I'm attempting to implement Sign-in with SSB on Patchfox.

This thread will serve as a little dev diary as I made a gazillion bad decisions pragmatic choices and hit a wall which I can't overcome. I need help from people who know more about this than I do.

So the kernel of the problem is that the whole workflow of Sign-in with SSB and the modules associated with it are assuming a client like Patchwork or Manyverse which are in control of both the backend and client parts of SSB.

Patchfox has only the client-side, it piggybacks on whatever SSB server you're running. That is somewhat troublesome when it comes to features that require specialised plugins. In the case of joining a rooms 2.0 room, I managed — with help from Staltz — to load it on the client-side by manually calling the init() method of the plugin and grafting it into the local sbot. It kinda looks like this:

sbot.httpInviteClient = ssbHttpInviteClient.init(sbot)

All is working fine there.

When it comes to the Sign-in with SSB flow, things are a bit more complex.

That makes use of ssb-http-auth-client. I attempted to load it like I did with the other plugin.

sbot.httpAuthClientTokens = ssbHttpAuthClient[0].init(sbot) // hack: assuming order in `ssb-http-auth-client`.
sbot.httpAuthClient = ssbHttpAuthClient[1].init(sbot, {keys}) // hack: assuming order in `ssb-http-auth-client`.
sbot.httpAuth = ssbHttpAuthClient[2].init(sbot, {keys}) // hack: assuming order in `ssb-http-auth-client`.

One of those plugins, attempt to use sbot.close.hooks() which is not available. So, I polyfilled it with a no-op:

// hack: apparently `ssb-client` has no `hook()` in `sbot.close()`, so we no-op'd a polyfill.
sbot.close.hook = (data) => {
   console.warn("sbot.close is a no-op polyfill, doesn't actually work.")
}

The other problem is that the callback from ssb.conn.connect() does not include the plugins above, so I went destructive and wrapped that so that I could force it into having the plugins I needed.

// SSB Conn callback passes an RPC back, which looks like sbot.
// This sbot does not contain the plugins above ¬¬
// I need to force it back.
let conn_aux = sbot.conn.connect

sbot.conn.connect = (serverMSAddr, cb) => {
  conn_aux(serverMSAddr, (err, rpc) => {
    rpc.httpAuthClientTokens = sbot.httpAuthClientTokens
    rpc.httpAuthClient = sbot.httpAuthClient
    rpc.httpAuth = sbot.httpAuth
    console.log("ssb.conn.connect wrapped!", rpc)
    cb(err, rpc)
  })
}

And after all that, it loads and attempts to sign in! Buuuuut then it hits a wall which is from httpAuth plugin which perceives it is running on the client-side and kills the whole process down because I should not be doing it anyway.

      sendSolution(_sc: string, _cc: string, _sol: string, cb: CB<never>) {
        cb(new Error('httpAuth.sendSolution not supported on the client side'));
      },

and that is where I am, no idea where to go, or what the path to implement the Sign-in with SSB on the client-side could be.

well, I tried...

Yeah, it would really need to be installed on the backend.

What if Patchfox starts using scuttleshell, would it make it easier to install new backend plugins? (On the other hand, I'm quite optimistic you'll be able to use Manyverse as the ssb server soonish)

@andrestaltz I understand... I just with there was a muxrpc call exposed to ssb-clients that would allow a client like Patchfox to pass the URI to the backend and let them do the whole auth dance.

wish*

I'm guessing I misunderstood how the workflow for rooms 2.0 work. I assumed you needed to be able to do the Sign in with SSB feature to be able to set aliases, but watching that video for room 2.0 and Manyverse doing the alias setting kinda showed me that that is not the case.

I want to replicate that feature in Patchfox. Can someone give me some pointers how to do it? Room joining already works, all that I'm really missing is aliases for it to be complete enough for shipping.

Hey @SoapDog (Macbook Air), sorry I wasn't attentive enough in yesterdays office-hour. We could have cleared this up sooner. To me it just sounded like you wanted to replace the sign-in feature from room2-check with an implementation in patchfox.

yes, you are right. You don't need http-auth to register an alias. You do need an ssb-client connection to the room server and then issue the room.registerAlias command. The arguments for it are the alias itself and a signed string (for tamper resistance and verification by resolving users) over the alias, room's and the member's pubkey. You can see the code for this here in go, here in js and as step3 in the rooms spec.

Thanks @cryptix, I might need to reimplement that workflow on Patchfox from scratch for it to work. I'll try it later tonight or tomorrow.

As mentioned in another thread with @andrestaltz, I'm thinking that Scuttle Shell needs some love. On mobile it is best if the app bundles the server, but on desktop it is desirable to have many apps talking to the same server so that you can run them concurrently if you want. I don't see any other solution besides doubling down on Scuttle Shell for that.

@SoapDog (Macbook Air) I'm also scratching my head with multi-app support on the same device, as I'm preparing Manyverse desktop. I think there are a couple of different ideas (other than Scuttle Shell), but all of them have significant downsides. At some point we need to brainstorm a way out of this.