feat: external login #1629
Merged
feat: external login #1629
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alanshaw
commented
Feb 24, 2025
| @@ -41,7 +41,7 @@ export const AuthorizationRequest = Schema.struct({ | |||
| /** | |||
| * DID of the Account authorization is requested from. | |||
| */ | |||
| iss: Account, | |||
| iss: Account.optional(), | |||
There was a problem hiding this comment.
This is now optional, as per the RFC.
In the case of OAuth login, we don't know the email address of the user until after they have authorized and we have issued the delegation and attestation on their behalf.
alanshaw
commented
Feb 24, 2025
| @@ -21,6 +21,10 @@ export const provide = (ctx) => | |||
| * @returns {Promise<API.Transaction<API.AccessAuthorizeSuccess, API.AccessAuthorizeFailure>>} | |||
| */ | |||
| export const authorize = async ({ capability, invocation }, ctx) => { | |||
| if (!capability.nb.iss) { | |||
| return Server.error(new Error('Issuer is required in invoked authorization request.')) | |||
| } | |||
There was a problem hiding this comment.
For regular email login we require issuer.
This was referenced Feb 14, 2025
alanshaw
pushed a commit
that referenced
this pull request
Feb 25, 2025
🤖 I have created a release *beep* *boop* --- ## [18.1.0](capabilities-v18.0.1...capabilities-v18.1.0) (2025-02-25) ### Features * external login ([#1629](#1629)) ([150b5d7](150b5d7)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
alanshaw
pushed a commit
that referenced
this pull request
Feb 25, 2025
🤖 I have created a release *beep* *boop* --- ## [20.2.0](access-v20.1.2...access-v20.2.0) (2025-02-25) ### Features * external login ([#1629](#1629)) ([150b5d7](150b5d7)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
alanshaw
pushed a commit
that referenced
this pull request
Feb 25, 2025
🤖 I have created a release *beep* *boop* --- ## [17.2.0](w3up-client-v17.1.2...w3up-client-v17.2.0) (2025-02-25) ### Features * external login ([#1629](#1629)) ([150b5d7](150b5d7)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
alanshaw
added a commit
that referenced
this pull request
Feb 25, 2025
🤖 I have created a release *beep* *boop* --- ## [19.1.0](upload-api-v19.0.0...upload-api-v19.1.0) (2025-02-25) ### Features * external login ([#1629](#1629)) ([150b5d7](150b5d7)) ### Other Changes * upgrade dependencies for better de-duplication ([#1620](#1620)) ([fa90a01](fa90a01)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: ash <alan@storacha.network>
alanshaw
added a commit
to storacha/w3cli
that referenced
this pull request
Feb 25, 2025
Allows login via github via: ```sh w3 login --github ``` refs storacha/RFC#43 depends on storacha/w3up#1629
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
refs storacha/RFC#43
This PR adds a new method
externalLogin()that allow login to the system via an external method (e.g. OAuth). It essentially bypasses email confirmation, assuming this is done out of band. We re-join the regular auth flow at the point when we claim the delegation (and attestation) from an email to the agent.