integrating train 2011.10.27

.gitignore

@@ -3,3 +3,5 @@
 .\#*
 /node_modules
 /var
+/rpmbuild
+

ChangeLog

@@ -1,3 +1,16 @@
+train-2011.10.27:
+  * link fixing ('need help?' to point to SUMO): #378
+  * unit tests repaired: #469 (broken in fix to #82)
+  * improve handling of network errors: #448
+  * improve styling and language of email confirmation page: #349
+  * logging improvements: #455
+  * RPM generation script created (for installation of browserid on redhat [moz prod] boxes): #478
+  * SCHEMA CHANGES to improve database performance and scalability: #480
+  * change the health check call from '/ping.txt' to '/__heartbeat__': #481
+  * remove application level network timeouts (let the network stack do its job, the user can cancel if they get sick of it): #485
+  * improve messaging for unsupported browsers: #273, #484
+  * developer documentation improvements: #496
+
 train-2011.10.20:
   * android < 3.0 now supported: #461
   * properly set assertion expiration time to when they expire, not when they're issued: #433, #457, #458

DEPLOYMENT.md

@@ -156,16 +156,16 @@ post update hook, annotated to help you follow along:
 ### 5. get node servers running
 
 At this point, pushing code to gitolite will cause /home/browserid/code to be updated.  Now
-we need to get the servers running!  Manually we can verify that the servers will run. 
+we need to get the servers running!  Manually we can verify that the servers will run.
 For the browser id server:
 
-    cd /home/browserid/code/browserid && sudo -u www-data ./run.js  
+    cd /home/browserid/code/browserid && sudo -u www-data ./run.js
 
 And for the verifier:
 
-    cd /home/browserid/code/verifier && sudo -u www-data ./run.js  
+    cd /home/browserid/code/verifier && sudo -u www-data ./run.js
 
-Now let's set up [monit] to restart the node.js servers:  
+Now let's set up [monit] to restart the node.js servers:
 
   1. install monit: `sudo apt-get install monit`
   2. enable monit by editing `/etc/default/monit`
@@ -181,7 +181,7 @@ include /etc/monit.d/*
 
 <pre>
 #!/bin/bash
-/usr/local/bin/node $1 > $(dirname $1)/error.log 2>&1 &    
+/usr/local/bin/node $1 > $(dirname $1)/error.log 2>&1 &
 </pre>
 
   5. create a file to run the verifier at `/etc/monit.d/verifier`:
@@ -192,7 +192,7 @@ check host verifier with address 127.0.0.1
         as uid "www-data" and gid "www-data"
     stop program  = "/usr/bin/pkill -f '/usr/local/bin/node /home/browserid/code/verifier/run.js'"
     if failed port 62800 protocol HTTP
-        request /ping.txt
+        request /__heartbeat__
         with timeout 10 seconds
         then restart
 </pre>
@@ -205,7 +205,7 @@ check host browserid.org with address 127.0.0.1
         as uid "www-data" and gid "www-data"
     stop program  = "/usr/bin/pkill -f '/usr/local/bin/node /home/browserid/code/browserid/run.js'"
     if failed port 62700 protocol HTTP
-        request /ping.txt
+        request /__heartbeat__
         with timeout 10 seconds
         then restart
 </pre>

README.md

@@ -23,10 +23,12 @@ or changes will be made.
 
 2. Boot up the VM:
 
-    $ cd browserid
-    $ vagrant up
-    $ vagrant ssh
-    vagrant@lucid32:browserid$ node ./run.js
+```
+cd browserid
+vagrant up
+vagrant ssh vagrant@lucid32:browserid
+node ./run.js
+```
 
 `vagrant up` will take a while. Go get a cup of coffee. This is because it downloads the 500MB VM.
 

browserid.spec

@@ -0,0 +1,45 @@
+%define _rootdir /opt/browserid
+
+Name:          browserid-server
+Version:       0.2011.10.13
+Release:       1%{?dist}
+Summary:       BrowserID server
+Packager:      Pete Fritchman <petef@mozilla.com>
+Group:         Development/Libraries
+License:       MPL 1.1+/GPL 2.0+/LGPL 2.1+
+URL:           https://github.com/mozilla/browserid
+Source0:       %{name}.tar.gz
+BuildRoot:     %{_tmppath}/%{name}-%{version}-%{release}-root
+AutoReqProv:   no
+Requires:      openssl nodejs
+BuildRequires: gcc-c++ git jre make npm openssl-devel
+
+%description
+browserid server & web home for browserid.org
+
+%prep
+%setup -q -n browserid
+
+%build
+npm install
+export PATH=$PWD/node_modules/.bin:$PATH
+(cd browserid && ./compress.sh)
+git log -1 --oneline > browserid/static/ver.txt
+
+%install
+rm -rf %{buildroot}
+mkdir -p %{buildroot}%{_rootdir}
+for f in browserid libs node_modules verifier *.json *.js; do
+    cp -rp $f %{buildroot}%{_rootdir}/$dir
+done
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+%{_rootdir}
+
+%changelog
+* Tue Oct 18 2011 Pete Fritchman <petef@mozilla.com>
+- Initial version

browserid/app.js

@@ -45,6 +45,7 @@ express = require('express'),
 secrets = require('../libs/secrets.js'),
 db = require('./lib/db.js'),
 configuration = require('../libs/configuration.js'),
+heartbeat = require('../libs/heartbeat.js'),
 substitution = require('../libs/substitute.js');
 metrics = require("../libs/metrics.js"),
 logger = require("../libs/logging.js").logger;
@@ -79,11 +80,16 @@ function router(app) {
     metrics.userEntry(req);
     res.render('dialog.ejs', {
       title: 'A Better Way to Sign In',
-      layout: false,
+      layout: 'dialog_layout.ejs',
+      useJavascript: true,
       production: configuration.get('use_minified_resources')
     });
   });
 
+  app.get("/unsupported_dialog", function(req,res) {
+    res.render('unsupported_dialog.ejs', {layout: 'dialog_layout.ejs', useJavascript: false});
+  });
+
   // simple redirects (internal for now)
   app.get('/register_iframe', internal_redirector('/dialog/register_iframe.html',true));
 
@@ -102,9 +108,6 @@ function router(app) {
     res.render('index.ejs', {title: 'A Better Way to Sign In', fullpage: true});
   });
 
-  // BA removed .html URLs. If we have 404s,
-  // we should set up some redirects
-
   app.get("/signup", function(req, res) {
     res.render('signup.ejs', {title: 'Sign Up', fullpage: false});
   });
@@ -141,7 +144,7 @@ function router(app) {
   REDIRECTS = {
     "/manage": "/",
     "/users": "/",
-    "/users/": "/",    
+    "/users/": "/",
     "/primaries" : "/developers",
     "/primaries/" : "/developers",
     "/developers" : "https://github.com/mozilla/browserid/wiki/How-to-Use-BrowserID-on-Your-Site"
@@ -160,6 +163,9 @@ function router(app) {
   // register all the WSAPI handlers
   wsapi.setup(app);
 
+  // setup health check / heartbeat
+  heartbeat.setup(app);
+
   // the public key
   app.get("/pk", function(req, res) {
     res.json(ca.PUBLIC_KEY.toSimpleObject());

browserid/lib/db_mysql.js

@@ -49,6 +49,7 @@
  *
  *
  *    +------ staged ----------+
+ *    |*int id                 |
  *    |*string secret          |
  *    | bool new_acct          |
  *    | string existing        |
@@ -67,10 +68,28 @@ var client = undefined;
 // may get defined at open() time causing a database to be dropped upon connection closing.
 var drop_on_close = undefined;
 
+// If you change these schemas, please notify <services-ops@mozilla.com>
 const schemas = [
-  "CREATE TABLE IF NOT EXISTS user   ( id INTEGER AUTO_INCREMENT PRIMARY KEY, passwd VARCHAR(64) );",
-  "CREATE TABLE IF NOT EXISTS email  ( id INTEGER AUTO_INCREMENT PRIMARY KEY, user INTEGER, INDEX(user), address VARCHAR(255) UNIQUE, INDEX(address) );",
-  "CREATE TABLE IF NOT EXISTS staged ( secret VARCHAR(48) PRIMARY KEY, new_acct BOOL, existing VARCHAR(255), email VARCHAR(255) UNIQUE, INDEX(email), ts TIMESTAMP DEFAULT CURRENT_TIMESTAMP);"
+  "CREATE TABLE IF NOT EXISTS user (" +
+    "id BIGINT AUTO_INCREMENT PRIMARY KEY," +
+    "passwd CHAR(64) NOT NULL" +
+    ") ENGINE=InnoDB;",
+
+  "CREATE TABLE IF NOT EXISTS email (" +
+    "id BIGINT AUTO_INCREMENT PRIMARY KEY," +
+    "user BIGINT NOT NULL," +
+    "address VARCHAR(255) UNIQUE NOT NULL," + 
+    "FOREIGN KEY user_fkey (user) REFERENCES user(id)" +
+    ") ENGINE=InnoDB;",
+
+  "CREATE TABLE IF NOT EXISTS staged (" +
+    "id BIGINT AUTO_INCREMENT PRIMARY KEY," +
+    "secret CHAR(48) UNIQUE NOT NULL," +
+    "new_acct BOOL NOT NULL," +
+    "existing VARCHAR(255)," +
+    "email VARCHAR(255) UNIQUE NOT NULL," +
+    "ts TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL" + 
+    ") ENGINE=InnoDB;",
 ];
 
 // log an unexpected database error
@@ -111,37 +130,39 @@ exports.open = function(cfg, cb) {
   }
 
   // now create the databse
-  client.query("CREATE DATABASE IF NOT EXISTS " + database, function(err) {
-    if (err) {
-      logUnexpectedError(err);
-      cb(err);
-      return;
-    }
-    client.useDatabase(database, function(err) {
+  if (cfg.create_schema || cfg.unit_test) {
+    client.query("CREATE DATABASE IF NOT EXISTS " + database, function(err) {
       if (err) {
         logUnexpectedError(err);
         cb(err);
         return;
       }
+      client.useDatabase(database, function(err) {
+        if (err) {
+          logUnexpectedError(err);
+          cb(err);
+          return;
+        }
 
-      // now create tables
-      function createNextTable(i) {
-        if (i < schemas.length) {
-          client.query(schemas[i], function(err) {
-            if (err) {
-              logUnexpectedError(err);
-              cb(err);
-            } else {
-              createNextTable(i+1);
-            }
-          });
-        } else {
-          cb();
+        // now create tables
+        function createNextTable(i) {
+          if (i < schemas.length) {
+            client.query(schemas[i], function(err) {
+              if (err) {
+                logUnexpectedError(err);
+                cb(err);
+              } else {
+                createNextTable(i+1);
+              }
+            });
+          } else {
+            cb();
+          }
         }
-      }
-      createNextTable(0);
+        createNextTable(0);
+      });
     });
-  });
+  };
 };
 
 exports.close = function(cb) {

browserid/lib/wsapi.js

@@ -278,7 +278,7 @@ function setup(app) {
 
         db.gotVerificationSecret(req.body.token, hash, function(err, email) {
           if (err) {
-            logger.error("error completing the verification: " + err);
+            logger.warn("couldn't complete email verification: " + err);
             resp.json({ success: false });
           } else {
             // FIXME: not sure if we want to do this (ba)
@@ -360,7 +360,7 @@ function setup(app) {
   app.post('/wsapi/complete_email_addition', checkParams(["token"]), function(req, resp) {
     db.gotVerificationSecret(req.body.token, undefined, function(e) {
       if (e) {
-        logger.error("error completing the verification: " + e);
+        logger.warn("couldn't complete email verification: " + e);
         resp.json({ success: false });
       } else {
         resp.json({ success: true });