Gitlab OAuth

As outlined by @matt here, I tend to implement OAuth authentication against generic Gitlab instances to support the Debian Social team’s use case

I am running into issues with make install, as it fails to compile effects.less. Anyone have any ideas?

lessc app.less --clean-css="--s1 --advanced" ../static/css/write.css
ParseError: Unrecognised input in /home/kyle/projects/go/writefreely/less/effects.less on line 34, column 1:
33 @-ms-keyframes fadeIn { 0% { opacity: 0; position: static; } 100% { opacity: 1; }}
34 @-keyframes fadeIn { 0% { opacity: 0; position: static; } 100% { opacity: 1; }}
35 

make: *** [Makefile:5: all] Error 1

Removing the two @-keyframes lines worked, but then ran into:

lessc app.less --clean-css="--s1 --advanced" ../static/css/write.css
Error: Cannot find module 'clean-css'
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:636:15)
    at Function.Module._load (internal/modules/cjs/loader.js:562:25)
    at Module.require (internal/modules/cjs/loader.js:692:17)
    at require (internal/modules/cjs/helpers.js:25:18)
    at tree.Ruleset.toCSS (/usr/lib/nodejs/less/lib/less/parser.js:608:40)
    at /usr/lib/nodejs/less/bin/lessc:357:32
    at tree.importVisitor.finish [as _finish] (/usr/lib/nodejs/less/lib/less/parser.js:669:28)
    at tree.importVisitor.subFinish [as _finish] (/usr/lib/nodejs/less/lib/less/import-visitor.js:63:47)
    at tree.importVisitor.run (/usr/lib/nodejs/less/lib/less/import-visitor.js:25:22)
    at /usr/lib/nodejs/less/lib/less/import-visitor.js:72:38
make[2]: *** [Makefile:5: all] Error 2

Fixed by installing the cleancss package. Filed a bug with the Debian node-less package to fix the dependency

1 Like

I can successfully run writefreely after building, but none of the static assets load. I am building and running within the git repo. I can’t see any errors or anything, it just doesn’t style the page at all.

I have started implementing the GItlab OAuth changes and opened a WIP PR. However, trying to click on the ‘Login with GitLab’ link results in a 404 error, which I am stuck trying to trace down…

What do you get when you load http://your.instance/css/write.css?

I’ve checked out your pull request and am looking into the 404 issue. For one thing, looks like there’s still some old Slack and Write.as auth code inside configureGitlabOauth() – see lines 179 and 182. But I’m still seeing a 404 after that, so digging some more…

Ah, it’s the capital G in the string returned by GetProvider() inside oauth_gitlab.go. The result of that method is used for the route – so currently /oauth/Gitlab would work, but not /oauth/gitlab.

As the entire page source:

[object Object]

Fixed. I also noticed the issue with line 179 is also present in the WriteAs configure, so fixed that too

Ah, makes sense. Fixed and will continue testing

It seems, while a configuration option, SQLite isn’t actually supported by writefreely, thanks to the following error:

state, err := h.DB.GenerateOAuthState(ctx, h.oauthClient.GetProvider(), h.oauthClient.GetClientID())

unable to record oauth client state: no such function: NOW

SQLite seems to expect date('now') instead

I’ll fix that and push the changes up. Just a minute

Oof, GitHub is a pain. Here’s the diff for you to apply to fix that:

diff --git a/database.go b/database.go
index cea7a97..6beea1a 100644
--- a/database.go
+++ b/database.go
@@ -2512,7 +2512,7 @@ func (db *datastore) GetCollectionLastPostTime(id int64) (*time.Time, error) {
 
 func (db *datastore) GenerateOAuthState(ctx context.Context, provider, clientID string) (string, error) {
        state := store.Generate62RandomString(24)
-       _, err := db.ExecContext(ctx, "INSERT INTO oauth_client_states (state, provider, client_id, used, created_at) VALUES (?, ?, ?, FALSE, NOW())", state, provider, clientID)
+       _, err := db.ExecContext(ctx, "INSERT INTO oauth_client_states (state, provider, client_id, used, created_at) VALUES (?, ?, ?, FALSE, "+db.now()+")", state, provider, clientID)
        if err != nil {
                return "", fmt.Errorf("unable to record oauth client state: %w", err)
        }

I’ll hand this over to @ngerakines now – he can give you feedback and help you work through the rest. Feel free to continue the conversation here and on that PR.

@paddatrapper, I put some comments in the PR. There were a few things that I didn’t see, but wasn’t sure if you’ve gotten to them or not yet.

@ngerakines thanks. I have made the changes and can now successfully authenticate against GitLab OAuth

1 Like