Bug 1174057: Backport upstream bug 1170722 to add app_ids for auth de…

…legation
mozilla-bteam · Jun 16, 2015 · d2d610f · d2d610f
1 parent a48e145
commit d2d610f
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 13 deletions.
diff --git a/Bugzilla/DB/Schema.pm b/Bugzilla/DB/Schema.pm
@@ -1757,15 +1757,17 @@ use constant ABSTRACT_SCHEMA => {
                               REFERENCES => {TABLE  => 'profiles',
                                              COLUMN => 'userid',
                                              DELETE => 'CASCADE'}},
-            api_key       => {TYPE => 'VARCHAR(40)', NOTNULL => 1},
-            description   => {TYPE => 'VARCHAR(255)'},
+            api_key       => {TYPE => 'varchar(40)', NOTNULL => 1},
+            description   => {TYPE => 'varchar(255)'},
             revoked       => {TYPE => 'BOOLEAN', NOTNULL => 1,
                               DEFAULT => 'FALSE'},
             last_used     => {TYPE => 'DATETIME'},
+            app_id        => {TYPE => 'varchar(64)'},
         ],
         INDEXES => [
             user_api_keys_api_key_idx => {FIELDS => ['api_key'], TYPE => 'UNIQUE'},
             user_api_keys_user_id_idx => ['user_id'],
+            user_api_keys_user_id_app_id_idx  => ['user_id', 'app_id'],
         ],
     },
 };

diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm
@@ -725,6 +725,11 @@ sub update_table_definitions {
     $dbh->bz_add_column('keyworddefs', 'is_active',
                         {TYPE => 'BOOLEAN', NOTNULL => 1, DEFAULT => 'TRUE'});
 
+    $dbh->bz_add_column('user_api_keys', 'app_id',
+                        {TYPE => 'varchar(64)'});
+    $dbh->bz_add_index('user_api_keys', 'user_api_keys_user_id_app_id_idx',
+                       [qw(user_id app_id)]);
+
     ################################################################
     # New --TABLE-- changes should go *** A B O V E *** this point #
     ################################################################

diff --git a/auth.cgi b/auth.cgi
@@ -22,6 +22,7 @@ use Bugzilla::Mailer qw(MessageToMTA);
 
 use URI;
 use URI::QueryParam;
+use Digest::SHA qw(sha256_hex);
 
 Bugzilla->login(LOGIN_REQUIRED);
 
@@ -61,20 +62,33 @@ if ($confirmed || $skip_confirmation) {
                            { token => $token, callback => $callback });
         }
     }
-
-    my $new_key = Bugzilla::User::APIKey->create({
-        user_id     => $user->id,
-        description => $description,
+    my $app_id = sha256_hex($callback_uri, $description);
+    my $keys = Bugzilla::User::APIKey->match({
+        user_id => $user->id,
+        app_id  => $app_id,
+        revoked => 0,
     });
-    my $template = Bugzilla->template_inner($user->setting('lang'));
-    my $vars = { user => $user, new_key => $new_key };
-    my $message;
-    $template->process('email/new-api-key.txt.tmpl', $vars, \$message)
-      or ThrowTemplateError($template->error());
 
-    MessageToMTA($message);
+    my $api_key;
+    if (@$keys) {
+        $api_key = $keys->[0];
+    }
+    else {
+        $api_key = Bugzilla::User::APIKey->create({
+            user_id     => $user->id,
+            description => $description,
+            app_id      => $app_id,
+        });
+        my $template = Bugzilla->template_inner($user->setting('lang'));
+        my $vars = { user => $user, new_key => $api_key };
+        my $message;
+        $template->process('email/new-api-key.txt.tmpl', $vars, \$message)
+          or ThrowTemplateError($template->error());
+
+        MessageToMTA($message);
+    }
 
-    $callback_uri->query_param(client_api_key   => $new_key->api_key);
+    $callback_uri->query_param(client_api_key   => $api_key->api_key);
     $callback_uri->query_param(client_api_login => $user->login);
 
     print $cgi->redirect($callback_uri);