firefox support
janat08 opened this issue · comments
firefox adopted chrome's extension format
Just cloned the codebase and now testing on Firefox:
- Warning after install:
- Options are automatically opened after install
- "Use OAuth" button does not work :(
- "Create an auth token" button works
- Token is not persisted after pasting into text field :(
- With the fix in place the token is successfully persisted in the options 🚀
- "Use OAuth" now also opens a popup, but the URL
https://cjbacdldhllelehomkmlniifaojgaeph.chromiumapp.org/provider_cb?error=redirect_uri_mismatch&error_description=The+redirect_uri+MUST+match+the+registered+callback+URL+for+this+application.&error_uri=https%3A%2F%2Fdeveloper.github.com%2Fapps%2Fmanaging-oauth-apps%2Ftroubleshooting-authorization-request-errors%2F%23redirect-uri-mismatch
does not seem to work - It is definitely showing something for PRs now (no idea if this was there before I entered the token, didn't check), unfortunately no information:
- I am not sure where the requests would/should be made to fill this, and what they would look like
- I am not sure where the requests would/should be made to fill this, and what they would look like
Checked in Chrome for fastlane/fastlane#15255:
https://api.github.com/search/issues?q=+author:mollyIV+repo:fastlane/fastlane+type:pr&access_token=...&order=asc&per_page=1&sort=created
https://api.github.com/search/issues?q=+author:mollyIV+repo:fastlane/fastlane+type:issue&access_token=...&order=asc&per_page=1&sort=created
You can also trigger a re-request by clicking the reload button - nothing is happening in Firefox if you do this.
After some glorious console.log
debugging of content.js
I know that update
throws this:
TypeError: "NetworkError when attempting to fetch resource."
The generated searchURL
s are totally fine though and would return the correct data.
Turns out you have to request access to the URLs you want to fetch
from: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/permissions#Host_permissions Makes sense.
Adding this to the manifest.json
makes it work:
"permissions": [
"https://github.com/*/*",
+ "https://api.github.com/*",
"storage",
"identity"
],
Tadaaa!
On to:
- "Use OAuth" now also opens a popup, but the URL
https://cjbacdldhllelehomkmlniifaojgaeph.chromiumapp.org/provider_cb?error=redirect_uri_mismatch&error_description=The+redirect_uri+MUST+match+the+registered+callback+URL+for+this+application.&error_uri=https%3A%2F%2Fdeveloper.github.com%2Fapps%2Fmanaging-oauth-apps%2Ftroubleshooting-authorization-request-errors%2F%23redirect-uri-mismatch
does not seem to work
The url generated for getTokenFromOauth
looks valid enough: https://github.com/login/oauth/authorize?client_id=1a3ac4d44a9e65a75a77&client_secret=ab3c3a116e35d9fe11d409cb8c1205e9ae5a7e91&redirect_uri=https%3A%2F%2Fa5214dd0dba2954f758dc5038d74737e71ba6e6a.extensions.allizom.org%2Fprovider_cb&scope=public_repo
Some documentation on this strange allizom.org
URL and how to get it: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/identity#Getting_the_redirect_URL
Looking at the error URL from before, we have this:
- error = redirect_uri_mismatch
- error_description = The redirect_uri MUST match the registered callback URL for this application.
- https://developer.github.com/apps/managing-oauth-apps/troubleshooting-authorization-request-errors/#redirect-uri-mismatch
That explanation links contains:
To correct this error, either provide a redirect_uri that matches what you registered [...]
So I guess there is a GitHub app (client_id = "1a3ac4d44a9e65a75a77"
from auth.js
) involved that has registered a redirect_uri
that is allowed:
From looking at what Chrome does, it seems this is https://cjbacdldhllelehomkmlniifaojgaeph.chromiumapp.org/provider_cb
there.
Manually overriding the URL in auth.js
with the one from Chrome leads to a successful OAuth popup:
- const redirectUri = chrome.identity.getRedirectURL("provider_cb");
+ const redirectUri = "https://cjbacdldhllelehomkmlniifaojgaeph.chromiumapp.org/provider_cb";
Yay!
But of course this is a terrible hack, as I assume this cjbacdldhllelehomkmlniifaojgaeph
thing could change any time.
So I guess @hzoo could/should add "https://a5214dd0dba2954f758dc5038d74737e71ba6e6a.extensions.allizom.org/provider_cb" to the GitHub app as accepted redirect_uri
as well and the OAuth popup should work as well 🚀