recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Make auth provider autologin modular and implement it for all OAuth2 adapters

Summary:
Ref T10785. Around the time we launched Phacility SAAS we implemented this weird autologin hack. It works fine, so clean it up, get rid of the `instanceof` stuff, and support it for any OAuth2 provider.

(We could conceivably support OAuth1 as well, but no one has expressed an interest in it and I don't think I have any OAuth1 providers configured correctly locally so it would take a little bit to set up and test.)

Test Plan:
- Configured OAuth2 adapters (Facebook) for auto-login.
- Saw no config option on other adapters (LDAP).
- Nuked all options but one, did autologin with Facebook and Phabricator.
- Logged out, got logout screen.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10785

Differential Revision: https://secure.phabricator.com/D16060

epriestley e1a9473e 511f7036

+57 -13
+34 -11
src/applications/auth/controller/PhabricatorAuthStartController.php
··· 113 113 PhabricatorCookies::setClientIDCookie($request); 114 114 } 115 115 116 - if (!$request->getURIData('loggedout') && count($providers) == 1) { 117 - $auto_login_provider = head($providers); 118 - $auto_login_config = $auto_login_provider->getProviderConfig(); 119 - if ($auto_login_provider instanceof PhabricatorPhabricatorAuthProvider && 120 - $auto_login_config->getShouldAutoLogin()) { 121 - $auto_login_adapter = $provider->getAdapter(); 122 - $auto_login_adapter->setState($provider->getAuthCSRFCode($request)); 123 - return id(new AphrontRedirectResponse()) 124 - ->setIsExternal(true) 125 - ->setURI($provider->getAdapter()->getAuthenticateURI()); 126 - } 116 + $auto_response = $this->tryAutoLogin($providers); 117 + if ($auto_response) { 118 + return $auto_response; 127 119 } 128 120 129 121 $invite = $this->loadInvite(); ··· 280 272 return $this->renderErrorPage( 281 273 pht('Authentication Failure'), 282 274 array($message)); 275 + } 276 + 277 + private function tryAutoLogin(array $providers) { 278 + $request = $this->getRequest(); 279 + 280 + // If the user just logged out, don't immediately log them in again. 281 + if ($request->getURIData('loggedout')) { 282 + return null; 283 + } 284 + 285 + // If we have more than one provider, we can't autologin because we 286 + // don't know which one the user wants. 287 + if (count($providers) != 1) { 288 + return null; 289 + } 290 + 291 + $provider = head($providers); 292 + if (!$provider->supportsAutoLogin()) { 293 + return null; 294 + } 295 + 296 + $config = $provider->getProviderConfig(); 297 + if (!$config->getShouldAutoLogin()) { 298 + return null; 299 + } 300 + 301 + $auto_uri = $provider->getAutoLoginURI($request); 302 + 303 + return id(new AphrontRedirectResponse()) 304 + ->setIsExternal(true) 305 + ->setURI($auto_uri); 283 306 } 284 307 285 308 }
+2 -2
src/applications/auth/controller/config/PhabricatorAuthEditController.php
··· 130 130 PhabricatorAuthProviderConfigTransaction::TYPE_TRUST_EMAILS) 131 131 ->setNewValue($request->getInt('trustEmails', 0)); 132 132 133 - if ($provider instanceof PhabricatorPhabricatorAuthProvider) { 133 + if ($provider->supportsAutoLogin()) { 134 134 $xactions[] = id(new PhabricatorAuthProviderConfigTransaction()) 135 135 ->setTransactionType( 136 136 PhabricatorAuthProviderConfigTransaction::TYPE_AUTO_LOGIN) ··· 314 314 $v_trust_email)); 315 315 } 316 316 317 - if ($provider instanceof PhabricatorPhabricatorAuthProvider) { 317 + if ($provider->supportsAutoLogin()) { 318 318 $form->appendChild( 319 319 id(new AphrontFormCheckboxControl()) 320 320 ->addCheckbox(
+8
src/applications/auth/provider/PhabricatorAuthProvider.php
··· 495 495 } 496 496 } 497 497 498 + public function supportsAutoLogin() { 499 + return false; 500 + } 501 + 502 + public function getAutoLoginURI(AphrontRequest $request) { 503 + throw new PhutilMethodNotImplementedException(); 504 + } 505 + 498 506 }
+13
src/applications/auth/provider/PhabricatorOAuth2AuthProvider.php
··· 273 273 parent::willRenderLinkedAccount($viewer, $item, $account); 274 274 } 275 275 276 + public function supportsAutoLogin() { 277 + return true; 278 + } 279 + 280 + public function getAutoLoginURI(AphrontRequest $request) { 281 + $csrf_code = $this->getAuthCSRFCode($request); 282 + 283 + $adapter = $this->getAdapter(); 284 + $adapter->setState($csrf_code); 285 + 286 + return $adapter->getAuthenticateURI(); 287 + } 288 + 276 289 }