Closed
Bug 663276
Opened 13 years ago
Closed 13 years ago
Bring code in line with the 20110524 version of Verified Email Protocol
Categories
(Cloud Services :: Server: Identity, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: jrconlin, Unassigned)
References
Details
Attachments
(1 file, 1 obsolete file)
126.87 KB,
patch
|
rmiller
:
review+
|
Details | Diff | Splinter Review |
see https://wiki.mozilla.org/Identity/Verified_Email_Protocol for details and specifications.
Reporter | ||
Comment 1•13 years ago
|
||
Fairly beefy redo of the code base:
* Changed the OIDController to UserController (since we no longer have any OpenID elements)
* Added functions for new version of VEP
* Switched to cjson (faster than native json, since we're doing a LOT of json calls)
* switched back to a redis storage engine
* put JWS into it's own class (rather than sub methods)
* fixes to the admin pages for new setup.
It's a lot of code, you said you wouldn't hate me.
Happy to take pointers and dope slaps.
Attachment #538620 -
Flags: review?(rmiller)
Reporter | ||
Comment 2•13 years ago
|
||
Removed legacy function
Removed TODO
Added cert callback URL.
fixed base class for BaseController
Attachment #538620 -
Attachment is obsolete: true
Attachment #538620 -
Flags: review?(rmiller)
Attachment #539064 -
Flags: review?(rmiller)
Comment 3•13 years ago
|
||
Comment on attachment 539064 [details] [diff] [review]
Updated patch based on feedback
Review of attachment 539064 [details] [diff] [review]:
-----------------------------------------------------------------
Looks good. I added a couple of notes to places where some logging would probably be helpful (I actually did that the first time around, too, but it looks like splinter lost them).
::: oidserver/controllers/auth.py
@@ +53,5 @@
> + cert_info = jws.parse(request.params.get('certificate', None))
> + if cert_info is None:
> + raise HTTPBadRequest()
> + except JWSException:
> + raise HTTPBadRequest()
seems like we're losing some context information when we catch one exception and raise another, some logging is probably a good idea.
@@ +401,5 @@
> + email = self.app.storage.check_validation(uid, token)
> + except OIDStorageException:
> + raise HTTPBadRequest()
> + if not email:
> + raise HTTPBadRequest()
another place where logging would be helpful to distinguish btn these events after the fact.
Attachment #539064 -
Flags: review?(rmiller) → review+
Reporter | ||
Comment 4•13 years ago
|
||
submitted code: tip 71:89589c709aac
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•