Skip to content
Permalink
Browse files

DEV: Drop legacy OpenID 2.0 support (#8894)

This is not used in core or official plugins, and has been printing a deprecation notice since v2.3.0beta4. All OpenID 2.0 code and dependencies have been dropped. The user_open_ids table remains for now, in case anyone has missed the deprecation notice, and needs to migrate their data.

Context at https://meta.discourse.org/t/-/113249
  • Loading branch information
davidtaylorhq committed Feb 7, 2020
1 parent e3c3c88 commit 5919618a87675cfcba9a62621c8b0eb07587ee96
@@ -97,8 +97,6 @@ gem 'nokogiri'
gem 'css_parser', require: false

gem 'omniauth'
gem 'omniauth-openid'
gem 'openid-redis-store'
gem 'omniauth-facebook'
gem 'omniauth-twitter'
gem 'omniauth-instagram'
@@ -237,9 +237,6 @@ GEM
omniauth-oauth2 (1.6.0)
oauth2 (~> 1.1)
omniauth (~> 1.9)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
omniauth-twitter (1.4.0)
omniauth-oauth (~> 1.1)
rack
@@ -250,9 +247,6 @@ GEM
mustache
nokogiri (~> 1.7)
sanitize
openid-redis-store (0.0.2)
redis
ruby-openid
openssl-signature_algorithm (0.3.0)
optimist (3.0.0)
parallel (1.19.1)
@@ -276,9 +270,6 @@ GEM
rack (2.0.8)
rack-mini-profiler (1.1.6)
rack (>= 1.2.0)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-protection (2.0.8.1)
rack
rack-test (1.1.0)
@@ -356,7 +347,6 @@ GEM
unicode-display_width (>= 1.4.0, < 1.7)
rubocop-discourse (1.0.2)
rubocop (>= 0.69.0)
ruby-openid (2.9.2)
ruby-prof (1.2.0)
ruby-progressbar (1.10.1)
ruby-readability (0.7.0)
@@ -502,10 +492,8 @@ DEPENDENCIES
omniauth-google-oauth2
omniauth-instagram
omniauth-oauth2
omniauth-openid
omniauth-twitter
onebox
openid-redis-store
parallel_tests
pg
pry-nav
@@ -14,7 +14,6 @@ class User < ActiveRecord::Base
has_many :tag_users, dependent: :destroy
has_many :user_api_keys, dependent: :destroy
has_many :topics
has_many :user_open_ids, dependent: :destroy

# dependent deleting handled via before_destroy
has_many :user_actions
@@ -1,10 +1,19 @@
# frozen_string_literal: true

# This table is no longer used in core, but may be used by unofficial plugins
class UserOpenId < ActiveRecord::Base
after_initialize :raise_deprecation_error

belongs_to :user

validates_presence_of :email
validates_presence_of :url

private

def raise_deprecation_error
raise "The user_open_ids table has been deprecated, and will be dropped in v2.5. See https://meta.discourse.org/t/-/113249"
end
end

# == Schema Information
@@ -64,7 +64,6 @@ def make_anonymous
@user.single_sign_on_record.try(:destroy)
@user.oauth2_user_infos.try(:destroy_all)
@user.user_associated_accounts.try(:destroy_all)
@user.user_open_ids.find_each { |x| x.destroy }
@user.api_keys.find_each { |x| x.try(:destroy) }
@user.user_emails.secondary.destroy_all

@@ -299,9 +299,6 @@ def config.database_configuration
# Ensure that Discourse event triggers for web hooks are loaded
require_dependency 'web_hook'

# So open id logs somewhere sane
OpenID::Util.logger = Rails.logger

# Load plugins
plugin_initialization_guard do
Discourse.plugins.each(&:notify_after_initialize)
@@ -1,7 +1,6 @@
# frozen_string_literal: true

require "openssl"
require "openid_redis_store"

require "middleware/omniauth_bypass_middleware"
Rails.application.config.middleware.use Middleware::OmniauthBypassMiddleware
@@ -7,7 +7,6 @@ module Auth; end
require 'auth/authenticator'
require 'auth/managed_authenticator'
require 'auth/facebook_authenticator'
require 'auth/open_id_authenticator'
require 'auth/github_authenticator'
require 'auth/twitter_authenticator'
require 'auth/google_oauth2_authenticator'

This file was deleted.

@@ -148,7 +148,7 @@ def copy_user_stuff

[
UserEmail, UserStat, UserOption, UserProfile,
UserVisit, UserSearchData, GivenDailyLike, UserSecondFactor, UserOpenId
UserVisit, UserSearchData, GivenDailyLike, UserSecondFactor
].each do |c|
copy_model(c, skip_if_merged: true, is_a_user_model: true, skip_processing: true)
end

This file was deleted.

@@ -245,7 +245,7 @@ def enabled?
plugin.notify_before_auth
expect(DiscoursePluginRegistry.auth_providers.count).to eq(1)
auth_provider = DiscoursePluginRegistry.auth_providers.to_a[0]
expect(auth_provider.authenticator.name).to eq('ubuntu')
expect(auth_provider.authenticator.name).to eq('facebook')
end

it "finds all the custom assets" do
@@ -6,7 +6,7 @@
# authors: Frank Zappa

auth_provider title: 'with Ubuntu',
authenticator: Auth::OpenIdAuthenticator.new('ubuntu', 'https://login.ubuntu.com', 'enable_badges', trusted: true),
authenticator: Auth::FacebookAuthenticator.new,
message: 'Authenticating with Ubuntu (make sure pop up blockers are not enbaled)',
frame_width: 1000, # the frame size used for the pop up window, overrides default
frame_height: 800

This file was deleted.

@@ -203,14 +203,12 @@
user.user_associated_accounts = [UserAssociatedAccount.create(user_id: user.id, provider_uid: "example", provider_name: "facebook")]
user.single_sign_on_record = SingleSignOnRecord.create(user_id: user.id, external_id: "example", last_payload: "looks good")
user.oauth2_user_infos = [Oauth2UserInfo.create(user_id: user.id, uid: "example", provider: "example")]
UserOpenId.create(user_id: user.id, email: user.email, url: "http://example.com/openid", active: true)
make_anonymous
user.reload
expect(user.github_user_info).to eq(nil)
expect(user.user_associated_accounts).to be_empty
expect(user.single_sign_on_record).to eq(nil)
expect(user.oauth2_user_infos).to be_empty
expect(user.user_open_ids.count).to eq(0)
end

it "removes api key" do
@@ -994,15 +994,13 @@ def create_badge(badge, user, opts = {})
GithubUserInfo.create(user_id: source_user.id, screen_name: "example", github_user_id: "examplel123123")
Oauth2UserInfo.create(user_id: source_user.id, uid: "example", provider: "example")
SingleSignOnRecord.create(user_id: source_user.id, external_id: "example", last_payload: "looks good")
UserOpenId.create(user_id: source_user.id, email: source_user.email, url: "http://example.com/openid", active: true)

merge_users!

expect(UserAssociatedAccount.where(user_id: source_user.id).count).to eq(0)
expect(GithubUserInfo.where(user_id: source_user.id).count).to eq(0)
expect(Oauth2UserInfo.where(user_id: source_user.id).count).to eq(0)
expect(SingleSignOnRecord.where(user_id: source_user.id).count).to eq(0)
expect(UserOpenId.where(user_id: source_user.id).count).to eq(0)
end

it "deletes auth tokens" do

2 comments on commit 5919618

@discoursebot

This comment has been minimized.

Copy link

discoursebot replied Feb 7, 2020

This commit has been mentioned on Discourse Meta. There might be relevant details there:

https://meta.discourse.org/t/removing-yahoo-login-from-core-and-deprecating-openid-2-0/113249/2

@discoursereviewbot

This comment has been minimized.

Copy link

discoursereviewbot replied Feb 10, 2020

Régis Hanol posted:

Showing 16 changes files with 12 additions and 203 deletions.

My favorite kind of commits 💪

Please sign in to comment.
You can’t perform that action at this time.