[MediaWiki-commits] [Gerrit] mediawiki/vagrant[stretch-migration]: scholarships: Add OAuth provisioning

Mon, 15 Jan 2018 14:56:51 -0800 

BryanDavis has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/404397 )

Change subject: scholarships: Add OAuth provisioning
......................................................................

scholarships: Add OAuth provisioning

Provision an OAuth consumer and configure Scholarships to use it.

When adding this functionality to an existing VM where Scholarships has
already been provisioned the user will need to delete their existing
/vagrant/srv/scholarships/.env file. The Puppet module does not modify
existing environment files to allow for easier local debugging.

Bug: T119534
Change-Id: I097b8784d050c0fb5e93f92ab25512d3b7d9fb4d
---
M puppet/hieradata/common.yaml
M puppet/modules/role/manifests/scholarships.pp
M puppet/modules/scholarships/manifests/init.pp
M puppet/modules/scholarships/templates/env.erb
4 files changed, 30 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/vagrant 
refs/changes/97/404397/1

diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml
index 0ab34fe..2b53491 100644
--- a/puppet/hieradata/common.yaml
+++ b/puppet/hieradata/common.yaml
@@ -431,6 +431,9 @@
 role::phragile::install_dir: "%{hiera('mwv::services_dir')}/phragile"
 role::phragile::vhost_name: "phragile%{hiera('mwv::tld')}"
 
+role::scholarships::oauth_consumer_key: b7228f20b437989dbfc09178085df71a
+role::scholarships::oauth_secret_key: 3f01bf19915f3a56d9f6e5b5b7729593
+
 role::sentry::dsn: "%{hiera('sentry::dsn_file')}"
 
 role::wikidata::main_page: "Wiki:Main Page"
@@ -442,6 +445,9 @@
 scholarships::deploy_dir: "%{hiera('mwv::services_dir')}/scholarships"
 scholarships::cache_dir: /var/cache/scholarships
 scholarships::log_file: /vagrant/logs/scholarships.log
+scholarships::oauth_server: 
"http://dev.wiki.local.wmftest.net%{::port_fragment}";
+scholarships::oauth_consumer_token: b7228f20b437989dbfc09178085df71a
+scholarships::oauth_secret_token: f7841ded67f3f290360c67d347f9a62c85f171e5
 
 sentry::db_name: sentry
 sentry::db_user: sentry
diff --git a/puppet/modules/role/manifests/scholarships.pp 
b/puppet/modules/role/manifests/scholarships.pp
index 5511bd0..b40b2fa 100644
--- a/puppet/modules/role/manifests/scholarships.pp
+++ b/puppet/modules/role/manifests/scholarships.pp
@@ -4,6 +4,18 @@
 # *Note*: The application is provisioned using an Apache named virtual host.
 # Once the role is enabled and provisioned use the URL
 # http://scholarships.local.wmftest.net:8080/ to access the site.
-class role::scholarships {
+class role::scholarships (
+    $oauth_consumer_key,
+    $oauth_secret_key,
+) {
+    include ::mediawiki
     include ::scholarships
+
+    role::oauth::consumer { 'Wikimania Scholarships':
+        description  => 'Wikimania Scholarships',
+        consumer_key => $oauth_consumer_key,
+        secret_key   => $oauth_secret_key,
+        callback_url => 
"http://${::scholarships::vhost_name}${::port_fragment}/";,
+        grants       => ['authonlyprivate'],
+    }
 }
diff --git a/puppet/modules/scholarships/manifests/init.pp 
b/puppet/modules/scholarships/manifests/init.pp
index 492a4e5..2f45a9c 100644
--- a/puppet/modules/scholarships/manifests/init.pp
+++ b/puppet/modules/scholarships/manifests/init.pp
@@ -37,6 +37,9 @@
     $vhost_name,
     $cache_dir,
     $log_file,
+    $oauth_server,
+    $oauth_consumer_token,
+    $oauth_secret_token,
 ){
     include ::php
     include ::apache
diff --git a/puppet/modules/scholarships/templates/env.erb 
b/puppet/modules/scholarships/templates/env.erb
index 92c38a0..22eadc6 100644
--- a/puppet/modules/scholarships/templates/env.erb
+++ b/puppet/modules/scholarships/templates/env.erb
@@ -24,6 +24,14 @@
 ; Value should be compatible with PHP's strtotime() function
 APPLICATION_CLOSE=2038-01-01T00:00
 
+; OAuth settings
+USE_OAUTH=true
+OAUTH_CONSUMER_TOKEN=<%= @oauth_consumer_token %>
+OAUTH_SECRET_TOKEN=<%= @oauth_secret_token %>
+OAUTH_ENDPOINT="<%= @oauth_server %>/w/index.php?title=Special:OAuth"
+OAUTH_REDIR="<%= @oauth_server %>/wiki/Special:OAuth/authenticate?"
+OAUTH_CALLBACK=http://<%= @vhost_name %><%= scope['::port_fragment'] 
%>/oauth/callback
+
 ; This is a testing deployment
 MOCK=1
 SLIM_MODE=development

-- 
To view, visit https://gerrit.wikimedia.org/r/404397
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I097b8784d050c0fb5e93f92ab25512d3b7d9fb4d
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/vagrant
Gerrit-Branch: stretch-migration
Gerrit-Owner: BryanDavis <bda...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to