From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FROM autolearn=no autolearn_force=no version=3.4.4 Received: (qmail 26986 invoked from network); 17 Aug 2021 02:56:43 -0000 Received: from 1ess.inri.net (216.126.196.35) by inbox.vuxu.org with ESMTPUTF8; 17 Aug 2021 02:56:43 -0000 Received: from mail-wr1-f43.google.com ([209.85.221.43]) by 1ess; Mon Aug 16 07:44:57 -0400 2021 Received: by mail-wr1-f43.google.com with SMTP id k8so4199257wrn.3 for <9front@9front.org>; Mon, 16 Aug 2021 04:44:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=FkXRHlNZv2TBL024aDIQxVDTSFY2vlgCACOJ2WYCkx8=; b=WQLjvLmN+qTNVPzAcI6+ftSQ1VWkk16lovoGnO92V3zWaD6k72NLOkYbFZS+rzLeNj 7sjevgKHNF/G49VfUC+bVkJcbY/eDckXxMg9u6VweQO223t6vYYjgw6y8k8JfToBaked 5+nsJOeOA9FNp+YYZsyNWNj7WKI0c+g1qoe03E6QqmMMMEuQ0U/GwldB6PLWqxzB+HkG Il6KqfImaJuprY428t/C543Sb6vzRMzKOq8kol/vBgxQYImF7XzhVhFoK1ka2B3FYZES TOGC7ozcLfrY6N1BnQuU+s0lYxeYfhMlB6GCvQ6WDUe8/k3Pu/Gpsog2AVCZXGd8qCn6 BIwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=FkXRHlNZv2TBL024aDIQxVDTSFY2vlgCACOJ2WYCkx8=; b=kNDeUDkvizusLA1dGT6goPy4DD37lTC4tK69m2ih/SKxs/RoUgo+hnLRLDVcv0rU9x qFb0SNDF3paanzMLl6h+t6UbclBE+BeYW/AhtRX2ne1E0zUpvfU5rPobwaeWUvO4Kvch 7Cq/qyJ2aZkWBhn1S+dxGk1ckteIx0RPDezniPpevL49dGcVyC2/WdpxSiPjMMg883B8 z+OF8KDHR5BCazVaU63xw9Usz1At3tQtTOja4Ak5q57NcqoVsfDjsDFvEywFrRGtrF4q BHDIALOWqa/p38t1+8lRJDPKzQ81LKUQsC9DBTsDXnt+vzpDa7b4+1JsVq/rd0OhcPpC +MDg== X-Gm-Message-State: AOAM533ND3uwIsu2pLScWAtjYwsa3QnPem8ZnTF3AQvvmul0d3cR6SxE HEa/XODx1zT4WqyUBBJOfPqte1z8BJLlZN/ENSZoEIHmG5k= X-Google-Smtp-Source: ABdhPJx+8HIjI2lph+rcC11pjzcYyYM8Dih7ldzJflkAKrKDmqHSBlZdR51QSKQmiS/25Tt5dqM2BTCSQe4sOuAzc0I= X-Received: by 2002:aa7:ccc9:: with SMTP id y9mr19240523edt.329.1629112558598; Mon, 16 Aug 2021 04:15:58 -0700 (PDT) MIME-Version: 1.0 From: Demetrius Iatrakis Date: Mon, 16 Aug 2021 14:15:00 +0300 Message-ID: To: 9front@9front.org Content-Type: text/plain; charset="UTF-8" List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: lossless injection engine standard-scale hypervisor grid-aware layer Subject: [9front] OAuth2 in factotum Reply-To: 9front@9front.org Precedence: bulk This is a preview of OAuth2 support in factotum, as part of this year's GSoC: https://github.com/Mitsos101/plan9front/pull/1 Installation: git/clone https://github.com/Mitsos101/plan9front plan9front-oauth cd plan9front-oauth git/branch oauth bind sys/include /sys/include @{cd sys/src/libauth && mk install} @{cd sys/src/cmd/auth && mk install} @{cd sys/src/cmd/webfs && mk install} This will replace your factotum. Usage: You need to obtain OAuth credentials from your issuer first. See, for example, Google's guide: https://developers.google.com/identity/protocols/oauth2. % echo 'key proto=oauth issuer=https://accounts.google.com scope=email client_id=1234 !client_secret=5678' > /mnt/factotum/ctl % auth/oauth 'client_id=1234' go to https://google.com/device your code is ABCD-EFGH auth_oauth is also available in libauth. Webfs uses it to implement the preoauth command. Bugs: factotum uses the needkey RPC to display the verification URL and code to the user. This means that, for now, the needkey file must not be open so that fgui doesn't intercept it. The module imports lots of code to support HTTP/1.0 so that the refresh token doesn't leave factotum's address space. Only the device and refresh flows are supported. There is an implementation of the authorization code flow (tested on macOS) here: https://github.com/Mitsos101/plan9port/pull/1. However, it is not included in the module as there is no good browser to plumb the URL to. Refresh tokens are not saved to persistent storage when factotum exits. The user must provide consent every time factotum is restarted. -- Demetrius