Support native authentication

[kiprasmel]

Fixes #1098

[kiprasmel]

EDIT: IT WORKS!!!

[jdalrymple]

Once this is rebased and the TODO's you have above are taken care of, we can merge it!

[kiprasmel]

Hey @jdalrymple - I see you've pushed some commits, right? I tried rebasing, but there were conflicts in files I myself didn't change (not that I remember) (i.e. GotRequester), so I don't know how to rebase -- would you mind doing that yourself? I rebased, should be fine, though we need to make sure it still works). my god dependabot's a nightmare -- I had to fix conflicts for each commit in the lockfile lmao

As for fix TODOS - need your input;

As for lint & fix - need your help on this one if it's not already fixed

As for add this to documentation - where would I/you add this to? The README? Or somewhere else? thanks

[jdalrymple]

Hey @jdalrymple - I see you've pushed some commits, right? I tried rebasing, but there were conflicts in files I myself didn't change (not that I remember) (i.e. GotRequester), so I don't know how to rebase -- would you mind doing that yourself? I rebased, should be fine, though we need to make sure it still works). my god dependabot's a nightmare -- I had to fix conflicts for each commit in the lockfile lmao

As for fix TODOS - need your input;

As for lint & fix - need your help on this one if it's not already fixed

As for add this to documentation - where would I/you add this to? The README? Or somewhere else? thanks

haha, yea sorry. Ill go through it all this weekend, should get this one merged easily. Your recent change for the body should* work. Ill have to run a few tests to make sure though

[kiprasmel]

Sure fam, and no problem - we're all bussy:D thanks for your time!

[jdalrymple]

Last thing that needs to get done:

1. Update the README configuration options section (where it defines all the options one can pass to a Service like token etc) Add the new options.
2. It would be nice* if you could write a test or two to cover the bare minimum support of this feature. Just to make sure it stays working

[kiprasmel]

Nevermind - this addition is bad and results in the following error (I was able to isolate it and can confirm that it's caused precisely by this; reverting to the previous version fixes the error).

TypeError: Failed to construct 'Request': Request with GET/HEAD method cannot have body.
    at new Ky (content.js:489)
    at ky (content.js:724)
    at content.js:1611
    at Generator.next (<anonymous>)
    at content.js:1558
    at new Promise (<anonymous>)
    at ./gitbeaker/packages/gitbeaker-browser/src/KyRequester.ts.__awaiter (content.js:1554)
    at handler (content.js:1603)
    at Object.requester.<computed> [as get] (content.js:5376)
    at content.js:2093

[jdalrymple]

Then well have to think of another way around this since sending FormData would break this feature.

[kiprasmel]

Last thing that needs to get done:

1. Update the README configuration options section (where it defines all the options one can pass to a Service like token etc) Add the new options.

could you elaborate a little? I'm a little lost, esp. since it's been a little while:D

2. It would be nice* if you could write a test or two to cover the bare minimum support of this feature. Just to make sure it stays working

I have no idea as to how I could reliably test this feature since it depends on an external source (gitlab) -- I could cover the functionality itself with some unit tests (to verify that given nativeAuth it passes in the params, cookies, headers correctly etc.), but apart from that - I don't think it's possible.

[jdalrymple]

Last thing that needs to get done:

1. Update the README configuration options section (where it defines all the options one can pass to a Service like token etc) Add the new options.

could you elaborate a little? I'm a little lost, esp. since it's been a little while:D

2. It would be nice* if you could write a test or two to cover the bare minimum support of this feature. Just to make sure it stays working

I have no idea as to how I could reliably test this feature since it depends on an external source (gitlab) -- I could cover the functionality itself with some unit tests (to verify that given nativeAuth it passes in the params, cookies, headers correctly etc.), but apart from that - I don't think it's possible.

In the README.md file, there is a section that goes over the different configuration options when instantiating a Service. Its a table. It currently includes things like the different tokens you can use etc. You would just need to add the two new options to that table.

As for the tests, unit tests are fine. The integration tests do run against a live gitlab server, so if you want to test the full system, you could try tackling that through an integration test.

[kiprasmel]

Heyo @jdalrymple, been a bit.

I've updated the README - added nativeAuth to initialization options & explained it further. Feel free to edit or ask for changes.

Everything else should be fine. I wasn't able to yarn build though - some errors came up:

ERROR in /home/kipras/projects/refined-gitlab/gitbeaker/packages/gitbeaker-requester-utils/src/BaseService.ts
./gitbeaker/packages/gitbeaker-requester-utils/src/BaseService.ts
[tsl] ERROR in /home/kipras/projects/refined-gitlab/gitbeaker/packages/gitbeaker-requester-utils/src/BaseService.ts(114,34)
      TS2345: Argument of type 'this' is not assignable to parameter of type 'DefaultServiceOptions'.
  Type 'BaseService' is not assignable to type 'DefaultServiceOptions'.
    Types of property 'additionalBody' are incompatible.
      Type 'FormData | Record<string, unknown> | undefined' is not assignable to type 'Record<string, unknown> | FormData | undefined'.
        Type 'FormData' is not assignable to type 'Record<string, unknown> | FormData | undefined'.
          Type 'FormData' is not assignable to type 'Record<string, unknown>'.
            Index signature is missing in type 'FormData'.

not sure how to fix this. I think that the first time I added in FormData as the type for additionalBody, I just tried to match it with the normal body, but am not sure if we need it here in any way or not.

Slapping in a // @ts-ignore surely helped, everything compiled, I tested my extension and it still worked!, but I doubt that that's the right thing to do in the long term:D

---

As for the tests, I'd like to write an integration test, but I have no clue as to how I'd implement this workflow (the steps 1-2 and 5 especially, others seem fine)

1. create new account
2. login with account
3. visit any page (could be /)
4. take the CSRF token (as freshly explained in README) (simple enough)
5. take the session cookie that's httpOnly (not even sure if possible - a browser extension can do this with the cookies permission in manifest.json (see the updated README), but a regular user cannot do it, even with javascript)
6. initialize gitbeaker's api
7. make some request to verify successful authentication
8. verify it worked:D

---

I've also rebased this on master -- it's up to date atm.

I'd like to ship this to finally get rid of maintaining my separate mini-fork 👀 What do you think?

[jdalrymple]

Amazing! Nice update. Ill give the ts error a look over and see if i can make heads of it.

For the test, hmm. Well 1. Is accomplished already in the current integration tests. The password is 'password' and username is 'root'

For 2. You could use playwright to login with this info after ? the gitlab instance information (like its url) is also located in the GITLAB_URL env var (http://docker:8080) as seen in the gitlab-ci.yml file.

For 5. You could probably also accomplish this with playwright. Not sure though!

[toniopelo]

@kiprasmel @jdalrymple How is it going with this one ?
I would love this to land on master soon, if I can do anything to push it forward let me know!

[kiprasmel]

hey @toniopelo, sorry I am currently very busy with the mess that's happening with javascript's pipeline operators [1] and won't have time to work on it anytime soon.

to give some guidepoints, for me, I have a custom fork of gitbeaker, and use it inside my browser extension [2] which uses nativeAuth and last time I checked it worked, but it's been a while.

[1] pipeline operators mess: tc39/proposal-pipeline-operator#91 (comment) (& further discussion)
[2] gitbeaker fork + browser extension which uses nativeAuth: https://github.com/kiprasmel/refined-gitlab

[toniopelo]

Hi @kiprasmel, thanks for the quick response!
I've recreated a new PR for this to have the write permission on the branch and I'll try to have it merged.
Hope it's fine by you, I had you credited on the PR description and you're still author on your commits.

Good luck with the proposal and have a nice one!

[kiprasmel]

Hi, this is great, thank you! gl and thanks, you too:)

[jdalrymple]

Closed in favour of #2077