Details

Reviewers

dereckson

Maniphest Tasks

T336: Add login capabilities through external services

Summary

Allow to log in to external accounts.

Pretty ready, but still need:

actions logging to provide both to users and site administrators an audit
UI to link
Undo stuff should be committed as a separate commit (don't forget Controller).

Test Plan

unit tests for LinkExternalUserAccount
integration tests still to prepare
each login and link scenario manually tested and audited

Diff Detail

Repository

rGROVE Auth Grove

Lint

Lint Passed

Unit

Tests Passed

Branch

WIP

Build Status

Buildable 746
Build 873: arc lint + arc unit

Event Timeline

dereckson updated this revision to Diff 1078.Jul 2 2016, 08:51

dereckson retitled this revision from to [WIP] [DO NOT MERGE] External accounts.

dereckson updated this object.

dereckson edited the test plan for this revision. (Show Details)

dereckson added a reviewer: dereckson.

dereckson mentioned this in D447: UserExternalSource: cast user_id property as integer.Jul 2 2016, 08:59

dereckson mentioned this in rGROVE80d89862df06: UserExternalSource: cast user_id property as integer.Jul 2 2016, 08:59

Rebased against D446 and D447.

Two autonomous commits to extract:

routing: config/auth.php, app/Http/Controllers/Auth/AuthController.php
events listener from config: config/app.php, app/Listeners/ExternalUserListener.php

Proofing code comments and selection of autonomous parts (see previous comment)

Rebased against D449.

Rebased.

dereckson mentioned this in D453: Register events listeners through configuration.Jul 2 2016, 19:47

dereckson mentioned this in rGROVE036351b2607a: Register events listeners through configuration.Jul 2 2016, 19:49

Rebased against D453.

Rebased.

dereckson added a task: T336: Add login capabilities through external services.Jul 3 2016, 21:00

authurl() is now a global function, not a directive,
to avoid URLs to be subst'ed at template compile time.

dereckson mentioned this in D457: Transitional change to restore app/Listeners empty folder.Jul 3 2016, 23:56

dereckson mentioned this in rGROVE9c59de083c98: Transitional change to restore app/Listeners empty folder.Jul 3 2016, 23:59

dereckson mentioned this in D459: Service provider for helper global functions.Jul 4 2016, 00:05

dereckson mentioned this in rGROVEa8b157e11a91: Service provider for helper global functions.Jul 4 2016, 00:07

Rebased

dereckson mentioned this in D462: Add Font Awesome.Jul 6 2016, 00:20

dereckson mentioned this in rGROVE2dc11d85d900: Add Font Awesome.Jul 6 2016, 00:21

Undo capability
UI is working
Rebased against D462

Undo should probably released as a keruald/undo library.

Logging and audit should be implemented before to merge this,
so we can also implement logging when we ship this feature.

Previous test issue was introduced when we added the source_username field:
our mock didn't have a nickname property.

I noticed interface offers getNickname and getId method, but public properties
are added by the final implementation. We'll so use get methods.

Space between the trash icon and Delete

dereckson mentioned this in T905: UndoStack.Jul 8 2016, 13:16

dereckson added inline comments.Jul 8 2016, 13:24

app/Undo/UndoStore.php
112 ↗	(On Diff #1126)	MediaWiki uses fnv1a32 since June 22, instead of sha1. They wanted an hash with the following specifications: Already implemented in PHP Easy to implement in JavaScript Fast Collision-resistant FNV-1 is their winner. https://phabricator.wikimedia.org/rMWdfd046412fc94b7e5788c04a24d2db08480f75c6

Constructor for UndoStore

Improve code comment

+UndoStack

Tests in namespaces

Use Eloquent relationships.

Eloquent provides mathods to abstract the relationships between models.

UndoStack

Fix UndoStack issue, more tests.

UndoStack: InvalidArgumentException

LIFO test

More tests for UndoStack

ExternalSourcesController uses UndoStack

We still need to offer somewhere an easier access to that stack.

Local improvement for UndoStackTest class

Rebased against b2d077f8b971.

UndoStack and session

Simplify ExternalSourcesController::undo

UndoesOperation trait

dereckson updated this object.Jul 19 2016, 01:17

Get rid of storeUndoToSession

Rebased against D521 / e474ff1134ce

dereckson mentioned this in D522: Undo mechanism.Jul 19 2016, 23:00

dereckson mentioned this in rGROVE47f38d5bdc1c: Undo mechanism.Jul 20 2016, 01:18

Rebased

dereckson mentioned this in D535: Require Laravel 5.2.41 for Session::increment().Jul 22 2016, 22:43

dereckson mentioned this in rGROVEd69820ed127c: Require Laravel 5.2.41 for Session::increment().Jul 22 2016, 22:47

dereckson planned changes to this revision.Oct 12 2017, 22:11

dereckson added a subscriber: xcombelle.

dereckson added inline comments.

app/Http/Controllers/Account/ExternalSourcesController.php
108	Ensure this method can't be called directly by a simple URL visit, but is handled through a CSRF token process (thanks @xcombelle).

[WIP] [DO NOT MERGE] External accounts
Changes PlannedPublic
Actions

Details

Diff Detail

Event Timeline

Revision Contents
Changeset List

Diff 1277

.env.example

app/Events/ExternalUserAuthorizeEvent.php

app/Events/NewExternalUserAuthorizeEvent.php

app/Http/Controllers/Account/ExternalSourcesController.php

app/Http/Controllers/Auth/AuthController.php

app/Http/Controllers/LoginDashboardController.php

app/Http/routes.php

app/Jobs/LinkExternalUserAccount.php

app/Jobs/LogExternalUserAuthorize.php

app/Jobs/LogLogin.php

app/Listeners/.gitkeep

app/Listeners/ExternalUserListener.php

app/Listeners/PostLoginActionsListener.php

app/Models/User.php

app/Models/UserExternalSource.php

app/Services/AuthenticatesExternalUsers.php

config/app.php

config/auth.php

config/services.php

database/migrations/2016_06_28_034600_create_users_external_sources_table.php

resources/lang/en/auth.php

resources/lang/en/externalsources.php

resources/lang/en/login.php

resources/lang/en/panel.php

resources/views/account/external-sources/index.blade.php

resources/views/app.blade.php

resources/views/home.blade.php

tests/Controller/Auth/AuthControllerTest.php

tests/Jobs/LinkExternalUserAccountTest.php

[WIP] [DO NOT MERGE] External accountsChanges PlannedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 1277

.env.example

app/Events/ExternalUserAuthorizeEvent.php

app/Events/NewExternalUserAuthorizeEvent.php

app/Http/Controllers/Account/ExternalSourcesController.php

app/Http/Controllers/Auth/AuthController.php

app/Http/Controllers/LoginDashboardController.php

app/Http/routes.php

app/Jobs/LinkExternalUserAccount.php

app/Jobs/LogExternalUserAuthorize.php

app/Jobs/LogLogin.php

app/Listeners/.gitkeep

app/Listeners/ExternalUserListener.php

app/Listeners/PostLoginActionsListener.php

app/Models/User.php

app/Models/UserExternalSource.php

app/Services/AuthenticatesExternalUsers.php

config/app.php

config/auth.php

config/services.php

database/migrations/2016_06_28_034600_create_users_external_sources_table.php

resources/lang/en/auth.php

resources/lang/en/externalsources.php

resources/lang/en/login.php

resources/lang/en/panel.php

resources/views/account/external-sources/index.blade.php

resources/views/app.blade.php

resources/views/home.blade.php

tests/Controller/Auth/AuthControllerTest.php

tests/Jobs/LinkExternalUserAccountTest.php

[WIP] [DO NOT MERGE] External accounts
Changes PlannedPublic
Actions

Revision Contents
Changeset List