Merge pull request 'GitLab Proof' (#32) from dusansimic/keyoxide-web:gitlab-proof into dev

Reviewed-on: https://codeberg.org/keyoxide/web/pulls/32
This commit is contained in:
Yarmo Mackenbach 2020-08-20 15:46:57 +02:00
commit 36be53aeee
2 changed files with 89 additions and 0 deletions

45
guides/gitlab.md Normal file
View file

@ -0,0 +1,45 @@
# Adding a GitLab proof
Let's add a decentralized GitLab proof to your OpenPGP keys. This will also work on self-hosted instances.
[[toc]]
## Post a GitLab proof message
Log in to [gitlab.com](https://gitlab.com) or some other GitLab instance and click on **New project**.
Set the project name to anything you want.
Set the project slug to **gitlab_proof**.
Set the project description to (make sure to replace FINGERPRINT):
```
[Verifying my OpenPGP key: openpgp4fpr:FINGERPRINT]
```
After creating the project, copy the link to the project.
## Update the PGP key
First, edit the key (make sure to replace FINGERPRINT):
`gpg --edit-key FINGERPRINT`
Add a new notation:
`notation`
Enter the notation (make sure to update with the link to the project copied above):
`proof@metacode.biz=https://gitlab.example.com/USERNAME/gitlab_proof`
Save the key:
`save`
Upload the key to WKD or use the following command to upload the key to [key.openpgp.org](https://keys.openpgp.org) (make sure to replace FINGERPRINT):
`gpg --keyserver hkps://keys.openpgp.org --send-keys FINGERPRINT`
And you're done! Reload your profile page, it should now show a verified GitLab account.

View file

@ -616,6 +616,50 @@ async function verifyProof(url, fingerprint) {
return output; return output;
} }
} }
// GitLab
if (/\/gitlab_proof$/.test(url)) {
output.type = "gitlab";
match = url.match(/https:\/\/(.*)\/(.*)\/gitlab_proof/);
output.display = match[2];
output.url = `https://${match[1]}/${match[2]}`;
output.proofUrlFetch = `https://${match[1]}/api/v4/users?username=${match[2]}`;
try {
const opts = {
headers: {
Accept: 'application/json'
},
credentials: 'omit'
};
// Get user
response = await fetch(output.proofUrlFetch, opts);
if (!response.ok) {
throw new Error('Response failed: ' + response.status);
}
json = await response.json();
const user = json.find(user => user.username === match[2]);
if (!user) {
throw new Error('No user with username ' + match[2]);
}
// Get project
output.proofUrlFetch = `https://${match[1]}/api/v4/users/${user.id}/projects`;
response = await fetch(output.proofUrlFetch, opts);
if (!response.ok) {
throw new Error('Response failed: ' + response.status);
}
json = await response.json();
const project = json.find(proj => proj.path === 'gitlab_proof');
if (!project) {
throw new Error('No project at ' + url);
}
reVerify = new RegExp(`[Verifying my OpenPGP key: openpgp4fpr:${fingerprint}]`, 'i');
if (reVerify.test(project.descroption)) {
output.isVerified = true;
}
} catch (e) {
} finally {
return output;
}
}
// Lobsters // Lobsters
if (/^https:\/\/lobste.rs/.test(url)) { if (/^https:\/\/lobste.rs/.test(url)) {
output.type = "lobsters"; output.type = "lobsters";