MARTECH-32 Implement GitHub authentication endpoint #101672
Conversation
Jetpack Cloud live (direct link)
Automattic for Agencies live (direct link)
|
|
This PR modifies the release build for the following Calypso Apps: For info about this notification, see here: PCYsg-OT6-p2
To test WordPress.com changes, run |
|
Here is how your PR affects size of JS and CSS bundles shipped to the user's browser: App Entrypoints (~324 bytes added 📈 [gzipped]) Common code that is always downloaded and parsed every time the app is loaded, no matter which route is used. Legend What is parsed and gzip size?Parsed Size: Uncompressed size of the JS and CSS files. This much code needs to be parsed and stored in memory. Generated by performance advisor bot at iscalypsofastyet.com. |
| ux_mode: 'redirect', | ||
| redirect_to: query?.redirect_to || '/', | ||
| } ); | ||
| window.location.href = `https://public-api.wordpress.com/wpcom/v2/hosting/github/app-authorize?${ params.toString() }`; |
There was a problem hiding this comment.
Should we add a return after this redirect so the context.primary code doesn't run if we reached this point and the redirect happens?
| tos: JSON.stringify( getToSAcceptancePayload() ), | ||
| } ); | ||
| } catch { | ||
| // Silently fail; when id_token is not present, the endpoint fails when the user already exists |
There was a problem hiding this comment.
Is this something we'd like to log to logstash if it fails? Or perhaps check the error code if there's any, so we know we are failing silently only when user already exists
| try { | ||
| // GitHub supports localhost auth; and we allowlist the jetpack callback path | ||
| const redirectUri = `${ window.location.origin }/log-in/jetpack/github/callback`; | ||
|
|
||
| // Exchange auth code for tokens | ||
| const response = await postLoginRequest( 'exchange-social-auth-code', { | ||
| service: 'github', | ||
| auth_code: code, | ||
| redirect_uri: redirectUri, | ||
| client_id: config( 'wpcom_signup_id' ), | ||
| client_secret: config( 'wpcom_signup_key' ), | ||
| } ); | ||
|
|
||
| const { access_token } = response.body.data; | ||
|
|
||
| // Try to create a new WordPress.com account (if it doesn't exist) - then, log in the user | ||
| try { | ||
| try { |
There was a problem hiding this comment.
These nested try...catch blocks might make it harder to read the code, I wonder whether letting the error propagate, or creating helper functions would help to achieve a similar behavior while improving readability
| await context.store.dispatch( rebootAfterLogin() ); | ||
| return; | ||
| } catch { | ||
| // If both connection and creation fail, show warning and redirect back to login page |
There was a problem hiding this comment.
Thanks for the comments, they help understand what each catch is for
| redirect_to | ||
| ) | ||
| ); | ||
| const url = new URL( redirect_to ); |
There was a problem hiding this comment.
Here, is redirect_to an internal URL? Does it make set the second parameter (the base of the URL) if it's an internal URL?
robertsreberski
force-pushed
the
add/jetpack-auth-apple-direct
branch
from
6680194 to
26f9b16
Compare
robertsreberski
changed the base branch from
add/jetpack-auth-apple-direct
to
trunk
robertsreberski
force-pushed
the
add/jetpack-auth-github-direct
branch
from
47ef171 to
a66165e
Compare
robertsreberski
changed the title
This reverts commit bec8c74.
* Revert "Properly handle redirect_to in fallback login page (#102117)" This reverts commit 24f8f5e. * Revert "Jetpack Onboarding: various auth improvements (#102106)" This reverts commit da747fd. * Revert "Improve error handling in auth flows (#102027)" This reverts commit fd52d8c. * Revert "My Jetpack: redirect logged in users to the connection page (#102644)" This reverts commit 6a41e3e. * Revert "Improve log in handling for Google (#102018)" This reverts commit 30b8af0. * Revert "Add back logging out (#102015)" This reverts commit 54afb7e. * Revert "Fix Apple and GitHub redirects (#102011)" This reverts commit f39b9e4. * Revert "Next bunch on auth improvements (#101996)" This reverts commit 3de680b. * Revert "Various improvements of direct Jetpack auth (#101988)" This reverts commit 7a3558a. * Revert "Improve error redirects (#101865)" This reverts commit e2c6064. * Revert "MARTECH-42 Various Jetpack direct auth improvements and fixes (#101859)" This reverts commit d49fc76. * Revert "Add direct GitHub auth and callback server-side (#101672)" This reverts commit bec8c74. * Revert "Do not run Jetpack social auth endpoints on serverside (#101832)" This reverts commit 2d915a9. * Revert "Remove oauth env checks in social auth Jetpack (#101802)" This reverts commit 0639270. * Revert "Revert the improvement to the original code (#101801)" This reverts commit d959108. * Revert "Fix nonce handling in auth request (#101800)" This reverts commit 013bd4e. * Revert "JPMT-31 Apple authentication endpoint for Jetpack (#101658)" This reverts commit 0c55e09. * Revert "JPMT-30 Add direct Google auth endpoint for Jetpack (#101588)" This reverts commit 93dbf58. * Revert "Support auto trigger of magiclink auth (#101601)" This reverts commit 2984e31. * Revert "JPMT-29 Improve Google Auth handling based on testing (#101508)" This reverts commit 7011770. * Revert "JPMT-29 Add direct authentication endpoints for social providers (#101427)" This reverts commit b45e821.
Related to 177769-ghe-Automattic/wpcom
Proposed Changes
Why are these changes being made?
We're building new onboarding flow for Jetpack that will simplify the process for new users. The user will now choose their authentication method directly in Jetpack plugin thus we needed to make some adjustments on Calypso end.
Testing Instructions
wordpress.comto your sandboxcalypso.localhost:3000/log-in/jetpack/github?redirect_to=/successcalypso.localhost:3000/successcalypso.localhost:3000/log-in/jetpack?redirect_to=/success