mirror of https://github.com/zulip/zulip.git
bf14a0af4d
This replaces the two custom Google authentication backends originally written in 2012 with using the shared python-social-auth codebase that we already use for the GitHub authentication backend. These are: * GoogleMobileOauth2Backend, the ancient code path for mobile authentication last used by the EOL original Zulip Android app. * The `finish_google_oauth2` code path in zerver/views/auth.py, which was the webapp (and modern mobile app) Google authentication code path. This change doesn't fix any known bugs; its main benefit is that we get to remove hundreds of lines of security-sensitive semi-duplicated code, replacing it with a widely trusted, high quality third-party library. |
||
|---|---|---|
| .. | ||
| README.md | ||
| common.in | ||
| dev.in | ||
| dev.txt | ||
| docs.in | ||
| docs.txt | ||
| mypy.in | ||
| mypy.txt | ||
| pip.txt | ||
| prod.in | ||
| prod.txt | ||
| thumbor.in | ||
| thumbor.txt | ||
| unupgradable.json | ||
README.md
The dependency graph of the requirements is as follows:
dev prod
+ + +
| +->common<-+
v
mypy,docs
Of the files, only dev, prod, and mypy have been used in the install scripts directly. The rest are implicit dependencies.
common and dev are locked.
Steps to update a lock file, e.g. to update ipython from 5.3.0 to 6.0.0 in
common.in and propagate it to dev.txt and prod.txt:
0. Replace ipython==5.4.1 with ipython==6.0.0 in common.in.
- Run
./tools/update-locked-requirements. - Increase
PROVISION_VERSIONinversion.py. - Run
./tools/provisionto install the new deps and test them. - Commit your changes.