apple_auth: Change BUNDLE_ID setting to APP_ID everywhere.

The apple developer webapp consistently refers this App ID. So, this clears any confusion that can occur. Since python social auth only requires us to include App ID in _AUDIENCE(a list), we do that in computed settings making it easier for server admin and we make it much clear by having it set to APP_ID instead of BUNDLE_ID.
2020-06-26 15:52:48 +05:30 · 2020-06-26 15:52:48 +05:30 · 4afce5d94d
parent 782970d9f9
commit 4afce5d94d
8 changed files with 11 additions and 11 deletions
--- a/docs/development/authentication.md
+++ b/docs/development/authentication.md
@ -96,8 +96,8 @@ details worth understanding:
 * In `dev-secrets.conf`, set
    * `social_auth_apple_services_id` to your
      "Services ID" (eg. com.application.your).
-    * `social_auth_apple_bundle_id` to "Bundle ID". This is
-      only required if you are testing Apple auth on iOS.
+    * `social_auth_apple_app_id` to "App ID" or "Bundle ID".
+      This is only required if you are testing Apple auth on iOS.
    * `social_auth_apple_key` to your "Key ID".
    * `social_auth_apple_team` to your "Team ID".
 * Put the private key file you got from apple at the path
--- a/docs/production/authentication-methods.md
+++ b/docs/production/authentication-methods.md
@ -601,7 +601,7 @@ domain for your server).
     string like "A1B2C3D4E5".
   * `SOCIAL_AUTH_APPLE_SERVICES_ID`: The Services ID you created in
     step 1, which might look like "com.example.services".
-   * `SOCIAL_AUTH_APPLE_BUNDLE_ID`: The Bundle ID, or App ID, of your
+   * `SOCIAL_AUTH_APPLE_APP_ID`: The App ID, or Bundle ID, of your
     app that you used in step 1 to configure your Services ID.
     This might look like "com.example.app".
   * `SOCIAL_AUTH_APPLE_KEY`: Despite the name this is not a key, but
--- a/templates/zerver/apple-error.md
+++ b/templates/zerver/apple-error.md
@ -7,7 +7,7 @@ properly configured. Please check the following:
  [Certificates, Identifiers & Profiles](https://developer.apple.com/account/resources/).

 * You have set `SOCIAL_AUTH_APPLE_SERVICES_ID`,
-  `SOCIAL_AUTH_APPLE_BUNDLE_ID`, `SOCIAL_AUTH_APPLE_TEAM`,
+  `SOCIAL_AUTH_APPLE_APP_ID`, `SOCIAL_AUTH_APPLE_TEAM`,
  `SOCIAL_AUTH_APPLE_KEY` and `SOCIAL_AUTH_APPLE_TEAM` in `{{
  settings_path }}` and stored the private key provided by Apple at
  `/etc/zulip/apple-auth-key.p8` on the Zulip server, with
--- a/zerver/tests/test_auth_backends.py
+++ b/zerver/tests/test_auth_backends.py
@ -2262,7 +2262,7 @@ class AppleAuthBackendNativeFlowTest(AppleAuthMixin, SocialAuthBase):
        """

        if not skip_id_token:
-            id_token: Optional[str] = self.generate_id_token(account_data_dict, settings.SOCIAL_AUTH_APPLE_BUNDLE_ID)
+            id_token: Optional[str] = self.generate_id_token(account_data_dict, settings.SOCIAL_AUTH_APPLE_APP_ID)
        else:
            id_token = None

--- a/zproject/computed_settings.py
+++ b/zproject/computed_settings.py
@ -47,7 +47,7 @@ from .configured_settings import (
    REMOTE_POSTGRES_SSLMODE,
    SENDFILE_BACKEND,
    SENTRY_DSN,
-    SOCIAL_AUTH_APPLE_BUNDLE_ID,
+    SOCIAL_AUTH_APPLE_APP_ID,
    SOCIAL_AUTH_APPLE_SERVICES_ID,
    SOCIAL_AUTH_GITHUB_KEY,
    SOCIAL_AUTH_GITHUB_ORG_NAME,
@ -1029,7 +1029,7 @@ SOCIAL_AUTH_LOGIN_ERROR_URL = '/login/'
 # SERVICES_ID to make things more readable in the configuration
 # and our own custom backend code.
 SOCIAL_AUTH_APPLE_CLIENT = SOCIAL_AUTH_APPLE_SERVICES_ID
-SOCIAL_AUTH_APPLE_AUDIENCE = [id for id in [SOCIAL_AUTH_APPLE_CLIENT, SOCIAL_AUTH_APPLE_BUNDLE_ID] if id is not None]
+SOCIAL_AUTH_APPLE_AUDIENCE = [id for id in [SOCIAL_AUTH_APPLE_CLIENT, SOCIAL_AUTH_APPLE_APP_ID] if id is not None]

 if PRODUCTION:
    SOCIAL_AUTH_APPLE_SECRET = get_from_file_if_exists("/etc/zulip/apple-auth-key.p8")
--- a/zproject/default_settings.py
+++ b/zproject/default_settings.py
@ -81,7 +81,7 @@ GOOGLE_OAUTH2_CLIENT_ID: Optional[str] = None

 # Apple:
 SOCIAL_AUTH_APPLE_SERVICES_ID = get_secret('social_auth_apple_services_id', development_only=True)
-SOCIAL_AUTH_APPLE_BUNDLE_ID = get_secret('social_auth_apple_bundle_id', development_only=True)
+SOCIAL_AUTH_APPLE_APP_ID = get_secret('social_auth_apple_app_id', development_only=True)
 SOCIAL_AUTH_APPLE_KEY = get_secret('social_auth_apple_key', development_only=True)
 SOCIAL_AUTH_APPLE_TEAM = get_secret('social_auth_apple_team', development_only=True)
 SOCIAL_AUTH_APPLE_SCOPE = ['name', 'email']
--- a/zproject/prod_settings_template.py
+++ b/zproject/prod_settings_template.py
@ -294,7 +294,7 @@ SOCIAL_AUTH_SAML_SUPPORT_CONTACT = {
 #
 #SOCIAL_AUTH_APPLE_TEAM = "<your Team ID>"
 #SOCIAL_AUTH_APPLE_SERVICES_ID = "<your Services ID>"
-#SOCIAL_AUTH_APPLE_BUNDLE_ID = "<your Bundle ID>"
+#SOCIAL_AUTH_APPLE_APP_ID = "<your App ID>"
 #SOCIAL_AUTH_APPLE_KEY = "<your Key ID>"

 ########
--- a/zproject/test_extra_settings.py
+++ b/zproject/test_extra_settings.py
@ -178,9 +178,9 @@ SOCIAL_AUTH_GOOGLE_KEY = "key"
 SOCIAL_AUTH_GOOGLE_SECRET = "secret"
 SOCIAL_AUTH_SUBDOMAIN = 'auth'
 SOCIAL_AUTH_APPLE_SERVICES_ID = 'com.zulip.chat'
-SOCIAL_AUTH_APPLE_BUNDLE_ID = 'com.zulip.bundle.id'
+SOCIAL_AUTH_APPLE_APP_ID = 'com.zulip.bundle.id'
 SOCIAL_AUTH_APPLE_CLIENT = 'com.zulip.chat'
-SOCIAL_AUTH_APPLE_AUDIENCE = [SOCIAL_AUTH_APPLE_BUNDLE_ID, SOCIAL_AUTH_APPLE_SERVICES_ID]
+SOCIAL_AUTH_APPLE_AUDIENCE = [SOCIAL_AUTH_APPLE_APP_ID, SOCIAL_AUTH_APPLE_SERVICES_ID]
 SOCIAL_AUTH_APPLE_KEY = 'KEYISKEY'
 SOCIAL_AUTH_APPLE_TEAM = 'TEAMSTRING'
 SOCIAL_AUTH_APPLE_SECRET = get_from_file_if_exists("zerver/tests/fixtures/apple/private_key.pem")