Dynamically fetch devlooped JWK from github

This avoids hardcoding the key, ensuring it will match whatever we have on the backend at build time. Minor improvements to ILRepack invocation (ignore warning on duplicate resource).
devlooped · Jun 18, 2024 · 55124bc · 55124bc
1 parent 8d29f01
commit 55124bc
Show file tree

Hide file tree

Showing 8 changed files with 54 additions and 25 deletions.
diff --git a/src/SponsorLink/Library/Library.csproj b/src/SponsorLink/Library/Library.csproj
@@ -6,6 +6,7 @@
     <PackageId>SponsorableLib</PackageId>
     <Description>Sample library incorporating SponsorLink checks</Description>
     <PackOnBuild>true</PackOnBuild>
+    <PublishRepositoryUrl>true</PublishRepositoryUrl>
   </PropertyGroup>
 
   <ItemGroup>
@@ -16,16 +17,4 @@
     <ProjectReference Include="..\Analyzer\Analyzer.csproj" ReferenceOutputAssembly="false" OutputType="Analyzer" />
   </ItemGroup>
 
-  <ItemGroup>
-    <EmbeddedResource Update="Resources.resx">
-      <!-- Default to Just Works resources generation. See https://www.cazzulino.com/resources.html -->
-      <Generator>MSBuild:Compile</Generator>
-      <StronglyTypedFileName>$(IntermediateOutputPath)\$([MSBuild]::ValueOrDefault('%(RelativeDir)', '').Replace('\', '.').Replace('/', '.'))%(Filename).g$(DefaultLanguageSourceExtension)</StronglyTypedFileName>
-      <StronglyTypedLanguage>$(Language)</StronglyTypedLanguage>
-      <StronglyTypedNamespace Condition="'%(RelativeDir)' == ''">$(RootNamespace)</StronglyTypedNamespace>
-      <StronglyTypedNamespace Condition="'%(RelativeDir)' != ''">$(RootNamespace).$([MSBuild]::ValueOrDefault('%(RelativeDir)', '').Replace('\', '.').Replace('/', '.').TrimEnd('.'))</StronglyTypedNamespace>
-      <StronglyTypedClassName>%(Filename)</StronglyTypedClassName>
-    </EmbeddedResource>
-  </ItemGroup>
-
 </Project>
diff --git a/src/SponsorLink/Library/readme.md b/src/SponsorLink/Library/readme.md
@@ -0,0 +1,5 @@
+# Sponsorable Library
+
+Example of a library that is available for sponsorship and leverages 
+[SponsorLink](https://github.com/devlooped/SponsorLink) to remind users 
+in an IDE (VS/Rider).
diff --git a/src/SponsorLink/SponsorLink.targets b/src/SponsorLink/SponsorLink.targets
@@ -10,9 +10,6 @@
     <!-- If we are going to merge files, we need to copy local -->
     <CopyLocalLockFileAssemblies Condition="'$(MergeAnalyzerAssemblies)' == 'true'">true</CopyLocalLockFileAssemblies>
 
-    <!-- Read public key we validate manifests against -->
-    <DevloopedJwk>$([System.IO.File]::ReadAllText('$(MSBuildThisFileDirectory)SponsorLink/devlooped.pub.jwk'))</DevloopedJwk>
-
     <!-- Default funding product the Product, which already part of ThisAssembly -->
     <FundingProduct Condition="'$(FundingProduct)' == ''">$(Product)</FundingProduct>
     <!-- Default prefix is the joined upper-case letters in the product name (i.e. for ThisAssembly, TA) -->
@@ -22,7 +19,6 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <AssemblyMetadata Include="Funding.GitHub.devlooped" Value="$(DevloopedJwk)" />
     <Constant Include="Funding.Product" Value="$(FundingProduct)" />
     <Constant Include="Funding.Prefix" Value="$(FundingPrefix)" />
     <Constant Include="Funding.Grace" Value="$(FundingGrace)" />
@@ -123,7 +119,7 @@
       <!--<ILRepackArgs>$(ILRepackArgs) "/lib:$(NetstandardDirectory)"</ILRepackArgs> -->
       <!-- This is needed for ilrepack to find netstandard.dll, which is referenced by the System.Text.Json assembly -->
     </PropertyGroup>
-    <Exec Command="&quot;$(ILRepack)&quot; $(ILRepackArgs)" WorkingDirectory="$(MSBuildProjectDirectory)\$(OutputPath)" StandardErrorImportance="high" StandardOutputImportance="low" ConsoleToMSBuild="true" ContinueOnError="true">
+    <Exec Command='"$(ILRepack)" $(ILRepackArgs)' WorkingDirectory="$(MSBuildProjectDirectory)\$(OutputPath)" StandardErrorImportance="high" IgnoreStandardErrorWarningFormat="true" StandardOutputImportance="low" ConsoleToMSBuild="true" ContinueOnError="true">
       <Output TaskParameter="ConsoleOutput" PropertyName="ILRepackOutput" />
       <Output TaskParameter="ExitCode" PropertyName="ExitCode" />
     </Exec>
@@ -138,4 +134,23 @@
     <Delete Files="@(MergedAssembliesToRemove -&gt; '$(MSBuildProjectDirectory)\$(OutputPath)%(Filename)%(Extension)')" Condition="Exists('$(MSBuildProjectDirectory)\$(OutputPath)%(Filename)%(Extension)')" />
   </Target>
 
+  <Target Name="DownloadDevloopedJwk" BeforeTargets="GetAssemblyAttributes" Inputs="$(MSBuildProjectFullPath)" Outputs="$(MSBuildProjectDirectory)\$(BaseIntermediateOutputPath)devlooped.jwk">
+    <Exec Command='pwsh -nop -f "$(MSBuildThisFileDirectory)jwk.ps1"' ConsoleToMSBuild="true" EchoOff="true">
+      <Output TaskParameter="ConsoleOutput" PropertyName="RawJwk"/>
+      <Output TaskParameter="ExitCode" PropertyName="MSBuildLastExitCode" />
+    </Exec>
+    <Error Text="$(RawJwk)" Condition="'$(MSBuildLastExitCode)' != '0'" />
+    <WriteLinesToFile File="$(MSBuildProjectDirectory)\$(BaseIntermediateOutputPath)devlooped.jwk" Lines="$(RawJwk)" Overwrite="true" />
+  </Target>
+
+  <Target Name="ReadDevloopedJwk" DependsOnTargets="DownloadDevloopedJwk" BeforeTargets="GetAssemblyAttributes">
+    <PropertyGroup>
+      <!-- Read public key we validate manifests against -->
+      <DevloopedJwk>$([System.IO.File]::ReadAllText('$(MSBuildProjectDirectory)\$(BaseIntermediateOutputPath)devlooped.jwk'))</DevloopedJwk>
+    </PropertyGroup>
+    <ItemGroup>
+      <AssemblyMetadata Include="Funding.GitHub.devlooped" Value="$(DevloopedJwk)" />
+    </ItemGroup>
+  </Target>
+
 </Project>
diff --git a/src/SponsorLink/SponsorLink/SponsorLink.cs b/src/SponsorLink/SponsorLink/SponsorLink.cs
@@ -82,7 +82,7 @@ public static bool TryRead([NotNullWhen(true)] out ClaimsPrincipal? principal, I
 
         foreach (var value in values)
         {
-            if (string.IsNullOrWhiteSpace(value.jwk) || string.IsNullOrEmpty(value.jwk))
+            if (string.IsNullOrWhiteSpace(value.jwt) || string.IsNullOrEmpty(value.jwk))
                 continue;
 
             if (Validate(value.jwt, value.jwk, out var token, out var claims, false) == ManifestStatus.Valid && claims != null)

diff --git a/src/SponsorLink/SponsorLink/SponsorLink.csproj b/src/SponsorLink/SponsorLink/SponsorLink.csproj
@@ -8,7 +8,6 @@
   </PropertyGroup>
 
   <PropertyGroup Label="SponsorLink">
-    <DevloopedJwk>$([System.IO.File]::ReadAllText('$(MSBuildThisFileDirectory)devlooped.pub.jwk'))</DevloopedJwk>
     <!-- Default funding product the Product, which already part of ThisAssembly -->
     <FundingProduct Condition="'$(FundingProduct)' == ''">$(Product)</FundingProduct>
     <!-- Default prefix is the joined upper-case letters in the product name (i.e. for ThisAssembly, TA) -->
@@ -37,10 +36,32 @@
   </ItemGroup>
 
   <ItemGroup>
-    <AssemblyMetadata Include="Funding.GitHub.devlooped" Value="$(DevloopedJwk)" />
     <Constant Include="Funding.Product" Value="$(FundingProduct)" />
     <Constant Include="Funding.Prefix" Value="$(FundingPrefix)" />
     <Constant Include="Funding.Grace" Value="$(FundingGrace)" />
   </ItemGroup>
 
+  <ItemGroup>
+    <None Include="..\SponsorLink.targets" Link="SponsorLink.targets" />
+  </ItemGroup>
+
+  <Target Name="DownloadDevloopedJwk" BeforeTargets="GetAssemblyAttributes" Inputs="$(MSBuildProjectFullPath)" Outputs="$(MSBuildProjectDirectory)\$(BaseIntermediateOutputPath)devlooped.jwk">
+    <Exec Command='pwsh -nop -f "$(MSBuildThisFileDirectory)jwk.ps1"' ConsoleToMSBuild="true" EchoOff="true">
+      <Output TaskParameter="ConsoleOutput" PropertyName="DevloopedJwk"/>
+      <Output TaskParameter="ExitCode" PropertyName="MSBuildLastExitCode" />
+    </Exec>
+    <Error Text="$(DevloopedJwk)" Condition="'$(MSBuildLastExitCode)' != '0'" />
+    <WriteLinesToFile File="$(MSBuildProjectDirectory)\$(BaseIntermediateOutputPath)devlooped.jwk" Lines="$(DevloopedJwk)" Overwrite="true" />
+  </Target>
+
+  <Target Name="ReadDevloopedJwk" DependsOnTargets="DownloadDevloopedJwk" BeforeTargets="GetAssemblyAttributes">
+    <PropertyGroup>
+      <!-- Read public key we validate manifests against -->
+      <DevloopedJwk>$([System.IO.File]::ReadAllText('$(MSBuildProjectDirectory)\$(BaseIntermediateOutputPath)devlooped.jwk'))</DevloopedJwk>
+    </PropertyGroup>
+    <ItemGroup>
+      <AssemblyMetadata Include="Funding.GitHub.devlooped" Value="$(DevloopedJwk)" />
+    </ItemGroup>
+  </Target>
+
 </Project>
diff --git a/src/SponsorLink/SponsorLink/buildTransitive/Devlooped.Sponsors.targets b/src/SponsorLink/SponsorLink/buildTransitive/Devlooped.Sponsors.targets
@@ -86,6 +86,9 @@
          Note that since running this requires autosync=true, we can safely assume the user 
          has already run `sponsorlink [...] -autosync` at least once to turn it on. Otherwise, 
          this target won't run at all.
+         Note that since we don't specify -f (force), we only sync if the local manifest is expired, 
+         so as not to slow the build unnecessarily. Analyzer checking for the manifest will still 
+         check the validity of the manifest using the embedded key.
          -->
     <Exec Command="sponsor sync --local --unattended" StandardErrorImportance="high" StandardOutputImportance="low" ConsoleToMSBuild="true" ContinueOnError="true">
       <Output TaskParameter="ExitCode" PropertyName="SponsorsExitCode" />

diff --git a/src/SponsorLink/SponsorLink/devlooped.pub.jwk b/src/SponsorLink/SponsorLink/devlooped.pub.jwk
diff --git a/src/SponsorLink/SponsorLink/jwk.ps1 b/src/SponsorLink/SponsorLink/jwk.ps1
@@ -0,0 +1 @@
+curl https://raw.githubusercontent.com/devlooped/.github/main/sponsorlink.jwt --silent | jq -R 'split(".") | .[1] | @base64d | fromjson' | jq '.sub_jwk'