9fans - fans of the OS Plan 9 from Bell Labs
 help / color / mirror / Atom feed
* [9fans] OAuth2 in factotum
@ 2021-08-16 11:15 Demetrius Iatrakis
  2021-08-17  3:48 ` Lucio De Re
                   ` (4 more replies)
  0 siblings, 5 replies; 62+ messages in thread
From: Demetrius Iatrakis @ 2021-08-16 11:15 UTC (permalink / raw)
  To: 9fans

This is a preview of OAuth2 support in factotum, as part of this year's GSoC:
https://github.com/Mitsos101/plan9front/pull/1

Installation, on 9front:

git/clone https://github.com/Mitsos101/plan9front plan9front-oauth
cd plan9front-oauth
git/branch oauth
bind sys/include /sys/include
@{cd sys/src/libauth && mk install}
@{cd sys/src/cmd/auth && mk install}
@{cd sys/src/cmd/webfs && mk install}

This will replace your factotum.

Usage:

You need to obtain OAuth credentials from your issuer first. See, for
example, Google's guide:
https://developers.google.com/identity/protocols/oauth2.

% echo 'key proto=oauth issuer=https://accounts.google.com scope=email
client_id=1234 !client_secret=5678' > /mnt/factotum/ctl
% auth/oauth 'client_id=1234'
go to https://google.com/device
your code is ABCD-EFGH
<after user consent is provided, the access token is printed>

auth_oauth is also available in libauth. Webfs uses it to implement
the preoauth command.

Bugs:

This code is specific to 9front, as libjson is required and Plan 9's
webfs doesn't support preoauth.

factotum uses the needkey RPC to display the verification URL and code
to the user. This means that, for now, the needkey file must not be
open so that fgui doesn't intercept it.

The module imports lots of code to support HTTP/1.0 so that the
refresh token doesn't leave factotum's address space.

Only the device and refresh flows are supported. There is an
implementation of the authorization code flow (tested on macOS) here:
https://github.com/Mitsos101/plan9port/pull/1. However, it is not
included in the module as there is no good browser to plumb the URL
to.

Refresh tokens are not saved to persistent storage when factotum
exits. The user must provide consent every time factotum is restarted.

-- 
Demetrius

------------------------------------------
9fans: 9fans
Permalink: https://9fans.topicbox.com/groups/9fans/T6899bf3f0654295d-Mf96a66de0d3d224f967f3983
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription

^ permalink raw reply	[flat|nested] 62+ messages in thread

end of thread, other threads:[~2021-08-22 20:38 UTC | newest]

Thread overview: 62+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-16 11:15 [9fans] OAuth2 in factotum Demetrius Iatrakis
2021-08-17  3:48 ` Lucio De Re
2021-08-17  7:47   ` Keith Gibbs
2021-08-18  3:55     ` Lucio De Re
2021-08-18  7:02       ` [9fans] Software philosophy Skip Tavakkolian
2021-08-18  7:19         ` hiro
2021-08-18 10:15           ` Lucio De Re
2021-08-18  9:46         ` Keith Gibbs
2021-08-18 10:13         ` vic.thacker
2021-08-18 11:34           ` Keith Gibbs
2021-08-18 11:47             ` Lucio De Re
2021-08-18 23:44             ` hiro
2021-08-19  4:34               ` Lucio De Re
2021-08-19 10:44                 ` Keith Gibbs
2021-08-19 18:53                 ` Git & Conventional Browsers (Was Re: [9fans] Software philosophy) unobe
2021-08-19 19:00                   ` ori
2021-08-18 11:34           ` [9fans] Software philosophy Lucio De Re
2021-08-18 11:28         ` Lucio De Re
2021-08-18 12:02           ` Keith Gibbs
2021-08-18 19:33             ` leimy2k via 9fans
2021-08-18 20:09               ` David du Colombier
2021-08-18 22:00                 ` Eli Cohen
2021-08-19  7:08                   ` Keith Gibbs
2021-08-19  7:59                     ` sirjofri
2021-08-19  9:27                       ` Lucio De Re
2021-08-19  9:45                         ` hiro
2021-08-19  9:51                         ` hiro
2021-08-19 10:10                           ` sirjofri
2021-08-19 10:38                         ` Keith Gibbs
2021-08-19 11:45                           ` hiro
2021-08-19 12:43                             ` Eli Cohen
2021-08-19 19:58                               ` Aram Hăvărneanu
2021-08-19 10:56                         ` kvik
2021-08-19 11:33                           ` sirjofri
2021-08-19 20:44                           ` ori
2021-08-19  9:29                       ` hiro
2021-08-19  9:44                         ` sirjofri
2021-08-19  9:19                     ` hiro
2021-08-22  2:46                   ` kokamoto
2021-08-22  3:16                     ` Eli Cohen
2021-08-22  7:07                       ` [9fans] Drawterm GPU (was: Software philosophy) sirjofri
2021-08-22 10:04                         ` Frank D. Engel, Jr.
2021-08-22 11:49                           ` sirjofri
2021-08-22 12:24                             ` Chris McGee
2021-08-18  9:18       ` [9fans] OAuth2 in factotum Keith Gibbs
2021-08-18 12:10         ` Ethan Gardener
2021-08-18 15:23         ` Stuart Morrow
2021-08-18 16:58           ` Stuart Morrow
2021-08-18 17:06             ` Sigrid Solveig Haflínudóttir
2021-08-17 15:25   ` ori
2021-08-18  3:59     ` Lucio De Re
2021-08-18  4:20       ` ori
2021-08-18  4:42         ` Eli Cohen
2021-08-18  5:06         ` Lucio De Re
2021-08-17  4:13 ` ori
2021-08-17  5:43   ` Lucio De Re
2021-08-19  3:52 ` Kurt H Maier
2021-08-19  5:38 ` ori
2021-08-22 20:16 ` ori
2021-08-22 20:32   ` Demetrius Iatrakis
2021-08-22 20:38     ` ori
2021-08-22 20:36   ` ori

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).