Idea for GitHub OAuth Access

We do have push to github based on user access token
That is clunky user UX
I want full API access with user OAuth

Asked ChatGPT to brainstorm and see for a good solution and it proposed a pretty good one

Idea is as follows, add support to server side to do OAuth login/callback flow and get user token.

From options of where to store token, to keep it agnostic, use JWT to store it in cookies

So when user comes back github token is extracted from his cookie.
JWT tokens are encrypted so its safe.

It would allow things to work without databases.

Sharing here for discussion, if someone want’s to give it a try and has experience in such flows, create a PR in repo so other see that it was picked up.
Link here.

Its to avoid duplicate work.

When we have such access we can do a lot, example of what you can do is in my video of connecting ChatGPT to GitHub in similar way

I have two way live sync with local folder and experiments with connecting to LM Studio from hosted version on my “roadmap” before I get to integrations GitHub work.

2 Likes

GitHub, but 2-way, and image support are on the top of my list. I am trying to get an opening in my schedule to work on one or another, just not sure yet. But thanks for starting this post. If someone doesn’t beat me to it again, I will let you know when I open a PR. Just don’t want to commit until I remove some uncertainty in my schedule :slight_smile: I will think about just improving just the auth first.

3 Likes

Happy to help as time allows… I was responsible for generic oauth support for source control on the Unity Cloud Build service, and there are some novel ways to use passportjs and other tools to generalize third-party auth. Let’s do it :slight_smile:

Edit: For those consuming ottodev, maybe this is also just initial support for providing keys for services like Auth0 or self-hostable Authy. Spitballing for now!

I would be very frugal for now with 3rd party dependencies.

Just storing this in JWT should be perfect for current nature of the project.
But i am also for making that modular so we can select petsistance and auth regimes and providers.

1 Like

+1 for JWT! That’s definitely the correct approach

but storing in cookies would that be safe? can we encode the token in server side using a key and then make a jwt instead of storing raw token?

1 Like

That is what JWT is and I do propose to use JWT

but I guess the content of jwt can be decoded without a key. only thing is its pamper proof

As far as I know its encrypted with server side key that should be a secret.
So it can’t be decoded unless you know that key.

For local ottodev usage it is that way, but it does not matter.
Its more for hosted setups.

this is my understanding also

What i have in mind is to first encrypt the oauth token separately, then use that as payload for jwt

I had a few hours tonight, so I added this PR: GitHub Authentication Integration using Device Flow
GitHub authentication to the application using GitHub’s Device Flow O… by emcconnell · Pull Request #408 · coleam00/bolt.new-any-llm

If we like this approach, please review when you have a chance. If not, np :wink: I tested the happy paths, so it could use more testing.

There is a video in the comments. And, this is just auth, nothing else.

1 Like

Looks smooth. but I am thinking of experimenting with actual git protocol to clone repo. so that it can not only be used for github but any git repo.
just like git cli

2 Likes

Would be cool but how would you do that in browser? You would need some kind of auth and API no?

1 Like

I am checking this isomorphic-git package to see if we can utilize the webcontainer;s fs filesystem directly with this package

1 Like

its like using the git cli in terminal. platform agnostic. for public git down not need any auth, for private we can use basic auth to clone the repo. but still will will need the OAuth / personal token for situations like 2FA.

but with this we can list branches, tags make commits etc.

1 Like

With github API we can do it too.
I also wonder if isomorphic will work inside of web container
You can check

yes we can directly do github api. I was just thinking of we can make it work with github as well as platforms like gitlab or private git servers for self hosted git servers.
i am not sure if we can do that with github api
I tried isomorphic inside web container bit did not work. will try one more time. so trying to see if we can do it with frontend react hook

What do you think of this solution??

3 Likes

Haha, importing bolt new in to bolt new :smiley: Inception here we go :smiley:
Does it run? Probably not :smiley:
Will need to review what you did

1 Like