[MediaWiki-commits] [Gerrit] mediawiki/vagrant[master]: scholarships: Add OAuth provisioning

jenkins-bot (Code Review) Mon, 15 Jan 2018 15:15:07 -0800

jenkins-bot has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/404398 )


Change subject: scholarships: Add OAuth provisioning
......................................................................


scholarships: Add OAuth provisioning

Provision an OAuth consumer and configure Scholarships to use it.

When adding this functionality to an existing VM where Scholarships has
already been provisioned the user will need to delete their existing
/vagrant/srv/scholarships/.env file. The Puppet module does not modify
existing environment files to allow for easier local debugging.

Bug: T119534
Change-Id: I097b8784d050c0fb5e93f92ab25512d3b7d9fb4d
---
M puppet/hieradata/common.yaml
M puppet/modules/role/manifests/scholarships.pp
M puppet/modules/scholarships/manifests/init.pp
M puppet/modules/scholarships/templates/env.erb
4 files changed, 30 insertions(+), 1 deletion(-)

Approvals:
  BryanDavis: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml
index 700b8d5..2d78951 100644
--- a/puppet/hieradata/common.yaml
+++ b/puppet/hieradata/common.yaml
@@ -442,6 +442,9 @@
 role::phragile::install_dir: "%{hiera('mwv::services_dir')}/phragile"
 role::phragile::vhost_name: "phragile%{hiera('mwv::tld')}"
 
+role::scholarships::oauth_consumer_key: b7228f20b437989dbfc09178085df71a
+role::scholarships::oauth_secret_key: 3f01bf19915f3a56d9f6e5b5b7729593
+
 role::sentry::dsn: "%{hiera('sentry::dsn_file')}"
 
 role::wikidata::main_page: "Wiki:Main Page"
@@ -455,6 +458,9 @@
 scholarships::deploy_dir: "%{hiera('mwv::services_dir')}/scholarships"
 scholarships::cache_dir: /var/cache/scholarships
 scholarships::log_file: /vagrant/logs/scholarships.log
+scholarships::oauth_server: 
"http://dev.wiki.local.wmftest.net%{::port_fragment}";
+scholarships::oauth_consumer_token: b7228f20b437989dbfc09178085df71a
+scholarships::oauth_secret_token: f7841ded67f3f290360c67d347f9a62c85f171e5
 
 sentry::db_name: sentry
 sentry::db_user: sentry
diff --git a/puppet/modules/role/manifests/scholarships.pp 
b/puppet/modules/role/manifests/scholarships.pp
index 5511bd0..b40b2fa 100644
--- a/puppet/modules/role/manifests/scholarships.pp
+++ b/puppet/modules/role/manifests/scholarships.pp
@@ -4,6 +4,18 @@
 # *Note*: The application is provisioned using an Apache named virtual host.
 # Once the role is enabled and provisioned use the URL
 # http://scholarships.local.wmftest.net:8080/ to access the site.
-class role::scholarships {
+class role::scholarships (
+    $oauth_consumer_key,
+    $oauth_secret_key,
+) {
+    include ::mediawiki
     include ::scholarships
+
+    role::oauth::consumer { 'Wikimania Scholarships':
+        description  => 'Wikimania Scholarships',
+        consumer_key => $oauth_consumer_key,
+        secret_key   => $oauth_secret_key,
+        callback_url => 
"http://${::scholarships::vhost_name}${::port_fragment}/";,
+        grants       => ['authonlyprivate'],
+    }
 }
diff --git a/puppet/modules/scholarships/manifests/init.pp 
b/puppet/modules/scholarships/manifests/init.pp
index 492a4e5..2f45a9c 100644
--- a/puppet/modules/scholarships/manifests/init.pp
+++ b/puppet/modules/scholarships/manifests/init.pp
@@ -37,6 +37,9 @@
     $vhost_name,
     $cache_dir,
     $log_file,
+    $oauth_server,
+    $oauth_consumer_token,
+    $oauth_secret_token,
 ){
     include ::php
     include ::apache
diff --git a/puppet/modules/scholarships/templates/env.erb 
b/puppet/modules/scholarships/templates/env.erb
index 92c38a0..22eadc6 100644
--- a/puppet/modules/scholarships/templates/env.erb
+++ b/puppet/modules/scholarships/templates/env.erb
@@ -24,6 +24,14 @@
 ; Value should be compatible with PHP's strtotime() function
 APPLICATION_CLOSE=2038-01-01T00:00
 
+; OAuth settings
+USE_OAUTH=true
+OAUTH_CONSUMER_TOKEN=<%= @oauth_consumer_token %>
+OAUTH_SECRET_TOKEN=<%= @oauth_secret_token %>
+OAUTH_ENDPOINT="<%= @oauth_server %>/w/index.php?title=Special:OAuth"
+OAUTH_REDIR="<%= @oauth_server %>/wiki/Special:OAuth/authenticate?"
+OAUTH_CALLBACK=http://<%= @vhost_name %><%= scope['::port_fragment'] 
%>/oauth/callback
+
 ; This is a testing deployment
 MOCK=1
 SLIM_MODE=development

-- 
To view, visit https://gerrit.wikimedia.org/r/404398
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I097b8784d050c0fb5e93f92ab25512d3b7d9fb4d
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/vagrant
Gerrit-Branch: master
Gerrit-Owner: BryanDavis <bda...@wikimedia.org>
Gerrit-Reviewer: BryanDavis <bda...@wikimedia.org>
Gerrit-Reviewer: Dduvall <dduv...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] mediawiki/vagrant[master]: scholarships: Add OAuth provisioning

Reply via email to