Skip to content

Commit

Permalink
add separate secure external api config, and use it for oauth
Browse files Browse the repository at this point in the history
  • Loading branch information
@haarg
haarg committed Mar 3, 2014
1 parent b0062d5 commit ff44f3b
Show file tree
Hide file tree
Showing 5 changed files with 9 additions and 3 deletions.
5 changes: 5 additions & 0 deletions lib/MetaCPAN/Web/Controller/Root.pm
View file
Expand Up @@ -87,6 +87,11 @@ sub end : ActionClass('RenderView') {
$c->stash->{api_secure} = $c->config->{api_secure} || $c->config->{api};
$c->stash->{api_external}
= $c->config->{api_external} || $c->config->{api};
$c->stash->{api_external_secure}
= $c->config->{api_external_secure} || $c->config->{api_external}
|| $c->stash->{api_secure};
$c->stash->{oauth_prefix} = $c->stash->{api_external_secure}
. '/oauth2/authorize?client_id=' . $c->config->{consumer_key};
$c->res->header( Vary => 'Cookie' );

unless (
Expand Down
1 change: 1 addition & 0 deletions metacpan_web.conf
View file
Expand Up @@ -6,6 +6,7 @@ default_view HTML
api = http://api.metacpan.org
api_external = http://api.metacpan.org
api_secure = https://api.metacpan.org
api_external_secure = https://api.metacpan.org
consumer_key = metacpan.dev
consumer_secret = ClearAirTurbulence

Expand Down
2 changes: 1 addition & 1 deletion root/account/identities.html
View file
Expand Up @@ -15,7 +15,7 @@ <h4 class="alert-heading">Information</h4>
<button type="submit" class="btn btn-block btn-danger"><i class="icon-remove icon-white"></i> Disconnect</a>
</form>
<%- ELSE %>
<a class="btn btn-block btn-success" href="<% api_secure %>/oauth2/authorize?choice=<% identity.lower %>&amp;client_id=<% c.config.consumer_key %>" onclick="return logInPAUSE(this)"><i class="icon-share icon-white"></i> Connect</a>
<a class="btn btn-block btn-success" href="<% oauth_prefix %>&amp;choice=<% identity.lower %>" onclick="return logInPAUSE(this)"><i class="icon-share icon-white"></i> Connect</a>
<%- END %>
</td>
</tr>
Expand Down
2 changes: 1 addition & 1 deletion root/account/profile.html
View file
Expand Up @@ -3,7 +3,7 @@
<% IF no_profile -%>
<div class="alert alert-error">
<h4 class="alert-heading">Error</h4>
In order to change your profile you have to <a href="<% api_secure %>/oauth2/authorize?choice=pause&amp;client_id=<% c.config.consumer_key %>" onclick="return logInPAUSE(this)">connect your account to PAUSE</a>.
In order to change your profile you have to <a href="<% oauth_prefix %>&amp;choice=pause" onclick="return logInPAUSE(this)">connect your account to PAUSE</a>.
</div>
<% ELSE -%>
<form method="POST" action="" class="form-horizontal">
Expand Down
2 changes: 1 addition & 1 deletion root/wrapper.html
View file
Expand Up @@ -116,7 +116,7 @@
<ul class="dropdown-menu">
<%- FOREACH identity IN ['Facebook', 'GitHub', 'Twitter', 'Google'] %>
<li>
<a href="<% api_secure %>/oauth2/authorize?choice=<% identity.lower %>&amp;client_id=<% c.config.consumer_key %>" onclick="return logInPAUSE(this)"><% identity %></a>
<a href="<% oauth_prefix %>&amp;choice=<% identity.lower %>" onclick="return logInPAUSE(this)"><% identity %></a>
</li>
<%- END %>
</ul>
Expand Down

1 comment on commit ff44f3b

@monken
Copy link
Contributor

@monken monken commented on ff44f3b Mar 3, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! Overlooked that! My bad

Please sign in to comment.