CRISTAL-381: Make the github backend supported

core/authentication/authentication-api/src/authenticationManager.ts

@@ -29,7 +29,7 @@ interface AuthenticationManager {
   /**
    *  Starts the authentication process.
    */
-  start(): void;
+  start(): Promise<void>;
 
   /**
    * Handle the callback.

core/authentication/authentication-github/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "@xwiki/cristal-authentication-github",
+  "version": "0.14.0",
+  "license": "LGPL 2.1",
+  "author": "XWiki Org Community <[email protected]>",
+  "homepage": "https://cristal.xwiki.org/",
+  "repository": {
+    "type": "git",
+    "directory": "/core/authentication/authentication-github",
+    "url": "https://github.com/xwiki-contrib/cristal/"
+  },
+  "bugs": {
+    "url": "https://jira.xwiki.org/projects/CRISTAL/"
+  },
+  "type": "module",
+  "exports": {
+    ".": "./src/index.ts"
+  },
+  "main": "./src/index.ts",
+  "scripts": {
+    "build": "tsc --project tsconfig.json && vite build",
+    "clean": "rimraf dist",
+    "lint": "eslint \"./src/**/*.{ts,tsx,vue}\" --max-warnings=0",
+    "test": "vitest --run"
+  },
+  "dependencies": {
+    "@xwiki/cristal-api": "workspace:*",
+    "@xwiki/cristal-authentication-api": "workspace:*",
+    "axios": "1.7.9",
+    "inversify": "6.2.1",
+    "js-cookie": "3.0.5"
+  },
+  "peerDependencies": {
+    "reflect-metadata": "0.2.2"
+  },
+  "devDependencies": {
+    "@types/js-cookie": "3.0.6",
+    "@xwiki/cristal-dev-config": "workspace:*",
+    "reflect-metadata": "0.2.2",
+    "typescript": "5.7.3",
+    "vite": "6.0.11"
+  },
+  "publishConfig": {
+    "exports": {
+      ".": {
+        "import": "./dist/index.es.js",
+        "require": "./dist/index.umd.js",
+        "types": "./dist/index.d.ts"
+      }
+    },
+    "main": "./dist/index.es.js",
+    "types": "./dist/index.d.ts"
+  }
+}

core/authentication/authentication-github/src/GitHubAuthenticationManager.ts

@@ -0,0 +1,192 @@
+/*
+ * See the LICENSE file distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+import { AuthenticationManager } from "@xwiki/cristal-authentication-api";
+import axios from "axios";
+import { inject, injectable } from "inversify";
+import Cookies from "js-cookie";
+import type { CristalApp, WikiConfig } from "@xwiki/cristal-api";
+import type { UserDetails } from "@xwiki/cristal-authentication-api";
+import type { CookieAttributes } from "js-cookie";
+
+/**
+ * {@link AuthenticationManager} for the GitHub backend.
+ *
+ * @since 0.15
+ */
+@injectable()
+export class GitHubAuthenticationManager implements AuthenticationManager {
+  constructor(
+    @inject<CristalApp>("CristalApp") private cristalApp: CristalApp,
+  ) {}
+
+  private readonly localStorageDeviceCode = "authentication.device_code";
+
+  private readonly localStorageUserCode = "authentication.user_code";
+
+  private readonly localStorageExpiresIn = "authentication.expires_in";
+
+  private readonly localStorageInterval = "authentication.interval";
+
+  private readonly tokenTypeCookieKeyPrefix = "tokenType";
+
+  private readonly accessTokenCookieKeyPrefix = "accessToken";
+
+  async start(): Promise<void> {
+    const authorizationUrl = new URL("http://localhost:15682/device-login");
+
+    const response = await fetch(authorizationUrl);
+    const jsonResponse: {
+      device_code: string;
+      user_code: string;
+      expires_in: number;
+      interval: number;
+    } = await response.json();
+
+    window.localStorage.setItem(
+      "currentConfigName",
+      this.cristalApp.getWikiConfig().name,
+    );
+
+    window.localStorage.setItem(
+      this.localStorageDeviceCode,
+      jsonResponse.device_code,
+    );
+    window.localStorage.setItem(
+      this.localStorageUserCode,
+      jsonResponse.user_code,
+    );
+    window.localStorage.setItem(
+      this.localStorageExpiresIn,
+      jsonResponse.expires_in.toString(),
+    );
+    window.localStorage.setItem(
+      this.localStorageInterval,
+      jsonResponse.interval.toString(),
+    );
+  }
+
+  async callback(): Promise<void> {
+    const verificationUrl = new URL("http://localhost:15682/device-verify");
+    verificationUrl.searchParams.set(
+      "device_code",
+      window.localStorage.getItem(this.localStorageDeviceCode)!,
+    );
+    const configName = window.localStorage.getItem("currentConfigName")!;
+    const cookiesOptions: CookieAttributes = {
+      secure: true,
+      sameSite: "strict",
+    };
+
+    // We need to add a little more delay when polling, otherwise GitHub complains.
+    const interval: number =
+      parseInt(window.localStorage.getItem(this.localStorageInterval)!) * 1000 +
+      500;
+    let expiresIn: number =
+      parseInt(window.localStorage.getItem(this.localStorageExpiresIn)!) * 1000;
+
+    const intervalId = setInterval(async () => {
+      fetch(verificationUrl).then(async (response) => {
+        const jsonResponse: {
+          error?: string;
+          access_token?: string;
+          token_type?: string;
+        } = await response.json();
+        if (!jsonResponse.error) {
+          Cookies.set(
+            this.getAccessTokenCookieKey(configName),
+            jsonResponse.access_token!,
+            cookiesOptions,
+          );
+          Cookies.set(
+            this.getTokenTypeCookieKey(configName),
+            jsonResponse.token_type!,
+            cookiesOptions,
+          );
+          window.location.reload();
+          clearInterval(intervalId);
+        } else if (expiresIn <= 0) {
+          clearInterval(intervalId);
+        }
+        expiresIn -= interval;
+      });
+    }, interval);
+  }
+
+  async getUserDetails(): Promise<UserDetails> {
+    const userinfoUrl = "https://api.github.com/user";
+    const data = {
+      headers: {
+        Authorization: await this.getAuthorizationHeader(),
+      },
+    };
+    const {
+      data: { html_url, name, avatar_url },
+    } = await axios.get(userinfoUrl, data);
+
+    return { profile: html_url, name, avatar: avatar_url };
+  }
+
+  async logout(): Promise<void> {
+    // Logout is not supported through GitHub's API.
+    // The best we can do is to remove the stored cookies.
+    Cookies.remove(this.getTokenTypeCookieKey());
+    Cookies.remove(this.getAccessTokenCookieKey());
+  }
+
+  async getAuthorizationHeader(): Promise<string | undefined> {
+    const isAuthenticated = await this.isAuthenticated();
+    if (isAuthenticated) {
+      return `${this.getTokenType()} ${Cookies.get(this.getAccessTokenCookieKey())}`;
+    }
+  }
+
+  async isAuthenticated(): Promise<boolean> {
+    return (
+      this.getTokenType() !== undefined && this.getAccessToken() !== undefined
+    );
+  }
+
+  private getTokenType() {
+    return Cookies.get(this.getTokenTypeCookieKey());
+  }
+
+  private getAccessToken() {
+    return Cookies.get(this.getAccessTokenCookieKey());
+  }
+
+  private getAccessTokenCookieKey(configName?: string) {
+    const config = this.resolveConfig(configName);
+    return `${this.accessTokenCookieKeyPrefix}-${config?.baseURL}`;
+  }
+
+  private getTokenTypeCookieKey(configName?: string) {
+    const baseURL = this.resolveConfig(configName).baseURL;
+    return `${this.tokenTypeCookieKeyPrefix}-${baseURL}`;
+  }
+
+  private resolveConfig(configName?: string): WikiConfig {
+    if (configName !== undefined) {
+      return this.cristalApp.getAvailableConfigurations().get(configName)!;
+    } else {
+      return this.cristalApp.getWikiConfig();
+    }
+  }
+}

core/authentication/authentication-github/src/index.ts

@@ -0,0 +1,33 @@
+/*
+ * See the LICENSE file distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+import { GitHubAuthenticationManager } from "./GitHubAuthenticationManager";
+import type { AuthenticationManager } from "@xwiki/cristal-authentication-api";
+import type { Container } from "inversify";
+
+export class ComponentInit {
+  constructor(container: Container) {
+    container
+      .bind<AuthenticationManager>("AuthenticationManager")
+      .to(GitHubAuthenticationManager)
+      .inSingletonScope()
+      .whenTargetNamed("GitHub");
+  }
+}

core/authentication/authentication-github/tsconfig.json

@@ -0,0 +1,16 @@
+{
+  "compilerOptions": {
+    "rootDir": "src",
+    "outDir": "dist",
+    "resolveJsonModule": true
+  },
+  "extends": "../../../tsconfig.json",
+  "include": [
+    "./src/index.ts",
+    "./src/**/*"
+  ],
+  "exclude": [
+    "**/*.spec.ts",
+    "**/*.test.ts"
+  ]
+}

core/authentication/authentication-github/tsdoc.json

@@ -0,0 +1,4 @@
+{
+  "$schema": "https://developer.microsoft.com/json-schemas/tsdoc/v0/tsdoc.schema.json",
+  "extends": ["../../../tsdoc.json"]
+}

core/authentication/authentication-github/vite.config.ts

@@ -0,0 +1,23 @@
+/*
+ * See the LICENSE file distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+import { generateConfig } from "../../../vite.config";
+
+export default generateConfig(import.meta.url);

core/authentication/authentication-github/vitest.config.ts

@@ -0,0 +1,25 @@
+/*
+ * See the LICENSE file distributed with this work for additional
+ * information regarding copyright ownership.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+import localConfig from "./vite.config";
+import { mergeConfig } from "vitest/config";
+import defaultConfig from "@xwiki/cristal-dev-config/vitest-vue.config";
+
+export default mergeConfig(defaultConfig, localConfig);

core/authentication/authentication-ui/package.json

@@ -29,6 +29,7 @@
     "@xwiki/cristal-browser-api": "workspace:*",
     "@xwiki/cristal-icons": "workspace:*",
     "@xwiki/cristal-uiextension-api": "workspace:*",
+    "@xwiki/cristal-uiextension-default": "workspace:*",
     "inversify": "6.2.1",
     "vue": "3.5.13",
     "vue-i18n": "11.1.0"