1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
[%# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.
#%]
[% RETURN UNLESS Param('persona_includejs_url')
&& Param('user_info_class').split(',').contains('Persona') %]
[%# for now don't inject persona javascript on authenticated users.
# we've seen sessions being logged out unexpectedly
# we should only inject this code for users who used persona to authenicate %]
[% RETURN IF user.id %]
[% USE Bugzilla %]
[% cgi = Bugzilla.cgi %]
<script [% script_nonce FILTER none %] defer src="[% Param('persona_includejs_url') %]"></script>
<script [% script_nonce FILTER none %]>
function createHidden(name, value, form) {
var field = document.createElement('input');
field.type = 'hidden';
field.name = name;
field.value = value;;
form.appendChild(field);
}
[% login_target = cgi.url("-relative" => 1, "-query" => 1) %]
[% IF !login_target
OR login_target.match("^token\.cgi")
OR login_target.match("^createaccount\.cgi") %]
[% login_target = "index.cgi" %]
[% END %]
[% login_target = urlbase _ login_target %]
[%# we only want to honour explicit login requests %]
var persona_ignore_login = true;
function persona_onlogin(assertion) {
if (persona_ignore_login)
return;
[% IF !user.id %]
var form = document.createElement('form');
form.action = '[% login_target FILTER js %]';
form.method = 'POST';
form.style.display = 'none';
createHidden('token', '[% issue_hash_token(['login']) FILTER js %]', form);
createHidden('Bugzilla_remember', 'on', form);
createHidden('persona_assertion', assertion, form);
[% FOREACH field = cgi.param() %]
[% NEXT IF field.search('^(Bugzilla_(login|password|restrictlogin)|token|persona_assertion)$') %]
[% NEXT UNLESS cgi.param(field).can('slice') %]
[% FOREACH mvalue = cgi.param(field).slice(0) %]
createHidden('[% field FILTER js %]', '[% mvalue FILTER html_linebreak FILTER js %]', form);
[% END %]
[% END %]
document.body.appendChild(form);
form.submit();
[% END %]
}
YAHOO.util.Event.on(window, 'load', persona_init);
function persona_init() {
navigator.id.watch({
[%# we can't set loggedInUser to user.login as this causes cgi authenticated
sessions to be logged out by persona %]
loggedInUser: null,
onlogin: persona_onlogin,
onlogout: function () {
[%# this should be redirecting to index.cgi?logout=1 however there's a
persona bug which causes this to break chrome and safari logins.
https://github.com/mozilla/browserid/issues/2423 %]
}
});
}
function persona_sign_in() {
persona_ignore_login = false;
navigator.id.request({ siteName: '[% terms.BugzillaTitle FILTER js %]' });
}
$(function() {
$('.persona_sign_in').on("click", persona_sign_in);
});
</script>
|
