-
Notifications
You must be signed in to change notification settings - Fork 6.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(invite) add email autocomplete in invite #14610
Conversation
…ken (e. g. email invite type), invite icons updated
6c56b78
to
55e5b0a
Compare
55e5b0a
to
5ed6d73
Compare
Hi, thanks for your contribution! |
Hello, Here is the CLA signed by my CEO. 8x8_Corporate_CLA_rev.20181129.docx.pdf Best regards, |
This PR has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
PIng @damencho |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are also a lot of lint errors.
react/features/invite/functions.ts
Outdated
): Promise<any> { | ||
|
||
if (!inviteItems || inviteItems.length === 0) { | ||
return Promise.resolve(); | ||
} | ||
|
||
// Parse all the query strings of the search directory endpoint | ||
const params = new URLSearchParams(); | ||
params.append('jwt', jwt); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This adds jwt to the URL params. This reverts behavior that was dropped in 9af0003.
react/features/invite/functions.ts
Outdated
// Authentication params for external entities (e. g. email) | ||
if (peopleSearchTokenLocation && peopleSearchTokenKey) { | ||
const peopleSearchToken = localStorage.getItem(peopleSearchTokenLocation) ?? ""; | ||
params.append(peopleSearchTokenKey, peopleSearchToken); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do you need a second token parameter. Can't you use Authorization': `Bearer headers that are added.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you give more details on this one?
So the token is stored in localstorage? Who is storing it there?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That is a good question. The whole idea is to be able to authenticate against directories on instances where JWT is not enabled. In our case we added a little fetch request to our auth service at the bottom of index.html which retrieves the token if there is an active session.
What we added to index.html is very straightforward and looks like this:
document.addEventListener("DOMContentLoaded", () => {
fetch("{{SERVER}}/api/login/token", { credentials: "include" })
.then((response) => response.json())
.then((data) => localStorage.setItem("service_token", data.token));
});
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you see a problem with using 'Authorization': Bearer ${jwt}
with the token you store in service_token?
The idea is to get rid of the URL params with authorization data, as normally the URLs are logged in different places in the backend and is hard to sanitize, so its a better practice to use the headers.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't see any problem doing this, as long as it works. Moreover it's cleaner. I'll let you know when the change will be done ;-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use local storage like this:
Line 364 in b4a5e63
room.join(jitsiLocalStorage.getItem('xmpp_conference_password_override'), replaceParticipant); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All good and retested!
react/features/invite/functions.ts
Outdated
params.append('query', query); | ||
params.append('queryTypes', queryTypesString); | ||
params.append('jwt', jwt); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should not add jwt as URL param since: 9af0003
react/features/invite/functions.ts
Outdated
|
||
if (peopleSearchTokenLocation && peopleSearchTokenKey) { | ||
const peopleSearchToken = localStorage.getItem(peopleSearchTokenLocation) ?? ""; | ||
params.append(peopleSearchTokenKey, peopleSearchToken); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same here why don't you use Authorization': `Bearer?
Thank you for the quick review @damencho. So first I will check all the linter errors today and make sure As for the JWT in the headers, it was not there three months ago when I first did the PR. I just noticed the change today when remerging master to the branch, so I will update things consequently ;-) I'll put a comment when everything will be settled. |
Yep, the changes were added a month later after the PR, sorry it fell trough the cracks. |
Hmm there is yet a little regression to fix I will let you know when everything is OK. |
Everything has been retested again should be fine now. Thanks! |
Up |
react/features/invite/functions.ts
Outdated
const headers = { | ||
...jwt ? { 'Authorization': `Bearer ${jwt}` } : {}, | ||
'Content-Type': 'application/json' | ||
}; | ||
|
||
return fetch( | ||
`${inviteServiceUrl}`, | ||
`${inviteServiceUrl}?${params.toString()}`, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the default case there will be an empty ?
at the end.
Other than the questions I have and the small lint error LGTM. |
@raphaelbadawi |
I did it. Let's see now 🤞 |
jenkins test this please. |
Thank you, I didn't react quickly enough.
Do I have to do something for this part? |
Nope, these is triggering the integration tests when the PR creator is not one of the devs. |
Thank you for your contribution and patience :) |
Thank you for your great insights ;-) |
This is the follow up to this discussion in which the specs were discussed.
This adds an autocomplete for mere emails. Since emails are not Jitsi entity types, this also adds an alternative authentication mechanism for directories holding external entities (this authentication mechanism was also discussed in the issue above).
The documentation for this has been written too, here is the PR for this part => jitsi/handbook#503
Thanks!