Bug 842784: Persona sign in automatically signs in user

author: Byron Jones <bjones@mozilla.com> 2013-02-20 17:15:11 +0100
committer: Byron Jones <bjones@mozilla.com> 2013-02-20 17:15:11 +0100
commit: 1452147a39916db8b7980c84be80e9e20067a326 (patch)
tree: b87dcb3f42dc7522354073bf30fd170194c720ca /extensions/Persona
parent: 6fae33b598ebd9d731b81af489cc1b235872f089 (diff)
download: bugzilla-1452147a39916db8b7980c84be80e9e20067a326.tar.gz
bugzilla-1452147a39916db8b7980c84be80e9e20067a326.tar.xz
2 files changed, 44 insertions, 37 deletions
diff --git a/extensions/Persona/template/en/default/admin/params/persona.html.tmpl b/extensions/Persona/template/en/default/admin/params/persona.html.tmpl
index 379d12058..5c060129b 100644
--- a/extensions/Persona/template/en/default/admin/params/persona.html.tmpl
+++ b/extensions/Persona/template/en/default/admin/params/persona.html.tmpl
@@ -17,6 +17,6 @@
                         "Example: <kbd>https://verifier.login.persona.org/verify</kbd>.",
   persona_includejs_url => "This is the URL needed by Persona to load the necessary " _
                            "javascript library for authentication. " _
-                           "Example: <kbd>https://persona.org/include.js</kbd>."
+                           "Example: <kbd>https://login.persona.org/include.js</kbd>."
  }
 %]
diff --git a/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl b/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl
index f440247b3..7260fd9a8 100644
--- a/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl
+++ b/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl
@@ -6,23 +6,15 @@
   # defined by the Mozilla Public License, v. 2.0.
   #%]
 
-[% RETURN IF user.login
-             || !Param('persona_includejs_url')
-             || !Param('user_info_class').split(',').contains('Persona') %]
+[% RETURN UNLESS Param('persona_includejs_url')
+                 && Param('user_info_class').split(',').contains('Persona') %]
 
 [% USE Bugzilla %]
 [% cgi = Bugzilla.cgi %]
 
-[% login_target = cgi.url("-relative" => 1, "-query" => 1) %]
-[% IF !login_target OR login_target.match("^token.cgi") %]
-  [% login_target = "index.cgi" %]
-[% END %]
-
-[% login_target = urlbase _ login_target %]
-
 <script src="[% Param('persona_includejs_url') %]" type="text/javascript"></script>
-
 <script type="text/javascript">
+
 function createHidden(name, value, form) {
   var field = document.createElement('input');
   field.type = 'hidden';
@@ -31,35 +23,50 @@ function createHidden(name, value, form) {
   form.appendChild(field);
 }
 
-function persona_sign_in() {
-  navigator.id.watch({
-    loggedInUser: null,
-    onlogin: function(assertion) {
-      var form = document.createElement('form');
-      form.action = '[% login_target FILTER js %]';
-      form.method = 'POST';
-      form.style.display = 'none';
+[% login_target = cgi.url("-relative" => 1, "-query" => 1) %]
+[% IF !login_target OR login_target.match("^token.cgi") %]
+  [% login_target = "index.cgi" %]
+[% END %]
+[% login_target = urlbase _ login_target %]
+
+[%# we only want to honour explicit login requests %]
+var persona_ignore_login = true;
 
-      createHidden('token', '[% issue_hash_token(['login']) FILTER js %]', form);
-      createHidden('Bugzilla_remember', 'on', form);
-      createHidden('persona_assertion', assertion, form);
+function persona_onlogin(assertion) {
+  if (persona_ignore_login)
+    return;
+  [% IF !user.id %]
+    var form = document.createElement('form');
+    form.action = '[% login_target FILTER js %]';
+    form.method = 'POST';
+    form.style.display = 'none';
 
-      [% FOREACH field = cgi.param() %]
-        [% NEXT IF field.search("^(Bugzilla_(login|password|restrictlogin)|token|persona_assertion)$") %]
-        [% FOREACH mvalue = cgi.param(field).slice(0) %]
-          createHidden('[% field FILTER js %]', '[% mvalue FILTER html_linebreak FILTER js %]', form);
-        [% END %]
+    createHidden('token', '[% issue_hash_token(['login']) FILTER js %]', form);
+    createHidden('Bugzilla_remember', 'on', form);
+    createHidden('persona_assertion', assertion, form);
+
+    [% FOREACH field = cgi.param() %]
+      [% NEXT IF field.search("^(Bugzilla_(login|password|restrictlogin)|token|persona_assertion)$") %]
+      [% FOREACH mvalue = cgi.param(field).slice(0) %]
+        createHidden('[% field FILTER js %]', '[% mvalue FILTER html_linebreak FILTER js %]', form);
       [% END %]
+    [% END %]
+
+    document.body.appendChild(form);
+    form.submit();
+  [% END %]
+}
 
-      document.body.appendChild(form);
-      form.submit();
-      return true;
-    },
-    onlogout: function () {
-      document.location = '[% urlbase FILTER none %]index.cgi?logout=1';
-      return true;
-    }
-  });
+navigator.id.watch({
+  loggedInUser: [% IF user.id %]'[% user.login FILTER js %]'[% ELSE %]null[% END %],
+  onlogin: persona_onlogin,
+  onlogout: function () {
+    document.location = '[% urlbase FILTER none %]index.cgi?logout=1';
+  }
+});
+
+function persona_sign_in() {
+  persona_ignore_login = false;
   navigator.id.request({ siteName: '[% terms.BugzillaTitle FILTER js %]' });
 }
 </script>
author	Byron Jones <bjones@mozilla.com>	2013-02-20 17:15:11 +0100
committer	Byron Jones <bjones@mozilla.com>	2013-02-20 17:15:11 +0100
commit	1452147a39916db8b7980c84be80e9e20067a326 (patch)
tree	b87dcb3f42dc7522354073bf30fd170194c720ca /extensions/Persona
parent	6fae33b598ebd9d731b81af489cc1b235872f089 (diff)
download	bugzilla-1452147a39916db8b7980c84be80e9e20067a326.tar.gz bugzilla-1452147a39916db8b7980c84be80e9e20067a326.tar.xz