2020-08-20 15:46:57 +02:00 · 2020-08-20 15:46:57 +02:00 · 36be53aeee
commit 36be53aeee
parent fb080a7de9 522abb8097
2 changed files with 89 additions and 0 deletions
--- a/guides/gitlab.md
+++ b/guides/gitlab.md
@ -0,0 +1,45 @@
+# Adding a GitLab proof
+
+Let's add a decentralized GitLab proof to your OpenPGP keys. This will also work on self-hosted instances.
+
+[[toc]]
+
+## Post a GitLab proof message
+
+Log in to [gitlab.com](https://gitlab.com) or some other GitLab instance and click on **New project**.
+
+Set the project name to anything you want.
+
+Set the project slug to **gitlab_proof**.
+
+Set the project description to (make sure to replace FINGERPRINT):
+
+```
+[Verifying my OpenPGP key: openpgp4fpr:FINGERPRINT]
+```
+
+After creating the project, copy the link to the project.
+
+## Update the PGP key
+
+First, edit the key (make sure to replace FINGERPRINT):
+
+`gpg --edit-key FINGERPRINT`
+
+Add a new notation:
+
+`notation`
+
+Enter the notation (make sure to update with the link to the project copied above):
+
+`proof@metacode.biz=https://gitlab.example.com/USERNAME/gitlab_proof`
+
+Save the key:
+
+`save`
+
+Upload the key to WKD or use the following command to upload the key to [key.openpgp.org](https://keys.openpgp.org) (make sure to replace FINGERPRINT):
+
+`gpg --keyserver hkps://keys.openpgp.org --send-keys FINGERPRINT`
+
+And you're done! Reload your profile page, it should now show a verified GitLab account.
--- a/static/scripts.js
+++ b/static/scripts.js
@ -616,6 +616,50 @@ async function verifyProof(url, fingerprint) {
            return output;
        }
    }
+    // GitLab
+    if (/\/gitlab_proof$/.test(url)) {
+        output.type = "gitlab";
+        match = url.match(/https:\/\/(.*)\/(.*)\/gitlab_proof/);
+        output.display = match[2];
+        output.url = `https://${match[1]}/${match[2]}`;
+        output.proofUrlFetch = `https://${match[1]}/api/v4/users?username=${match[2]}`;
+        try {
+            const opts = {
+                headers: {
+                    Accept: 'application/json'
+                },
+                credentials: 'omit'
+            };
+            // Get user
+            response = await fetch(output.proofUrlFetch, opts);
+            if (!response.ok) {
+                throw new Error('Response failed: ' + response.status);
+            }
+            json = await response.json();
+            const user = json.find(user => user.username === match[2]);
+            if (!user) {
+                throw new Error('No user with username ' + match[2]);
+            }
+            // Get project
+            output.proofUrlFetch = `https://${match[1]}/api/v4/users/${user.id}/projects`;
+            response = await fetch(output.proofUrlFetch, opts);
+            if (!response.ok) {
+                throw new Error('Response failed: ' + response.status);
+            }
+            json = await response.json();
+            const project = json.find(proj => proj.path === 'gitlab_proof');
+            if (!project) {
+                throw new Error('No project at ' + url);
+            }
+            reVerify = new RegExp(`[Verifying my OpenPGP key: openpgp4fpr:${fingerprint}]`, 'i');
+            if (reVerify.test(project.descroption)) {
+                output.isVerified = true;
+            }
+        } catch (e) {
+        } finally {
+            return output;
+        }
+    }
    // Lobsters
    if (/^https:\/\/lobste.rs/.test(url)) {
        output.type = "lobsters";