per-user auth v2: ac/.../_state looks for state in quay

2025-01-02 12:05:28 +03:00 · 2016-01-22 16:39:49 -08:00 · 2016-01-22 16:39:49 -08:00 · 4a31ec56d0
commit 4a31ec56d0
parent 87541b4039
7 changed files with 26 additions and 15 deletions
--- a/ape/dojo.hoon
+++ b/ape/dojo.hoon
@ -86,7 +86,7 @@
    ++  card                                            ::  general card
      $%  [%diff %sole-effect sole-effect]              ::
          [%send wire [ship term] clap]                 ::
-          [%hiss wire mark [%hiss hiss]]                ::
+          [%hiss wire [~ ~] %httr [%hiss hiss]]         ::
          [%exec wire @p (unit ,[beak silk])]           ::
          [%deal wire sock term club]                   ::
          [%info wire @p toro]                          ::
@ -267,7 +267,7 @@
      |=  [way=wire req=hiss]
      ^+  +>+>
      ?>  ?=(~ pux)
-      (he-card(poy `+>+<(pux `way)) %hiss way %httr %hiss req)
+      (he-card(poy `+>+<(pux `way)) %hiss way `~ %httr %hiss req)
    ::
    ++  dy-stop                                         ::  stop work
      ^+  +>
--- a/ape/gh.hoon
+++ b/ape/gh.hoon
@ -7,7 +7,7 @@
    ++  card  
      $%  [%diff sub-result]
          [%them wire (unit hiss)]
-          [%hiss wire %httr [%hiss hiss]]
+          [%hiss wire [~ ~] %httr [%hiss hiss]]
      ==
    --
 |_  [hid=bowl cnt=@ hook=(unit ,@t)]
@ -73,7 +73,7 @@
  =+  wir=[%x (scot %ud cnt) pax]
  =+  [aut hiz]=~(scry gh i.pax t.pax)
  ?.  aut  [ost.hid %them wir ~ hiz]
-  [ost.hid %hiss wir %httr [%hiss hiz]]
+  [ost.hid %hiss wir `~ %httr [%hiss hiz]]
 ::
 ++  sigh-httr-x  thou-x
 ++  thou-x
--- a/arvo/eyre.hoon
+++ b/arvo/eyre.hoon
@ -1111,8 +1111,14 @@
          ?~  but  ~|(no-host/`path`/~/[pef] !!)
          =+  `dom=host`~|(bad-host/i.but (rash i.but thos:urlp))
          ?:  ?=(%| -.dom)  ~|(auth-ip/dom !!)
-          =+  usr=~|(bad-user/t.but (raid t.but %ta ~))
-          [%oath usr p.dom]
+          =-  [%oath - p.dom]
+          ~|  bad-user/`path`t.but
+          ?>  ?=([@ ~] t.but)
+          =+  in-quy=(rush i.t.but ;~(pfix cab fque:urlp))
+          ?~  in-quy
+            (slav %ta i.t.but)
+          =+  src=~|(no/u.in-quy (~(got by (mo quy)) u.in-quy))
+          p:(need (puck src))  ::  allow state=usr_other-data
        ::
            %at  [%auth %at pok(q but)]
            %am  ?~(but !! [%auth %xen i.but pok(q t.but)])
--- a/arvo/gall.hoon
+++ b/arvo/gall.hoon
@ -812,7 +812,7 @@
      =^  gaw  vel  (~(slot wa vel) 15 vax)
      ?.  &(?=([p=@ q=^] q.gaw) ((sane %tas) p.q.gaw))
        :_(+>.$ [%| (ap-suck "hiss: malformed cage")])
-      =+  usr=((soft (unit span)) p.q.vax)
+      =+  usr=((soft (unit span)) q.q.vax)
      ?.  &(?=(^ usr) ?~(u.usr & ((sane %ta) u.u.usr)))
        :_(+>.$ [%| (ap-suck "hiss: malformed (unit span)")])
      =+  pux=((soft path) p.q.vax)
@ -822,7 +822,9 @@
      :_  +>.$
      :^  %&  sto  %pass
      :-  [(scot %p q.q.pry) %cay u.pux]
-      [%hiss u.usr q.q.vax [p.q.gaw paw]]
+      ~!  *cote
+      =-  ~!  -  `cote`-
+      [%hiss u.usr r.q.vax [p.q.gaw paw]]
    ::
    ++  ap-move-mess                                    ::  extract path, target
      |=  vax=vase
--- a/arvo/zuse.hoon
+++ b/arvo/zuse.hoon
@ -1820,7 +1820,7 @@
 ++  bale                                                ::  driver state
  |*  a=_,*                                             ::  %jael keys type
  $:  [our=ship now=@da eny=@uvI byk=beak]              ::  base info
-      [usr=?(~ span) dom=(list ,@t)]                    ::  req user, domain
+      [usr=span dom=(list ,@t)]                         ::  req user, domain
      key=a                                             ::  secrets from %jael
  ==                                                    ::
 ++  sec-move                                            ::  driver effect
--- a/sec/com/facebook/graph.hoon
+++ b/sec/com/facebook/graph.hoon
@ -20,12 +20,13 @@
 ++  decode-key                        :: XX from bale w/ typed %jael
  ((hard ,[client-id=@t client-secret=@t ~]) (lore key))
 ::
-++  redirect-uri  'http://localhost:8443/~/ac/graph.facebook.com/auth'
++  redirect-uri  'http://localhost:8443/~/ac/graph.facebook.com/_state'
 ++  aut
  =+  key=decode-key :: XX
  ^-  quay
  %-  fass
-  :~  client-id/client-id.key
+  :~  state/(pack usr /'')
+      client-id/client-id.key
      redirect-uri/redirect-uri
      scope/'user_about_me user_posts'
  ==
--- a/sec/com/googleapis/www.hoon
+++ b/sec/com/googleapis/www.hoon
@ -28,18 +28,20 @@
 ++  toke-url  (endpoint /oauth2/v4/token)
 ++  dbg-post  `purl`[[| `6.000 `/localhost] `/testing /]
 ++  auth-url
-  |=  [cid=@t sop=(list cord)]  ^-  purl
+  |=  [usr=@t cid=@t sop=(list cord)]  ^-  purl
  :+  [& ~ `/com/google/accounts]  [~ /o/oauth2/v2/auth]
  %-  fass  :~
+    state/(pack usr /'')
+    login-hint/?~(usr '' (cat 3 usr '@gmail.com'))
    client-id/cid
    access-type/%offline
    response-type/%code
+    redirect-uri/redirect-uri
    =<  scope/(crip ~(ram re (join " " (turn sop .))))
    |=(a=cord leaf/(earn (endpoint /auth/[a])))
  ::
-    redirect-uri/redirect-uri
  ==
-++  redirect-uri  'http://localhost:8443/~/ac/www.googleapis.com/~.'
++  redirect-uri  'http://localhost:8443/~/ac/www.googleapis.com/_state'
 ++  user-state  ,[ber=@t ref=@t ded=@da]
 --
 ::
@ -53,7 +55,7 @@
 ++  need-refresh  (lth ded (add now ~m1))
 ++  out
  |=  a=hiss  ^-  sec-move
-  ?~  ber  [%show (auth-url client-id 'userinfo.email' 'plus.me' ~)]
+  ?~  ber  [%show (auth-url usr client-id 'userinfo.email' 'plus.me' ~)]
  ?:  need-refresh
    [%send toke-url (toke-req refresh-token/ref grant-type/'refresh_token' ~)]
  [%send %_(a q.q (~(add ja q.q.a) %authorization (cat 3 'Bearer ' ber)))]