Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
446 changes: 0 additions & 446 deletions src/main/auth/firebaseBridge/bridgeHtml.ts

This file was deleted.

37 changes: 0 additions & 37 deletions src/main/auth/firebaseBridge/config.test.ts

This file was deleted.

51 changes: 0 additions & 51 deletions src/main/auth/firebaseBridge/config.ts

This file was deleted.

14 changes: 7 additions & 7 deletions src/main/auth/firebaseBridge/copyLinkBanner.ts
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
/**
* Sign-in "copy login link" card.
*
* When `handleFirebasePopup` opens the loopback login URL in the user's
* DEFAULT browser, that browser may not be where they're signed into
* Google/GitHub. We inject a small floating card into the embedded Cloud
* view (the surface the user is looking at) offering "Copy link" / "Open
* again" so they can finish sign-in in a browser of their choice — the
* same affordance Notion / Claude / Zoom provide.
* When `handleFirebasePopup` opens the Cloud login URL in the user's DEFAULT
* browser, that browser may not be where they're signed into Google/GitHub. We
* inject a small floating card into the embedded Cloud view (the surface the
* user is looking at) offering "Copy link" / "Open again" so they can finish
* sign-in in a browser of their choice — the same affordance Notion / Claude /
* Zoom provide.
*
* Injected with `insertCSS` + `executeJavaScript`, like
* `injectMacPasskeyWarning`. The URL is string-baked via `JSON.stringify`
Expand Down Expand Up @@ -81,7 +81,7 @@ export function buildCopyLinkBannerScript(url: string, labels: CopyLinkBannerLab
copy: JSON.stringify(labels.copy),
copied: JSON.stringify(labels.copied),
openAgain: JSON.stringify(labels.openAgain),
dismiss: JSON.stringify(labels.dismiss),
dismiss: JSON.stringify(labels.dismiss)
}
return `(function(){try{
var URL=${u}, ID=${id};
Expand Down
63 changes: 39 additions & 24 deletions src/main/auth/firebaseBridge/index.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import { randomBytes } from 'node:crypto'

import { shell, type BrowserWindow, type WebContents } from 'electron'

import { detectFirebaseEnv } from './config'
import {
buildCopyLinkBannerScript,
buildRemoveCopyLinkBannerScript,
Expand All @@ -9,7 +10,8 @@ import {
} from './copyLinkBanner'
import { buildIndexedDbInjectScript } from './inject'
import { extractProviderId, type SupportedProvider } from './intercept'
import { startBridgeServer } from './server'
import { cloudLoginOriginForUrl } from './origins'
import { startCloudLoginCallbackServer, type BridgeHandle } from './server'
import * as i18n from '../../lib/i18n'
import * as mainTelemetry from '../../lib/telemetry'

Expand Down Expand Up @@ -81,15 +83,16 @@ export interface HandleFirebasePopupOpts {
*
* Flow:
* 1. Detect prod/dev project + IdP from the intercepted URL.
* 2. Spin up a loopback HTTP server with a bridge page that runs
* `signInWithPopup` in the user's system browser (passkeys +
* saved-passwords + existing IdP sessions all work there).
* 3. Await the bridge's `/callback` carrying `auth.currentUser.toJSON()`.
* 4. Inject the serialized user into the embedded view's
* 2. Spin up a loopback HTTP server that receives the completed Cloud login.
* 3. Open the real Cloud login page in the user's system browser so
* comfy.org PostHog cookies, passkeys, saved passwords, and existing
* IdP sessions all work there.
* 4. Await the bridge's `/callback` carrying `auth.currentUser.toJSON()`.
* 5. Inject the serialized user into the embedded view's
* `firebaseLocalStorageDb` IndexedDB and reload — Firebase's SDK
* rehydrates from persistence on init, fires `onAuthStateChanged`,
* and the existing `/auth/session` post handles the rest.
* 5. Focus the Desktop window so the user is yanked back into the
* 6. Focus the Desktop window so the user is yanked back into the
* app without needing to alt-tab from their browser.
*
* Errors are reported via the optional `onError` callback (the caller
Expand All @@ -101,13 +104,13 @@ export interface HandleFirebasePopupOpts {
*/
/**
* Singleton handle for the in-flight bridge. We bind to a fixed loopback
* port (so the Google OAuth client's exact-match `redirect_uri`
* allowlist works), which means only ONE bridge can run at a time. If
* port so Cloud can validate the callback target before posting credentials,
* which means only ONE bridge can run at a time. If
* the user clicks Sign in while a previous attempt is still parked on
* an open browser tab, we close the stale bridge (freeing the port)
* before spinning up the new one.
*/
let activeBridge: Awaited<ReturnType<typeof startBridgeServer>> | null = null
let activeBridge: BridgeHandle | null = null

/**
* Teardown for the in-flight "copy login link" card: removes the injected
Expand Down Expand Up @@ -171,6 +174,26 @@ function showCopyLinkBanner(comfyContents: WebContents, loginUrl: string): void
*/
const POST_SIGNIN_HOLD_MS = 3000

function getCloudLoginOrigin(comfyContents: WebContents): string {
return cloudLoginOriginForUrl(comfyContents.getURL())
}

function buildCloudDesktopLoginUrl(
comfyContents: WebContents,
callbackUrl: string,
state: string
): string {
const loginUrl = new URL('/cloud/login', getCloudLoginOrigin(comfyContents))
loginUrl.searchParams.set('desktop_login_callback', callbackUrl)
loginUrl.searchParams.set('desktop_login_state', state)
return loginUrl.href
}
Comment thread
coderabbitai[bot] marked this conversation as resolved.

// Per-login nonce echoed by Cloud so Desktop only accepts the callback it initiated.
function createDesktopLoginState(): string {
return randomBytes(24).toString('base64url')
}

export async function handleFirebasePopup(
url: string,
comfyContents: WebContents,
Expand All @@ -185,8 +208,6 @@ export async function handleFirebasePopup(
// `provider` splits Google vs GitHub conversion + failure rates. The
// success leg is emitted by bindSignedInUser's app:user_logged_in.
mainTelemetry.capture('comfy.desktop.auth.sign_in_started', { provider: providerId })
const env = detectFirebaseEnv(url)

// Kill any stale bridge from a prior sign-in attempt the user
// didn't complete. Without this, the second Sign-in click hits an
// EADDRINUSE on the fixed loopback port and the user sees an
Expand All @@ -204,19 +225,13 @@ export async function handleFirebasePopup(
// new attempt doesn't stack a second card or leak a stale listener.
runBannerCleanup()

let handle: Awaited<ReturnType<typeof startBridgeServer>> | null = null
let handle: BridgeHandle | null = null
try {
handle = await startBridgeServer({ env, providerId })
const state = createDesktopLoginState()
handle = await startCloudLoginCallbackServer({ state })
activeBridge = handle
// Append a per-attempt nonce so browsers don't focus an existing
// stale tab from a previous (perhaps wrong-provider) sign-in
// attempt. macOS Chrome / Safari treat shell.openExternal of an
// identical URL as "focus the open tab" rather than "open fresh"
// — without the nonce the user would still see yesterday's GitHub
// bridge page when they intended to start a new Google flow.
// Capture the full nonce'd URL once so the auto-opened tab, the
// "Copy link" button, and "Open again" all hand out the same link.
const loginUrl = `${handle.url}?n=${Date.now().toString(36)}`
const callbackUrl = new URL('callback', handle.url).href
const loginUrl = buildCloudDesktopLoginUrl(comfyContents, callbackUrl, state)
void shell.openExternal(loginUrl)
// Surface a Notion/Claude-style "didn't open? copy the link" card in
// the Cloud view so users can finish sign-in in a non-default browser.
Expand Down
159 changes: 0 additions & 159 deletions src/main/auth/firebaseBridge/oauth.ts

This file was deleted.

Loading
Loading