Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement hex web auth flow #21

Open
1 of 7 tasks
starbelly opened this issue Mar 5, 2021 · 2 comments
Open
1 of 7 tasks

Implement hex web auth flow #21

starbelly opened this issue Mar 5, 2021 · 2 comments
Labels
Action Item Actionable item

Comments

@starbelly
Copy link
Member

starbelly commented Mar 5, 2021
edited
Loading

Background

Per #18 we have agreed to move forward with implementing a web auth token flow implemented in hex.pm and utilized by mix hex and rebar3_hex.

Tasks

The following tasks must be completed to resolve this issue.

  • Create an issue to get this added to the gsoc 2021 roster (https://github.com/erlef/gsoc)
  • Complete action item Unify registration user experience across mix and rebar3_hex #11
  • Create an issue on hexpm to align on flow and low level specifications
  • Create an issue on hex_core to support the new api that will be described and detailed in the above task
  • Create an issue on mix hex for working the new hex_core api offerings into to mix hex
  • Create an issue on rebar3_hex for working the new hex_core api offerings into rebar3_hex
  • Work with gsoc mentees and mentors to resolve all issues above (sans item 1)

Related agenda items, issues, and pull requests.
@starbelly starbelly added the Action Item Actionable item label Mar 5, 2021
This was referenced Mar 5, 2021
Closed
Closed
@starbelly starbelly mentioned this issue Mar 17, 2021
Closed
@starbelly
Copy link
Member Author

Just to note, I've neglected this, but purposefully. There should be a new mentors group and our plans for GSOC for these things might do well in there. That said, I wouldn't want to wait a long time before doing this.

@wojtekmach wojtekmach mentioned this issue May 7, 2021
Open
@wojtekmach
Copy link
Collaborator

I have added an issue to Hex.pm: hexpm/hexpm#1024 that hopefully gives some more context. It doesn't have a detailed specification, such would hopefully be created as part of working on a proof-of-concept.

Benjamin-Philip added a commit to Benjamin-Philip/hexpm that referenced this issue Oct 4, 2021
@Benjamin-Philip
WebAuth: Add support for step of OAuth device flow
6554205 
The Hexpm team is looking for a means of authenticating a hex client
from the browser. The plan is to default to this new means of
authentication and deprecate the Username/Password authentication.

The github cli (https://github.com/cli/cli) had a similar problem. What
they did was implement the device OAuth
flow (https://datatracker.ietf.org/doc/html/rfc8628). I decided that a
flow of that sort would work very well for Hexpm.

However, Hexpm has no support for OAuth. So, I can only "mock" the
device flow. This commit does the following:

- Adds all the endpoints at the router for such a flow
- Creates a controller
- Add support for step 1 of the device flow
- Adds tests for the above functionality

See also: hexpm#1024, erlef/build-and-packaging-wg#21
Benjamin-Philip added a commit to Benjamin-Philip/hexpm that referenced this issue May 4, 2022
@Benjamin-Philip
WebAuth: Add support for step of OAuth device flow
a4a013e 
The Hexpm team is looking for a means of authenticating a hex client
from the browser. The plan is to default to this new means of
authentication and deprecate the Username/Password authentication.

The github cli (https://github.com/cli/cli) had a similar problem. What
they did was implement the device OAuth
flow (https://datatracker.ietf.org/doc/html/rfc8628). I decided that a
flow of that sort would work very well for Hexpm.

However, Hexpm has no support for OAuth. So, I can only "mock" the
device flow. This commit does the following:

- Adds all the endpoints at the router for such a flow
- Creates a controller
- Add support for step 1 of the device flow
- Adds tests for the above functionality

See also: hexpm#1024, erlef/build-and-packaging-wg#21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Action Item Actionable item
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wojtekmach @starbelly