Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for private repos #10

Open
CodyReichert opened this issue Jun 17, 2019 · 4 comments
Open

Support for private repos #10

CodyReichert opened this issue Jun 17, 2019 · 4 comments

Comments

@CodyReichert
Copy link

CodyReichert commented Jun 17, 2019
edited
Loading

Hey there, this works really well - great idea. I was wondering if there was support (or planned support) for private repositories? You might be able to read an API token from a standard place in ~/. or maybe add an input box for it in the configuration menu.

Would be interested to hear your thoughts on implementation, or if you're interested, I might be able to take a look at knocking it out.
@Zren
Copy link
Owner

Zren commented Jun 17, 2019
edited
Loading

For my phabricator revisions widget, phabricator allows you to generate an API key that I the user can paste into the config.

2019-06-17___14-20-40

GitHub has a few forms of authentication to the API:

I don't really want to have to embed a Qt Webkit browser window to perform an OAuth login in the widget. A personal login token might be useful, but it's probably for personal use, and not for deployment to users in an app/widget.

If you find time to fuss with the code before me:

git clone https://github.com/Zren/plasma-applet-githubissues
cd plasma-applet-githubissues
sudo apt install plasma-sdk # install plasmoidviewer

And to test run:

QT_LOGGING_RULES="qml.debug=true" QML_DISABLE_DISK_CACHE=true plasmoidviewer -a ./package

You can modify the default config values in contents/config/main.xml to quickly test stuff.

Most of the GitHub logic is in Main.qml.

@MrArca9
Copy link

MrArca9 commented Aug 5, 2019
edited
Loading

Using basic http authentication you can pass the request to the API with an 'Authorization' header in the http get request. The user would have to create a token for the application, which would need a new field, but once the token is pasted in you should good.

The format is username:token encoded into base64 and looks like this

GET /repos/TestUser/TestRepo/issues?state=open HTTP/1.1
Host: api.github.com
Authorization: Basic VGVzdFVzZXJuYW1lOlRlc3RUb2tlbkZyb21Vc2Vy
User-Agent: curl/7.64.0
Accept: /

I am currently (as I am writing this) messing around with doing this on my end and will update if i figure anything out later.

@MrArca9
Copy link

MrArca9 commented Aug 5, 2019
edited
Loading

I have NO idea what i'm doing in QML. I'm not sure what/how/who/wtf this language is but i managed to hack my way through it.

For those coming here from google who just 'Need' this to work for themselves here's what you do

BIG ASS DISCLAIMER

Seriously, don't do this unless you need to. This is an extremely gross way of doing it, and could break a lot of things as it is highly untested. This is more proof of concept. If you add any repos that are NOT yours then you will still be passing your token for authentication.

you probably already download and installed the plasmoid so let's assume you're doing this in a live environment

  1. Before you do anything you need to create a token and give it all permissions. (for the love of god don't do this in any unsafe environment. it's extremely easy to sniff out the key and start making api calls with it to ruin your github. I am not sure what read only permissions are required, so I just made the token be able to do everything.)

0a) now, make the token look like this <username>:<token> ex: BobRoss:124skjsaufbawoaos

0b) convert that (BobRoss:124skjsaufbawoaos) to base64 (find online, or do in notepad++)
to check for validity, BobRoss's token would look like this encoded
Qm9iUm9zczoxMjRza2pzYXVmYmF3b2Fvcyk=

  1. Navigate to /.local/share/plasma/plasmoids/com.github.zren.githubissues/contents/ui/Lib/

  2. Go to Request.js and modify the postJSON function at line 62 (ish)

function postJSON(opt, callback) {
	if (typeof opt === 'string') {
		opt = { url: opt }
	}
	opt.method = opt.method || 'GET'
	opt.headers = opt.headers || {}
	opt.headers['Content-Type'] = 'application/json'
	opt.headers['Authorization'] = 'Basic <PUTBASE64TOKENHERE!>'
	if (opt.data) {
		opt.data = JSON.stringify(opt.data)
	}
	getJSON(opt, callback)
}

You will need to keep Basic and put a space between it and your token. Example:

opt.headers['Authorization'] = 'Basic Qm9iUm9zczoxMjRza2pzYXVmYmF3b2Fvcyk='

  1. Navigate to /.local/share/plasma/plasmoids/com.github.zren.githubissues/contents/ui/

  2. Open up main.qml

  3. Inside of function fetch issues (line 44ish) replace the Requests.getJSON with Requests.postJSON

Requests.postJSON({
			url: url			
		}
		, function(err, data, xhr){
			logger.debug('fetchIssues.response.url', url)
			logger.debug('fetchIssues.response', err, data && data.length)
			if (isLocalFile) {
				callback(null, data) // We get HTTP 0 error for a local file, ignore it.
			} else {
				callback(err, data)
			}
		})

now when the plasmoid goes to fetch your data, you are authenticating it to be able to access your items. You'll also need to refresh the plasmoid / restart / log off. Idk what was happening on my end, but it was being a pain after these changes. Good luck googlers!

@namaenonaimumei
Copy link

Since there were some inconsistencies in guide above, here is more accurate way of doing this.

  1. Logged into github Web UI go to Settings->Developer settings->Personal access tokens
  2. Generate new token, copy token itself to clipboard (as for permissions from what I tested you need to enable at least whole repo and maybe read:org in case of organization projects - this means you have to give write access to token after all)
  3. After token creation, copy and save it since token itself becomes hidden and requesting it disables old sessions
  4. Open ~/.local/share/plasma/plasmoids/com.github.zren.githubissues/contents/ui/lib/Requests.js
  5. Depending on which version you have (repository/store) code may look different, but getJSON() should be the same - after line opt.headers['Accept'] = 'application/json' add new line opt.headers['Authorization'] = 'token YOURTOKEN' and overwrite file. Notice you just need to pass token alone to YOURTOKEN as it is shown in settings panel.
    In case of current master (9fc4ee9) add new line at line 85
  6. Do not change anything other than that
  7. Apply changes immediately by soft resetting plasma (this won't lose your current session) - done by (for Plasma5) kquitapp5 plasmashell && kstart5 plasmashell in console

If you did everything accordingly you should see issues instantly, even without refreshing (if your private repositories were already set in settings)

Of course proper functionality could be achieved by adding new field in config view and binding that value to opt.headers['Authorization'] instead of hard coded tokens
Do note either way I couldn't find any way to create read-only token that would work with widget at the time, so you need to use token with write access (repo one)
That being said, this can be easily mitigated by creating dummy collaborator account to share private repositories with, but without giving repository write permissions and using token generated in such account

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Zren @CodyReichert @MrArca9 @namaenonaimumei