From 2a3b56a1dc40b7050e6c6c9bdb7b6422a8c6855c Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Mon, 15 Aug 2016 11:12:01 +0100 Subject: [PATCH 1/4] Return a specific not found error message when the user hasn't authed with JIRA --- src/github.com/matrix-org/go-neb/realms/jira/jira.go | 2 -- src/github.com/matrix-org/go-neb/services/jira/jira.go | 5 ++++- .../matrix-org/go-neb/services/jira/webhook/webhook.go | 3 +++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/src/github.com/matrix-org/go-neb/realms/jira/jira.go b/src/github.com/matrix-org/go-neb/realms/jira/jira.go index 26e6fb7..1b31a92 100644 --- a/src/github.com/matrix-org/go-neb/realms/jira/jira.go +++ b/src/github.com/matrix-org/go-neb/realms/jira/jira.go @@ -251,9 +251,7 @@ func (r *JIRARealm) JIRAClient(userID string, allowUnauth bool) (*jira.Client, e // make an unauthenticated client return jira.NewClient(nil, r.JIRAEndpoint) } - return nil, errors.New("No authenticated session found for " + userID) } - // some other error return nil, err } diff --git a/src/github.com/matrix-org/go-neb/services/jira/jira.go b/src/github.com/matrix-org/go-neb/services/jira/jira.go index 9e92af6..deb8027 100644 --- a/src/github.com/matrix-org/go-neb/services/jira/jira.go +++ b/src/github.com/matrix-org/go-neb/services/jira/jira.go @@ -117,6 +117,10 @@ func (s *jiraService) cmdJiraCreate(roomID, userID string, args []string) (inter } cli, err := r.JIRAClient(userID, false) if err != nil { + if err == sql.ErrNoRows { // no client found + return &matrix.TextMessage{"m.notice", + userID + " : You have not linked your JIRA account."}, nil + } return nil, err } i, res, err := cli.Issue.Create(&iss) @@ -286,7 +290,6 @@ func (s *jiraService) projectToRealm(userID, pkey string) (*realms.JIRARealm, er // - If there is a matching project with that key, return that realm. // We search installations which the user has already OAuthed with first as most likely // the project key will be on a JIRA they have access to. - // TODO: Return whether they have authed or not so they know if they need to make a starter link logger := log.WithFields(log.Fields{ "user_id": userID, "project": pkey, diff --git a/src/github.com/matrix-org/go-neb/services/jira/webhook/webhook.go b/src/github.com/matrix-org/go-neb/services/jira/webhook/webhook.go index a34765c..b5635d9 100644 --- a/src/github.com/matrix-org/go-neb/services/jira/webhook/webhook.go +++ b/src/github.com/matrix-org/go-neb/services/jira/webhook/webhook.go @@ -119,6 +119,9 @@ func OnReceiveRequest(req *http.Request) (string, *Event, *errors.HTTPError) { func createWebhook(jrealm *realms.JIRARealm, webhookEndpointURL, userID string) error { cli, err := jrealm.JIRAClient(userID, false) + if err != nil { + return err + } req, err := cli.NewRequest("POST", "rest/webhooks/1.0/webhook", jiraWebhook{ Name: "Go-NEB", From 4ea8e6d49d3c6087fd425cc05976dd47ca37eb10 Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Mon, 15 Aug 2016 11:18:26 +0100 Subject: [PATCH 2/4] Add JIRA starter links --- src/github.com/matrix-org/go-neb/realms/jira/jira.go | 1 + src/github.com/matrix-org/go-neb/services/jira/jira.go | 9 +++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/src/github.com/matrix-org/go-neb/realms/jira/jira.go b/src/github.com/matrix-org/go-neb/realms/jira/jira.go index 1b31a92..68532cc 100644 --- a/src/github.com/matrix-org/go-neb/realms/jira/jira.go +++ b/src/github.com/matrix-org/go-neb/realms/jira/jira.go @@ -33,6 +33,7 @@ type JIRARealm struct { PublicKeyPEM string // clobbered based on PrivateKeyPEM PrivateKeyPEM string HasWebhook bool // clobbered based on NEB + StarterLink string } // JIRASession represents a single authentication session between a user and a JIRA endpoint. diff --git a/src/github.com/matrix-org/go-neb/services/jira/jira.go b/src/github.com/matrix-org/go-neb/services/jira/jira.go index deb8027..8793705 100644 --- a/src/github.com/matrix-org/go-neb/services/jira/jira.go +++ b/src/github.com/matrix-org/go-neb/services/jira/jira.go @@ -118,8 +118,13 @@ func (s *jiraService) cmdJiraCreate(roomID, userID string, args []string) (inter cli, err := r.JIRAClient(userID, false) if err != nil { if err == sql.ErrNoRows { // no client found - return &matrix.TextMessage{"m.notice", - userID + " : You have not linked your JIRA account."}, nil + return matrix.StarterLinkMessage{ + Body: fmt.Sprintf( + "You need to OAuth with JIRA on %s before you can create issues.", + r.JIRAEndpoint, + ), + Link: r.StarterLink, + }, nil } return nil, err } From a7f0be68c915a7598c110adc48907284174eb069 Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Mon, 15 Aug 2016 11:40:00 +0100 Subject: [PATCH 3/4] Explain what starter links are --- README.md | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 23d3db8..613e72b 100644 --- a/README.md +++ b/README.md @@ -73,10 +73,17 @@ check that the server is still running. {} +Some `AuthRealms` support "Starter Links". These are HTTP URLs which knowledgeable clients should use to *start* the auth process. They are commonly returned as metadata to `!commands`. +These links require the client to prove that they own a given user ID by appending a token +to the Starter Link. This token will be used to verify the client's identity by making an +Open ID request to the user's Homeserver via federation. + ## Starting a Github Service ### Register a Github realm +This API allows for an optional `StarterLink` value. + ``` curl -X POST localhost:4050/admin/configureAuthRealm --data-binary '{ "ID": "mygithubrealm", @@ -84,6 +91,7 @@ curl -X POST localhost:4050/admin/configureAuthRealm --data-binary '{ "Config": { "ClientSecret": "YOUR_CLIENT_SECRET", "ClientID": "YOUR_CLIENT_ID", + "StarterLink": "https://example.com/requestGithubOAuthToken", "RedirectBaseURI": "https://public.path.to.neb" } }' @@ -97,6 +105,7 @@ Returns: "NewConfig":{ "ClientSecret":"YOUR_CLIENT_SECRET", "ClientID":"YOUR_CLIENT_ID", + "StarterLink": "https://example.com/requestGithubOAuthToken", "RedirectBaseURI":"https://public.path.to.neb" } } @@ -157,7 +166,7 @@ openssl genrsa -out privkey.pem 2048 cat privkey.pem ``` -Create the realm: +This API allows for an optional `StarterLink` value. Create the realm: ``` curl -X POST localhost:4050/admin/configureAuthRealm --data-binary '{ @@ -165,6 +174,7 @@ curl -X POST localhost:4050/admin/configureAuthRealm --data-binary '{ "Type": "jira", "Config": { "JIRAEndpoint": "matrix.org/jira/", + "StarterLink": "https://example.com/requestJIRAOAuthToken", "ConsumerName": "goneb", "ConsumerKey": "goneb", "ConsumerSecret": "random_long_string", @@ -174,15 +184,16 @@ curl -X POST localhost:4050/admin/configureAuthRealm --data-binary '{ ``` Returns: -```json +```yaml { "ID": "jirarealm", "Type": "jira", "OldConfig": null, "NewConfig": { - "JIRAEndpoint": "https://matrix.org/jira/", - "Server": "Matrix.org", - "Version": "6.3.5a", + "JIRAEndpoint": "https://matrix.org/jira/", // canonicalised form + "StarterLink": "https://example.com/requestJIRAOAuthToken", + "Server": "Matrix.org", // informational; inserted by NEB + "Version": "6.3.5a", // informational; inserted by NEB "ConsumerName": "goneb", "ConsumerKey": "goneb", "ConsumerSecret": "random_long_string", From aab346e0faef5ca682e20372b8748cedcb3c10ad Mon Sep 17 00:00:00 2001 From: Kegan Dougal Date: Mon, 15 Aug 2016 11:43:05 +0100 Subject: [PATCH 4/4] Tweak in-line JSON comment format --- README.md | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 613e72b..a75f25c 100644 --- a/README.md +++ b/README.md @@ -183,17 +183,24 @@ curl -X POST localhost:4050/admin/configureAuthRealm --data-binary '{ }' ``` +The following keys will be modified/added: + - `JIRAEndpoint` in canonicalised form. + - `Server` and `Version` keys which are purely informational for the caller. + - `PublicKeyPEM` which the caller needs a human to insert into the JIRA Application Links web form. + + Returns: -```yaml + +```json { "ID": "jirarealm", "Type": "jira", "OldConfig": null, "NewConfig": { - "JIRAEndpoint": "https://matrix.org/jira/", // canonicalised form + "JIRAEndpoint": "https://matrix.org/jira/", "StarterLink": "https://example.com/requestJIRAOAuthToken", - "Server": "Matrix.org", // informational; inserted by NEB - "Version": "6.3.5a", // informational; inserted by NEB + "Server": "Matrix.org", + "Version": "6.3.5a", "ConsumerName": "goneb", "ConsumerKey": "goneb", "ConsumerSecret": "random_long_string",