mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-19 20:10:55 +01:00
Try to diagnose App Login only for OAuth providers which support it
Summary: We currently try to do "app login" for all OAuth providers, but not all of them support it in a meaningful way. Particularly, it always fails for Google. Test Plan: Ran google diagnostics on a working config, no longer got a diagnostic failure. Reviewers: btrahan, vrana, csilvers Reviewed By: csilvers CC: aran Differential Revision: https://secure.phabricator.com/D2377
This commit is contained in:
parent
049048765d
commit
a122336b3e
4 changed files with 51 additions and 33 deletions
|
@ -131,44 +131,46 @@ final class PhabricatorOAuthDiagnosticsController
|
|||
}
|
||||
}
|
||||
|
||||
$test_uri = new PhutilURI($provider->getTokenURI());
|
||||
$test_uri->setQueryParams(
|
||||
array(
|
||||
'client_id' => $client_id,
|
||||
'client_secret' => $client_secret,
|
||||
'grant_type' => 'client_credentials',
|
||||
));
|
||||
if ($provider->shouldDiagnoseAppLogin()) {
|
||||
$test_uri = new PhutilURI($provider->getTokenURI());
|
||||
$test_uri->setQueryParams(
|
||||
array(
|
||||
'client_id' => $client_id,
|
||||
'client_secret' => $client_secret,
|
||||
'grant_type' => 'client_credentials',
|
||||
));
|
||||
|
||||
$token_value = @file_get_contents($test_uri, false, $timeout);
|
||||
$token_strict = @file_get_contents($test_uri, false, $timeout_strict);
|
||||
if ($token_value === false) {
|
||||
$results['App Login'] = array(
|
||||
$res_no,
|
||||
null,
|
||||
"Unable to perform an application login with your Application ID and ".
|
||||
"Application Secret. You may have mistyped or misconfigured them; ".
|
||||
"{$name} may have revoked your authorization; or {$name} may be ".
|
||||
"having technical problems.");
|
||||
} else {
|
||||
if ($token_strict) {
|
||||
$token_value = @file_get_contents($test_uri, false, $timeout);
|
||||
$token_strict = @file_get_contents($test_uri, false, $timeout_strict);
|
||||
if ($token_value === false) {
|
||||
$results['App Login'] = array(
|
||||
$res_ok,
|
||||
'(A Valid Token)',
|
||||
"Raw application login to {$name} works.");
|
||||
$res_no,
|
||||
null,
|
||||
"Unable to perform an application login with your Application ID ".
|
||||
"and Application Secret. You may have mistyped or misconfigured ".
|
||||
"them; {$name} may have revoked your authorization; or {$name} may ".
|
||||
"be having technical problems.");
|
||||
} else {
|
||||
$data = json_decode($token_value, true);
|
||||
if (!is_array($data)) {
|
||||
if ($token_strict) {
|
||||
$results['App Login'] = array(
|
||||
$res_no,
|
||||
$token_value,
|
||||
"Application Login failed but the provider did not respond ".
|
||||
"with valid JSON error information. {$name} may be experiencing ".
|
||||
"technical problems.");
|
||||
$res_ok,
|
||||
'(A Valid Token)',
|
||||
"Raw application login to {$name} works.");
|
||||
} else {
|
||||
$results['App Login'] = array(
|
||||
$res_no,
|
||||
null,
|
||||
"Application Login failed with error: ".$token_value);
|
||||
$data = json_decode($token_value, true);
|
||||
if (!is_array($data)) {
|
||||
$results['App Login'] = array(
|
||||
$res_no,
|
||||
$token_value,
|
||||
"Application Login failed but the provider did not respond ".
|
||||
"with valid JSON error information. {$name} may be experiencing ".
|
||||
"technical problems.");
|
||||
} else {
|
||||
$results['App Login'] = array(
|
||||
$res_no,
|
||||
null,
|
||||
"Application Login failed with error: ".$token_value);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -45,6 +45,14 @@ abstract class PhabricatorOAuthProvider {
|
|||
return array();
|
||||
}
|
||||
|
||||
/**
|
||||
* If the provider supports application login, the diagnostics page can try
|
||||
* to test it. Most providers do not support this (Facebook does).
|
||||
*/
|
||||
public function shouldDiagnoseAppLogin() {
|
||||
return false;
|
||||
}
|
||||
|
||||
abstract public function getTokenURI();
|
||||
|
||||
/**
|
||||
|
|
|
@ -118,4 +118,8 @@ final class PhabricatorOAuthProviderFacebook extends PhabricatorOAuthProvider {
|
|||
return $this->userData['name'];
|
||||
}
|
||||
|
||||
public function shouldDiagnoseAppLogin() {
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -118,4 +118,8 @@ final class PhabricatorOAuthProviderGitHub extends PhabricatorOAuthProvider {
|
|||
return idx($this->userData, 'name');
|
||||
}
|
||||
|
||||
public function shouldDiagnoseAppLogin() {
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue