about summary refs log tree commit diff
path: root/third_party/gerrit_plugins/oauth
diff options
context:
space:
mode:
authorLuke Granger-Brown <git@lukegb.com>2022-09-11T16·34+0100
committerlukegb <lukegb@tvl.fyi>2022-09-11T16·56+0000
commit19c072304541a97e5bc62b928d753f20489b9c7c (patch)
treea0e641ba9ccec9c7edfa72ad0d978e5e1c19fbcd /third_party/gerrit_plugins/oauth
parent43a2eaa1b6e74574b2f7672340d0ac1aff03a0e2 (diff)
chore(3p): gerrit: 3.4.0 -> 3.6.1 r/4817
This change cannot be deployed OOTB: you must upgrade
by 3.5.2+ first, and run copy-approvals.

Change-Id: Ia2e49da4d801a21a3db59e2d5b054eeb46d7dc79
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6505
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Diffstat (limited to 'third_party/gerrit_plugins/oauth')
-rw-r--r--third_party/gerrit_plugins/oauth/cas-6x.patch69
-rw-r--r--third_party/gerrit_plugins/oauth/default.nix14
2 files changed, 3 insertions, 80 deletions
diff --git a/third_party/gerrit_plugins/oauth/cas-6x.patch b/third_party/gerrit_plugins/oauth/cas-6x.patch
deleted file mode 100644
index 7494298b3f26..000000000000
--- a/third_party/gerrit_plugins/oauth/cas-6x.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasApi.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasApi.java
-index 450549f..27310cd 100644
---- a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasApi.java
-+++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasApi.java
-@@ -15,7 +15,7 @@
- package com.googlesource.gerrit.plugins.oauth;
- 
- import com.github.scribejava.core.builder.api.DefaultApi20;
--import com.github.scribejava.core.extractors.OAuth2AccessTokenExtractor;
-+import com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor;
- import com.github.scribejava.core.extractors.TokenExtractor;
- import com.github.scribejava.core.model.OAuth2AccessToken;
- import com.github.scribejava.core.oauth2.bearersignature.BearerSignature;
-@@ -47,6 +47,6 @@ public class CasApi extends DefaultApi20 {
- 
-   @Override
-   public TokenExtractor<OAuth2AccessToken> getAccessTokenExtractor() {
--    return OAuth2AccessTokenExtractor.instance();
-+    return OAuth2AccessTokenJsonExtractor.instance();
-   }
- }
-diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java
-index 5f3e4a1..fc5bc50 100644
---- a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java
-+++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java
-@@ -106,36 +106,14 @@ class CasOAuthService implements OAuthServiceProvider {
-         throw new IOException(String.format("CAS response missing id: %s", response.getBody()));
-       }
- 
--      JsonElement attrListJson = jsonObject.get("attributes");
--      if (attrListJson == null) {
--        throw new IOException(
--            String.format("CAS response missing attributes: %s", response.getBody()));
--      }
--
-       String email = null, name = null, login = null;
--      if (attrListJson.isJsonArray()) {
--        // It is possible for CAS to be configured to not return any attributes (email, name,
--        // login),
--        // in which case,
--        // CAS returns an empty JSON object "attributes":{}, rather than "null" or an empty JSON
--        // array
--        // "attributes": []
--
--        JsonArray attrJson = attrListJson.getAsJsonArray();
--        for (JsonElement elem : attrJson) {
--          if (elem == null || !elem.isJsonObject()) {
--            throw new IOException(String.format("Invalid JSON '%s': not a JSON Object", elem));
--          }
--          JsonObject obj = elem.getAsJsonObject();
--
--          String property = getStringElement(obj, "email");
--          if (property != null) email = property;
--          property = getStringElement(obj, "name");
--          if (property != null) name = property;
--          property = getStringElement(obj, "login");
--          if (property != null) login = property;
--        }
--      }
-+
-+      String property = getStringElement(jsonObject, "mail");
-+      if (property != null) email = property;
-+      property = getStringElement(jsonObject, "displayName");
-+      if (property != null) name = property;
-+      property = getStringElement(jsonObject, "uid");
-+      if (property != null) login = property;
- 
-       return new OAuthUserInfo(
-           CAS_PROVIDER_PREFIX + id.getAsString(),
diff --git a/third_party/gerrit_plugins/oauth/default.nix b/third_party/gerrit_plugins/oauth/default.nix
index 01748ba84220..04d4244f4d17 100644
--- a/third_party/gerrit_plugins/oauth/default.nix
+++ b/third_party/gerrit_plugins/oauth/default.nix
@@ -5,23 +5,15 @@ let
 in
 buildGerritBazelPlugin rec {
   name = "oauth";
-  depsOutputHash = "sha256:0j86amkw54y177s522hc988hqg034fsrkywbsb9a7h14zwcqbran";
+  depsOutputHash = "sha256:14xw282ianq52y5cbcpxrlkfjjakcvh7igpkvs49hcgcb7v4rds8";
   src = pkgs.fetchgit {
     url = "https://gerrit.googlesource.com/plugins/oauth";
-    rev = "4aa7322db5ec221b2419e12a9ec7af5b8c66659c";
-    sha256 = "1szra3pjl0axf4a7k96flpk7rhfvp37rdxay4gbglh939gzbba88";
+    rev = "f9bef7476bc99f7b1dc3fe2d52ec95cd7ac571dc";
+    sha256 = "08wf50bz7ash37mzlrxfy7hvmjsf6s4ncpcw5969hs9hjvjfj4dz";
   };
   overlayPluginCmd = ''
     chmod +w "$out" "$out/plugins/external_plugin_deps.bzl"
     cp -R "${src}" "$out/plugins/${name}"
     cp "${src}/external_plugin_deps.bzl" "$out/plugins/external_plugin_deps.bzl"
   '';
-
-  # The code in the OAuth repo expects CAS to return oauth2 access tokens as urlencoded.
-  # Our version of CAS returns them as JSON instead.
-  postPatch = ''
-    pushd plugins/oauth
-    patch -p1 <${./cas-6x.patch}
-    popd
-  '';
 }