-
-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[TPROD-168] Remove OAuth1 support #10111
Conversation
Codecov Report
@@ Coverage Diff @@
## features #10111 +/- ##
==============================================
+ Coverage 41.56% 41.62% +0.05%
+ Complexity 34581 34469 -112
==============================================
Files 2063 2050 -13
Lines 111574 111196 -378
==============================================
- Hits 46378 46281 -97
+ Misses 65196 64915 -281
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Other than this comment I didn't test nor review the rest. But I'm all for removing this and I love seeing the composer.json cleanup. Only thing left is FOSOAuthServerBundle. Can that potentially be tackled in the same PR?
app/assets/scaffold/files/htaccess
Outdated
@@ -8,7 +8,7 @@ | |||
<IfModule mod_rewrite.c> | |||
RewriteEngine On | |||
|
|||
# Set Authorization header for OAuth1a for when php is running under fcgi | |||
# Set Authorization header for OAuth for when php is running under fcgi |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consistency is key, shouldn't this be OAuth2? :)
I think we cannot do that until they merge the PR that was made to reinstate PHP template support. That is why we have the forked repo. |
Right - although it is confusing, as the branch that is used in Mautic is not the mautic-compat branch but the dev-doctrine-fix branch. I'm not sure if that even has anything to do with the php template thing? |
FriendsOfSymfony/FOSOAuthServerBundle@master...dennisameling:doctrine-fix this is the difference afaik, not sure if it has anything to do with oauth1 or not. |
a1814b8
to
c59d4a9
Compare
Hi @nickveenhof - I rebased this PR but am getting an error on
Any suggestions? |
Nope, sorry. TL;DR: we need that until the FOSOAuthServerBundle team releases a new version (which might take months), or for Mautic to fork it and maintain it ourselves. Let's not confuse two things here:
An option would be to fork FOSOAuthServerBundle 1.x in the Mautic org, try to see if it's easy to add PHP 8 support to it, then release it to Composer. Would be a workaround for the time being. But I don't have any capacity to look into that now. |
"url": "app", | ||
"options": { | ||
"versions": { | ||
"mautic/core-lib": "3.2.x-dev" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The folks at Symfony also do it this way. Don't ask me why or how it works 🙈
Here's the official Composer documentation for this setting: https://getcomposer.org/doc/05-repositories.md#path
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CC @nickveenhof
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Checked that the dropdowns now only include OAuth2 - no more OAuth1 🎉
Was able to authenticate with OAuth2 per the instructions and was able to retrieve the contacts list!
Thanks for making this PR @dennisameling - just needs another tester and a code review from @mautic/core-team
Reviewed and tested, LGTM! Works as expected. Thank you @dennisameling. |
Description:
As discussed in https://mautic.atlassian.net/browse/TPROD-190, this PR removes OAuth1 support from Mautic due to the increasing workload to keep supporting it
Steps to test this PR:
Ensure OAuth2 is still working by doing the following: