firefox support

Question

firefox support

janat08 opened this issue 5 years ago · comments

zhan ishzhanov commented 5 years ago

firefox adopted chrome's extension format

Jan Piotrowski · Answer 1 · Wed Sep 04 2019 01:41:45 GMT+0800 (China Standard Time)

Just cloned the codebase and now testing on Firefox:

Warning after install:
Options are automatically opened after install
"Use OAuth" button does not work :(
"Create an auth token" button works
Token is not persisted after pasting into text field :(
- Think I found the reason:
- Should be fixable quite easy:
  - Add this to manifest.json:
```
   ,
   "applications": {
     "gecko": {
       "id": "contributors-on-github@hzoo.github.com"
     }
   }
```
With the fix in place the token is successfully persisted in the options 🚀
"Use OAuth" now also opens a popup, but the URL https://cjbacdldhllelehomkmlniifaojgaeph.chromiumapp.org/provider_cb?error=redirect_uri_mismatch&error_description=The+redirect_uri+MUST+match+the+registered+callback+URL+for+this+application.&error_uri=https%3A%2F%2Fdeveloper.github.com%2Fapps%2Fmanaging-oauth-apps%2Ftroubleshooting-authorization-request-errors%2F%23redirect-uri-mismatch does not seem to work
It is definitely showing something for PRs now (no idea if this was there before I entered the token, didn't check), unfortunately no information:
- I am not sure where the requests would/should be made to fill this, and what they would look like

Jan Piotrowski · Answer 2 · Wed Sep 04 2019 01:51:32 GMT+0800 (China Standard Time)

I am not sure where the requests would/should be made to fill this, and what they would look like

Checked in Chrome for fastlane/fastlane#15255:

https://api.github.com/search/issues?q=+author:mollyIV+repo:fastlane/fastlane+type:pr&access_token=...&order=asc&per_page=1&sort=created
https://api.github.com/search/issues?q=+author:mollyIV+repo:fastlane/fastlane+type:issue&access_token=...&order=asc&per_page=1&sort=created

You can also trigger a re-request by clicking the reload button - nothing is happening in Firefox if you do this.

Jan Piotrowski · Answer 3 · Wed Sep 04 2019 02:19:09 GMT+0800 (China Standard Time)

After some glorious console.log debugging of content.js I know that update throws this:

TypeError: "NetworkError when attempting to fetch resource."

The generated searchURLs are totally fine though and would return the correct data.

Turns out you have to request access to the URLs you want to fetch from: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/permissions#Host_permissions Makes sense.

Adding this to the manifest.json makes it work:

  "permissions": [
    "https://github.com/*/*",
+   "https://api.github.com/*",
    "storage",
    "identity"
  ],

Tadaaa!

Jan Piotrowski · Answer 4 · Wed Sep 04 2019 03:31:01 GMT+0800 (China Standard Time)

On to:

"Use OAuth" now also opens a popup, but the URL https://cjbacdldhllelehomkmlniifaojgaeph.chromiumapp.org/provider_cb?error=redirect_uri_mismatch&error_description=The+redirect_uri+MUST+match+the+registered+callback+URL+for+this+application.&error_uri=https%3A%2F%2Fdeveloper.github.com%2Fapps%2Fmanaging-oauth-apps%2Ftroubleshooting-authorization-request-errors%2F%23redirect-uri-mismatch does not seem to work

The url generated for getTokenFromOauth looks valid enough: https://github.com/login/oauth/authorize?client_id=1a3ac4d44a9e65a75a77&client_secret=ab3c3a116e35d9fe11d409cb8c1205e9ae5a7e91&redirect_uri=https%3A%2F%2Fa5214dd0dba2954f758dc5038d74737e71ba6e6a.extensions.allizom.org%2Fprovider_cb&scope=public_repo

Some documentation on this strange allizom.org URL and how to get it: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/identity#Getting_the_redirect_URL

Looking at the error URL from before, we have this:

error = redirect_uri_mismatch
error_description = The redirect_uri MUST match the registered callback URL for this application.
https://developer.github.com/apps/managing-oauth-apps/troubleshooting-authorization-request-errors/#redirect-uri-mismatch

That explanation links contains:

To correct this error, either provide a redirect_uri that matches what you registered [...]

So I guess there is a GitHub app (client_id = "1a3ac4d44a9e65a75a77" from auth.js) involved that has registered a redirect_uri that is allowed:

From looking at what Chrome does, it seems this is https://cjbacdldhllelehomkmlniifaojgaeph.chromiumapp.org/provider_cb there.

Manually overriding the URL in auth.js with the one from Chrome leads to a successful OAuth popup:

- const redirectUri = chrome.identity.getRedirectURL("provider_cb");
+ const redirectUri = "https://cjbacdldhllelehomkmlniifaojgaeph.chromiumapp.org/provider_cb";

Yay!

But of course this is a terrible hack, as I assume this cjbacdldhllelehomkmlniifaojgaeph thing could change any time.

So I guess @hzoo could/should add "https://a5214dd0dba2954f758dc5038d74737e71ba6e6a.extensions.allizom.org/provider_cb" to the GitHub app as accepted redirect_uri as well and the OAuth popup should work as well 🚀