IBM Project Bob

Wow. I watched the videos at Bob Dev day and since I sometime code on a remote server rather than locally, I was very excited to try Bob Shell and paid for a months worth of Bob Coins.

Bob Shell has been installed on my server successfully per the instructions.

To start the splash screen that requests authentication type:

```bash
bob
```
returns

```bash

───────────────────── Welcome to ─────────────────────
▀▀▀▀▀▀▀▀▀▀▀▀▀▀       ▀▀▀▀▀▀▀▀▀▀▀▀     ▀▀▀▀▀▀▀▀▀▀▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
▀▀▀▀       ▀▀▀▀▀  ▀▀▀▀          ▀▀▀▀  ▀▀▀▀        ▀▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▘    ▀▀▀▀          ▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀▘
▀▀▀▀▀▀▀▀▀▀▀▀▘    ▀▀▀▀          ▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀▘
▀▀▀▀       ▀▀▀▀▀   ▀▀▀▀        ▀▀▀▀   ▀▀▀▀        ▀▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀      ▀▀▀▀▀▀▀▀▀▀▀▀     ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

░░░░░░░░░█▀▀▀░░░░█░░█░░░░█▀▀▀░░░░█░░░░░░░█░░░░░░░░░░░░
░░░░░░░░░▀▀▀█░░░░█▀▀█░░░░█▀▀▀░░░░█░░░░░░░█░░░░░░░░░░░░
░░░░░░░░░▀▀▀▀░░░░▀░░▀░░░░▀▀▀▀░░░░▀▀▀▀░░░░▀▀▀▀░░░░░░░░░

─────────────────── Version 1.0.3 ───────────────────

Here are some helpful commands to get started:

/chat               Manage conversation history
/theme              Change the theme
Cmd+m               Toggle Markdown rendering.
tab                 Accept a suggestion while reverse searching.
Ctrl+e              Move the cursor to the end of the line.

Sandbox mode Disabled

~/workspace/bob_introduction

Users should independently verify accuracy of AI-generated content.

Get started

How would you like to authenticate for this project?
```

Which then tries some internal authentication and fails, but provides a
hint that I should use a web browser to authenticate.  

```bash
==============================================
Bob Authentication Required
==============================================

Could not open browser automatically. Please open this URL manually:

https://console-ibm-prod.verify.ibm.com/oauth2/authorize?client_id=not-my-real-id-795845ef35e9&code_challenge=nlNRh1q2N6ecfkzSi60daEO
UNZzmfCfEEa0kbM6JLOM&code_challenge_method=S256&prompt=login&redirect_uri=https%3A%2F%2Fapi.us-east.bob.ibm.com%2Fauthn%2Fv1%2Fauth%2Fcallback
&response_type=code&scope=openid+email+profile&state=abfa10ef88ba74551ed17947587bb034da63ba30b443c41c390a5477d56f5c8d

Waiting for authentication...

```

Pasting the URL into a web browser on my local laptop obviously fails, but I followed
the instructions anyway.

Then I tried using curl by copy and pasting the link into a second terminal logged
into the server.

```bash
curl https://console-ibm-prod.verify.ibm.com/oauth2/authorize?client_id=not-my-real-id-795845ef35e9&code_challenge=nlNRh1q2N6ecfkzSi60daEO
UNZzmfCfEEa0kbM6JLOM&code_challenge_method=S256&prompt=login&redirect_uri=https%3A%2F%2Fapi.us-east.bob.ibm.com%2Fauthn%2Fv1%2Fauth%2Fcallback&response_type=code&scope=openid+email+profile&state=abfa10ef88ba74551ed17947587bb034da63ba30b443c41c390a5477d56f5c8d

```

with and without the `--http1.1`

which also fails to authenticate with the messages something like

```bash
[1] 722596
[2] 722606
[3] 722607
-bash: UNZzmfCfEEa0kbM6JLOM: command not found
[4] 722608
[5] 722609
[6] 722610
[7] 722611
[2]   Exit 127                   UNZzmfCfEEa0kbM6JLOM
[3]   Done                       code_challenge_method=S256
[4]   Done                       prompt=login
[5]   Done                       redirect_uri=https%3A%2F%2Fapi.us-east.bob.ibm.com%2Fauthn%2Fv1%2Fauth%2Fcallback
[6]-  Done                       response_type=code
[7]+  Done                       scope=openid+email+profile
╔[bob_introduction]
╚λ curl: (92) HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err 2)

```

Eventually:

```bash
 🛑 Failed to login. Message: Authentication timeout (3 minutes)
```

The server does have firewall rules.
I turned on accept-outbound-HTTPS in the firewall control panel.
The success of the outbound rules can be proved by

```bash
curl https://claude.ai
# OR
curl https://www.google.com
```
Bob docs reference specific [allowlist](https://bob.ibm.com/docs/ide/troubleshooting/ts-firewall-rules)

https://*.us-east.bob.ibm.com
https://api.us-east.bob.ibm.com
https://bob.ibm.com/
iam.cloud.ibm.com
console-ibm-prod.verify.ibm.com
idaas.ice.ibmcloud.com
www.ibm.com
login.ibm.com
myibm.ibm.com

When the rules are tried the results are as follows

```bash
curl https://api.us-east.bob.ibm.com
{"error":"bad_request","message":"Invalid request URI"}

curl https://bob.ibm.com/
# Successfully receives webcontents

curl https://iam.cloud.ibm.com
Not Found

curl https://console-ibm-prod.verify.ibm.com
curl: (92) HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err 2)

curl https://idaas.ice.ibmcloud.com
# Successfully receives webcontents

curl https://www.ibm.com
# no response, not even an error message

curl https://login.ibm.com
# Successfully receives webcontents

curl https://myibm.ibm.com
Found. Redirecting to https://myibm.ibm.com/dashboard

curl https://myibm.ibm.com/dashboard
Found. Redirecting to https://myibm.ibm.com/login

curl https://myibm.ibm.com/login
# no response, not even an error message

```

I am not sure what else to do, any ideas?