Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

5991 - Update ScribeJava to 6.6.3 and necessary refactoring #5997

Merged
merged 22 commits into from
Oct 18, 2019

Conversation

poikilotherm
Copy link
Contributor

@poikilotherm poikilotherm commented Jul 5, 2019

closes #5991

This PR aims to provide a first, smaller step by updating the ScribeJava OAuth2 lib to a recent version.

Related Issues

Pull Request Checklist

Notable changes for QA (WIP, more to come):

  • Removed scope attribute from OAuth2TokenData in 81b367b. See commit comment for more information.

TODOS

  • Refactor messages to be localized. Use more generic message instead of ORCID special.
  • Test with ORCID (success!)
  • Test with Google (success!)
  • Test with Github (success!)

@pdurbin
Copy link
Member

pdurbin commented Jul 8, 2019

@poikilotherm as we're discussing at http://irclog.iq.harvard.edu/dataverse/2019-07-08#i_99911 I just left a comment at #5991 (comment) . I just took a quick look at the code and it's not immediately clear why the necessary refactoring is necessary. Can you please explain?

I'm going to leave this in code review and try to get some "talk after" time after standup.

@poikilotherm
Copy link
Contributor Author

poikilotherm commented Jul 8, 2019

The refactoring is necessary due to upstream changes. ScribeJava has moved some classes around, deprecated (and dropped) some things usable with v3.1.0.
I also wanted to make the code more testable and easier to reuse, as there where some code dups (e. g. for the ORCiD part). I also fixed some places where null references were used on purpose and might cause trouble with NPEs.
If you guys need a more elaborated answer, I am happy to open a call... Lot's of places things needed moving, too much to write down IMHO.

@poikilotherm poikilotherm changed the title WIP: 5991 - Update ScribeJava to 6.6.3 and necessary refactoring 5991 - Update ScribeJava to 6.6.3 and necessary refactoring Jul 9, 2019
@poikilotherm
Copy link
Contributor Author

I just removed the "WIP" from the title as requested by @pdurbin on IRC.
My refactoring is done for now, although this still lacks tests. I still need feedback on the code.

@djbrooke djbrooke self-assigned this Jul 10, 2019
@djbrooke
Copy link
Contributor

@poikilotherm - I assigned this to myself at standup and we'll put this on hold until I can review #5974 with the team.

@djbrooke djbrooke assigned sekmiller and djbrooke and unassigned djbrooke Jul 12, 2019
@djbrooke
Copy link
Contributor

@sekmiller @pdurbin @kcondon and I talked about this post-standup in regards to testing. Testing should be focused on whether the OAuth methods (ORCID, Github, Google) still work.

@poikilotherm
Copy link
Contributor Author

I am happy to do the heavy lifting with this and share my test results. I hoped for some technical discussion first about design and usability of the new code.

@djbrooke djbrooke removed their assignment Jul 15, 2019
@djbrooke
Copy link
Contributor

Thanks @poikilotherm for the offer to help with the heavy lifting. @sekmiller is reviewing the code and will be able to provide any feedback. Is there anything specific about the approach that you'd like guidance on?

@djbrooke djbrooke assigned djbrooke and scolapasta and unassigned sekmiller and djbrooke Jul 16, 2019
@djbrooke
Copy link
Contributor

@sekmiller mentioned at standup that he'd like someone with more familiarity with the auth code to take a look at what's done so far. @scolapasta I'll assign to you so you can either be that person or work with that person to keep this moving. Thank you!

@scolapasta scolapasta removed their assignment Jul 25, 2019
…xt".

This is not usable on Glassfish 4.1.

This reverts commit 55a2712.
The list of authorized scopes doesn't have to be in the same order as
we send it. So better check the single scope names on their own.

Relates to IQSS#5991.
Since the introduction of OAuth2 the scope attribute
of all saved tokens has been "null", as there seemed to
be a bug with ScribeJava. Upgrading from v3.3.6 to v6.8.1
resulted in exceptions due to the scope being saved now,
but violating the 64 char limit.

As the persisted data has not been in use ever since
(the scope is always retrieved from the IdP implementation),
the attribute has been removed to save database space and
avoid the exception.

An appropriate SQL migration script for Flyway has been added.
Relates to IQSS#5991.
The GitHub auth provider had been implemented with no scope.
Thus only public information is used, the user needs to provide
his or her mail address on first login page.

Relates to IQSS#5991.
@poikilotherm poikilotherm mentioned this pull request Sep 24, 2019
5 tasks
@poikilotherm
Copy link
Contributor Author

Alright, I tested this refactored code against GitHub, Google and ORCID sandbox. It all works flawless, affiliations are read from ORCID. Should be fine.

Just those text strings left over.

@pdurbin
Copy link
Member

pdurbin commented Oct 17, 2019

@poikilotherm thanks for keeping those strings in mind. When you're ready for this to go back into code review, please let us know!

@poikilotherm
Copy link
Contributor Author

poikilotherm commented Oct 17, 2019

All set. Good night guys 😴

(Should we talk about adding the credentials for all the services to the repo? They are only usable with http://localhost:8080 anyway, so not very cool for abusing 😉 )

@kcondon kcondon merged commit c7015fe into IQSS:develop Oct 18, 2019
@kcondon kcondon self-assigned this Oct 18, 2019
@djbrooke djbrooke added this to the 4.18 milestone Oct 18, 2019
@poikilotherm poikilotherm deleted the 5991-oidc-provider branch October 18, 2019 22:15
@poikilotherm
Copy link
Contributor Author

Thank you guys (@pdurbin, @scolapasta, @djbrooke, @kcondon et al) for merging.

As always, it has been a pleasure 😄

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Upgrade ScribeJava to latest version
7 participants