fetch contributor information via server rather than client side

Author: haarg

cpanfile

@@ -17,8 +17,9 @@ requires 'CatalystX::Fastly::Role::Response', '0.06';
 requires 'CommonMark';
 requires 'Config::General';
 requires 'Config::ZOMG', '1.000000';
-requires 'Cpanel::JSON::XS';
 requires 'CPAN::DistnameInfo', '0.12';
+requires 'Cpanel::JSON::XS';
+requires 'Crypt::OpenSSL::RSA';
 requires 'Data::Pageset';
 requires 'DateTime', '1.24';
 requires 'DateTime::Format::HTTP';

cpanfile.snapshot

@@ -905,6 +905,33 @@ DISTRIBUTIONS
       overload 0
       strict 0
       warnings 0
+  Crypt-OpenSSL-Guess-0.15
+    pathname: A/AK/AKIYM/Crypt-OpenSSL-Guess-0.15.tar.gz
+    provides:
+      Crypt::OpenSSL::Guess 0.15
+    requirements:
+      Config 0
+      Exporter 5.57
+      ExtUtils::MakeMaker 6.64
+      File::Spec 0
+      Symbol 0
+      perl 5.008001
+  Crypt-OpenSSL-RSA-0.33
+    pathname: T/TO/TODDR/Crypt-OpenSSL-RSA-0.33.tar.gz
+    provides:
+      Crypt::OpenSSL::RSA 0.33
+    requirements:
+      Crypt::OpenSSL::Random 0
+      ExtUtils::MakeMaker 0
+      Test::More 0
+      perl 5.006
+  Crypt-OpenSSL-Random-0.16
+    pathname: R/RU/RURBAN/Crypt-OpenSSL-Random-0.16.tar.gz
+    provides:
+      Crypt::OpenSSL::Random 0.16
+    requirements:
+      Crypt::OpenSSL::Guess 0.11
+      ExtUtils::MakeMaker 0
   Data-Dump-1.25
     pathname: G/GA/GARU/Data-Dump-1.25.tar.gz
     provides:

lib/MetaCPAN/Web/Controller/About.pm

@@ -2,6 +2,8 @@ package MetaCPAN::Web::Controller::About;
 
 use Moose;
 
+use Cpanel::JSON::XS qw(encode_json);
+
 BEGIN { extends 'MetaCPAN::Web::Controller' }
 
 sub auto : Private {
@@ -19,6 +21,13 @@ sub about : Path : Args(0) {
 
 sub contributors : Local : Args(0) {
     my ( $self, $c ) = @_;
+    my $contributors
+        = $c->model('GitHub')
+        ->contributors->else( sub { Future->fail( encode_json( $_[0] ) ) } )
+        ->get;
+    $c->stash( {
+        contributors => $contributors,
+    } );
 }
 
 sub contact : Local : Args(0) {

lib/MetaCPAN/Web/Model/GitHub.pm

@@ -0,0 +1,208 @@
+package MetaCPAN::Web::Model::GitHub;
+
+use Moose;
+extends 'Catalyst::Model';
+
+use namespace::autoclean;
+
+use Cpanel::JSON::XS qw( decode_json encode_json );
+
+use IO::Async::Loop       ();
+use IO::Async::SSL        ();
+use IO::Socket::SSL       qw( SSL_VERIFY_PEER );
+use Net::Async::HTTP      ();
+use HTTP::Request::Common ();
+use MIME::Base64          qw(encode_base64url);
+use Crypt::OpenSSL::RSA   ();
+use Ref::Util             qw(is_arrayref is_hashref);
+
+my $loop;
+
+sub loop {
+    $loop ||= IO::Async::Loop->new;
+}
+
+my $client;
+
+sub client {
+    $client ||= do {
+        my $http = Net::Async::HTTP->new(
+            user_agent =>
+                'MetaCPAN-Web/1.0 (https://github.com/metacpan/metacpan-web)',
+            max_connections_per_host => $ENV{NET_ASYNC_HTTP_MAXCONNS} || 20,
+            SSL_verify_mode          => SSL_VERIFY_PEER,
+            timeout                  => 10,
+        );
+        $_[0]->loop->add($http);
+        $http;
+    };
+}
+
+has app_id          => ( is => 'ro' );
+has app_secret_file => ( is => 'ro' );
+has app_secret => (
+    is      => 'ro',
+    lazy    => 1,
+    default => sub {
+        my $self = shift;
+        open my $fh, '<', $self->app_secret_file
+            or die "can't open " . $self->app_secret_file . "!: $!";
+        my $content = do { local $/; <$fh> };
+        close $fh;
+        return $content;
+    },
+);
+has rsa => (
+    is      => 'ro',
+    lazy    => 1,
+    default => sub {
+        my $self = shift;
+        my $rsa  = Crypt::OpenSSL::RSA->new_private_key( $self->app_secret );
+        $rsa->use_sha256_hash;
+        return $rsa;
+    },
+);
+
+has _access_token => ( is => 'rw' );
+
+sub jwt {
+    my $self = shift;
+
+    my $header = {
+        typ => "JWT",
+        alg => "RS256",
+    };
+    my $now     = time;
+    my $payload = {
+        iat => $now - 60,
+        exp => $now + 600,
+        iss => 0 + $self->app_id,
+    };
+    my $jwt_content = join '.', map encode_base64url( encode_json($_) ),
+        $header, $payload;
+
+    my $sign = $self->rsa->sign($jwt_content);
+
+    $jwt_content .= '.' . encode_base64url($sign);
+    return $jwt_content;
+}
+
+sub req {
+    my ( $self, $method, $url, $headers, $body ) = @_;
+
+    $url =~ s{^(?:https://api\.github\.com/|/|)}{https://api.github.com/};
+    my @headers
+        = is_arrayref($headers) ? @$headers
+        : is_hashref($headers)  ? %$headers
+        :                         die "invalid headers";
+
+    $self->client->do_request(
+        method  => $method,
+        uri     => $url,
+        headers => [
+            'Accept'               => 'application/vnd.github+json',
+            'X-GitHub-Api-Version' => '2022-11-28',
+            @headers,
+        ],
+        (
+            $method eq 'POST'
+            ? (
+                content      => encode_json( $body || {} ),
+                content_type => 'application/json',
+                )
+            : ()
+        ),
+    )->then( sub {
+        my $response     = shift;
+        my $data         = $response->decoded_content( charset => 'none' );
+        my $content_type = $response->header('content-type') || q{};
+
+        if ( $content_type =~ /^application\/json/ ) {
+            my $out = decode_json($data);
+            if ( $response->is_success ) {
+                return Future->done($out);
+            }
+            else {
+                return Future->fail($out);
+            }
+        }
+        else {
+            return Future->fail($data);
+        }
+    } );
+}
+
+sub access_token {
+    my $self          = shift;
+    my $current_token = $self->_access_token;
+    if ( $current_token && $current_token->{expires_at} > time ) {
+        return Future->done( $current_token->{token} );
+    }
+    my $jwt = $self->jwt;
+    $self->req( 'GET', 'integration/installations',
+        [ 'Authorization' => 'Bearer ' . $jwt ],
+    )->then( sub {
+        my $res = shift;
+        my ($installation) = @$res;
+        $self->req(
+            'POST',
+            $installation->{access_tokens_url},
+            [ 'Authorization' => 'Bearer ' . $jwt ],
+        );
+    } )->then( sub {
+        my $token      = shift;
+        my $expires_at = DateTime::Format::ISO8601->parse_datetime(
+            $token->{expires_at} );
+        $token->{expires_at} = $expires_at->epoch;
+        $self->_access_token($token);
+        return Future->done( $token->{token} );
+    } );
+}
+
+sub maybe_auth {
+    my $self = shift;
+    return Future->done( [] )
+        if !$self->app_id;
+    $self->access_token->then( sub {
+        Future->done( [ 'Authorization' => "token " . shift ] );
+    } );
+}
+
+sub contributors {
+    my $self = shift;
+    $self->maybe_auth->then( sub {
+        my $auth = shift;
+        $self->req( 'GET', 'orgs/metacpan/repos?type=public&per_page=100',
+            [@$auth], )->then( sub {
+            my $repos = shift;
+            warn "found " . scalar(@$repos) . ' repositories';
+            Future->wait_all(
+                map $self->req(
+                    'GET', "repos/$_->{full_name}/contributors", [@$auth],
+                ),
+                @$repos
+            );
+            } );
+    } )->then( sub {
+        my (@results) = @_;
+        my %users;
+        for my $result ( map @{ $_->get }, @results ) {
+            my $user = $users{ $result->{login} }
+                ||= { %$result, contributions => 0 };
+            $user->{contributions} += $result->{contributions};
+        }
+        return [
+            sort {
+                $b->{contributions} <=> $a->{contributions}
+                    || lc $a->{login} cmp lc $b->{login}
+            }
+            grep {
+                       $_->{type} ne 'Bot'
+                    && $_->{id} != 87378114    # metacpan-bot
+            } values %users
+        ];
+    } );
+}
+
+__PACKAGE__->meta->make_immutable;
+1;

root/about/contributors.tx

@@ -2,101 +2,20 @@
 %%      title => $title || 'MetaCPAN Contributors ordered by commits',
 %%  }
 %%  override content -> {
-<script type="text/javascript">
-  document.addEventListener("DOMContentLoaded", function () {
-    var repos = [
-      'metacpan/metacpan-web',
-      'metacpan/metacpan-api',
-      'metacpan/p5-metacpan-websocket',
-      'metacpan/metacpan-puppet',
-      'metacpan/metacpan-vagrant',
-      'metacpan/metacpan-developer',
-      'metacpan/metacpan-explorer',
-      'metacpan/metacpan-examples'
-    ];
-    var baseUrl = 'https://api.github.com/repos';
-    var path = 'contributors';
-
-    var cv = function() {
-      var result = {};
-      var requests = repos.length;
-      var done = 0;
-      return {
-        render: function() {
-          $('#metacpan_author-result-loading').hide();
-          $('.author-results').html('<ul class="authors">');
-          var el = $('ul.authors');
-          var rows = [];
-          $.each(result, function(idx, row) {
-            rows.push(row);
-          });
-          rows.sort(function(a,b) {
-            // First sort by contributions, desc
-            var result = (a.contributions < b.contributions) ? 1 : (a.contributions > b.contributions) ? -1 : 0;
-            // Second by login name, asc
-            if (result === 0) {
-              result = (a.login.toUpperCase() > b.login.toUpperCase()) ? 1 : (a.login.toUpperCase() < b.login.toUpperCase()) ? -1 : 0;
-            }
-            return result;
-          });
-          $.each(rows, function(idx, row) {
-            el.append(
-               '<li><a href="https://github.com/'+ row.login +'" title="GitHub profile of '+ row.login +'"><img src="'+ row.avatar_url +'" class="author-img" />'
-              +'<strong>'+ row.login +'</strong></a>'
-              +'('+ row.contributions +' '+ (row.contributions === 1 ? 'commit' : 'commits') +')</li>'
-            );
-          })
-          $('#metacpan_author-count').html('Number of contributors: ' + rows.length);
-        },
-
-        fetch: function(url) {
-          $.getJSON(url, function(res, statusMessage, jqXHR) {
-            cv.requestFinished(res, jqXHR);
-          });
-        },
-
-        paginate: function(jqXHR) {
-          var link = jqXHR.getResponseHeader('Link');
-          if (!link) {
-            return;
-          }
-          var self = this;
-          var links = link.split(/\s*,\s*/).map(
-            l => l.match(/<(.*?)>;\s*rel="(.*?)"/)
-          ).filter(lt => lt[2] === "next").map(lt => lt[1]);
-          $.each(links, function(idx, url) {
-            requests++;
-            self.fetch(url);
-          });
-        },
-
-        requestFinished: function(data, jqXHR) {
-          this.paginate(jqXHR);
-          $.each(data, function(idx, row) {
-            if (typeof result[row.login] == 'undefined') {
-              result[row.login] = row;
-            }
-            else {
-              result[row.login].contributions += row.contributions;
-            }
-          });
-          if (++done === requests) {
-            this.render();
-          }
-        }
-      }
-    }();
-
-    $.each(repos, function(idx, repo) {
-      var url = [baseUrl, repo, path].join('/') +'?per_page=100';
-      cv.fetch(url);
-    });
-
-  });
-</script>
-
-  <i class="fa fa-spinner fa-spin" id="metacpan_author-result-loading"></i>
-  <div id="metacpan_author-count"></div>
-  <div class="author-results"></div>
-
+  <div id="metacpan_author-count">
+      Number of contributors: [% $contributors.size() %]
+  </div>
+  <div class="author-results">
+      <ul class="authors">
+      %%  for $contributors -> $user {
+          <li>
+            <a href="https://github.com/[% $user.login %]" title="GitHub profile of [% $user.login %]">
+              <img src="[% $user.avatar_url %]" class="author-img" />
+              <strong>[% $user.login %]</strong>
+            </a>
+            ([% pluralize("%d commit(s)", $user.contributions) %])
+          </li>
+      %%  }
+      </ul>
+  </div>
 %%  }