From: Lucio De Re <lucio.dere@gmail.com>
To: 9fans <9fans@9fans.net>
Subject: Re: [9fans] OAuth2 in factotum
Date: Tue, 17 Aug 2021 07:43:19 +0200 [thread overview]
Message-ID: <CAJQ9t7g1JTTLb054iaNMUv2tUFYBjYtKWVaZXA-gkSzoUeXcXQ@mail.gmail.com> (raw)
In-Reply-To: <7EA3DC247AC9813D5F4838AB2791F295@eigenstate.org>
On 8/17/21, ori@eigenstate.org <ori@eigenstate.org> wrote:
> [full disclosure, I've been involved in this as a gsoc
> mentor; moving discussion to public list.]
>
> These are the two main sticking points, IMO.
>
> Quoth Demetrius Iatrakis <demetrius.iatrakis@gmail.com>:
>> Only the device and refresh flows are supported. There is an
>> implementation of the authorization code flow (tested on macOS) here:
>> https://github.com/Mitsos101/plan9port/pull/1. However, it is not
>> included in the module as there is no good browser to plumb the URL
>> to.
>
> First off, for those following along at home, device
> flow is a browserless way of using oauth, but providers
> appear to often limit it beyond the point usefulness, so
> we'd need to find a way to make factotum communicate
> with a browser in order to get the tokens in.
>
> Sadly, even the netsurf port isn't enough browser to run
> Google's oauth login page.
>
> So, the question here becomes how to glue in a helper
> program between factotum and oauth.
>
> There are a few options -- using the plumber in both
> directions will work, but it's a bit gross -- and
> involves broadcasting the tokens.
>
> The only real alternative I can imagine is having a
> special file that factotum calls out to in the namespace,
> something like:
>
> /rc/bin/oauth-helper:
>
> #!/bin/rc
> ssh user@unix invoke-browser-and-get-token-helper
>
>> Refresh tokens are not saved to persistent storage when factotum
>> exits. The user must provide consent every time factotum is restarted.
>
> For this, the tokens should probably be persisted into
> secstore -- but there are some security implications
> in giving factotum long-lived access to the persistent key
> store.
>
--
Lucio De Re
2 Piet Retief St
Kestell (Eastern Free State)
9860 South Africa
Ph.: +27 58 653 1433
Cell: +27 83 251 5824
------------------------------------------
9fans: 9fans
Permalink: https://9fans.topicbox.com/groups/9fans/T6899bf3f0654295d-Ma225d00818d7370c67285bcf
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription
next prev parent reply other threads:[~2021-08-17 5:43 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-16 11:15 Demetrius Iatrakis
2021-08-17 3:48 ` Lucio De Re
2021-08-17 7:47 ` Keith Gibbs
2021-08-18 3:55 ` Lucio De Re
2021-08-18 7:02 ` [9fans] Software philosophy Skip Tavakkolian
2021-08-18 7:19 ` hiro
2021-08-18 10:15 ` Lucio De Re
2021-08-18 9:46 ` Keith Gibbs
2021-08-18 10:13 ` vic.thacker
2021-08-18 11:34 ` Keith Gibbs
2021-08-18 11:47 ` Lucio De Re
2021-08-18 23:44 ` hiro
2021-08-19 4:34 ` Lucio De Re
2021-08-19 10:44 ` Keith Gibbs
2021-08-19 18:53 ` Git & Conventional Browsers (Was Re: [9fans] Software philosophy) unobe
2021-08-19 19:00 ` ori
2021-08-18 11:34 ` [9fans] Software philosophy Lucio De Re
2021-08-18 11:28 ` Lucio De Re
2021-08-18 12:02 ` Keith Gibbs
2021-08-18 19:33 ` leimy2k via 9fans
2021-08-18 20:09 ` David du Colombier
2021-08-18 22:00 ` Eli Cohen
2021-08-19 7:08 ` Keith Gibbs
2021-08-19 7:59 ` sirjofri
2021-08-19 9:27 ` Lucio De Re
2021-08-19 9:45 ` hiro
2021-08-19 9:51 ` hiro
2021-08-19 10:10 ` sirjofri
2021-08-19 10:38 ` Keith Gibbs
2021-08-19 11:45 ` hiro
2021-08-19 12:43 ` Eli Cohen
2021-08-19 19:58 ` Aram Hăvărneanu
2021-08-19 10:56 ` kvik
2021-08-19 11:33 ` sirjofri
2021-08-19 20:44 ` ori
2021-08-19 9:29 ` hiro
2021-08-19 9:44 ` sirjofri
2021-08-19 9:19 ` hiro
2021-08-22 2:46 ` kokamoto
2021-08-22 3:16 ` Eli Cohen
2021-08-22 7:07 ` [9fans] Drawterm GPU (was: Software philosophy) sirjofri
2021-08-22 10:04 ` Frank D. Engel, Jr.
2021-08-22 11:49 ` sirjofri
2021-08-22 12:24 ` Chris McGee
2021-08-18 9:18 ` [9fans] OAuth2 in factotum Keith Gibbs
2021-08-18 12:10 ` Ethan Gardener
2021-08-18 15:23 ` Stuart Morrow
2021-08-18 16:58 ` Stuart Morrow
2021-08-18 17:06 ` Sigrid Solveig Haflínudóttir
2021-08-17 15:25 ` ori
2021-08-18 3:59 ` Lucio De Re
2021-08-18 4:20 ` ori
2021-08-18 4:42 ` Eli Cohen
2021-08-18 5:06 ` Lucio De Re
2021-08-17 4:13 ` ori
2021-08-17 5:43 ` Lucio De Re [this message]
2021-08-19 3:52 ` Kurt H Maier
2021-08-19 5:38 ` ori
2021-08-22 20:16 ` ori
2021-08-22 20:32 ` Demetrius Iatrakis
2021-08-22 20:38 ` ori
2021-08-22 20:36 ` ori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAJQ9t7g1JTTLb054iaNMUv2tUFYBjYtKWVaZXA-gkSzoUeXcXQ@mail.gmail.com \
--to=lucio.dere@gmail.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).