New issue
Advanced search Search tips

Issue 714821 link

Starred by 1 user

Issue metadata

Status: Assigned
Owner:
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Use client-side Google Sign-In for chrome-infra-auth.appspot.com

Project Member Reported by vadimsh@chromium.org, Apr 24 2017

Issue description

See the blocked bug for reasoning why.

The plan:
1. Provide a way to setup OAuth2 client ID.
2. Convert existing routes to serve raw templates and javascript code.
3. Move the sign in to client side. Send "Authorization" header for auth.
 
Project Member

Comment 2 by bugdroid1@chromium.org, Apr 25 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/external/github.com/luci/luci-py.git/+/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a

commit a51c5be37a4090e71e8eb7e31a2c51da37c0f96a
Author: vadimsh <vadimsh@chromium.org>
Date: Tue Apr 25 20:48:06 2017

auth: Split UI pages into admin and non-admin ones.

Admin pages (involved in initial bootstrap) will stay as they are. Non-admin
pages will be converted to use client-side Google Sign-In flow.

R=nodir@chromium.org
BUG=714821

Review-Url: https://codereview.chromium.org/2838793002

[modify] https://crrev.com/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a/appengine/components/components/auth/ui/templates/access_denied.html
[add] https://crrev.com/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a/appengine/components/components/auth/ui/templates/admin/access_denied.html
[rename] https://crrev.com/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a/appengine/components/components/auth/ui/templates/admin/base.html
[rename] https://crrev.com/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a/appengine/components/components/auth/ui/templates/admin/bootstrap.html
[rename] https://crrev.com/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a/appengine/components/components/auth/ui/templates/admin/bootstrap_done.html
[rename] https://crrev.com/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a/appengine/components/components/auth/ui/templates/admin/bootstrap_oauth.html
[rename] https://crrev.com/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a/appengine/components/components/auth/ui/templates/admin/linking.html
[rename] https://crrev.com/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a/appengine/components/components/auth/ui/templates/admin/linking_done.html
[modify] https://crrev.com/a51c5be37a4090e71e8eb7e31a2c51da37c0f96a/appengine/components/components/auth/ui/ui.py

Project Member

Comment 3 by bugdroid1@chromium.org, May 1 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/external/github.com/luci/luci-py.git/+/872b28d8137e4f2211c32e549c4402085ed039fc

commit 872b28d8137e4f2211c32e549c4402085ed039fc
Author: vadimsh <vadimsh@chromium.org>
Date: Mon May 01 18:59:18 2017

auth_service: Fetch revisions of all configs (for UI) at once.

Also, do it in parallel. This will simplify the switch to client-side Single
Page Application by removing the need for per-tab callback (info for all tabs
will be fetched at once).

R=nodir@chromium.org
BUG=714821

Review-Url: https://codereview.chromium.org/2840053003

[modify] https://crrev.com/872b28d8137e4f2211c32e549c4402085ed039fc/appengine/auth_service/config.py
[modify] https://crrev.com/872b28d8137e4f2211c32e549c4402085ed039fc/appengine/auth_service/config_test.py
[modify] https://crrev.com/872b28d8137e4f2211c32e549c4402085ed039fc/appengine/auth_service/handlers_frontend.py
[modify] https://crrev.com/872b28d8137e4f2211c32e549c4402085ed039fc/appengine/auth_service/templates/config.html
[modify] https://crrev.com/872b28d8137e4f2211c32e549c4402085ed039fc/appengine/components/components/auth/ui/templates/base.html
[modify] https://crrev.com/872b28d8137e4f2211c32e549c4402085ed039fc/appengine/components/components/auth/ui/templates/ip_whitelists.html
[modify] https://crrev.com/872b28d8137e4f2211c32e549c4402085ed039fc/appengine/components/components/auth/ui/templates/oauth_config.html
[modify] https://crrev.com/872b28d8137e4f2211c32e549c4402085ed039fc/appengine/components/components/auth/ui/ui.py

Blocking: -712506
chrome-infra-auth has been switched to use GAE Users API, and thus this bug now is nice-to-have UI improvement. It doesn't block issue 712506 anymore.

Sign in to add a comment