Project

General

Profile

Actions
Copy link

Bug #14799

closed

[SSO] bump the omniauth-google-oauth2 gem to 0.6.0

Added by Ward Vandewege almost 6 years ago. Updated almost 6 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Peter Amstutz
Category:
-
Target version:
2019-02-13 Sprint
Story points:
-
Release:
Arvados 1.3.1
Release relationship:
Auto

Description

The SSO server package has version 0.5.2 of the omniauth-google-oauth2 gem. That version still uses some Google+ APIs, which are being shut down on March 7th (cf. https://developers.google.com/+/web/api/rest/openidconnect/getOpenIdConnect). Upgrade that gem to 0.6.0 to avoid issues.

Subtasks 1 (0 open1 closed)

Task #14805: Review 14799-google-oauth2-bumpResolvedWard Vandewege02/01/2019Actions
Actions
Copy link
 #1

Updated by Ward Vandewege almost 6 years ago

  • Description updated (diff)
Actions
Copy link
 #2

Updated by Tom Morris almost 6 years ago

  • Target version set to 2019-02-13 Sprint
  • Release set to 21
Actions
Copy link
 #3

Updated by Peter Amstutz almost 6 years ago

  • Assigned To set to Peter Amstutz
  • Target version deleted (2019-02-13 Sprint)
  • Release deleted (21)
Actions
Copy link
 #4

Updated by Tom Morris almost 6 years ago

  • Target version set to 2019-02-13 Sprint
  • Release set to 21
Actions
Copy link
 #5

Updated by Peter Amstutz almost 6 years ago

14799-google-oauth2-bump @ 3fb33817af5bf4edbaef406936dd6d51b133cc72

Just updates packages in Gemfile.lock

In testing, was able to get a successful google sign-on, but the redirects back to workbench didn't quite work for me. I'm pretty sure it is due to test environment issues -- my development instance doesn't have its own resolvable DNS hostname, and google doesn't let you use an IP address for the authorized callback URI.

Most likely this will either work with no configuration changes (able to continue using existing oauth2 client ids), or only require issuing a new oauth2 client id (if the old google+ scopes are a problem.)

Actions
Copy link
 #6

Updated by Ward Vandewege almost 6 years ago

Peter Amstutz wrote:

14799-google-oauth2-bump @ 3fb33817af5bf4edbaef406936dd6d51b133cc72

Just updates packages in Gemfile.lock

In testing, was able to get a successful google sign-on, but the redirects back to workbench didn't quite work for me. I'm pretty sure it is due to test environment issues -- my development instance doesn't have its own resolvable DNS hostname, and google doesn't let you use an IP address for the authorized callback URI.

Most likely this will either work with no configuration changes (able to continue using existing oauth2 client ids), or only require issuing a new oauth2 client id (if the old google+ scopes are a problem.)

LGTM, tested without issues. Please merge.

Actions
Copy link
 #7

Updated by Ward Vandewege almost 6 years ago

  • Status changed from New to In Progress
Actions
Copy link
 #8

Updated by Ward Vandewege almost 6 years ago

  • Status changed from In Progress to Resolved
Actions
Copy link

Also available in: Atom PDF