Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Onboarding to generate auth code #21777

Merged
merged 1 commit into from Mar 8, 2019

Conversation

Projects
None yet
4 participants
@balloob
Copy link
Member

commented Mar 8, 2019

Description:

This allows onboarding to generate an authorization code to fetch refresh tokens.

This will allow us to redirect to bypass the login page when we finish onboarding. By using an authorization code, the user will get asked if they want to store their login.

Requires frontend PR: home-assistant/home-assistant-polymer#2894

Checklist:

  • The code change is tested and works locally.
  • Local tests pass with tox. Your PR cannot be merged unless tests pass
  • There is no commented out code in this PR.

If the code does not interact with devices:

  • Tests have been added to verify that the new code works.

@balloob balloob requested a review from home-assistant/core as a code owner Mar 8, 2019

@ghost ghost assigned balloob Mar 8, 2019

@ghost ghost added the in progress label Mar 8, 2019

@balloob balloob referenced this pull request Mar 8, 2019

Merged

Convert onboarding to Lit #2894

await self._async_mark_done(hass)

# Return an authorization code to allow fetching tokens.
auth_code = hass.components.auth.create_auth_code(

This comment has been minimized.

Copy link
@awarecan

awarecan Mar 8, 2019

Contributor

Do we have expiring time for auth_code? 5 minutes?

This comment has been minimized.

Copy link
@balloob

balloob Mar 8, 2019

Author Member

10 minutes

# OAuth 4.2.1
# The authorization code MUST expire shortly after it is issued to
# mitigate the risk of leaks. A maximum authorization code lifetime of
# 10 minutes is RECOMMENDED.
if dt_util.utcnow() - created < timedelta(minutes=10):
return result

This comment has been minimized.

Copy link
@awarecan

awarecan Mar 8, 2019

Contributor

So for now, it might be okay. But in future, if on-boarding takes longer than 10 minutes, the auth_code will be expired

This comment has been minimized.

Copy link
@balloob

balloob Mar 8, 2019

Author Member

If we get more steps in onboarding, I actually want to establish a websocket connection so we can use the APIs as usual. I guess in that case, we will ask users if they want to stay logged in during onboarding.

@balloob balloob merged commit 3da0ed9 into dev Mar 8, 2019

10 checks passed

Hound No violations found. Woof!
Python 3.5 - lints Python 3.5 - lints
Details
Python 3.5 - tests Python 3.5 - tests
Details
Python 3.6 - tests Python 3.6 - tests
Details
Python 3.7 - tests Python 3.7 - tests
Details
Pyton 3.5 - typing Pyton 3.5 - typing
Details
cla-bot Everyone involved has signed the CLA
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
coverage/coveralls Coverage decreased (-0.001%) to 92.754%
Details

@ghost ghost removed the in progress label Mar 8, 2019

@delete-merged-branch delete-merged-branch bot deleted the onboarding-tokens branch Mar 8, 2019

Swamp-Ig added a commit to Swamp-Ig/home-assistant that referenced this pull request Mar 19, 2019

@Swamp-Ig Swamp-Ig referenced this pull request Mar 19, 2019

Closed

Onboarding broken after patch #22170

3 of 3 tasks complete

@ghost ghost assigned Swamp-Ig Mar 19, 2019

@balloob balloob referenced this pull request Mar 20, 2019

Merged

0.90.0 #22216

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.