Project

General

Profile

Actions

Bug #14799

closed

[SSO] bump the omniauth-google-oauth2 gem to 0.6.0

Added by Ward Vandewege about 5 years ago. Updated about 5 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
-
Target version:
Start date:
02/01/2019
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
-
Release relationship:
Auto

Description

The SSO server package has version 0.5.2 of the omniauth-google-oauth2 gem. That version still uses some Google+ APIs, which are being shut down on March 7th (cf. https://developers.google.com/+/web/api/rest/openidconnect/getOpenIdConnect). Upgrade that gem to 0.6.0 to avoid issues.


Subtasks 1 (0 open1 closed)

Task #14805: Review 14799-google-oauth2-bumpResolvedWard Vandewege02/01/2019

Actions
Actions #1

Updated by Ward Vandewege about 5 years ago

  • Description updated (diff)
Actions #2

Updated by Tom Morris about 5 years ago

  • Target version set to 2019-02-13 Sprint
  • Release set to 21
Actions #3

Updated by Peter Amstutz about 5 years ago

  • Assigned To set to Peter Amstutz
  • Target version deleted (2019-02-13 Sprint)
  • Release deleted (21)
Actions #4

Updated by Tom Morris about 5 years ago

  • Target version set to 2019-02-13 Sprint
  • Release set to 21
Actions #5

Updated by Peter Amstutz about 5 years ago

14799-google-oauth2-bump @ 3fb33817af5bf4edbaef406936dd6d51b133cc72

Just updates packages in Gemfile.lock

In testing, was able to get a successful google sign-on, but the redirects back to workbench didn't quite work for me. I'm pretty sure it is due to test environment issues -- my development instance doesn't have its own resolvable DNS hostname, and google doesn't let you use an IP address for the authorized callback URI.

Most likely this will either work with no configuration changes (able to continue using existing oauth2 client ids), or only require issuing a new oauth2 client id (if the old google+ scopes are a problem.)

Actions #6

Updated by Ward Vandewege about 5 years ago

Peter Amstutz wrote:

14799-google-oauth2-bump @ 3fb33817af5bf4edbaef406936dd6d51b133cc72

Just updates packages in Gemfile.lock

In testing, was able to get a successful google sign-on, but the redirects back to workbench didn't quite work for me. I'm pretty sure it is due to test environment issues -- my development instance doesn't have its own resolvable DNS hostname, and google doesn't let you use an IP address for the authorized callback URI.

Most likely this will either work with no configuration changes (able to continue using existing oauth2 client ids), or only require issuing a new oauth2 client id (if the old google+ scopes are a problem.)

LGTM, tested without issues. Please merge.

Actions #7

Updated by Ward Vandewege about 5 years ago

  • Status changed from New to In Progress
Actions #8

Updated by Ward Vandewege about 5 years ago

  • Status changed from In Progress to Resolved
Actions

Also available in: Atom PDF