Add Keybase integration (#10297)

* create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting
2019-03-18 21:00:55 +01:00 · 2019-03-18 21:00:55 +01:00 · 9c4cbdbafb
commit 9c4cbdbafb
parent 42c581c458
29 changed files with 946 additions and 2 deletions
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -633,6 +633,21 @@ en:
    validation_errors:
      one: Something isn't quite right yet! Please review the error below
      other: Something isn't quite right yet! Please review %{count} errors below
+  identity_proofs:
+    active: Active
+    authorize: Yes, authorize
+    authorize_connection_prompt: Authorize this cryptographic connection?
+    errors:
+      failed: The cryptographic connection failed. Please try again from %{provider}.
+      keybase:
+        invalid_token: Keybase tokens are hashes of signatures and must be 66 hex characters
+        verification_failed: Keybase does not recognize this token as a signature of Keybase user %{kb_username}. Please retry from Keybase.
+    explanation_html: Here you can cryptographically connect your other identities, such as a Keybase profile. This lets other people send you encrypted messages and trust content you send them.
+    i_am_html: I am %{username} on %{service}.
+    identity: Identity
+    inactive: Inactive
+    status: Verification status
+    view_proof: View proof
  imports:
    modes:
      merge: Merge
@ -835,6 +850,7 @@ en:
    edit_profile: Edit profile
    export: Data export
    featured_tags: Featured hashtags
+    identity_proofs: Identity proofs
    import: Import
    migrate: Account migration
    notifications: Notifications
--- a/config/navigation.rb
+++ b/config/navigation.rb
@ -14,6 +14,7 @@ SimpleNavigation::Configuration.run do |navigation|
      settings.item :import, safe_join([fa_icon('cloud-upload fw'), t('settings.import')]), settings_import_url
      settings.item :export, safe_join([fa_icon('cloud-download fw'), t('settings.export')]), settings_export_url
      settings.item :authorized_apps, safe_join([fa_icon('list fw'), t('settings.authorized_apps')]), oauth_authorized_applications_url
+      settings.item :identity_proofs, safe_join([fa_icon('key fw'), t('settings.identity_proofs')]), settings_identity_proofs_path, highlights_on: %r{/settings/identity_proofs*}
    end

    primary.item :relationships, safe_join([fa_icon('users fw'), t('settings.relationships')]), relationships_url
--- a/config/routes.rb
+++ b/config/routes.rb
@ -22,6 +22,8 @@ Rails.application.routes.draw do
  get '.well-known/host-meta', to: 'well_known/host_meta#show', as: :host_meta, defaults: { format: 'xml' }
  get '.well-known/webfinger', to: 'well_known/webfinger#show', as: :webfinger
  get '.well-known/change-password', to: redirect('/auth/edit')
+  get '.well-known/keybase-proof-config', to: 'well_known/keybase_proof_config#show'
+
  get 'manifest', to: 'manifests#show', defaults: { format: 'json' }
  get 'intent', to: 'intents#show'
  get 'custom.css', to: 'custom_css#show', as: :custom_css
@ -106,6 +108,8 @@ Rails.application.routes.draw do
      resource :confirmation, only: [:new, :create]
    end

+    resources :identity_proofs, only: [:index, :show, :new, :create, :update]
+
    resources :applications, except: [:edit] do
      member do
        post :regenerate
@ -248,6 +252,9 @@ Rails.application.routes.draw do
    # OEmbed
    get '/oembed', to: 'oembed#show', as: :oembed

+    # Identity proofs
+    get :proofs, to: 'proofs#index'
+
    # JSON / REST API
    namespace :v1 do
      resources :statuses, only: [:create, :show, :destroy] do