launchpad-reviewers team mailing list archive

Thread
Date

[Merge] lp:~cjwatson/launchpad/testopenid-certificate into lp:launchpad

To: mp+314768@xxxxxxxxxxxxxxxxxx
From: Colin Watson <cjwatson@xxxxxxxxxxxxx>
Date: Sat, 14 Jan 2017 15:46:30 -0000
Reply-to: mp+314768@xxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Colin Watson has proposed merging lp:~cjwatson/launchpad/testopenid-certificate into lp:launchpad.

Commit message:
When using the test OpenID provider, tell python-openid about its certificate.

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/testopenid-certificate/+merge/314768

More recent Python 2.7 maintenance releases than those in precise are pickier about this.
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~cjwatson/launchpad/testopenid-certificate into lp:launchpad.

=== modified file 'lib/launchpad_loggerhead/app.py'
--- lib/launchpad_loggerhead/app.py	2015-05-27 11:25:32 +0000
+++ lib/launchpad_loggerhead/app.py	2017-01-14 15:45:28 +0000
@@ -1,4 +1,4 @@
-# Copyright 2009-2015 Canonical Ltd.  This software is licensed under the
+# Copyright 2009-2017 Canonical Ltd.  This software is licensed under the
 # GNU Affero General Public License version 3 (see the file LICENSE).
 
 import logging
@@ -50,6 +50,7 @@
 from lp.codehosting.vfs import get_lp_server
 from lp.services.config import config
 from lp.services.webapp.errorlog import ErrorReportingUtility
+from lp.services.webapp.openid import set_default_openid_fetcher
 from lp.services.webapp.vhosts import allvhosts
 from lp.xmlrpc import faults
 
@@ -65,6 +66,9 @@
 thread_locals = threading.local()
 
 
+set_default_openid_fetcher()
+
+
 def check_fault(fault, *fault_classes):
     """Check if 'fault's faultCode matches any of 'fault_classes'.
 

=== modified file 'lib/lp/services/webapp/login.py'
--- lib/lp/services/webapp/login.py	2016-05-19 02:02:39 +0000
+++ lib/lp/services/webapp/login.py	2017-01-14 15:45:28 +0000
@@ -1,7 +1,9 @@
-# Copyright 2009-2016 Canonical Ltd.  This software is licensed under the
+# Copyright 2009-2017 Canonical Ltd.  This software is licensed under the
 # GNU Affero General Public License version 3 (see the file LICENSE).
 """Stuff to do with logging in and logging out."""
 
+from __future__ import absolute_import
+
 __metaclass__ = type
 
 from datetime import (
@@ -20,10 +22,6 @@
     pape,
     sreg,
     )
-from openid.fetchers import (
-    setDefaultFetcher,
-    Urllib2Fetcher,
-    )
 from paste.httpexceptions import (
     HTTPBadRequest,
     HTTPException,
@@ -67,6 +65,7 @@
     IPlacelessLoginSource,
     LoggedOutEvent,
     )
+from lp.services.webapp.openid import set_default_openid_fetcher
 from lp.services.webapp.publisher import LaunchpadView
 from lp.services.webapp.url import urlappend
 from lp.services.webapp.vhosts import allvhosts
@@ -160,11 +159,7 @@
             name='+basiclogin')
 
 
-# The Python OpenID package uses pycurl by default, but pycurl chokes on
-# self-signed certificates (like the ones we use when developing), so we
-# change the default to urllib2 here.  That's also a good thing because it
-# ensures we test the same thing that we run on production.
-setDefaultFetcher(Urllib2Fetcher())
+set_default_openid_fetcher()
 
 
 class OpenIDLogin(LaunchpadView):

=== added file 'lib/lp/services/webapp/openid.py'
--- lib/lp/services/webapp/openid.py	1970-01-01 00:00:00 +0000
+++ lib/lp/services/webapp/openid.py	2017-01-14 15:45:28 +0000
@@ -0,0 +1,35 @@
+# Copyright 2009-2017 Canonical Ltd.  This software is licensed under the
+# GNU Affero General Public License version 3 (see the file LICENSE).
+
+"""OpenID consumer configuration."""
+
+from __future__ import absolute_import, print_function, unicode_literals
+
+__metaclass__ = type
+
+__all__ = [
+    'set_default_openid_fetcher',
+    ]
+
+from functools import partial
+import os.path
+import urllib2
+
+from openid.fetchers import (
+    setDefaultFetcher,
+    Urllib2Fetcher,
+    )
+
+from lp.services.config import config
+
+
+# The Python OpenID package uses pycurl by default, but pycurl chokes on
+# self-signed certificates (like the ones we use when developing), so we
+# change the default to urllib2 here.  That's also a good thing because it
+# ensures we test the same thing that we run on production.
+def set_default_openid_fetcher():
+    fetcher = Urllib2Fetcher()
+    if config.launchpad.enable_test_openid_provider:
+        cafile = os.path.join(config.root, "configs/development/launchpad.crt")
+        fetcher.urlopen = partial(urllib2.urlopen, cafile=cafile)
+    setDefaultFetcher(fetcher)

Follow ups

[Merge] lp:~cjwatson/launchpad/testopenid-certificate into lp:launchpad
From: noreply, 2017-01-25
Re: [Merge] lp:~cjwatson/launchpad/testopenid-certificate into lp:launchpad
From: William Grant, 2017-01-18