can pass the token in the auth header for the loadIssueByTerm() function in src/github.ts. However, the search API is not implemented for GitHub apps on private repo issues. This much has been confirmed by GitHub support. Instead, I've found you can just authenticate to the /repos api to get issues and comments. The problem is that the results output is different- there is no "items" node. The results will not be displayed, ostensibly because there's no mapping to the IssueSearchResponse interface in src/github.ts:263.

Luckily, once authenticated, posting to the private repo's issues works fine as-is.

jdanyow commented 4 years ago

@zchef2k thanks for investigating. Based on these findings I think we should add another config option to enable users to indicate their repo is private. When this is turned on utterances will display something like:

Comments are enabled for authenticated users. Sign in to view comments. [Sign in to comment]

After signing in we may find the user does not have access to the repo. In that case we'll display:

You are not authorized to view comments on [repo].

After successful sign in and issue query (no 422), utterances will display as usual.

femtomc commented 2 years ago

@jdanyow How do I config utterances for private repos, as you mentioned above?

Re -- I added utterances-bot as collaborator, but it seems like there are additional steps that must be taken?

And, also for reference, I'm getting the same 422 issue as above when I investigated why the comment box was not rendering on my site.