diff options
| author | Dylan William Hardison <dylan@mozilla.com> | 2015-06-12 05:29:15 +0200 |
|---|---|---|
| committer | Dylan William Hardison <dylan@hardison.net> | 2015-06-12 05:29:15 +0200 |
| commit | a8675e3f1ef10a84f36b06e8ffd25e7b3033baef (patch) | |
| tree | 1d0b8c2b1c7682db27ece4f81cf57f41e657f68c | |
| parent | 7186b647fb8c3f482a302863538c5cb68a7ff50a (diff) | |
| download | bugzilla-a8675e3f1ef10a84f36b06e8ffd25e7b3033baef.tar.gz bugzilla-a8675e3f1ef10a84f36b06e8ffd25e7b3033baef.tar.xz | |
Bug 1170722: Authentication Delegation should add an App ID column to associate api keys with specific callbacks
r=dkl,a=glob
| -rw-r--r-- | Bugzilla/DB/Schema.pm | 6 | ||||
| -rw-r--r-- | Bugzilla/Install/DB.pm | 5 | ||||
| -rwxr-xr-x | auth.cgi | 36 |
3 files changed, 34 insertions, 13 deletions
diff --git a/Bugzilla/DB/Schema.pm b/Bugzilla/DB/Schema.pm index c089513e3..3d904ba8b 100644 --- a/Bugzilla/DB/Schema.pm +++ b/Bugzilla/DB/Schema.pm @@ -1779,15 +1779,17 @@ use constant ABSTRACT_SCHEMA => { REFERENCES => {TABLE => 'profiles', COLUMN => 'userid', DELETE => 'CASCADE'}}, - api_key => {TYPE => 'VARCHAR(40)', NOTNULL => 1}, - description => {TYPE => 'VARCHAR(255)'}, + api_key => {TYPE => 'varchar(40)', NOTNULL => 1}, + description => {TYPE => 'varchar(255)'}, revoked => {TYPE => 'BOOLEAN', NOTNULL => 1, DEFAULT => 'FALSE'}, last_used => {TYPE => 'DATETIME'}, + app_id => {TYPE => 'varchar(64)'}, ], INDEXES => [ user_api_keys_api_key_idx => {FIELDS => ['api_key'], TYPE => 'UNIQUE'}, user_api_keys_user_id_idx => ['user_id'], + user_api_keys_user_id_app_id_idx => ['user_id', 'app_id'], ], }, }; diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm index ddd127be2..5761d1963 100644 --- a/Bugzilla/Install/DB.pm +++ b/Bugzilla/Install/DB.pm @@ -122,6 +122,11 @@ sub update_fielddefs_definition { $dbh->bz_add_column('fielddefs', 'long_desc', {TYPE => 'varchar(255)', NOTNULL => 1, DEFAULT => "''"}, ''); + $dbh->bz_add_column('user_api_keys', 'app_id', + {TYPE => 'varchar(64)'}); + $dbh->bz_add_index('user_api_keys', 'user_api_keys_user_id_app_id_idx', + [qw(user_id app_id)]); + Bugzilla::Hook::process('install_update_db_fielddefs'); # Remember, this is not the function for adding general table changes. @@ -22,6 +22,7 @@ use Bugzilla::Mailer qw(MessageToMTA); use URI; use URI::QueryParam; +use Digest::SHA qw(sha256_hex); Bugzilla->login(LOGIN_REQUIRED); @@ -61,20 +62,33 @@ if ($confirmed || $skip_confirmation) { { token => $token, callback => $callback }); } } - - my $new_key = Bugzilla::User::APIKey->create({ - user_id => $user->id, - description => $description, + my $app_id = sha256_hex($callback_uri, $description); + my $keys = Bugzilla::User::APIKey->match({ + user_id => $user->id, + app_id => $app_id, + revoked => 0, }); - my $template = Bugzilla->template_inner($user->setting('lang')); - my $vars = { user => $user, new_key => $new_key }; - my $message; - $template->process('email/new-api-key.txt.tmpl', $vars, \$message) - or ThrowTemplateError($template->error()); - MessageToMTA($message); + my $api_key; + if (@$keys) { + $api_key = $keys->[0]; + } + else { + $api_key = Bugzilla::User::APIKey->create({ + user_id => $user->id, + description => $description, + app_id => $app_id, + }); + my $template = Bugzilla->template_inner($user->setting('lang')); + my $vars = { user => $user, new_key => $api_key }; + my $message; + $template->process('email/new-api-key.txt.tmpl', $vars, \$message) + or ThrowTemplateError($template->error()); + + MessageToMTA($message); + } - $callback_uri->query_param(client_api_key => $new_key->api_key); + $callback_uri->query_param(client_api_key => $api_key->api_key); $callback_uri->query_param(client_api_login => $user->login); print $cgi->redirect($callback_uri); |