tftsr-devops_investigation

sarman/tftsr-devops_investigation

Fork 0

Commit Graph

Author	SHA1	Message	Date
Shaun Arman	e45e4277ea	feat: complete webview cookie extraction implementation Some checks failed Auto Tag / auto-tag (push) Successful in 6s Details Test / rust-fmt-check (push) Failing after 2m5s Details Release / build-macos-arm64 (push) Successful in 6m35s Details Test / rust-clippy (push) Failing after 18m2s Details Release / build-linux-arm64 (push) Failing after 22m15s Details Test / rust-tests (push) Successful in 12m46s Details Test / frontend-typecheck (push) Successful in 1m36s Details Test / frontend-tests (push) Successful in 1m26s Details Test / wiki-sync (push) Successful in 47s Details Release / build-linux-amd64 (push) Successful in 21m0s Details Release / build-windows-amd64 (push) Successful in 14m42s Details Implement working cookie extraction using Tauri's IPC event system: How it works: 1. Opens embedded browser window for user to login 2. User completes authentication (including SSO) 3. User clicks "Complete Login" button in UI 4. JavaScript injected into webview extracts `document.cookie` 5. Parsed cookies emitted via Tauri event: `tftsr-cookies-extracted` 6. Rust listens for event and receives cookie data 7. Cookies encrypted and stored in database Technical implementation: - Uses `window.__TAURI__.event.emit()` from injected JavaScript - Rust listens via `app_handle.listen()` with Listener trait - 10-second timeout with clear error messages - Handles empty cookies and JavaScript errors gracefully - Cross-platform compatible (no platform-specific APIs) Cookie limitations: - `document.cookie` only exposes non-HttpOnly cookies - HttpOnly session cookies won't be captured via JavaScript - For HttpOnly cookies, services must provide API tokens as fallback Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-04-03 17:31:48 -05:00
Shaun Arman	c885f2cc8f	feat: add multi-mode authentication for integrations (v0.2.10) Some checks failed Test / frontend-tests (push) Waiting to run Details Test / wiki-sync (push) Waiting to run Details Test / rust-tests (push) Waiting to run Details Test / frontend-typecheck (push) Waiting to run Details Auto Tag / auto-tag (push) Successful in 4s Details Test / rust-fmt-check (push) Failing after 2m12s Details Test / rust-clippy (push) Has been cancelled Details Release / build-windows-amd64 (push) Has been cancelled Details Release / build-macos-arm64 (push) Has been cancelled Details Release / build-linux-arm64 (push) Has been cancelled Details Release / build-linux-amd64 (push) Has been cancelled Details Implement three authentication methods for Confluence, ServiceNow, and Azure DevOps: 1. OAuth2 - Traditional OAuth flow for enterprise SSO environments 2. Embedded Browser - Webview-based login that captures session cookies/tokens - Solves VPN constraints: users authenticate off-VPN via web UI - Extracted credentials work on-VPN for API calls - Based on confluence-publisher agent pattern 3. Manual Token - Direct API token/PAT input as fallback Changes: - Add webview_auth.rs module for embedded browser authentication - Implement authenticate_with_webview and extract_cookies_from_webview commands - Implement save_manual_token command with validation - Add AuthMethod enum to support all three modes - Add RadioGroup UI component for mode selection - Complete rewrite of Integrations settings page with mode-specific UI - Add secondary button variant for UI consistency VPN-friendly design: Users can authenticate via webview when off-VPN (web UI accessible), then use extracted cookies for API calls when on-VPN (API requires VPN). Addresses enterprise SSO limitations where OAuth app registration is blocked. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-04-03 17:26:09 -05:00

Author

SHA1

Message

Date

Shaun Arman

e45e4277ea

feat: complete webview cookie extraction implementation

Auto Tag / auto-tag (push) Successful in 6s

Details

Test / rust-fmt-check (push) Failing after 2m5s

Details

Release / build-macos-arm64 (push) Successful in 6m35s

Details

Test / rust-clippy (push) Failing after 18m2s

Details

Release / build-linux-arm64 (push) Failing after 22m15s

Details

Test / rust-tests (push) Successful in 12m46s

Details

Test / frontend-typecheck (push) Successful in 1m36s

Details

Test / frontend-tests (push) Successful in 1m26s

Details

Test / wiki-sync (push) Successful in 47s

Details

Release / build-linux-amd64 (push) Successful in 21m0s

Details

Release / build-windows-amd64 (push) Successful in 14m42s

Details

Implement working cookie extraction using Tauri's IPC event system:

**How it works:**
1. Opens embedded browser window for user to login
2. User completes authentication (including SSO)
3. User clicks "Complete Login" button in UI
4. JavaScript injected into webview extracts `document.cookie`
5. Parsed cookies emitted via Tauri event: `tftsr-cookies-extracted`
6. Rust listens for event and receives cookie data
7. Cookies encrypted and stored in database

**Technical implementation:**
- Uses `window.__TAURI__.event.emit()` from injected JavaScript
- Rust listens via `app_handle.listen()` with Listener trait
- 10-second timeout with clear error messages
- Handles empty cookies and JavaScript errors gracefully
- Cross-platform compatible (no platform-specific APIs)

**Cookie limitations:**
- `document.cookie` only exposes non-HttpOnly cookies
- HttpOnly session cookies won't be captured via JavaScript
- For HttpOnly cookies, services must provide API tokens as fallback

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-04-03 17:31:48 -05:00

Shaun Arman

c885f2cc8f

feat: add multi-mode authentication for integrations (v0.2.10)

Test / frontend-tests (push) Waiting to run

Details

Test / wiki-sync (push) Waiting to run

Details

Test / rust-tests (push) Waiting to run

Details

Test / frontend-typecheck (push) Waiting to run

Details

Auto Tag / auto-tag (push) Successful in 4s

Details

Test / rust-fmt-check (push) Failing after 2m12s

Details

Test / rust-clippy (push) Has been cancelled

Details

Release / build-windows-amd64 (push) Has been cancelled

Details

Release / build-macos-arm64 (push) Has been cancelled

Details

Release / build-linux-arm64 (push) Has been cancelled

Details

Release / build-linux-amd64 (push) Has been cancelled

Details

Implement three authentication methods for Confluence, ServiceNow, and Azure DevOps:

1. **OAuth2** - Traditional OAuth flow for enterprise SSO environments
2. **Embedded Browser** - Webview-based login that captures session cookies/tokens
   - Solves VPN constraints: users authenticate off-VPN via web UI
   - Extracted credentials work on-VPN for API calls
   - Based on confluence-publisher agent pattern
3. **Manual Token** - Direct API token/PAT input as fallback

**Changes:**
- Add webview_auth.rs module for embedded browser authentication
- Implement authenticate_with_webview and extract_cookies_from_webview commands
- Implement save_manual_token command with validation
- Add AuthMethod enum to support all three modes
- Add RadioGroup UI component for mode selection
- Complete rewrite of Integrations settings page with mode-specific UI
- Add secondary button variant for UI consistency

**VPN-friendly design:**
Users can authenticate via webview when off-VPN (web UI accessible), then use extracted cookies for API calls when on-VPN (API requires VPN). Addresses enterprise SSO limitations where OAuth app registration is blocked.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-04-03 17:26:09 -05:00

2 Commits