From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no
	version=3.4.4
Received: (qmail 20143 invoked from network); 16 Aug 2021 11:16:37 -0000
Received: from tb-ob0.topicbox.com (64.147.108.117)
  by inbox.vuxu.org with ESMTPUTF8; 16 Aug 2021 11:16:37 -0000
Received: from tb-mx1.topicbox.com (tb-mx1.nyi.icgroup.com [10.90.30.61])
	by tb-ob0.topicbox.com (Postfix) with ESMTP id D90A734E71
	for <ml@inbox.vuxu.org>; Mon, 16 Aug 2021 07:16:34 -0400 (EDT)
	(envelope-from bounce.mMf96a66de0d3d224f967f3983.r522be890-2105-11eb-b15e-8d699134e1fa@9fans.bounce.topicbox.com)
Received: by tb-mx1.topicbox.com (Postfix, from userid 1132)
	id CFF6D32822C6; Mon, 16 Aug 2021 07:16:34 -0400 (EDT)
ARC-Authentication-Results: i=2; topicbox.com; arc=pass; dkim=pass (2048-bit rsa key
 sha256) header.d=gmail.com header.i=@gmail.com header.b=IjG3Fs3D
 header.a=rsa-sha256 header.s=20161025 x-bits=2048; dmarc=pass
 policy.published-domain-policy=none
 policy.published-subdomain-policy=quarantine policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,sp=quarantine,d=none,d.eval=none)
 policy.policy-from=p header.from=gmail.com; spf=pass
 smtp.mailfrom=demetrius.iatrakis@gmail.com smtp.helo=mail-ed1-f45.google.com;
 x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message
 has been altered)) (Message modified while forwarding at Topicbox)
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=
	topicbox.com; h=mime-version:from:date:message-id:to
	:content-type:list-help:list-id:list-post:list-subscribe
	:reply-to:subject:content-transfer-encoding:list-unsubscribe; s=
	sysmsg-1; t=1629112594; bh=OCrp3mdnoKKrP3CvFJqCxb0GlbWNR4OpBm0N0
	Yu+9Co=; b=aNWXIUaGtvr61W+uX6K//WAgGcMIyK7dNiQG5POafSQFqaQkOxdOo
	yxyRcSbj7Buy68lSjIUU0jQzx3QoBZzrpMyNXA2hXlxESnmGfXpFIjb/jq8yMoGA
	vYXPVzz/yOc5M3pqNEhix7LJ43OayGqnT0ydJ2Bb5E6ouX4vc6bfzg=
ARC-Seal: i=2; a=rsa-sha256; cv=pass; d=topicbox.com; s=sysmsg-1; t=
	1629112594; b=PY1PINYRKvY2TReiLKKwjqheQ+6VYNTh0m34McC9OpvFWmyPWV
	BxrXQVtEcfdDots9E/B3QEL6XWHdZjiFUHVvYBanWz/FLQDQHB5KaJ9jDyfEz4lL
	8ylx2AQ2DnJ0jLqMH3FnFPFgDuBlkE7flkzQcvsMFqAKGt187L3Fmlc8Y=
Authentication-Results: topicbox.com; arc=pass; dkim=pass (2048-bit rsa key
 sha256) header.d=gmail.com header.i=@gmail.com header.b=IjG3Fs3D
 header.a=rsa-sha256 header.s=20161025 x-bits=2048; dmarc=pass
 policy.published-domain-policy=none
 policy.published-subdomain-policy=quarantine policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,sp=quarantine,d=none,d.eval=none)
 policy.policy-from=p header.from=gmail.com; spf=pass
 smtp.mailfrom=demetrius.iatrakis@gmail.com smtp.helo=mail-ed1-f45.google.com;
 x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message
 has been altered)) (Message modified while forwarding at Topicbox)
X-Received-Authentication-Results: tb-mx0.topicbox.com; arc=none (no
 signatures found); bimi=skipped (DMARC Policy is not at enforcement);
 dkim=pass (2048-bit rsa key sha256) header.d=gmail.com header.i=@gmail.com
 header.b=IjG3Fs3D header.a=rsa-sha256 header.s=20161025 x-bits=2048;
 dmarc=pass policy.published-domain-policy=none
 policy.published-subdomain-policy=quarantine policy.applied-disposition=none
 policy.evaluated-disposition=none (p=none,sp=quarantine,d=none,d.eval=none)
 policy.policy-from=p header.from=gmail.com; iprev=pass
 smtp.remote-ip=209.85.208.45 (mail-ed1-f45.google.com); spf=pass
 smtp.mailfrom=demetrius.iatrakis@gmail.com smtp.helo=mail-ed1-f45.google.com;
 x-aligned-from=pass (Address match); x-google-dkim=pass (2048-bit rsa key)
 header.d=1e100.net header.i=@1e100.net header.b=M7j2CLV1; x-me-sender=none;
 x-ptr=pass smtp.helo=mail-ed1-f45.google.com
 policy.ptr=mail-ed1-f45.google.com; x-return-mx=pass header.domain=gmail.com
 policy.is_org=yes (MX Records found:
 alt4.gmail-smtp-in.l.google.com,alt2.gmail-smtp-in.l.google.com,gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com); x-return-mx=pass smtp.domain=gmail.com policy.is_org=yes (MX Records found: alt4.gmail-smtp-in.l.google.com,alt2.gmail-smtp-in.l.google.com,gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=9fans.net; h=
	mime-version:from:date:message-id:to:content-type:list-help
	:list-id:list-post:list-subscribe:reply-to:subject
	:content-transfer-encoding:list-unsubscribe; s=dkim-1; bh=OCrp3m
	dnoKKrP3CvFJqCxb0GlbWNR4OpBm0N0Yu+9Co=; b=RqQroLHf+fh8ypykaRNS5P
	7XHpmJOK+thYRe9/j8/QVGwuhmXftWmGLHtNhSB8FN0YBcgMUlNf1/DDGNNVrJqS
	Pv5gxSfm30p84CD8cBMQ1yuQHXFeZ6kzEVv9t2aTSaSQPEtFRF7ZPomzLrM8BdUZ
	o6Y4E/cAshynSAoYNL7t0=
Received: from tb-mx0.topicbox.com (localhost.local [127.0.0.1])
	by tb-mx0.topicbox.com (Postfix) with ESMTP id 8F93C31CBDAD
	for <9fans@9fans.net>; Mon, 16 Aug 2021 07:16:20 -0400 (EDT)
	(envelope-from demetrius.iatrakis@gmail.com)
Received: from tb-mx0.topicbox.com (localhost [127.0.0.1])
    by tb-mx0.topicbox.com (Authentication Milter) with ESMTP
    id EA7E332063B;
    Mon, 16 Aug 2021 07:16:20 -0400
ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t=
    1629112580; b=bsGVAPh3ZGlaBjq2zgDQykZoghK0xf2Q5eqN/SkD2TojDcZd6X
    aB54o7H81JTBwwtuRHo/XUC2nTcbLO3SsvsA2MOSzMc+LQjtKKIaEj7jADpxQSQq
    xerbdoJGVBSRqoTrmnjy5rvQLvFS+evEZEwlKhZuTxmW7Rtm5CzsDDzTmnrCQU6F
    qFXx9ymRwgPDiUxc3MdVFbZjdMr5AGL2iK5llm6dc8y1iO2U+m3aUofxsxi4fEh8
    HHsLzsqIimnZ/RbQlpNirD3mbuEeWREvM5/6VFp7yIdoIcTPE/6WLe4eN1h9be71
    ItbW6jfzQsRUhXolTGaIGmhqYHvD+6OJ51iQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=
    topicbox.com; h=mime-version:from:date:message-id:subject:to
    :content-type; s=arcseal; t=1629112580; bh=AjU5UCugxCiH0/faHBNl7
    YlHAeH8C7Kq8Xa3pPNzaK4=; b=BB0INUnTsVQtIYT/gQ3KnleqbPR67+6aSiH/p
    p6EuW4CADAYm4cgM58R3uAsdqYQea4uM4dlz4LOBrPkgn+pD1TF7wpB8RLHoG5gh
    /iSLaGGGnFd43Dky6jk8tQ/aCV1syoA4NHGFriKOvOHfEO6Z7XktB8/M5DtnkdjQ
    34wV6dfR6CTQJ/BvY+S1mL7PTBajCS6RM26jMwUjhqsRJS5ODflHs+GFxPUF7Q14
    +1cQGkZzwkNhYy1F3fGoI8WQfCw5A2/ZSzUE7YGwHTb6p3rdtyI5nNmdHBPXF84K
    OJ4t51QiShZF0sO/IUvLB7MN9dOpOQg/9X4hIBYfIV/QOehkw==
ARC-Authentication-Results: i=1; tb-mx0.topicbox.com;
    arc=none (no signatures found);
    bimi=skipped (DMARC Policy is not at enforcement);
    dkim=pass (2048-bit rsa key sha256) header.d=gmail.com
    header.i=@gmail.com header.b=IjG3Fs3D header.a=rsa-sha256
    header.s=20161025 x-bits=2048;
    dmarc=pass policy.published-domain-policy=none
    policy.published-subdomain-policy=quarantine
    policy.applied-disposition=none policy.evaluated-disposition=none
    (p=none,sp=quarantine,d=none,d.eval=none) policy.policy-from=p
    header.from=gmail.com;
    iprev=pass smtp.remote-ip=209.85.208.45 (mail-ed1-f45.google.com);
    spf=pass smtp.mailfrom=demetrius.iatrakis@gmail.com
    smtp.helo=mail-ed1-f45.google.com;
    x-aligned-from=pass (Address match);
    x-google-dkim=pass (2048-bit rsa key) header.d=1e100.net
    header.i=@1e100.net header.b=M7j2CLV1;
    x-me-sender=none;
    x-ptr=pass smtp.helo=mail-ed1-f45.google.com
    policy.ptr=mail-ed1-f45.google.com;
    x-return-mx=pass header.domain=gmail.com policy.is_org=yes
    (MX Records found: alt4.gmail-smtp-in.l.google.com,alt2.gmail-smtp-in.l.google.com,gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com);
    x-return-mx=pass smtp.domain=gmail.com policy.is_org=yes
    (MX Records found: alt4.gmail-smtp-in.l.google.com,alt2.gmail-smtp-in.l.google.com,gmail-smtp-in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com);
    x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384
    smtp.bits=256/256;
    x-vs=clean score=0 state=0
X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgedvtddrkeelgddutdefucdltddurdegudehrddttd
    dmucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgf
    nhhsuhgsshgtrhhisggvpdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttd
    enucenucfjughrpegghfffkffuvfgtsehttdertddttdejnecuhfhrohhmpeffvghmvght
    rhhiuhhsucfkrghtrhgrkhhishcuoeguvghmvghtrhhiuhhsrdhirghtrhgrkhhishesgh
    hmrghilhdrtghomheqnecuggftrfgrthhtvghrnheptedvjeevgefhvddvvdetgfeliefg
    veetlefggffhleefvdfgueffgeegvdevueevnecuffhomhgrihhnpehgihhthhhusgdrtg
    homhdpghhoohhglhgvrdgtohhmnecukfhppedvtdelrdekhedrvddtkedrgeehnecuvehl
    uhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepvddtledrkeehrddvtdekrd
    eghedphhgvlhhopehmrghilhdqvgguuddqfheghedrghhoohhglhgvrdgtohhmpdhmrghi
    lhhfrhhomhepoeguvghmvghtrhhiuhhsrdhirghtrhgrkhhishesghhmrghilhdrtghomh
    eq
X-ME-VSScore: 0
X-ME-VSCategory: clean
Received-SPF: pass
    (gmail.com ... _spf.google.com: Sender is authorized to use 'demetrius.iatrakis@gmail.com' in 'mfrom' identity (mechanism 'include:_netblocks.google.com' matched))
    receiver=tb-mx0.topicbox.com;
    identity=mailfrom;
    envelope-from="demetrius.iatrakis@gmail.com";
    helo=mail-ed1-f45.google.com;
    client-ip=209.85.208.45
Received: from mail-ed1-f45.google.com (mail-ed1-f45.google.com [209.85.208.45])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by tb-mx0.topicbox.com (Postfix) with ESMTPS
	for <9fans@9fans.net>; Mon, 16 Aug 2021 07:16:19 -0400 (EDT)
	(envelope-from demetrius.iatrakis@gmail.com)
Received: by mail-ed1-f45.google.com with SMTP id g21so12001329edw.4
        for <9fans@9fans.net>; Mon, 16 Aug 2021 04:16:19 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=AjU5UCugxCiH0/faHBNl7YlHAeH8C7Kq8Xa3pPNzaK4=;
        b=M7j2CLV1gYhz/TmujR7VLUHBIoOiz5jwuF/sP7QYBvjOj6D94JFndZRgaXNHipbMqt
         TsJqrHjoYLy8GnEupRiFOu81tlENgDnOfk8Hetq+8qWhyYehYtim/y/Lbj9NQU/8ypa8
         AF8UE515KtXkwG33JosCBjUVxcXnEFMeL+PlW52QzW6xaKoeN0yv53tu3AVZyWKLTVrL
         P5H9JJYnKdeOVrFLh7U3RkV8Ts51Ub7rEq1jZA715ds1KuH69K0MYVvrwoZt4Qhm1QwK
         MxpCH+ndXUp4/O7E1OPkrMkrXPpbtEp0IIz6mqpK3x0Hvj03ii5cIjnES2SkSEsw4Ucc
         K4vg==
X-Gm-Message-State: AOAM531xc5bm+HHS+mgHKk78e9ylLAFa8Px8CagnSMG80wbPNIGvQ7sS
	b3hH3qORtzdqFJgx8qxCYNslIYxG/G3amiA+Kfq8UuwLozs=
X-Google-Smtp-Source: ABdhPJxgCT9Hz0SdINoPWOLQzFqLiEM9Nkrr2wLUMraHXNnPBuzSXwJwLYSBGFRi3U2Ku3znzMnVByjLLq0/OZpOMQ0=
X-Received: by 2002:a05:6402:14e:: with SMTP id s14mr19431393edu.358.1629112578884;
 Mon, 16 Aug 2021 04:16:18 -0700 (PDT)
MIME-Version: 1.0
From: Demetrius Iatrakis <demetrius.iatrakis@gmail.com>
Date: Mon, 16 Aug 2021 14:15:00 +0300
Message-ID: <CALo7eEuXOfgr=2nj7A-rKNDejHdyBHWg98eJhvmLTneNaM5=Gw@mail.gmail.com>
To: 9fans@9fans.net
Content-Type: text/plain; charset="UTF-8"
Topicbox-Policy-Reasoning: allow: sender is a member
Topicbox-Message-UUID: 64dbb392-fe83-11eb-9627-9aa7c40f9358
Archived-At: =?UTF-8?B?PGh0dHBzOi8vOWZhbnMudG9waWNib3guY29tL2dyb3Vwcy85?=
 =?UTF-8?B?ZmFucy9UNjg5OWJmM2YwNjU0Mjk1ZC1NZjk2YTY2ZGUwZDNkMjI0Zjk2N2Yz?=
 =?UTF-8?B?OTgzPg==?=
List-Help: <https://9fans.topicbox.com/groups/9fans>
List-Id: "9fans" <9fans.9fans.net>
List-Post: <mailto:9fans@9fans.net>
List-Software: Topicbox v0
List-Subscribe: <https://9fans.topicbox.com/groups/9fans>
Precedence: list
Reply-To: 9fans <9fans@9fans.net>
Subject: [9fans] OAuth2 in factotum
Content-Transfer-Encoding: quoted-printable
List-Unsubscribe: <https://9fans.topicbox.com/groups/9fans>,
 <mailto:9fans+unsubscribe@9fans.net?subject=x-tx-unsubscribe:2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:Mf96a66de0d3d224f967f3983:1:TJ2ACd3V1Qt_IkssL38DaMcD183xtV4UMKLj9o5ng2o>
Topicbox-Delivery-ID:
 2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:Mf96a66de0d3d224f967f3983:1:ta0QxsnSVp5nnzOqljV0UaOl3hx_-zu98jY6iZJNj3Y

This is a preview of OAuth2 support in factotum, as part of this year's GSo=
C:
https://github.com/Mitsos101/plan9front/pull/1

Installation, on 9front:

git/clone https://github.com/Mitsos101/plan9front plan9front-oauth
cd plan9front-oauth
git/branch oauth
bind sys/include /sys/include
@{cd sys/src/libauth && mk install}
@{cd sys/src/cmd/auth && mk install}
@{cd sys/src/cmd/webfs && mk install}

This will replace your factotum.

Usage:

You need to obtain OAuth credentials from your issuer first. See, for
example, Google's guide:
https://developers.google.com/identity/protocols/oauth2.

% echo 'key proto=3Doauth issuer=3Dhttps://accounts.google.com scope=3Demail
client_id=3D1234 !client_secret=3D5678' > /mnt/factotum/ctl
% auth/oauth 'client_id=3D1234'
go to https://google.com/device
your code is ABCD-EFGH
<after user consent is provided, the access token is printed>

auth_oauth is also available in libauth. Webfs uses it to implement
the preoauth command.

Bugs:

This code is specific to 9front, as libjson is required and Plan 9's
webfs doesn't support preoauth.

factotum uses the needkey RPC to display the verification URL and code
to the user. This means that, for now, the needkey file must not be
open so that fgui doesn't intercept it.

The module imports lots of code to support HTTP/1.0 so that the
refresh token doesn't leave factotum's address space.

Only the device and refresh flows are supported. There is an
implementation of the authorization code flow (tested on macOS) here:
https://github.com/Mitsos101/plan9port/pull/1. However, it is not
included in the module as there is no good browser to plumb the URL
to.

Refresh tokens are not saved to persistent storage when factotum
exits. The user must provide consent every time factotum is restarted.

--=20
Demetrius

------------------------------------------
9fans: 9fans
Permalink: https://9fans.topicbox.com/groups/9fans/T6899bf3f0654295d-Mf96a6=
6de0d3d224f967f3983
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription