revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-22 04:31:13 +01:00
Code Issues Releases Wiki Activity

Remove OAuth token/expiry interfaces

Browse source 
Summary:
Ref T1536. Currently, we store OAuth tokens along with their expiry times and status. However, all we use this for is refreshing profile pictures and showing a silly (and probably somewhat confusing) interface about token status.

I want to move this storage over to `PhabricatorExternalAccount` to make the cutover easier. Drop it for now, including all the profile image stuff (I plan to rebuild that in a more sensible way anyway).

Test Plan: Viewed screen; linked/unlinked accounts.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6170
This commit is contained in:
epriestley 2013-06-14 06:59:23 -07:00
parent 8886416e30
commit 3005811b9e
3 changed files with 4 additions and 202 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
src/applications/auth/controller/PhabricatorOAuthLoginController.php
View file

@ -7,7 +7,6 @@ final class PhabricatorOAuthLoginController
private $userID;
private $accessToken;
private $tokenExpires;
private $oauthState;
public function shouldRequireLogin() {
@ -121,7 +120,6 @@ final class PhabricatorOAuthLoginController
'Link your %s account to your Phabricator account?',
$provider_name)));
$dialog->addHiddenInput('confirm_token', $provider->getAccessToken());
$dialog->addHiddenInput('expires', $oauth_info->getTokenExpires());
$dialog->addHiddenInput('state', $this->oauthState);
$dialog->addHiddenInput('scope', $oauth_info->getTokenScope());
$dialog->addSubmitButton('Link Accounts');
@ -262,7 +260,6 @@ final class PhabricatorOAuthLoginController
$token = $request->getStr('confirm_token');
if ($token) {
$this->tokenExpires = $request->getInt('expires');
$this->accessToken = $token;
$this->oauthState = $request->getStr('state');
return null;
@ -295,7 +292,6 @@ final class PhabricatorOAuthLoginController
return $this->buildErrorResponse(new PhabricatorOAuthFailureView());
}
$this->tokenExpires = $provider->getTokenExpiryFromArray($data);
$this->accessToken = $token;
$this->oauthState = $request->getStr('state');
@ -325,20 +321,9 @@ final class PhabricatorOAuthLoginController
$oauth_info->setAccountURI($provider->retrieveUserAccountURI());
$oauth_info->setAccountName($provider->retrieveUserAccountName());
$oauth_info->setToken($provider->getAccessToken());
$oauth_info->setTokenStatus(PhabricatorUserOAuthInfo::TOKEN_STATUS_GOOD);
$oauth_info->setTokenStatus('unused');
$oauth_info->setTokenScope($scope);
// If we have out-of-date expiration info, just clear it out. Then replace
// it with good info if the provider gave it to us.
$expires = $oauth_info->getTokenExpires();
if ($expires <= time()) {
$expires = null;
}
if ($this->tokenExpires) {
$expires = $this->tokenExpires;
}
$oauth_info->setTokenExpires($expires);
return $oauth_info;
}

43
src/applications/people/storage/PhabricatorUserOAuthInfo.php
View file

@ -2,11 +2,6 @@
final class PhabricatorUserOAuthInfo extends PhabricatorUserDAO {
const TOKEN_STATUS_NONE = 'none';
const TOKEN_STATUS_GOOD = 'good';
const TOKEN_STATUS_FAIL = 'fail';
const TOKEN_STATUS_EXPIRED = 'xpyr';
protected $userID;
protected $oauthProvider;
protected $oauthUID;
@ -15,40 +10,8 @@ final class PhabricatorUserOAuthInfo extends PhabricatorUserDAO {
protected $accountName;
protected $token;
protected $tokenExpires;
protected $tokenScope;
protected $tokenStatus;
public function getTokenStatus() {
if (!$this->token) {
return self::TOKEN_STATUS_NONE;
}
if ($this->tokenExpires && $this->tokenExpires <= time()) {
return self::TOKEN_STATUS_EXPIRED;
}
return $this->tokenStatus;
}
public static function getReadableTokenStatus($status) {
static $map = array(
self::TOKEN_STATUS_NONE => 'No Token',
self::TOKEN_STATUS_GOOD => 'Token Good',
self::TOKEN_STATUS_FAIL => 'Token Failed',
self::TOKEN_STATUS_EXPIRED => 'Token Expired',
);
return idx($map, $status, 'Unknown');
}
public static function getRappableTokenStatus($status) {
static $map = array(
self::TOKEN_STATUS_NONE => 'There is no token',
self::TOKEN_STATUS_GOOD => 'Your token is good',
self::TOKEN_STATUS_FAIL => 'Your token has failed',
self::TOKEN_STATUS_EXPIRED => 'Your token is old',
);
return idx($map, $status, 'This code\'s got bugs');
}
protected $tokenExpires = 0;
protected $tokenScope = '';
protected $tokenStatus = 'unused';
}

146
src/applications/settings/panel/PhabricatorSettingsPanelOAuth.php
View file

@ -73,10 +73,6 @@ final class PhabricatorSettingsPanelOAuth
$user->getID(),
$provider->getProviderKey());
if ($request->isFormPost() && $oauth_info) {
$notice = $this->refreshProfileImage($request, $oauth_info);
}
$form = new AphrontFormView();
$form->setUser($user);
@ -98,8 +94,6 @@ final class PhabricatorSettingsPanelOAuth
id(new AphrontFormSubmitControl())
->setValue(pht("Link %s Account \xC2\xBB", $provider_name)));
} else {
$expires = $oauth_info->getTokenExpires();
$form
->appendChild(hsprintf(
'<p class="aphront-form-instructions">%s</p>',
@ -121,12 +115,6 @@ final class PhabricatorSettingsPanelOAuth
->setLabel(pht('%s URI', $provider_name))
->setValue($oauth_info->getAccountURI()));
if (!$expires || $expires > time()) {
$form->appendChild(
id(new AphrontFormSubmitControl())
->setValue(pht('Refresh Profile Image from %s', $provider_name)));
}
if (!$provider->isProviderLinkPermanent()) {
$unlink = pht('Unlink %s Account', $provider_name);
$unlink_form = new AphrontFormView();
@ -143,69 +131,6 @@ final class PhabricatorSettingsPanelOAuth
->addCancelButton('/oauth/'.$provider_key.'/unlink/', $unlink));
$forms['Unlink Account'] = $unlink_form;
}
if ($expires) {
if ($expires <= time()) {
$expires_text = pht("Expired");
} else {
$expires_text = phabricator_datetime($expires, $user);
}
} else {
$expires_text = pht('No Information Available');
}
$scope = $oauth_info->getTokenScope();
if (!$scope) {
$scope = pht('No Information Available');
}
$status = $oauth_info->getTokenStatus();
$readable_status = PhabricatorUserOAuthInfo::getReadableTokenStatus(
$status);
$rappable_status = PhabricatorUserOAuthInfo::getRappableTokenStatus(
$status);
$beat = self::getBeat();
// The plenty %2$s are supposed to point at the line break
$rap = pht(
'%1$s Yo yo yo %2$s'.
'My name\'s DJ Token and I\'m here to say %2$s'.
// pronounce as "dollar rappable status" for meter to work
'%3$s, hey hey hey hey %2$s'.
'I rap \'bout tokens, that might be why %2$s'.
'I\'m such a cool and popular guy',
$beat,
hsprintf('<br />'),
$rappable_status);
$token_form = new AphrontFormView();
$token_form
->setUser($user)
->appendChild(hsprintf(
'<p class="aphront-form-instructions">%s</p>',
$rap))
->appendChild(
id(new AphrontFormStaticControl())
->setLabel(pht('Token Status'))
->setValue($readable_status))
->appendChild(
id(new AphrontFormStaticControl())
->setLabel(pht('Expires'))
->setValue($expires_text))
->appendChild(
id(new AphrontFormStaticControl())
->setLabel(pht('Scope'))
->setValue($scope));
if ($expires <= time()) {
$this->prepareAuthForm($token_form);
$token_form
->appendChild(
id(new AphrontFormSubmitControl())
->setValue(pht('Refresh %s Token', $provider_name)));
}
$forms['Account Token Information'] = $token_form;
}
$header = new PhabricatorHeaderView();
@ -229,75 +154,4 @@ final class PhabricatorSettingsPanelOAuth
$formbox,
));
}
private function refreshProfileImage(
AphrontRequest $request,
PhabricatorUserOAuthInfo $oauth_info) {
$user = $request->getUser();
$provider = $this->provider;
$error = false;
$userinfo_uri = new PhutilURI($provider->getUserInfoURI());
$token = $oauth_info->getToken();
try {
$userinfo_uri->setQueryParam('access_token', $token);
$user_data = HTTPSFuture::loadContent($userinfo_uri);
$provider->setUserData($user_data);
$provider->setAccessToken($token);
$image = $provider->retrieveUserProfileImage();
if ($image) {
$file = PhabricatorFile::newFromFileData(
$image,
array(
'name' => $provider->getProviderKey().'-profile.jpg',
'authorPHID' => $user->getPHID(),
));
$xformer = new PhabricatorImageTransformer();
// Resize OAuth image to a reasonable size
$small_xformed = $xformer->executeProfileTransform(
$file,
$width = 50,
$min_height = 50,
$max_height = 50);
$user->setProfileImagePHID($small_xformed->getPHID());
$user->save();
} else {
$error = pht('Unable to retrieve image.');
}
} catch (Exception $e) {
if ($e instanceof PhabricatorOAuthProviderException) {
// Check plz
$error = pht('Unable to retrieve image from %s',
$provider->getProviderName());
} else {
$error = pht('Unable to save image.');
}
}
$notice = new AphrontErrorView();
if ($error) {
$notice
->setTitle(pht('Error Refreshing Profile Picture'))
->setErrors(array($error));
} else {
$notice
->setSeverity(AphrontErrorView::SEVERITY_NOTICE)
->setTitle(pht('Successfully Refreshed Profile Picture'));
}
return $notice;
}
private static function getBeat() {
// Gangsta's Paradise (karaoke version).
// Chosen because it's the only thing I listen to.
$song_id = pht("Gangsta's Paradise");
// Make a musical note which you can click for the beat.
$beat = hsprintf(
'<a href="javascript:void(0);" onclick="%s">&#9835;</a>',
jsprintf('alert(%s); return 0;', pht("Think about %s.", $song_id)));
return $beat;
}
}