Yehowshua/ZIm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use tiny_http for handling login HTTP request

Browse source 
Our manual HTTP parsing and encoding was not working with Safari.

Co-Authored-By: Antonio Scandurra <me@as-cii.com>
This commit is contained in:
Max Brunsfeld 2021-06-11 10:28:00 -07:00
parent 71d64a837e
commit 86ff599285
5 changed files with 88 additions and 77 deletions
Download patch file Download diff file Expand all files Collapse all files

96
zed/src/lib.rs
View file

@ -1,7 +1,7 @@
use anyhow::{anyhow, Context, Result};
use gpui::{AsyncAppContext, MutableAppContext, Task};
use smol::io::{AsyncBufReadExt, AsyncWriteExt};
use std::convert::TryFrom;
use std::{convert::TryFrom, time::Duration};
use tiny_http::{Header, Response, Server};
use url::Url;
use util::SurfResultExt;
@ -72,7 +72,8 @@ fn share_worktree(_: &(), cx: &mut MutableAppContext) {
fn login(zed_url: String, cx: &AsyncAppContext) -> Task<Result<(String, String)>> {
let platform = cx.platform();
cx.background_executor().spawn(async move {
let executor = cx.background_executor();
executor.clone().spawn(async move {
if let Some((user_id, access_token)) = platform.read_credentials(&zed_url) {
log::info!("already signed in. user_id: {}", user_id);
return Ok((user_id, String::from_utf8(access_token).unwrap()));
@ -86,10 +87,9 @@ fn login(zed_url: String, cx: &AsyncAppContext) -> Task<Result<(String, String)>
let public_key_string =
String::try_from(public_key).expect("failed to serialize public key for auth");
// Listen on an open TCP port. This port will be used by the web browser to notify the
// application that the login is complete, and to send the user's id and access token.
let listener = smol::net::TcpListener::bind("127.0.0.1:0").await?;
let port = listener.local_addr()?.port();
// Start an HTTP server to receive the redirect from Zed's sign-in page.
let server = Server::http("127.0.0.1:0").expect("failed to find open port");
let port = server.server_addr().port();
// Open the Zed sign-in page in the user's browser, with query parameters that indicate
// that the user is signing in from a Zed app running on the same device.
@ -98,56 +98,44 @@ fn login(zed_url: String, cx: &AsyncAppContext) -> Task<Result<(String, String)>
zed_url, port, public_key_string
));
// Receive the HTTP request from the user's browser. Parse the first line, which contains
// the HTTP method and path.
let (mut stream, _) = listener.accept().await?;
let mut reader = smol::io::BufReader::new(&mut stream);
let mut line = String::new();
reader.read_line(&mut line).await?;
let mut parts = line.split(" ");
let http_method = parts.next();
if http_method != Some("GET") {
return Err(anyhow!(
"unexpected http method {:?} in request from zed web app",
http_method
));
}
let path = parts.next().ok_or_else(|| {
anyhow!("failed to parse http request from zed login redirect - missing path")
})?;
// Receive the HTTP request from the user's browser. Retrieve the user id and encrypted
// access token from the query params.
//
// TODO - Avoid ever starting more than one HTTP server. Maybe switch to using a
// custom URL scheme instead of this local HTTP server.
let (user_id, access_token) = executor
.spawn::<anyhow::Result<_>, _>(async move {
if let Some(req) = server.recv_timeout(Duration::from_secs(10 * 60))? {
let path = req.url();
let mut user_id = None;
let mut access_token = None;
let url = Url::parse(&format!("http://example.com{}", path))
.context("failed to parse login notification url")?;
for (key, value) in url.query_pairs() {
if key == "access_token" {
access_token = Some(value.to_string());
} else if key == "user_id" {
user_id = Some(value.to_string());
}
}
req.respond(
Response::from_string(LOGIN_RESPONSE)
.with_header(Header::from_bytes("Content-Type", "text/html").unwrap()),
)
.context("failed to respond to login http request")?;
Ok(user_id.zip(access_token))
} else {
Ok(None)
}
})
.await?
.ok_or_else(|| anyhow!(""))?;
// Parse the query parameters from the HTTP request.
let mut user_id = None;
let mut access_token = None;
let url = Url::parse(&format!("http://example.com{}", path))
.context("failed to parse login notification url")?;
for (key, value) in url.query_pairs() {
if key == "access_token" {
access_token = Some(value);
} else if key == "user_id" {
user_id = Some(value);
}
}
// Write an HTTP response to the user's browser, instructing it to close the tab.
// Then transfer focus back to the application.
stream
.write_all(LOGIN_RESPONSE.as_bytes())
.await
.context("failed to write login response")?;
stream.flush().await.context("failed to flush tcp stream")?;
platform.activate(true);
// If login succeeded, then store the credentials in the keychain.
let user_id = user_id.ok_or_else(|| anyhow!("missing user_id in login request"))?;
let access_token =
access_token.ok_or_else(|| anyhow!("missing access_token in login request"))?;
let access_token = private_key
.decrypt_string(&access_token)
.context("failed to decrypt access token")?;
platform.activate(true);
platform.write_credentials(&zed_url, &user_id, access_token.as_bytes());
log::info!("successfully signed in. user_id: {}", user_id);
Ok((user_id.to_string(), access_token))
})
}
@ -157,10 +145,6 @@ fn quit(_: &(), cx: &mut MutableAppContext) {
}
const LOGIN_RESPONSE: &'static str = "
HTTP/1.1 200 OK\r
Content-Length: 64\r
Content-Type: text/html\r
\r
<!DOCTYPE html>
<html>
<script>window.close();</script>