1 files changed, 86 insertions, 0 deletions

diff --git a/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl b/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl
new file mode 100644
index 000000000..f6d68a5af
--- /dev/null
+++ b/extensions/Persona/template/en/default/hook/global/header-additional_header.html.tmpl
@@ -0,0 +1,86 @@
+[%# This Source Code Form is subject to the terms of the Mozilla Public
+  # License, v. 2.0. If a copy of the MPL was not distributed with this
+  # file, You can obtain one at http://mozilla.org/MPL/2.0/.
+  #
+  # This Source Code Form is "Incompatible With Secondary Licenses", as
+  # defined by the Mozilla Public License, v. 2.0.
+  #%]
+
+[% RETURN UNLESS Param('persona_includejs_url')
+                 && Param('user_info_class').split(',').contains('Persona') %]
+
+[%# for now don't inject persona javascript on authenticated users.
+  # we've seen sessions being logged out unexpectedly
+  # we should only inject this code for users who used persona to authenicate %]
+[% RETURN IF user.id %]
+
+[% USE Bugzilla %]
+[% cgi = Bugzilla.cgi %]
+
+<script defer src="[% Param('persona_includejs_url') %]" type="text/javascript"></script>
+<script type="text/javascript">
+
+function createHidden(name, value, form) {
+  var field = document.createElement('input');
+  field.type = 'hidden';
+  field.name = name;
+  field.value = value;;
+  form.appendChild(field);
+}
+
+[% login_target = cgi.url("-relative" => 1, "-query" => 1) %]
+[% IF !login_target
+      OR login_target.match("^token\.cgi")
+      OR login_target.match("^createaccount\.cgi") %]
+  [% login_target = "index.cgi" %]
+[% END %]
+[% login_target = urlbase _ login_target %]
+
+[%# we only want to honour explicit login requests %]
+var persona_ignore_login = true;
+
+function persona_onlogin(assertion) {
+  if (persona_ignore_login)
+    return;
+  [% IF !user.id %]
+    var form = document.createElement('form');
+    form.action = '[% login_target FILTER js %]';
+    form.method = 'POST';
+    form.style.display = 'none';
+
+    createHidden('token', '[% issue_hash_token(['login']) FILTER js %]', form);
+    createHidden('Bugzilla_remember', 'on', form);
+    createHidden('persona_assertion', assertion, form);
+
+    [% FOREACH field = cgi.param() %]
+      [% NEXT IF field.search("^(Bugzilla_(login|password|restrictlogin)|token|persona_assertion)$") %]
+      [% FOREACH mvalue = cgi.param(field).slice(0) %]
+        createHidden('[% field FILTER js %]', '[% mvalue FILTER html_linebreak FILTER js %]', form);
+      [% END %]
+    [% END %]
+
+    document.body.appendChild(form);
+    form.submit();
+  [% END %]
+}
+
+YAHOO.util.Event.on(window, 'load', persona_init);
+function persona_init() {
+  navigator.id.watch({
+    [%# we can't set loggedInUser to user.login as this causes cgi authenticated
+        sessions to be logged out by persona %]
+    loggedInUser: null,
+    onlogin: persona_onlogin,
+    onlogout: function () {
+      [%# this should be redirecting to index.cgi?logout=1 however there's a
+          persona bug which causes this to break chrome and safari logins.
+          https://github.com/mozilla/browserid/issues/2423 %]
+    }
+  });
+}
+
+function persona_sign_in() {
+  persona_ignore_login = false;
+  navigator.id.request({ siteName: '[% terms.BugzillaTitle FILTER js %]' });
+}
+</script>