Bug #14799

[SSO] bump the omniauth-google-oauth2 gem to 0.6.0

Added by Ward Vandewege 7 months ago. Updated 7 months ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
-
Target version:
Start date:
02/01/2019
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
-
Release relationship:
Auto

Description

The SSO server package has version 0.5.2 of the omniauth-google-oauth2 gem. That version still uses some Google+ APIs, which are being shut down on March 7th (cf. https://developers.google.com/+/web/api/rest/openidconnect/getOpenIdConnect). Upgrade that gem to 0.6.0 to avoid issues.


Subtasks

Task #14805: Review 14799-google-oauth2-bumpResolvedWard Vandewege

Associated revisions

Revision f2a4226d
Added by Peter Amstutz 7 months ago

Merge branch '14799-google-oauth2-bump' refs #14799

Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <>

History

#1 Updated by Ward Vandewege 7 months ago

  • Description updated (diff)

#2 Updated by Tom Morris 7 months ago

  • Target version set to 2019-02-13 Sprint
  • Release set to 21

#3 Updated by Peter Amstutz 7 months ago

  • Assigned To set to Peter Amstutz
  • Target version deleted (2019-02-13 Sprint)
  • Release deleted (21)

#4 Updated by Tom Morris 7 months ago

  • Target version set to 2019-02-13 Sprint
  • Release set to 21

#5 Updated by Peter Amstutz 7 months ago

14799-google-oauth2-bump @ 3fb33817af5bf4edbaef406936dd6d51b133cc72

Just updates packages in Gemfile.lock

In testing, was able to get a successful google sign-on, but the redirects back to workbench didn't quite work for me. I'm pretty sure it is due to test environment issues -- my development instance doesn't have its own resolvable DNS hostname, and google doesn't let you use an IP address for the authorized callback URI.

Most likely this will either work with no configuration changes (able to continue using existing oauth2 client ids), or only require issuing a new oauth2 client id (if the old google+ scopes are a problem.)

#6 Updated by Ward Vandewege 7 months ago

Peter Amstutz wrote:

14799-google-oauth2-bump @ 3fb33817af5bf4edbaef406936dd6d51b133cc72

Just updates packages in Gemfile.lock

In testing, was able to get a successful google sign-on, but the redirects back to workbench didn't quite work for me. I'm pretty sure it is due to test environment issues -- my development instance doesn't have its own resolvable DNS hostname, and google doesn't let you use an IP address for the authorized callback URI.

Most likely this will either work with no configuration changes (able to continue using existing oauth2 client ids), or only require issuing a new oauth2 client id (if the old google+ scopes are a problem.)

LGTM, tested without issues. Please merge.

#7 Updated by Ward Vandewege 7 months ago

  • Status changed from New to In Progress

#8 Updated by Ward Vandewege 7 months ago

  • Status changed from In Progress to Resolved

Also available in: Atom PDF