diff options
Diffstat (limited to 'extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl')
-rw-r--r-- | extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl b/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl new file mode 100644 index 000000000..a2f150373 --- /dev/null +++ b/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl @@ -0,0 +1,84 @@ +[%# This Source Code Form is subject to the terms of the Mozilla Public + # License, v. 2.0. If a copy of the MPL was not distributed with this + # file, You can obtain one at http://mozilla.org/MPL/2.0/. + # + # This Source Code Form is "Incompatible With Secondary Licenses", as + # defined by the Mozilla Public License, v. 2.0. + #%] + +[% RETURN UNLESS Param('persona_includejs_url') + && Param('user_info_class').split(',').contains('Persona') %] + +[%# for now don't inject persona javascript on authenticated users. + # we've seen sessions being logged out unexpectedly + # we should only inject this code for users who used persona to authenicate %] +[% RETURN IF user.id %] + +[% USE Bugzilla %] +[% cgi = Bugzilla.cgi %] + +<script defer src="[% Param('persona_includejs_url') %]" type="text/javascript"></script> +<script type="text/javascript"> + +function createHidden(name, value, form) { + var field = document.createElement('input'); + field.type = 'hidden'; + field.name = name; + field.value = value;; + form.appendChild(field); +} + +[% login_target = cgi.url("-relative" => 1, "-query" => 1) %] +[% IF !login_target OR login_target.match("^token.cgi") %] + [% login_target = "index.cgi" %] +[% END %] +[% login_target = urlbase _ login_target %] + +[%# we only want to honour explicit login requests %] +var persona_ignore_login = true; + +function persona_onlogin(assertion) { + if (persona_ignore_login) + return; + [% IF !user.id %] + var form = document.createElement('form'); + form.action = '[% login_target FILTER js %]'; + form.method = 'POST'; + form.style.display = 'none'; + + createHidden('token', '[% issue_hash_token(['login']) FILTER js %]', form); + createHidden('Bugzilla_remember', 'on', form); + createHidden('persona_assertion', assertion, form); + + [% FOREACH field = cgi.param() %] + [% NEXT IF field.search("^(Bugzilla_(login|password|restrictlogin)|token|persona_assertion)$") %] + [% FOREACH mvalue = cgi.param(field).slice(0) %] + createHidden('[% field FILTER js %]', '[% mvalue FILTER html_linebreak FILTER js %]', form); + [% END %] + [% END %] + + document.body.appendChild(form); + form.submit(); + [% END %] +} + +YAHOO.util.Event.on(window, 'load', persona_init); +function persona_init() { + navigator.id.watch({ + [%# we can't set loggedInUser to user.login as this causes cgi authenticated + sessions to be logged out by persona %] + loggedInUser: null, + onlogin: persona_onlogin, + onlogout: function () { + [%# this should be redirecting to index.cgi?logout=1 however there's a + persona bug which causes this to break chrome and safari logins. + https://github.com/mozilla/browserid/issues/2423 %] + } + }); +} + +function persona_sign_in() { + persona_ignore_login = false; + navigator.id.request({ siteName: '[% terms.BugzillaTitle FILTER js %]' }); +} +</script> |