From 952fcca88a04c3acaad97364efce918b56b87dcf Mon Sep 17 00:00:00 2001 From: "Steven R. Loomis" Date: Thu, 9 Jan 2025 16:10:24 -0600 Subject: [PATCH] CLDR-18165 cla: add GitHub login (#4244) --- tools/cldr-apps/js/src/esm/cldrAuth.mjs | 45 ++ tools/cldr-apps/js/src/esm/cldrCla.mjs | 1 + tools/cldr-apps/js/src/esm/cldrComponents.mjs | 4 + tools/cldr-apps/js/src/md/cla.md | 2 - tools/cldr-apps/js/src/views/MainMenu.vue | 6 +- tools/cldr-apps/js/src/views/SignCla.vue | 420 +++++++++++++----- tools/cldr-apps/pom.xml | 8 + .../org/unicode/cldr/web/ClaGithubList.java | 236 ++++++++++ .../org/unicode/cldr/web/ClaSignature.java | 3 + .../org/unicode/cldr/web/CookieSession.java | 15 +- .../java/org/unicode/cldr/web/WebContext.java | 14 + .../java/org/unicode/cldr/web/api/Auth.java | 62 +++ .../cldr/web/auth/GithubLoginFactory.java | 189 ++++++++ .../cldr/web/auth/GithubLoginServlet.java | 105 +++++ .../unicode/cldr/web/auth/LoginFactory.java | 23 + .../unicode/cldr/web/auth/LoginManager.java | 70 +++ .../unicode/cldr/web/auth/LoginSession.java | 69 +++ .../cldr/web/auth/OAuthLoginFactory.java | 6 + .../unicode/cldr/web/util/STRestClient.java | 76 ++++ .../src/main/liberty/config/server.xml | 2 +- .../cldr-apps/src/main/webapp/WEB-INF/web.xml | 22 +- .../unicode/cldr/web/TestClaGithubList.java | 64 +++ .../cldr/web/data/test-signatures.json | 58 +++ tools/pom.xml | 2 +- 24 files changed, 1367 insertions(+), 135 deletions(-) create mode 100644 tools/cldr-apps/js/src/esm/cldrAuth.mjs create mode 100644 tools/cldr-apps/src/main/java/org/unicode/cldr/web/ClaGithubList.java create mode 100644 tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/GithubLoginFactory.java create mode 100644 tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/GithubLoginServlet.java create mode 100644 tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/LoginFactory.java create mode 100644 tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/LoginManager.java create mode 100644 tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/LoginSession.java create mode 100644 tools/cldr-apps/src/main/java/org/unicode/cldr/web/auth/OAuthLoginFactory.java create mode 100644 tools/cldr-apps/src/main/java/org/unicode/cldr/web/util/STRestClient.java create mode 100644 tools/cldr-apps/src/test/java/org/unicode/cldr/web/TestClaGithubList.java create mode 100644 tools/cldr-apps/src/test/resources/org/unicode/cldr/web/data/test-signatures.json diff --git a/tools/cldr-apps/js/src/esm/cldrAuth.mjs b/tools/cldr-apps/js/src/esm/cldrAuth.mjs new file mode 100644 index 00000000000..94329d7be3f --- /dev/null +++ b/tools/cldr-apps/js/src/esm/cldrAuth.mjs @@ -0,0 +1,45 @@ +import * as cldrClient from "../esm/cldrClient.mjs"; +import * as cldrStatus from "../esm/cldrStatus.mjs"; + +/** + * Get the oauth login URL. See GithubLoginFactory#getLoginUrl() + * @param {object} o options bag + * @param {string} o.service which service, currently only 'github' is accepted + * @param {string} o.intent what the login URL is used for, currently only 'cla' + * @param {boolean} o.relogin if true, attempt re-login + */ +export async function getLoginUrl(o) { + const { service, intent, relogin } = o; + if (service !== "github") + throw Error(`only support service='github' but got ${service}`); + if (intent !== "cla") + throw Error(`only support intent='cla' but got ${intent}`); + const client = await cldrClient.getClient(); + const { url } = (await client.apis.auth.oauthUrl()).body; + const u = new URL(url); + const redir = new URL(window.location); + redir.search = ""; + redir.hash = ""; + redir.pathname = cldrStatus.getContextPath() + "/github-login"; + u.searchParams.set("redirect_uri", redir); + if (relogin) { + u.searchParams.set("prompt", "select_account"); + } + return u; +} + +/** + * If a valid github ID is in the session, return it, otherwise falsy + * @returns github ID or falsy + */ +export async function getGithubIdFromSession() { + try { + const client = await cldrClient.getClient(); + const { id } = (await client.apis.auth.oauthSession()).body; + return id; + } catch (e) { + console.error(e); + console.error("getGithubIdFromSession() failed"); + } + return null; +} diff --git a/tools/cldr-apps/js/src/esm/cldrCla.mjs b/tools/cldr-apps/js/src/esm/cldrCla.mjs index 90ce7eac47a..c52f9ed7c0a 100644 --- a/tools/cldr-apps/js/src/esm/cldrCla.mjs +++ b/tools/cldr-apps/js/src/esm/cldrCla.mjs @@ -4,6 +4,7 @@ import * as cldrNotify from "../esm/cldrNotify.mjs"; * see ClaSignature.java * @typedef {Object} ClaSignature * @property {boolean} corporate true if a corporate signature + * @property {boolean} noRights true if employer asserts no rights * @property {string} email * @property {string} employer * @property {string} name diff --git a/tools/cldr-apps/js/src/esm/cldrComponents.mjs b/tools/cldr-apps/js/src/esm/cldrComponents.mjs index 7fd83745174..2d379d0cb09 100644 --- a/tools/cldr-apps/js/src/esm/cldrComponents.mjs +++ b/tools/cldr-apps/js/src/esm/cldrComponents.mjs @@ -24,6 +24,7 @@ import { Button, Card, Checkbox, + Col, Collapse, CollapsePanel, Form, @@ -33,6 +34,7 @@ import { Popover, Progress, Radio, + Row, Select, Spin, Steps, @@ -62,6 +64,7 @@ function setup(app) { app.component("a-button", Button); app.component("a-card", Card); app.component("a-checkbox", Checkbox); + app.component("a-col", Col); app.component("a-collapse-panel", CollapsePanel); app.component("a-collapse", Collapse); app.component("a-form-item", Form.Item); @@ -77,6 +80,7 @@ function setup(app) { app.component("a-progress", Progress); app.component("a-radio-group", Radio.Group); app.component("a-radio", Radio); + app.component("a-row", Row); app.component("a-select", Select); app.component("a-spin", Spin); app.component("a-step", Steps.Step); diff --git a/tools/cldr-apps/js/src/md/cla.md b/tools/cldr-apps/js/src/md/cla.md index c1b478aef8b..e222b17eefb 100644 --- a/tools/cldr-apps/js/src/md/cla.md +++ b/tools/cldr-apps/js/src/md/cla.md @@ -1,7 +1,5 @@ # Contributor License Agreement (CLA) -Hello. We need your permission to use the data and information that you submit to the Unicode CLDR Survey Tool. To do this, we need a contributor license agreement (CLA) on file for you or your employer so that Unicode has the required permissions to use your contributions in our products and services. If you are seeing this message, it means we do not have such a CLA on file. If you believe you are already under a Unicode CLA (either your own or your employer’s) and are seeing this message in error, or if you have further questions, please contact [`cldr-cla@unicode.org`](mailto:cldr-cla@unicode.org). - If you would like to sign Unicode’s standard CLA so that you may contribute to other Unicode projects as well as Survey Tool, please refer to our [IP Policies](https://www.unicode.org/policies/licensing_policy.html) to find out how to get a standard CLA in place. *Alternatively*, if you do not wish to sign Unicode’s standard CLA and you wish to contribute only to the CLDR Survey Tool, you may agree to the following terms for your Survey Tool contributions: diff --git a/tools/cldr-apps/js/src/views/MainMenu.vue b/tools/cldr-apps/js/src/views/MainMenu.vue index 2621f4b3ff6..ba2fe275e20 100644 --- a/tools/cldr-apps/js/src/views/MainMenu.vue +++ b/tools/cldr-apps/js/src/views/MainMenu.vue @@ -9,7 +9,9 @@
  • @@ -155,7 +157,7 @@ export default { recentActivityUrl: null, uploadXmlUrl: null, userId: 0, - showClaMenu: false, // off by default, see CLDR-16499 + showClaMenu: true, }; }, diff --git a/tools/cldr-apps/js/src/views/SignCla.vue b/tools/cldr-apps/js/src/views/SignCla.vue index e18323424d8..2b4871a399f 100644 --- a/tools/cldr-apps/js/src/views/SignCla.vue +++ b/tools/cldr-apps/js/src/views/SignCla.vue @@ -1,130 +1,243 @@