From 4afce5d94d056bd70582de1ba8f20cf7df9d55d1 Mon Sep 17 00:00:00 2001
From: Dinesh <chdinesh1089@gmail.com>
Date: Fri, 26 Jun 2020 15:52:48 +0530
Subject: [PATCH] apple_auth: Change BUNDLE_ID setting to APP_ID everywhere.

The apple developer webapp consistently refers this App ID. So,
this clears any confusion that can occur.

Since python social auth only requires us to include App ID in
_AUDIENCE(a list), we do that in computed settings making it easier for
server admin and we make it much clear by having it set to
APP_ID instead of BUNDLE_ID.
---
 docs/development/authentication.md        | 4 ++--
 docs/production/authentication-methods.md | 2 +-
 templates/zerver/apple-error.md           | 2 +-
 zerver/tests/test_auth_backends.py        | 2 +-
 zproject/computed_settings.py             | 4 ++--
 zproject/default_settings.py              | 2 +-
 zproject/prod_settings_template.py        | 2 +-
 zproject/test_extra_settings.py           | 4 ++--
 8 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/docs/development/authentication.md b/docs/development/authentication.md
index 5f6294ed8c..b60a9c6b9c 100644
--- a/docs/development/authentication.md
+++ b/docs/development/authentication.md
@@ -96,8 +96,8 @@ details worth understanding:
 * In `dev-secrets.conf`, set
     * `social_auth_apple_services_id` to your
       "Services ID" (eg. com.application.your).
-    * `social_auth_apple_bundle_id` to "Bundle ID". This is
-      only required if you are testing Apple auth on iOS.
+    * `social_auth_apple_app_id` to "App ID" or "Bundle ID".
+      This is only required if you are testing Apple auth on iOS.
     * `social_auth_apple_key` to your "Key ID".
     * `social_auth_apple_team` to your "Team ID".
 * Put the private key file you got from apple at the path
diff --git a/docs/production/authentication-methods.md b/docs/production/authentication-methods.md
index 1282c4326d..791eb9e8b0 100644
--- a/docs/production/authentication-methods.md
+++ b/docs/production/authentication-methods.md
@@ -601,7 +601,7 @@ domain for your server).
      string like "A1B2C3D4E5".
    * `SOCIAL_AUTH_APPLE_SERVICES_ID`: The Services ID you created in
      step 1, which might look like "com.example.services".
-   * `SOCIAL_AUTH_APPLE_BUNDLE_ID`: The Bundle ID, or App ID, of your
+   * `SOCIAL_AUTH_APPLE_APP_ID`: The App ID, or Bundle ID, of your
      app that you used in step 1 to configure your Services ID.
      This might look like "com.example.app".
    * `SOCIAL_AUTH_APPLE_KEY`: Despite the name this is not a key, but
diff --git a/templates/zerver/apple-error.md b/templates/zerver/apple-error.md
index f39e88e017..77d8bd4f4f 100644
--- a/templates/zerver/apple-error.md
+++ b/templates/zerver/apple-error.md
@@ -7,7 +7,7 @@ properly configured. Please check the following:
   [Certificates, Identifiers & Profiles](https://developer.apple.com/account/resources/).
 
 * You have set `SOCIAL_AUTH_APPLE_SERVICES_ID`,
-  `SOCIAL_AUTH_APPLE_BUNDLE_ID`, `SOCIAL_AUTH_APPLE_TEAM`,
+  `SOCIAL_AUTH_APPLE_APP_ID`, `SOCIAL_AUTH_APPLE_TEAM`,
   `SOCIAL_AUTH_APPLE_KEY` and `SOCIAL_AUTH_APPLE_TEAM` in `{{
   settings_path }}` and stored the private key provided by Apple at
   `/etc/zulip/apple-auth-key.p8` on the Zulip server, with
diff --git a/zerver/tests/test_auth_backends.py b/zerver/tests/test_auth_backends.py
index 696370105b..d5475fe4eb 100644
--- a/zerver/tests/test_auth_backends.py
+++ b/zerver/tests/test_auth_backends.py
@@ -2262,7 +2262,7 @@ class AppleAuthBackendNativeFlowTest(AppleAuthMixin, SocialAuthBase):
         """
 
         if not skip_id_token:
-            id_token: Optional[str] = self.generate_id_token(account_data_dict, settings.SOCIAL_AUTH_APPLE_BUNDLE_ID)
+            id_token: Optional[str] = self.generate_id_token(account_data_dict, settings.SOCIAL_AUTH_APPLE_APP_ID)
         else:
             id_token = None
 
diff --git a/zproject/computed_settings.py b/zproject/computed_settings.py
index 5a88ff3c7e..352db51e32 100644
--- a/zproject/computed_settings.py
+++ b/zproject/computed_settings.py
@@ -47,7 +47,7 @@ from .configured_settings import (
     REMOTE_POSTGRES_SSLMODE,
     SENDFILE_BACKEND,
     SENTRY_DSN,
-    SOCIAL_AUTH_APPLE_BUNDLE_ID,
+    SOCIAL_AUTH_APPLE_APP_ID,
     SOCIAL_AUTH_APPLE_SERVICES_ID,
     SOCIAL_AUTH_GITHUB_KEY,
     SOCIAL_AUTH_GITHUB_ORG_NAME,
@@ -1029,7 +1029,7 @@ SOCIAL_AUTH_LOGIN_ERROR_URL = '/login/'
 # SERVICES_ID to make things more readable in the configuration
 # and our own custom backend code.
 SOCIAL_AUTH_APPLE_CLIENT = SOCIAL_AUTH_APPLE_SERVICES_ID
-SOCIAL_AUTH_APPLE_AUDIENCE = [id for id in [SOCIAL_AUTH_APPLE_CLIENT, SOCIAL_AUTH_APPLE_BUNDLE_ID] if id is not None]
+SOCIAL_AUTH_APPLE_AUDIENCE = [id for id in [SOCIAL_AUTH_APPLE_CLIENT, SOCIAL_AUTH_APPLE_APP_ID] if id is not None]
 
 if PRODUCTION:
     SOCIAL_AUTH_APPLE_SECRET = get_from_file_if_exists("/etc/zulip/apple-auth-key.p8")
diff --git a/zproject/default_settings.py b/zproject/default_settings.py
index 4c76eaf767..9714a32fa1 100644
--- a/zproject/default_settings.py
+++ b/zproject/default_settings.py
@@ -81,7 +81,7 @@ GOOGLE_OAUTH2_CLIENT_ID: Optional[str] = None
 
 # Apple:
 SOCIAL_AUTH_APPLE_SERVICES_ID = get_secret('social_auth_apple_services_id', development_only=True)
-SOCIAL_AUTH_APPLE_BUNDLE_ID = get_secret('social_auth_apple_bundle_id', development_only=True)
+SOCIAL_AUTH_APPLE_APP_ID = get_secret('social_auth_apple_app_id', development_only=True)
 SOCIAL_AUTH_APPLE_KEY = get_secret('social_auth_apple_key', development_only=True)
 SOCIAL_AUTH_APPLE_TEAM = get_secret('social_auth_apple_team', development_only=True)
 SOCIAL_AUTH_APPLE_SCOPE = ['name', 'email']
diff --git a/zproject/prod_settings_template.py b/zproject/prod_settings_template.py
index e01ba022af..bcb5a2a249 100644
--- a/zproject/prod_settings_template.py
+++ b/zproject/prod_settings_template.py
@@ -294,7 +294,7 @@ SOCIAL_AUTH_SAML_SUPPORT_CONTACT = {
 #
 #SOCIAL_AUTH_APPLE_TEAM = "<your Team ID>"
 #SOCIAL_AUTH_APPLE_SERVICES_ID = "<your Services ID>"
-#SOCIAL_AUTH_APPLE_BUNDLE_ID = "<your Bundle ID>"
+#SOCIAL_AUTH_APPLE_APP_ID = "<your App ID>"
 #SOCIAL_AUTH_APPLE_KEY = "<your Key ID>"
 
 ########
diff --git a/zproject/test_extra_settings.py b/zproject/test_extra_settings.py
index 942b17fb50..1389729db3 100644
--- a/zproject/test_extra_settings.py
+++ b/zproject/test_extra_settings.py
@@ -178,9 +178,9 @@ SOCIAL_AUTH_GOOGLE_KEY = "key"
 SOCIAL_AUTH_GOOGLE_SECRET = "secret"
 SOCIAL_AUTH_SUBDOMAIN = 'auth'
 SOCIAL_AUTH_APPLE_SERVICES_ID = 'com.zulip.chat'
-SOCIAL_AUTH_APPLE_BUNDLE_ID = 'com.zulip.bundle.id'
+SOCIAL_AUTH_APPLE_APP_ID = 'com.zulip.bundle.id'
 SOCIAL_AUTH_APPLE_CLIENT = 'com.zulip.chat'
-SOCIAL_AUTH_APPLE_AUDIENCE = [SOCIAL_AUTH_APPLE_BUNDLE_ID, SOCIAL_AUTH_APPLE_SERVICES_ID]
+SOCIAL_AUTH_APPLE_AUDIENCE = [SOCIAL_AUTH_APPLE_APP_ID, SOCIAL_AUTH_APPLE_SERVICES_ID]
 SOCIAL_AUTH_APPLE_KEY = 'KEYISKEY'
 SOCIAL_AUTH_APPLE_TEAM = 'TEAMSTRING'
 SOCIAL_AUTH_APPLE_SECRET = get_from_file_if_exists("zerver/tests/fixtures/apple/private_key.pem")