Revert "Added GitHub OAuth identity verification flow"

[tcsenpai]

Reverts #549

Summary by CodeRabbit

• New Features

  • GitHub Gist-based proof verification is now available, allowing users to submit and validate proofs directly via Gist URLs and raw GitHub content links.

• Refactor

  • GitHub OAuth login mechanism has been removed and replaced with a new GitHub Gist proof verification system, streamlining the authentication process.

• Dependencies

  • Added @octokit/core library for enhanced GitHub integration.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Removes GitHub OAuth credential environment variables and the entire OAuth flow module, replacing them with a new GitHub proof parser that validates gist-based proofs using Octokit and axios. Introduces corresponding URL format mappings and removes OAuth code exchange handling from network calls.

Changes

Cohort / File(s)	Summary
Environment & Dependencies .env.example, package.json	Removes GitHub OAuth credentials (CLIENT_ID, CLIENT_SECRET); adds @octokit/core dependency for gist-based proof parsing.
GitHub Proof Parser Implementation src/libs/abstraction/web2/github.ts	New class GithubProofParser with OAuth login via Octokit, gist URL parsing, and dual-strategy proof fetching (Octokit for gist.github.com, axios for githubusercontent.com raw content). Validates owner and extracts message/signature.
Proof Parser Format Registry src/libs/abstraction/web2/parsers.ts	Registers "github" format category with three URL prefixes: https://gist.github.com, https://raw.githubusercontent.com, https://gist.githubusercontent.com.
Proof Verification Orchestration src/libs/abstraction/index.ts	Wires GithubProofParser into verifyWeb2Proof via parser type union and switch case; removes GitHub OAuth attestation verification block; minor Telegram formatting adjustments; expands Telegram-related exports.
OAuth Deletion src/libs/identity/oauth/github.ts	Removes entire GitHub OAuth module including exchangeGitHubCode, verifyGitHubOAuthAttestation, and related interfaces (GitHubOAuthAttestation, SignedGitHubOAuthAttestation, GitHubOAuthResult).
Network Call Handler src/libs/network/manageNodeCall.ts	Removes import of exchangeGitHubCode and deletes switch-case handler for "exchangeGitHubOAuthCode" message.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant verifyWeb2Proof
    participant GithubProofParser
    participant Octokit as Octokit/GitHub API
    participant axios as axios
    
    Client->>verifyWeb2Proof: Proof URL (gist or raw)
    Note over verifyWeb2Proof: Determine parser type
    verifyWeb2Proof->>GithubProofParser: readData(proofUrl)
    
    alt gist.github.com URL
        GithubProofParser->>GithubProofParser: parseGistDetails(extract username, gistId)
        GithubProofParser->>Octokit: GET /gists/{gistId}
        Octokit-->>GithubProofParser: gist data
        rect rgb(200, 220, 240)
            Note over GithubProofParser: Validate owner matches username
        end
        GithubProofParser->>GithubProofParser: Extract first file content
    else githubusercontent.com URL
        GithubProofParser->>axios: GET raw file
        axios-->>GithubProofParser: raw content
    end
    
    rect rgb(240, 220, 200)
        Note over GithubProofParser: Validate & parse payload (message, type, signature)
    end
    
    GithubProofParser-->>verifyWeb2Proof: { message, type, signature }
    verifyWeb2Proof->>verifyWeb2Proof: Continue verification chain
    verifyWeb2Proof-->>Client: Verification result

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Added GitHub OAuth identity verification flow #549: Competing GitHub implementation that adds OAuth flow and authentication while this PR removes it in favor of proof-based validation using Octokit and gists.

Suggested labels

Possible security concern, Review effort 3/5

Poem

🐰 A gist of wisdom, a hop to the proof,
No secrets exchanged on GitHub's roof—
Just signatures dancing in digital files,
Octokit parsing with cryptographic smiles!
OAuth fades as the parser takes flight,
Proofs are now validated, pure and bright! 🌙

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch revert-549-feature/github-discord-oauth

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 6947787 and db97a2d.

📒 Files selected for processing (7)

• .env.example
• package.json
• src/libs/abstraction/index.ts
• src/libs/abstraction/web2/github.ts
• src/libs/abstraction/web2/parsers.ts
• src/libs/identity/oauth/github.ts
• src/libs/network/manageNodeCall.ts

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
9 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[tcsenpai]

Your trial has ended! 😢

To keep getting reviews, activate your plan here.

Got questions about plans or want to see if we can extend your trial? Talk to our founders here.😎