Remove Yahoo login support from core and deprecate OpenID2.0 (#7310)

- Plugin developers using OpenID2.0 should migrate to OAuth2 or OIDC. OpenID2.0 APIs will be removed in v2.4.0

- For sites requiring Yahoo login, it can be implemented using the OpenID Connect plugin: https://meta.discourse.org/t/103632

For more information, see https://meta.discourse.org/t/113249
This commit is contained in:
David Taylor 2019-04-08 10:38:25 +01:00 committed by GitHub
parent 6a05f190c6
commit f524f8f811
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 1 additions and 20 deletions

View File

@ -34,7 +34,6 @@ const SCSS_VARIABLE_NAMES = [
"facebook", "facebook",
"cas", "cas",
"twitter", "twitter",
"yahoo",
"github", "github",
"base-font-size", "base-font-size",
"base-line-height", "base-line-height",

View File

@ -225,12 +225,6 @@
background: darken($twitter, 10%); background: darken($twitter, 10%);
} }
} }
&.yahoo {
background: $yahoo;
&:hover {
background: darken($yahoo, 10%);
}
}
&.github { &.github {
background: $github; background: $github;
&:hover { &:hover {

View File

@ -22,7 +22,6 @@ $instagram: #e1306c !default;
$facebook: #4267b2 !default; $facebook: #4267b2 !default;
$cas: #70ba61 !default; $cas: #70ba61 !default;
$twitter: #1da1f2 !default; $twitter: #1da1f2 !default;
$yahoo: #810293 !default;
$github: #100e0f !default; $github: #100e0f !default;
// Badge color variables // Badge color variables

View File

@ -1395,10 +1395,6 @@ en:
name: "Facebook" name: "Facebook"
title: "with Facebook" title: "with Facebook"
message: "Authenticating with Facebook (make sure pop up blockers are not enabled)" message: "Authenticating with Facebook (make sure pop up blockers are not enabled)"
yahoo:
name: "Yahoo"
title: "with Yahoo"
message: "Authenticating with Yahoo (make sure pop up blockers are not enabled)"
github: github:
name: "GitHub" name: "GitHub"
title: "with GitHub" title: "with GitHub"

View File

@ -1489,7 +1489,6 @@ en:
enable_local_logins_via_email: "Allow users to request a one-click login link to be sent to them via email." enable_local_logins_via_email: "Allow users to request a one-click login link to be sent to them via email."
allow_new_registrations: "Allow new user registrations. Uncheck this to prevent anyone from creating a new account." allow_new_registrations: "Allow new user registrations. Uncheck this to prevent anyone from creating a new account."
enable_signup_cta: "Show a notice to returning anonymous users prompting them to sign up for an account." enable_signup_cta: "Show a notice to returning anonymous users prompting them to sign up for an account."
enable_yahoo_logins: "Enable Yahoo authentication"
enable_google_oauth2_logins: "Enable Google Oauth2 authentication. This is the method of authentication that Google currently supports. Requires key and secret. See <a href='https://meta.discourse.org/t/15858' target='_blank'>Configuring Google login for Discourse</a>." enable_google_oauth2_logins: "Enable Google Oauth2 authentication. This is the method of authentication that Google currently supports. Requires key and secret. See <a href='https://meta.discourse.org/t/15858' target='_blank'>Configuring Google login for Discourse</a>."
google_oauth2_client_id: "Client ID of your Google application." google_oauth2_client_id: "Client ID of your Google application."

View File

@ -341,8 +341,6 @@ login:
- "select_account" - "select_account"
google_oauth2_hd: google_oauth2_hd:
default: "" default: ""
enable_yahoo_logins:
default: false
enable_twitter_logins: enable_twitter_logins:
default: false default: false
twitter_consumer_key: twitter_consumer_key:

View File

@ -35,6 +35,7 @@ class Auth::OpenIdAuthenticator < Auth::Authenticator
end end
def after_authenticate(auth_token, existing_account: nil) def after_authenticate(auth_token, existing_account: nil)
Discourse.deprecate("OpenID Authentication has been deprecated, please migrate to OAuth2 or OpenID Connect", since: "2.3.0beta4", drop_from: "2.4")
result = Auth::Result.new result = Auth::Result.new
data = auth_token[:info] data = auth_token[:info]

View File

@ -217,7 +217,6 @@ module Discourse
BUILTIN_AUTH ||= [ BUILTIN_AUTH ||= [
Auth::AuthProvider.new(authenticator: Auth::FacebookAuthenticator.new, frame_width: 580, frame_height: 400, icon: "fab-facebook"), Auth::AuthProvider.new(authenticator: Auth::FacebookAuthenticator.new, frame_width: 580, frame_height: 400, icon: "fab-facebook"),
Auth::AuthProvider.new(authenticator: Auth::GoogleOAuth2Authenticator.new, frame_width: 850, frame_height: 500), # Custom icon implemented in client Auth::AuthProvider.new(authenticator: Auth::GoogleOAuth2Authenticator.new, frame_width: 850, frame_height: 500), # Custom icon implemented in client
Auth::AuthProvider.new(authenticator: Auth::OpenIdAuthenticator.new("yahoo", "https://me.yahoo.com", 'enable_yahoo_logins', trusted: true), icon: "fab-yahoo"),
Auth::AuthProvider.new(authenticator: Auth::GithubAuthenticator.new, icon: "fab-github"), Auth::AuthProvider.new(authenticator: Auth::GithubAuthenticator.new, icon: "fab-github"),
Auth::AuthProvider.new(authenticator: Auth::TwitterAuthenticator.new, icon: "fab-twitter"), Auth::AuthProvider.new(authenticator: Auth::TwitterAuthenticator.new, icon: "fab-twitter"),
Auth::AuthProvider.new(authenticator: Auth::InstagramAuthenticator.new, icon: "fab-instagram") Auth::AuthProvider.new(authenticator: Auth::InstagramAuthenticator.new, icon: "fab-instagram")

View File

@ -77,7 +77,6 @@ module SvgSprite
"fab-twitter", "fab-twitter",
"fab-twitter-square", "fab-twitter-square",
"fab-windows", "fab-windows",
"fab-yahoo",
"far-bell", "far-bell",
"far-bell-slash", "far-bell-slash",
"far-calendar-plus", "far-calendar-plus",

View File

@ -37,7 +37,6 @@ describe Jobs::InvalidateInactiveAdmins do
context 'with social logins' do context 'with social logins' do
before do before do
GithubUserInfo.create!(user_id: not_seen_admin.id, screen_name: 'bob', github_user_id: 100) GithubUserInfo.create!(user_id: not_seen_admin.id, screen_name: 'bob', github_user_id: 100)
UserOpenId.create!(url: 'https://me.yahoo.com/id/123' , user_id: not_seen_admin.id, email: 'bob@example.com', active: true)
UserAssociatedAccount.create!(provider_name: "google_oauth2", user_id: not_seen_admin.id, provider_uid: 100, info: { email: "bob@google.account.com" }) UserAssociatedAccount.create!(provider_name: "google_oauth2", user_id: not_seen_admin.id, provider_uid: 100, info: { email: "bob@google.account.com" })
end end
@ -45,7 +44,6 @@ describe Jobs::InvalidateInactiveAdmins do
subject subject
expect(GithubUserInfo.where(user_id: not_seen_admin.id).exists?).to eq(false) expect(GithubUserInfo.where(user_id: not_seen_admin.id).exists?).to eq(false)
expect(UserAssociatedAccount.where(user_id: not_seen_admin.id).exists?).to eq(false) expect(UserAssociatedAccount.where(user_id: not_seen_admin.id).exists?).to eq(false)
expect(UserOpenId.where(user_id: not_seen_admin.id).exists?).to eq(false)
end end
end end
end end

View File

@ -28,7 +28,6 @@ Discourse.SiteSettingsOriginal = {
allow_new_registrations: true, allow_new_registrations: true,
enable_google_logins: true, enable_google_logins: true,
enable_google_oauth2_logins: false, enable_google_oauth2_logins: false,
enable_yahoo_logins: true,
enable_twitter_logins: true, enable_twitter_logins: true,
enable_facebook_logins: true, enable_facebook_logins: true,
enable_github_logins: true, enable_github_logins: true,