Bug 1170722: Authentication Delegation should add an App ID column to associate api keys with specific callbacks

r=dkl,a=glob
author: Dylan William Hardison <dylan@mozilla.com> 2015-06-12 05:29:15 +0200
committer: Dylan William Hardison <dylan@hardison.net> 2015-06-12 05:29:15 +0200
commit: a8675e3f1ef10a84f36b06e8ffd25e7b3033baef (patch)
tree: 1d0b8c2b1c7682db27ece4f81cf57f41e657f68c /auth.cgi
parent: 7186b647fb8c3f482a302863538c5cb68a7ff50a (diff)
download: bugzilla-a8675e3f1ef10a84f36b06e8ffd25e7b3033baef.tar.gz
bugzilla-a8675e3f1ef10a84f36b06e8ffd25e7b3033baef.tar.xz
1 files changed, 25 insertions, 11 deletions
diff --git a/auth.cgi b/auth.cgi
index 4bbb03c66..5da16a914 100755
--- a/auth.cgi
+++ b/auth.cgi
@@ -22,6 +22,7 @@ use Bugzilla::Mailer qw(MessageToMTA);
 
 use URI;
 use URI::QueryParam;
+use Digest::SHA qw(sha256_hex);
 
 Bugzilla->login(LOGIN_REQUIRED);
 
@@ -61,20 +62,33 @@ if ($confirmed || $skip_confirmation) {
                            { token => $token, callback => $callback });
         }
     }
-
-    my $new_key = Bugzilla::User::APIKey->create({
-        user_id     => $user->id,
-        description => $description,
+    my $app_id = sha256_hex($callback_uri, $description);
+    my $keys = Bugzilla::User::APIKey->match({
+        user_id => $user->id,
+        app_id  => $app_id,
+        revoked => 0,
     });
-    my $template = Bugzilla->template_inner($user->setting('lang'));
-    my $vars = { user => $user, new_key => $new_key };
-    my $message;
-    $template->process('email/new-api-key.txt.tmpl', $vars, \$message)
-      or ThrowTemplateError($template->error());
 
-    MessageToMTA($message);
+    my $api_key;
+    if (@$keys) {
+        $api_key = $keys->[0];
+    }
+    else {
+        $api_key = Bugzilla::User::APIKey->create({
+            user_id     => $user->id,
+            description => $description,
+            app_id      => $app_id,
+        });
+        my $template = Bugzilla->template_inner($user->setting('lang'));
+        my $vars = { user => $user, new_key => $api_key };
+        my $message;
+        $template->process('email/new-api-key.txt.tmpl', $vars, \$message)
+          or ThrowTemplateError($template->error());
+
+        MessageToMTA($message);
+    }
 
-    $callback_uri->query_param(client_api_key   => $new_key->api_key);
+    $callback_uri->query_param(client_api_key   => $api_key->api_key);
     $callback_uri->query_param(client_api_login => $user->login);
 
     print $cgi->redirect($callback_uri);
author	Dylan William Hardison <dylan@mozilla.com>	2015-06-12 05:29:15 +0200
committer	Dylan William Hardison <dylan@hardison.net>	2015-06-12 05:29:15 +0200
commit	a8675e3f1ef10a84f36b06e8ffd25e7b3033baef (patch)
tree	1d0b8c2b1c7682db27ece4f81cf57f41e657f68c /auth.cgi
parent	7186b647fb8c3f482a302863538c5cb68a7ff50a (diff)
download	bugzilla-a8675e3f1ef10a84f36b06e8ffd25e7b3033baef.tar.gz bugzilla-a8675e3f1ef10a84f36b06e8ffd25e7b3033baef.tar.xz