feat: auto sign in localhost

Author: abose

src-node/index.js

@@ -93,6 +93,7 @@ const PHOENIX_FS_URL = `/PhoenixFS${randomNonce(8)}`;
 const PHOENIX_STATIC_SERVER_URL = `/Static${randomNonce(8)}`;
 const PHOENIX_NODE_URL = `/PhoenixNode${randomNonce(8)}`;
 const PHOENIX_LIVE_PREVIEW_COMM_URL = `/PreviewComm${randomNonce(8)}`;
+const PHOENIX_AUTO_AUTH_URL = `/AutoAuth${randomNonce(8)}`;
 
 const savedConsoleLog = console.log;
 
@@ -190,7 +191,8 @@ function processCommand(line) {
                     phoenixFSURL: `ws://localhost:${port}${PHOENIX_FS_URL}`,
                     phoenixNodeURL: `ws://localhost:${port}${PHOENIX_NODE_URL}`,
                     staticServerURL: `http://localhost:${port}${PHOENIX_STATIC_SERVER_URL}`,
-                    livePreviewCommURL: `ws://localhost:${port}${PHOENIX_LIVE_PREVIEW_COMM_URL}`
+                    livePreviewCommURL: `ws://localhost:${port}${PHOENIX_LIVE_PREVIEW_COMM_URL}`,
+                    autoAuthURL: `http://localhost:${port}${PHOENIX_AUTO_AUTH_URL}`
                 }, jsonCmd.commandID);
             });
             return;
@@ -207,6 +209,67 @@ rl.on('line', (line) => {
 
 const localhostOnly = 'localhost';
 
+const AUTH_CONNECTOR_ID = "ph_auth";
+const EVENT_CONNECTED = "connected";
+let verificationCode = null;
+async function setVerificationCode(code) {
+    verificationCode = code;
+}
+const nodeConnector = NodeConnector.createNodeConnector(AUTH_CONNECTOR_ID, {
+    setVerificationCode
+});
+
+const ALLOWED_ORIGIN = 'https://account.phcode.io';
+function autoAuth(req, res) {
+    const origin = req.headers.origin;
+    // localhost dev of loginService is not allowed here to not leak to production. So autoAuth is not available in
+    // dev builds.
+    const isAllowedOrigin = !origin || (ALLOWED_ORIGIN === origin);
+    if(!isAllowedOrigin){
+        res.writeHead(403, { 'Content-Type': 'text/plain' });
+        res.end('Forbidden origin');
+        return;
+    }
+    if (req.method === 'OPTIONS') {
+        res.setHeader('Access-Control-Allow-Origin', origin);
+        res.setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS');
+        res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
+        res.setHeader('Access-Control-Allow-Credentials', 'true');
+        res.setHeader('Access-Control-Allow-Private-Network', 'true');
+        res.writeHead(204);
+        res.end();
+        return;
+    }
+    // Remove '/AutoAuth<rand>' from the beginning of the URL and construct file path
+    const url = new URL(req.url, `http://${req.headers.host}`);
+    const cleanPath = url.pathname.replace(PHOENIX_AUTO_AUTH_URL, '');
+    // Check if the request is for the autoVerifyCode endpoint
+    if (cleanPath === `/autoVerifyCode` && req.method === 'GET') {
+        origin && res.setHeader('Access-Control-Allow-Origin', origin);
+        if(!verificationCode) {
+            res.setHeader('Content-Type', 'text/plain');
+            res.writeHead(404);
+            res.end('Not Found');
+            return;
+        }
+        res.setHeader('Access-Control-Allow-Credentials', 'true');
+        res.setHeader('Access-Control-Allow-Private-Network', 'true');
+        res.setHeader('Content-Type', 'application/json');
+        res.end(JSON.stringify({ code: verificationCode }));
+        verificationCode = null; // verification code is only returned once
+    } else if (cleanPath === `/appVerified` && req.method === 'GET') {
+        nodeConnector.triggerPeer(EVENT_CONNECTED, "ok");
+        origin && res.setHeader('Access-Control-Allow-Origin', origin);
+        res.setHeader('Access-Control-Allow-Credentials', 'true');
+        res.setHeader('Access-Control-Allow-Private-Network', 'true');
+        res.setHeader('Content-Type', 'application/json');
+        res.end("ok");
+    } else {
+        res.writeHead(404, { 'Content-Type': 'text/plain' });
+        res.end('Not Found');
+    }
+}
+
 // Create an HTTP server
 const server = http.createServer((req, res) => {
     if (req.url.startsWith(PHOENIX_STATIC_SERVER_URL)) {
@@ -249,7 +312,9 @@ const server = http.createServer((req, res) => {
             }
         });
 
-    } else {
+    } else if (req.url.startsWith(PHOENIX_AUTO_AUTH_URL)) {
+        return autoAuth(req, res);
+    }else {
         res.writeHead(404, { 'Content-Type': 'text/plain' });
         res.end('Not Found');
     }
@@ -269,5 +334,6 @@ server.listen(0, localhostOnly, () => {
     savedConsoleLog(`Phoenix node tauri FS url is ws://localhost:${port}${PHOENIX_FS_URL}`);
     savedConsoleLog(`Phoenix node connector url is ws://localhost:${port}${PHOENIX_NODE_URL}`);
     savedConsoleLog(`Phoenix live preview comm url is ws://localhost:${port}${PHOENIX_LIVE_PREVIEW_COMM_URL}`);
+    savedConsoleLog(`Phoenix AutoAuth url is ws://localhost:${port}${PHOENIX_AUTO_AUTH_URL}`);
     serverPortResolve(port);
 });

src/node-loader.js

@@ -18,9 +18,13 @@
  *
  */
 
-/*global Phoenix, fs, logger*/
+/*global fs, logger*/
 
 function nodeLoader() {
+    const KernalModeTrust = window.KernalModeTrust;
+    if(!KernalModeTrust){
+        throw new Error("KernalModeTrust is not defined. Cannot boot nodeLoader without trust ring");
+    }
     const nodeLoadstartTime = Date.now();
     const phcodeExecHandlerMap = {};
     const nodeConnectorIDMap = {};
@@ -721,6 +725,7 @@ function nodeLoader() {
                         fs.setNodeWSEndpoint(message.phoenixFSURL);
                         fs.forceUseNodeWSEndpoint(true);
                         setNodeWSEndpoint(message.phoenixNodeURL);
+                        KernalModeTrust.localAutoAuthURL = message.autoAuthURL;
                         window.isNodeReady = true;
                         resolve(message);
                         // node is designed such that it is not required at boot time to lower startup time.

src/services/login.js

@@ -26,6 +26,7 @@ define(function (require, exports, module) {
         NativeApp = require("utils/NativeApp"),
         ProfileMenu  = require("./profile-menu"),
         Mustache = require("thirdparty/mustache/mustache"),
+        NodeConnector = require("NodeConnector"),
         otpDialogTemplate = require("text!./html/otp-dialog.html");
 
     const KernalModeTrust = window.KernalModeTrust;
@@ -52,6 +53,13 @@ define(function (require, exports, module) {
         exports.trigger(_EVT_PAGE_FOCUSED);
     });
 
+    const AUTH_CONNECTOR_ID = "ph_auth";
+    const EVENT_CONNECTED = "connected";
+    let authNodeConnector;
+    if(Phoenix.isNativeApp) {
+        authNodeConnector = NodeConnector.createNodeConnector(AUTH_CONNECTOR_ID, exports);
+    }
+
 
     function isLoggedIn() {
         return isLoggedInUser;
@@ -148,9 +156,17 @@ define(function (require, exports, module) {
         // maybe some intermittent network error, ERR_RETRY_LATER is here. do nothing
     }
 
+    function _getAutoAuthPortURL() {
+        const localAutoAuthURL = KernalModeTrust.localAutoAuthURL; // Eg: http://localhost:33577/AutoAuthDI0zAUJo
+        if(!localAutoAuthURL) {
+            return "9797/urlDoesntExist";
+        }
+        return localAutoAuthURL.replace("http://localhost:", "");
+    }
+
     // never rejects.
     async function _getAppAuthSession() {
-        const authPortURL = "9797/abc"; // todo autho auth later
+        const authPortURL = _getAutoAuthPortURL();
         const appName = encodeURIComponent(`${Strings.APP_NAME} Desktop on ${Phoenix.platform}`);
         const resolveURL = `${Phoenix.config.account_url}getAppAuthSession?autoAuthPort=${authPortURL}&appName=${appName}`;
         // {"isSuccess":true,"appSessionID":"a uuid...","validationCode":"SWXP07"}
@@ -171,6 +187,20 @@ define(function (require, exports, module) {
         }
     }
 
+    async function setAutoVerificationCode(validationCode) {
+        const TIMEOUT_MS = 1000;
+        try {
+            await Promise.race([
+                authNodeConnector.execPeer("setVerificationCode", validationCode),
+                new Promise((_, reject) => setTimeout(() => reject(new Error('timeout')), TIMEOUT_MS))
+            ]);
+        } catch (e) {
+            console.error("failed to send auth login verification code to node", e);
+            // we ignore this and continue for manual verification
+            // todo raise metrics
+        }
+    }
+
     async function signInToAccount() {
         if (!navigator.onLine) {
             Dialogs.showModalDialog(
@@ -190,6 +220,7 @@ define(function (require, exports, module) {
             return;
         }
         const {appSessionID, validationCode} = appAuthSession;
+        await setAutoVerificationCode(validationCode);
         const appSignInURL = `${Phoenix.config.account_url}authorizeApp?appSessionID=${appSessionID}`;
 
         // Show dialog with validation code
@@ -260,10 +291,15 @@ define(function (require, exports, module) {
             }
         }
         exports.on(_EVT_PAGE_FOCUSED, checkLoginStatus);
+        async function _AutoSignedIn() {
+            await checkLoginStatus();
+        }
+        authNodeConnector.one(EVENT_CONNECTED, _AutoSignedIn);
 
         // Clean up when dialog is closed
         dialog.done(function() {
             exports.off(_EVT_PAGE_FOCUSED, checkLoginStatus);
+            authNodeConnector.off(EVENT_CONNECTED, _AutoSignedIn);
             clearTimeout(closeTimeout);
         });
         NativeApp.openURLInDefaultBrowser(appSignInURL);

src/styles/UserProfile.less

@@ -9,7 +9,6 @@
     overflow: hidden;
     position: absolute;
     z-index: @z-index-brackets-context-menu-base;
-    animation: user-profile-dropdown-animation 90ms cubic-bezier(0, .97, .2, .99);
     transform-origin: 0 0;
 
     .popup-header {
@@ -112,6 +111,9 @@
         text-align: left;
         padding: 8px 12px;
         margin: 3px 0;
+        display: flex;
+        justify-content: center;
+        align-items: center;
 
         i {
             margin-right: 8px;
@@ -279,8 +281,3 @@
         }
     }
 }
-
-@keyframes user-profile-dropdown-animation {
-    0%   { opacity: 0.5; transform: translate3d(0, 0, 0) scale(0.5); }
-    100% { opacity: 1; transform: translate3d(0, 0, 0) scale(1); }
-}