recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Remove Facebook OAuth dependency on "security_settings" property

Summary: Ref T13615. This property was removed from the Facebook API at some point, perhaps November 2020. Stop relying no it.

Test Plan: Created a local Facebook OAuth app, registered a new account locally.

Maniphest Tasks: T13615

Differential Revision: https://secure.phabricator.com/D21571

epriestley be0bb68f b3976acc

+26 -109
-23
src/applications/auth/adapter/PhutilFacebookAuthAdapter.php
··· 5 5 */ 6 6 final class PhutilFacebookAuthAdapter extends PhutilOAuthAuthAdapter { 7 7 8 - private $requireSecureBrowsing; 9 - 10 - public function setRequireSecureBrowsing($require_secure_browsing) { 11 - $this->requireSecureBrowsing = $require_secure_browsing; 12 - return $this; 13 - } 14 - 15 8 public function getAdapterType() { 16 9 return 'facebook'; 17 10 } ··· 61 54 return $this->getOAuthAccountData('name'); 62 55 } 63 56 64 - public function getAccountSecuritySettings() { 65 - return $this->getOAuthAccountData('security_settings'); 66 - } 67 - 68 57 protected function getAuthenticateBaseURI() { 69 58 return 'https://www.facebook.com/dialog/oauth'; 70 59 } ··· 79 68 'name', 80 69 'email', 81 70 'link', 82 - 'security_settings', 83 71 'picture', 84 72 ); 85 73 ··· 95 83 throw new PhutilProxyException( 96 84 pht('Expected valid JSON response from Facebook account data request.'), 97 85 $ex); 98 - } 99 - 100 - if ($this->requireSecureBrowsing) { 101 - if (empty($data['security_settings']['secure_browsing']['enabled'])) { 102 - throw new Exception( 103 - pht( 104 - 'This Phabricator install requires you to enable Secure Browsing '. 105 - 'on your Facebook account in order to use it to log in to '. 106 - 'Phabricator. For more information, see %s', 107 - 'https://www.facebook.com/help/156201551113407/')); 108 - } 109 86 } 110 87 111 88 return $data;
+26 -86
src/applications/auth/provider/PhabricatorFacebookAuthProvider.php
··· 3 3 final class PhabricatorFacebookAuthProvider 4 4 extends PhabricatorOAuth2AuthProvider { 5 5 6 - const KEY_REQUIRE_SECURE = 'oauth:facebook:require-secure'; 7 - 8 6 public function getProviderName() { 9 7 return pht('Facebook'); 10 8 } 11 9 12 10 protected function getProviderConfigurationHelp() { 13 11 $uri = PhabricatorEnv::getProductionURI($this->getLoginURI()); 12 + 13 + $domain = id(new PhutilURI($uri))->getDomain(); 14 + 15 + $table = array( 16 + 'Client OAuth Login' => pht('No'), 17 + 'Web OAuth Login' => pht('Yes'), 18 + 'Enforce HTTPS' => pht('Yes'), 19 + 'Force Web OAuth Reauthentication' => pht('Yes (Optional)'), 20 + 'Embedded Browser OAuth Login' => pht('No'), 21 + 'Use Strict Mode for Redirect URIs' => pht('Yes'), 22 + 'Login from Devices' => pht('No'), 23 + 'Valid OAuth Redirect URIs' => '`'.(string)$uri.'`', 24 + 'App Domains' => '`'.$domain.'`', 25 + ); 26 + 27 + $rows = array(); 28 + foreach ($table as $k => $v) { 29 + $rows[] = sprintf('| %s | %s |', $k, $v); 30 + $rows[] = sprintf('|----| |'); 31 + } 32 + $rows = implode("\n", $rows); 33 + 34 + 14 35 return pht( 15 36 'To configure Facebook OAuth, create a new Facebook Application here:'. 16 37 "\n\n". ··· 18 39 "\n\n". 19 40 'You should use these settings in your application:'. 20 41 "\n\n". 21 - " - **Site URL**: Set this to `%s`\n". 22 - " - **Valid OAuth redirect URIs**: You should also set this to `%s`\n". 23 - " - **Client OAuth Login**: Set this to **OFF**.\n". 24 - " - **Embedded browser OAuth Login**: Set this to **OFF**.\n". 42 + "%s\n". 25 43 "\n\n". 26 - "Some of these settings may be in the **Advanced** tab.\n\n". 27 44 "After creating your new application, copy the **App ID** and ". 28 45 "**App Secret** to the fields above.", 29 - (string)$uri, 30 - (string)$uri); 31 - } 32 - 33 - public function getDefaultProviderConfig() { 34 - return parent::getDefaultProviderConfig() 35 - ->setProperty(self::KEY_REQUIRE_SECURE, 1); 46 + $rows); 36 47 } 37 48 38 49 protected function newOAuthAdapter() { 39 - $require_secure = $this->getProviderConfig()->getProperty( 40 - self::KEY_REQUIRE_SECURE); 41 - 42 - return id(new PhutilFacebookAuthAdapter()) 43 - ->setRequireSecureBrowsing($require_secure); 50 + return new PhutilFacebookAuthAdapter(); 44 51 } 45 52 46 53 protected function getLoginIcon() { ··· 53 60 // to the mobile site. 54 61 'https://m.facebook.com/', 55 62 ); 56 - } 57 - 58 - public function readFormValuesFromProvider() { 59 - $require_secure = $this->getProviderConfig()->getProperty( 60 - self::KEY_REQUIRE_SECURE); 61 - 62 - return parent::readFormValuesFromProvider() + array( 63 - self::KEY_REQUIRE_SECURE => $require_secure, 64 - ); 65 - } 66 - 67 - public function readFormValuesFromRequest(AphrontRequest $request) { 68 - return parent::readFormValuesFromRequest($request) + array( 69 - self::KEY_REQUIRE_SECURE => $request->getBool(self::KEY_REQUIRE_SECURE), 70 - ); 71 - } 72 - 73 - public function extendEditForm( 74 - AphrontRequest $request, 75 - AphrontFormView $form, 76 - array $values, 77 - array $issues) { 78 - 79 - parent::extendEditForm($request, $form, $values, $issues); 80 - 81 - $key_require = self::KEY_REQUIRE_SECURE; 82 - $v_require = idx($values, $key_require); 83 - 84 - $form 85 - ->appendChild( 86 - id(new AphrontFormCheckboxControl()) 87 - ->addCheckbox( 88 - $key_require, 89 - $v_require, 90 - pht( 91 - "%s ". 92 - "Require users to enable 'secure browsing' on Facebook in order ". 93 - "to use Facebook to authenticate with Phabricator. This ". 94 - "improves security by preventing an attacker from capturing ". 95 - "an insecure Facebook session and escalating it into a ". 96 - "Phabricator session. Enabling it is recommended.", 97 - phutil_tag('strong', array(), pht('Require Secure Browsing:'))))); 98 - } 99 - 100 - public function renderConfigPropertyTransactionTitle( 101 - PhabricatorAuthProviderConfigTransaction $xaction) { 102 - 103 - $author_phid = $xaction->getAuthorPHID(); 104 - $old = $xaction->getOldValue(); 105 - $new = $xaction->getNewValue(); 106 - $key = $xaction->getMetadataValue( 107 - PhabricatorAuthProviderConfigTransaction::PROPERTY_KEY); 108 - 109 - switch ($key) { 110 - case self::KEY_REQUIRE_SECURE: 111 - if ($new) { 112 - return pht( 113 - '%s turned "Require Secure Browsing" on.', 114 - $xaction->renderHandleLink($author_phid)); 115 - } else { 116 - return pht( 117 - '%s turned "Require Secure Browsing" off.', 118 - $xaction->renderHandleLink($author_phid)); 119 - } 120 - } 121 - 122 - return parent::renderConfigPropertyTransactionTitle($xaction); 123 63 } 124 64 125 65 }