Remove Persona support

[?]
Oct 20, 2016, 12:14 PM
BPT4WJ7UWVRNXFO2GD2I2P5Z5PHKZDRVIOAAUW23JI5H4GCHLGSAC

Dependencies

  • [2] XHOZT4WT Add a command `hydra-create-user' for managing user accounts
  • [3] JATZRMWW Lazy load Google and Persona login stuff
  • [4] BKMQXGBO Allow public dashboards
  • [5] HK32XC42
  • [6] JFW656FT Add a flag to enable Persona support
  • [7] 3QWDDLBR Add support for logging in via a Google account
  • [8] D44B24QC Store the account type ("hydra" or "persona") explicitly in the database
  • [9] IDP66ILE Use Google's verifier
  • [10] KN3VYE5P * Cleaned up the foreign key constraints.
  • [11] ZDENAYQI * email notification of evaluation errors to project owner (if desired)
  • [12] JARRBLZD Bootstrapify the Hydra forms (except the project and jobset edit pages)
  • [13] 3YHNO5H2 Don't use Perl's -w flag
  • [14] 7VHPMFAG Use /usr/bin/env to find perl
  • [15] XJRJ4J7M Add user registration
  • [16] PFB5ZUQW Fix legacy login
  • [17] 2CZSW5S5 Don't redirect to /login if authentication is required
  • [18] 36ZTCZ4F Add basic Persona support
  • [19] HL6ZYWHF Allow configuring a set of domains to allow logins from Persona.
  • [20] 2DHE2ZAK Allow Hydra to run as a private instance by requiring a login.
  • [21] J5UVLXOK * Start of a basic Catalyst web interface.
  • [22] UAPS46BQ
  • [23] QVIQAYZT Be paranoid about the Persona email address
  • [*] QL55ECJ6 - adapted ui for hydra, more in line with nixos.org website
  • [*] N22GPKYT * Put info about logs / build products in the DB.

Change contents

  • replacement in src/lib/Hydra/Controller/Root.pm at line 21
    [5.1][5.38:87](),[5.87][5.24:72]()
    return $c->request->path eq "persona-login" ||
    $c->request->path eq "google-login" ||
    [5.1]
    [5.87]
    return $c->request->path eq "google-login" ||
  • replacement in src/lib/Hydra/Controller/User.pm at line 57
    [5.1][5.337:405]()
    # If persona_allowed_domains is set, check if the email address
    [5.1]
    [5.405]
    # If allowed_domains is set, check if the email address
  • replacement in src/lib/Hydra/Controller/User.pm at line 60
    [5.488][5.145:216](),[5.145][5.145:216]()
    my $allowed_domains = $c->config->{persona_allowed_domains} || "";
    [5.488]
    [5.489]
    my $allowed_domains = $c->config->{allowed_domains} // ($c->config->{persona_allowed_domains} // "");
  • replacement in src/lib/Hydra/Controller/User.pm at line 76
    [5.669][5.669:738]()
    # Automatically upgrade Persona accounts to Google accounts.
    [5.669]
    [5.738]
    # Automatically upgrade legacy Persona accounts to Google accounts.
  • edit in src/lib/Hydra/Controller/User.pm at line 100
    [5.1022][5.1022:1214](),[5.1214][5.1115:1116](),[5.1115][5.1115:1116](),[5.1116][5.1215:1276](),[5.1276][5.1116:1117](),[5.1116][5.1116:1117](),[5.1117][5.1277:1760]()
    sub persona_login :Path('/persona-login') Args(0) {
    my ($self, $c) = @_;
    requirePost($c);
    error($c, "Logging in via Persona is not enabled.") unless $c->config->{enable_persona};
    my $assertion = $c->stash->{params}->{assertion} or die;
    my $ua = new LWP::UserAgent;
    my $response = $ua->post(
    'https://verifier.login.persona.org/verify',
    { assertion => $assertion,
    audience => $c->uri_for('/')
    });
    error($c, "Did not get a response from Persona.") unless $response->is_success;
    my $d = decode_json($response->decoded_content) or die;
    error($c, "Persona says: $d->{reason}") if $d->{status} ne "okay";
    doEmailLogin($self, $c, "persona", $d->{email}, undef);
    }
  • edit in src/root/auth.tt at line 5
    [3.123][3.123:237]()
    [% END %]
    [% IF c.user.type == 'persona' %]
    <script src="https://login.persona.org/include.js"></script>
  • edit in src/root/auth.tt at line 75
    [3.414][3.414:530]()
    [% END %]
    [% IF c.config.enable_persona %]
    $.getScript("https://login.persona.org/include.js");
  • edit in src/root/auth.tt at line 96
    [3.655][3.655:665](),[3.665][5.5866:5893](),[5.5866][5.5866:5893](),[5.5893][3.666:760](),[3.760][5.6000:6001](),[5.6000][5.6000:6001](),[5.6001][3.761:1147](),[3.1147][5.6338:6350](),[5.6338][5.6338:6350](),[5.6350][3.1148:1202]()
    });
    </script>
    [% END %]
    [% IF c.config.enable_persona %]
    <script>
    $("#persona-signin").click(function() {
    navigator.id.watch({
    onlogin: function(assertion) {
    requestJSON({
    url: "[% c.uri_for('/persona-login') %]",
    data: "assertion=" + assertion,
    type: 'POST',
    success: function(data) { window.location.reload(); },
    postError: function() { navigator.id.logout(); }
    });
    }
    });
    navigator.id.request({ siteName: 'Hydra' });
  • replacement in src/root/layout.tt at line 107
    [5.6833][5.6833:6962]()
    [%- IF c.user.type == 'persona' %] via Persona
    [%- ELSIF c.user.type == 'google' %] via Google[% END %].
    [5.6833]
    [5.9375]
    [%- IF c.user.type == 'google' %] via Google[% END %].
  • edit in src/root/topbar.tt at line 137
    [3.1560][5.7257:7346](),[5.7257][5.7257:7346](),[5.7346][3.1561:1635]()
    <li class="divider"></li>
    [% END %]
    [% IF c.config.enable_persona %]
    <li><a href="#" id="persona-signin">Sign in with Persona</a></li>
  • replacement in src/script/hydra-create-user at line 14
    [2.687][2.687:712]()
    [--type hydra|persona]
    [2.687]
    [2.712]
    [--type hydra|google]
  • replacement in src/script/hydra-create-user at line 50
    [2.1704][2.1704:1814]()
    die "$0: type must be `hydra' or `persona'\n"
    if defined $type && $type ne "hydra" && $type ne "persona";
    [2.1704]
    [2.1814]
    die "$0: type must be `hydra' or `google'\n"
    if defined $type && $type ne "hydra" && $type ne "google";
  • replacement in src/script/hydra-create-user at line 68
    [2.2399][2.2399:2516]()
    die "$0: Persona user names must be email addresses\n"
    if $user->type eq "persona" && $userName !~ /\@/;
    [2.2399]
    [2.2516]
    die "$0: Google user names must be email addresses\n"
    if $user->type eq "google" && $userName !~ /\@/;
  • replacement in src/script/hydra-create-user at line 75
    [2.2667][2.2667:2785]()
    if ($user->type eq "persona") {
    die "$0: Persona accounts do not have an explicitly set email address.\n"
    [2.2667]
    [2.2785]
    if ($user->type eq "google") {
    die "$0: Google accounts do not have an explicitly set email address.\n"
  • replacement in src/script/hydra-create-user at line 78
    [2.2823][2.2823:2884]()
    die "$0: Persona accounts do not have a password.\n"
    [2.2823]
    [2.2884]
    die "$0: Google accounts do not have a password.\n"
  • replacement in src/sql/hydra.sql at line 13
    [5.945][4.1551:1631]()
    type text not null default 'hydra', -- either "hydra" or "persona"
    [5.945]
    [4.1631]
    type text not null default 'hydra', -- either "hydra" or "google"