You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ponymail.apache.org by hu...@apache.org on 2016/12/24 12:09:16 UTC
[1/2] incubator-ponymail git commit: fix Google+ API to match current
procedures
Repository: incubator-ponymail
Updated Branches:
refs/heads/master 1fc602425 -> b873bb206
fix Google+ API to match current procedures
This brings the Google+ login API up to speed with the current
recommended practice
Project: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/commit/3e1f517c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/tree/3e1f517c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/diff/3e1f517c
Branch: refs/heads/master
Commit: 3e1f517c574b7694d6cb43566d67843b25e5f729
Parents: 1fc6024
Author: Daniel Gruno <hu...@apache.org>
Authored: Sat Dec 24 13:07:03 2016 +0100
Committer: Daniel Gruno <hu...@apache.org>
Committed: Sat Dec 24 13:07:03 2016 +0100
----------------------------------------------------------------------
CHANGELOG.md | 1 +
site/api/oauth.lua | 20 +++++++++++++++++---
site/js/oauth.js | 8 ++++++--
3 files changed, 24 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ponymail/blob/3e1f517c/CHANGELOG.md
----------------------------------------------------------------------
diff --git a/CHANGELOG.md b/CHANGELOG.md
index b938955..2bfbc27 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -92,6 +92,7 @@
- pcall() idiom to protect against elastic.lua exceptions is flawed (#162)
- unhelpful error reporting for invalid Permalinks/Source links (#123)
- import-mbox.py fails to unescape >From lines (#212)
+- Updated Google+ API for logins
## CHANGES in 0.9b:
http://git-wip-us.apache.org/repos/asf/incubator-ponymail/blob/3e1f517c/site/api/oauth.lua
----------------------------------------------------------------------
diff --git a/site/api/oauth.lua b/site/api/oauth.lua
index 4167e89..e198d89 100644
--- a/site/api/oauth.lua
+++ b/site/api/oauth.lua
@@ -52,11 +52,25 @@ function handle(r)
valid, json = pcall(function() return JSON.decode(result) end)
-- Google Auth callback
- elseif get.oauth_token and get.oauth_token:match("^https://www.google") and get.id_token then
+ elseif get.oauth_token and get.oauth_token:match("^https://www.google") and get.code then
oauth_domain = "www.googleapis.com"
- local result = https.request("https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=" .. r:escape(get.id_token))
+ local result = https.request("https://www.googleapis.com/oauth2/v4/token",
+ ("client_secret=%s&code=%s&client_id=%s&grant_type=authorization_code&redirect_uri=%s" ):format(
+ r:escape(config.oauth_fields.google.client_secret),
+ r:escape(get.code),
+ r:escape(config.oauth_fields.google.client_id),
+ r:escape(config.oauth_fields.google.redirect_uri)
+ ))
valid, json = pcall(function() return JSON.decode(result) end)
-
+ if valid and json and json.access_token then
+ r:err(result)
+ local ac = json.access_token
+ local result = https.request("https://www.googleapis.com/oauth2/v2/userinfo?access_token=" .. r:escape(ac))
+ valid, json = pcall(function() return JSON.decode(result) end)
+ else
+ json = nil
+ valid = false
+ end
-- GitHub Auth callback
elseif get.oauth_token and get.key == 'github' then
local result = https.request(get.oauth_token, r.args)
http://git-wip-us.apache.org/repos/asf/incubator-ponymail/blob/3e1f517c/site/js/oauth.js
----------------------------------------------------------------------
diff --git a/site/js/oauth.js b/site/js/oauth.js
index 89eb30c..b892ab2 100644
--- a/site/js/oauth.js
+++ b/site/js/oauth.js
@@ -134,12 +134,16 @@ function oauthWelcome(args) {
if (key) {
key = key[1]
}
- if (args.match(/id_token=/)) {
+ if (args.match(/code=/) && !key) {
key = 'google'
}
if (key && key.length > 0 && pm_config.oauth[key]) {
document.getElementById('oauthtypes').innerHTML = "Logging you in, hang on..!"
- GetAsync("/api/oauth.lua?" + args + "&oauth_token=" + pm_config.oauth[key].oauth_url, {}, parseOauthResponse)
+ var extra = "&key=" + key
+ if (pm_config.oauth[key].oauth_url) {
+ extra += "&oauth_token=" + pm_config.oauth[key].oauth_url
+ }
+ GetAsync("/api/oauth.lua?" + args + extra, {}, parseOauthResponse)
} else {
alert("Key missing or invalid! " + key)
}
Re: [1/2] incubator-ponymail git commit: fix Google+ API to match
current procedures
Posted by sebb <se...@gmail.com>.
On 24 December 2016 at 12:09, <hu...@apache.org> wrote:
> Repository: incubator-ponymail
> Updated Branches:
> refs/heads/master 1fc602425 -> b873bb206
>
>
> fix Google+ API to match current procedures
>
> This brings the Google+ login API up to speed with the current
> recommended practice
>
>
> Project: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/repo
> Commit: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/commit/3e1f517c
> Tree: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/tree/3e1f517c
> Diff: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/diff/3e1f517c
>
> Branch: refs/heads/master
> Commit: 3e1f517c574b7694d6cb43566d67843b25e5f729
> Parents: 1fc6024
> Author: Daniel Gruno <hu...@apache.org>
> Authored: Sat Dec 24 13:07:03 2016 +0100
> Committer: Daniel Gruno <hu...@apache.org>
> Committed: Sat Dec 24 13:07:03 2016 +0100
>
> ----------------------------------------------------------------------
> CHANGELOG.md | 1 +
> site/api/oauth.lua | 20 +++++++++++++++++---
> site/js/oauth.js | 8 ++++++--
> 3 files changed, 24 insertions(+), 5 deletions(-)
> ----------------------------------------------------------------------
>
>
> http://git-wip-us.apache.org/repos/asf/incubator-ponymail/blob/3e1f517c/CHANGELOG.md
> ----------------------------------------------------------------------
> diff --git a/CHANGELOG.md b/CHANGELOG.md
> index b938955..2bfbc27 100644
> --- a/CHANGELOG.md
> +++ b/CHANGELOG.md
> @@ -92,6 +92,7 @@
> - pcall() idiom to protect against elastic.lua exceptions is flawed (#162)
> - unhelpful error reporting for invalid Permalinks/Source links (#123)
> - import-mbox.py fails to unescape >From lines (#212)
> +- Updated Google+ API for logins
>
> ## CHANGES in 0.9b:
>
>
> http://git-wip-us.apache.org/repos/asf/incubator-ponymail/blob/3e1f517c/site/api/oauth.lua
> ----------------------------------------------------------------------
> diff --git a/site/api/oauth.lua b/site/api/oauth.lua
> index 4167e89..e198d89 100644
> --- a/site/api/oauth.lua
> +++ b/site/api/oauth.lua
> @@ -52,11 +52,25 @@ function handle(r)
> valid, json = pcall(function() return JSON.decode(result) end)
>
> -- Google Auth callback
> - elseif get.oauth_token and get.oauth_token:match("^https://www.google") and get.id_token then
> + elseif get.oauth_token and get.oauth_token:match("^https://www.google") and get.code then
> oauth_domain = "www.googleapis.com"
> - local result = https.request("https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=" .. r:escape(get.id_token))
> + local result = https.request("https://www.googleapis.com/oauth2/v4/token",
This uses oauth2/v4
> + ("client_secret=%s&code=%s&client_id=%s&grant_type=authorization_code&redirect_uri=%s" ):format(
> + r:escape(config.oauth_fields.google.client_secret),
> + r:escape(get.code),
> + r:escape(config.oauth_fields.google.client_id),
> + r:escape(config.oauth_fields.google.redirect_uri)
> + ))
> valid, json = pcall(function() return JSON.decode(result) end)
> -
> + if valid and json and json.access_token then
> + r:err(result)
> + local ac = json.access_token
> + local result = https.request("https://www.googleapis.com/oauth2/v2/userinfo?access_token=" .. r:escape(ac))
This uses oauth2/v2
Is they intentionally different?
> + valid, json = pcall(function() return JSON.decode(result) end)
> + else
> + json = nil
> + valid = false
> + end
> -- GitHub Auth callback
> elseif get.oauth_token and get.key == 'github' then
> local result = https.request(get.oauth_token, r.args)
>
> http://git-wip-us.apache.org/repos/asf/incubator-ponymail/blob/3e1f517c/site/js/oauth.js
> ----------------------------------------------------------------------
> diff --git a/site/js/oauth.js b/site/js/oauth.js
> index 89eb30c..b892ab2 100644
> --- a/site/js/oauth.js
> +++ b/site/js/oauth.js
> @@ -134,12 +134,16 @@ function oauthWelcome(args) {
> if (key) {
> key = key[1]
> }
> - if (args.match(/id_token=/)) {
> + if (args.match(/code=/) && !key) {
> key = 'google'
> }
> if (key && key.length > 0 && pm_config.oauth[key]) {
> document.getElementById('oauthtypes').innerHTML = "Logging you in, hang on..!"
> - GetAsync("/api/oauth.lua?" + args + "&oauth_token=" + pm_config.oauth[key].oauth_url, {}, parseOauthResponse)
> + var extra = "&key=" + key
> + if (pm_config.oauth[key].oauth_url) {
> + extra += "&oauth_token=" + pm_config.oauth[key].oauth_url
> + }
> + GetAsync("/api/oauth.lua?" + args + extra, {}, parseOauthResponse)
> } else {
> alert("Key missing or invalid! " + key)
> }
>
[2/2] incubator-ponymail git commit: redirect to front page of oauth
got the wrong idea
Posted by hu...@apache.org.
redirect to front page of oauth got the wrong idea
Sometimes oauth.html will think it's supposed to redirect to itself,
so check for that and redir to front page instead if so.
Project: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/commit/b873bb20
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/tree/b873bb20
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ponymail/diff/b873bb20
Branch: refs/heads/master
Commit: b873bb20610589d405f27047482ba93ee92339c2
Parents: 3e1f517
Author: Daniel Gruno <hu...@apache.org>
Authored: Sat Dec 24 13:08:50 2016 +0100
Committer: Daniel Gruno <hu...@apache.org>
Committed: Sat Dec 24 13:08:50 2016 +0100
----------------------------------------------------------------------
CHANGELOG.md | 1 +
site/js/oauth.js | 4 ++++
2 files changed, 5 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ponymail/blob/b873bb20/CHANGELOG.md
----------------------------------------------------------------------
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2bfbc27..43f8e4c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -93,6 +93,7 @@
- unhelpful error reporting for invalid Permalinks/Source links (#123)
- import-mbox.py fails to unescape >From lines (#212)
- Updated Google+ API for logins
+- Fixed a redirect bug with oauth
## CHANGES in 0.9b:
http://git-wip-us.apache.org/repos/asf/incubator-ponymail/blob/b873bb20/site/js/oauth.js
----------------------------------------------------------------------
diff --git a/site/js/oauth.js b/site/js/oauth.js
index b892ab2..57f5242 100644
--- a/site/js/oauth.js
+++ b/site/js/oauth.js
@@ -76,6 +76,10 @@ function parseOauthResponse(json) {
window.sessionStorage.removeItem("ponymail_redirect_oauth")
}
if (json.okay) {
+ // if wloc tries to redirect to oauth.html, rewrite that to the front page instead
+ if (wloc.match(/oauth.html/)) {
+ wloc = "./"
+ }
location.href = wloc
} else {
popup("Oauth failed", "Authentication failed: " + json.msg, null, 10, wloc)