Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(351)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: appengine/components/components/auth/api.py

Issue 2836223002: auth: Add a page to setup web client ID for a service. (Closed)
Patch Set: nit Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | appengine/components/components/auth/api_test.py » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: appengine/components/components/auth/api.py
diff --git a/appengine/components/components/auth/api.py b/appengine/components/components/auth/api.py
index 9c5224b0b113a7009d8627b01390681b3bcaa390..6ab505b226da8fb3b961e7437b5213fadfbbd4c3 100644
--- a/appengine/components/components/auth/api.py
+++ b/appengine/components/components/auth/api.py
@@ -29,6 +29,7 @@ from google.appengine.ext import ndb
from google.appengine.ext.ndb import metadata
from google.appengine.runtime import apiproxy_errors
+from components.datastore_utils import config as ds_config
from components import utils
from . import config
@@ -47,6 +48,7 @@ __all__ = [
'get_peer_ip',
'get_process_cache_expiration_sec',
'get_secret',
+ 'get_web_client_id',
'is_admin',
'is_group_member',
'is_in_ip_whitelist',
@@ -446,6 +448,41 @@ class AuthDB(object):
################################################################################
+## OAuth client configuration for the web UI.
+
+
+class AuthWebUIConfig(ds_config.GlobalConfig):
+ """Configuration of web UI (updated through /auth/bootstrap/oauth).
+
+ See BootstrapOAuthHandler in ui/ui.py for where this config is updated.
+ """
+ web_client_id = ndb.StringProperty(indexed=False, default='')
+
+
+@utils.cache_with_expiration(300)
+def get_web_client_id():
+ """Returns OAuth2 client ID for the web UI (if configured) or '' (if not).
+
+ Can be used by components.auth API users to inject a web client ID into pages.
+ """
+ return get_web_client_id_uncached()
+
+
+def get_web_client_id_uncached():
+ """Fetches web client ID from the datastore (slow, use get_web_client_id)."""
+ cfg = AuthWebUIConfig.fetch()
+ return cfg.web_client_id if cfg else ''
+
+
+def set_web_client_id(web_client_id):
+ """Changes the configured OAuth2 client ID for the web UI."""
+ cfg = AuthWebUIConfig.fetch() or AuthWebUIConfig()
+ cfg.modify(
+ updated_by=get_current_identity().to_bytes(),
+ web_client_id=web_client_id)
+
+
+################################################################################
## OAuth token check.
@@ -819,9 +856,12 @@ def fetch_auth_db(known_version=None):
if not _lazy_bootstrap_ran:
model.AuthGlobalConfig.get_or_insert(root_key.string_id())
_lazy_bootstrap_ran = True
- # Call the user-supplied callback in non-transactional context.
+ # Call the user-supplied callbacks in non-transactional context.
if _additional_client_ids_cb:
additional_client_ids.extend(_additional_client_ids_cb())
+ web_id = get_web_client_id()
+ if web_id:
nodir 2017/04/24 22:34:23 and not in additional_client_ids
Vadim Sh. 2017/04/24 22:40:23 This is unnecessary, deduplication happens later i
+ additional_client_ids.append(web_id)
@ndb.transactional(propagation=ndb.TransactionOptions.INDEPENDENT)
def fetch():
« no previous file with comments | « no previous file | appengine/components/components/auth/api_test.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698