hello icon indicating copy to clipboard operation
hello copied to clipboard

Published 20 hours ago verified publisher icon hello-rust

Discourse API Keys

Open sajattack opened this issue 7 years ago • 18 comments

Hey, just wanted to let you know discourse actually does support API keys for non-admins, it's just really poorly documented. There's some documentation here and here and some code here.

sajattack avatar Jul 29 '18 07:07 sajattack

Oh wow, that's great news. 😄 The second link mentions that write tokens need to be unlocked by the admins. Can you confirm that? Would mostly be interested in announcing new episodes of "Hello Rust" on the Rust forum. Have you tried that, perhaps? (Was just thinking because your code is also written in Rust)

mre avatar Jul 29 '18 08:07 mre

Yeah I think I successfully posted to the "What are you working on this week" thread with it if I recall correctly.

sajattack avatar Jul 29 '18 20:07 sajattack

uh! that's cool. Will give it a shot if I find some time. 👍

mre avatar Jul 30 '18 08:07 mre

Yeah I just made another test post with it and it worked.

sajattack avatar Jul 30 '18 21:07 sajattack

Hum... started hacking on the Discourse support, but it doesn't work yet. As a first step, I was trying to retrieve the API URL using your code snippet, but I get a 500: Internal Server Error. discourse

The URL that is generated looks like this:

https://users.rust-lang.org/user-api-key/new?scopes=read%2Cwrite&client_id=b5b348a5bbc88ec83887f42e193483b7&nonce=7b53102ea5a3af47&auth_redirect=discourse%3A%2F%2Fauth_redirect&application_name=Discourse+TUI&public_key=-----BEGIN+PUBLIC+KEY-----%0AMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpA4ucx4mhZKihrPIeS7%0Advt9fuOt5VdYhyjGaZ4IZSCgBegu%2B3sNs4OoDil%2BHEvn1xQ9gt6muD3lgofue1fu%0AxTcnniz0zYqy3eNu8JTN%2FqwVPz5zf5qdQHg%2BqeC45LLxT%2FnVTgM8Pzc9sLhLtCgM%0A0mvRscFrAjHeBn3g%2FovTbYXj2%2BHguJDWjsF%2F1UJwNnmuxElVqxPO%2B44DL1kuP8V3%0AoSQ3HlMiC3DDJNDIbu%2F5zfWqB5o9tkhtLdwzJ1vdmgmcMIm7AsnwvYa%2Fj3p9hF57%0Aqf0hPhE5i%2B07XQZVo2gJgkZgxmYUWLofe%2Bt6rGoQf67rL2bhQDHn4GAUpP91ISZR%0ASQIDAQAB%0A-----END+PUBLIC+KEY-----%0A

Can you check if I made an obvious mistake? Code is in this branch: https://github.com/hello-rust/hello/compare/discourse

mre avatar Jul 30 '18 23:07 mre

I think you have to strip the %0A's

sajattack avatar Jul 30 '18 23:07 sajattack

Actually, I just clicked the URL and it loaded up for me. Maybe it was a temporary outage or you need to be logged in in the browser?

sajattack avatar Jul 30 '18 23:07 sajattack

It's strange. The above link works for me now as well and it takes me to the login screen. Recreated a new link and it doesn't work anymore (Error 500):

https://users.rust-lang.org/user-api-key/new?scopes=read,write&client_id=1ce9289742e7983713e558ac2c263ee4&nonce=714d3c3281d0595a&auth_redirect=discourse://auth_redirect&application_name=Discourse+TUI&public_key=-----BEGIN+PUBLIC+KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznh7RrdsmFtTc/0TvdmC7gyl32aP36H932I0Lt1hOo5sMNyVv8Tr1Q0sgCircIoNhBy+D1OabWoWQHc7xWZ29ih+V2gfl3WNyfRasktZPFjMKpqSeq7Q7Tfben7WEq1vmq1EdQ80bv3vN/fHdGcbeI2aPtBhuyjyAw8ok3chVXcrp5zsnseGpaQeBIrrh2A49oU1dUmMB8BTbtQ/eJkKJJoMsI+XkbfJmgU7mmd3048Tu/y+MupzSdo5IJ4RvRpI/q+vTwD8CDJ/yHjwXZ0remxdF0XFw/OD4Cnz1Qx+D/K8hKlaFldHLZY5tIn7a9cfyrdQahd8D9BDHLWixDj8xQIDAQAB-----END+PUBLIC+KEY-----

Maybe this link will also begin to work after a while? Maybe it's a backend job that needs to get triggered or something? No clue. 🤔

mre avatar Jul 31 '18 06:07 mre

16 hours in, second link still dead... 😕

mre avatar Jul 31 '18 22:07 mre

@sajattack, does the second link that I posted work for you? On my machine it doesn't while the first one works now.

mre avatar Aug 01 '18 06:08 mre

No it doesn't. I didn't mean that you should remove all the URL encoding.

sajattack avatar Aug 01 '18 06:08 sajattack

Oh. You're right. Funnily I was just rerunning the tool and then pasting the result here. I could swear that I copied the link over verbatim but yeah, it works now. 😄

mre avatar Aug 01 '18 06:08 mre

Thanks so far. 👍 I guess the next step would be to register the app as a URI handler for discourse://auth_redirect as you did here. Would like to do that cross-platform (Mac/Linux). Would be cool to have a separate crate for that, but I guess that's out of the scope for now. Will do that when I find some time (or you'd like to do it, which would also be awesome, of course).

mre avatar Aug 01 '18 07:08 mre

Whelp, turns out there's https://github.com/maidsafe/system_uri, which we could use. 🎉

mre avatar Aug 01 '18 07:08 mre

Nifty.

sajattack avatar Aug 01 '18 07:08 sajattack

One question: does the authentication redirect really need to point to a discourse:// URL? Was searching for this information but couldn't find it.

I'm asking because the system uri handler is quite tricky to get right - especially across platforms. https://github.com/maidsafe/system_uri helps, but one would still have to wrap hello into an app on Mac for example. If we could use a simple http:// URL as an authentication redirect, things might become a little easier. In this case we could just spawn a little local webserver, open the generated auth link in a normal webbrowser and wait until the user signs in. Then the browser would get redirected to our little webserver which prints the auth token. Semi-automatic, but easier to set up and doesn't modify the system's uri handlers.

What do you think?

@m3t0r and me were experimenting with this, but we didn't get it to work. See #7 for the current status.

mre avatar Aug 03 '18 08:08 mre

The discourse:// URI is allowed by default. Other redirects have to be enabled by server admins.

"there is a site setting that lists where the redirect is allowed to go." https://meta.discourse.org/t/generating-user-api-keys-with-rest-api/61916/19

sajattack avatar Aug 03 '18 08:08 sajattack

Ah okay. That's unfortunate. Then I guess we'll have to go the hard way... Thanks for the info! 🤓

mre avatar Aug 03 '18 09:08 mre