Opened 6 years ago

Closed 6 years ago

#7047 closed Task/To do item (fixed)

publish id.mayfirst.org git repository here on SMO

Reported by: Daniel Kahn Gillmor Owned by: Ross
Priority: Medium Component: Tech
Keywords: git support.mayfirst.org openid Cc:
Sensitive: no

Description (last modified by Daniel Kahn Gillmor)

id.mayfirst.org appears to be tracked in git. We should make that repository more visible by publishing it on this web site.

We should take care to ensure that any sensitive credentials are not included in the git repository in question before publication.

Change History (5)

comment:1 Changed 6 years ago by Daniel Kahn Gillmor

Description: modified (diff)

comment:2 Changed 6 years ago by Daniel Kahn Gillmor

Keywords: openid added
Owner: set to Daniel Kahn Gillmor
Status: newassigned

I'm going to make the git repo named id.mayfirst.org. It will host the source for our OpenID provider. I will note the change here.

Once it is set up, i'll turn this ticket over to ross to make sure it's being used by the live site.

comment:3 Changed 6 years ago by Daniel Kahn Gillmor

Owner: changed from Daniel Kahn Gillmor to Ross

OK, this is all set up now. You can browse the source, and you can clone the repo locally with:

git clone git://git.mayfirst.org/mfpl/id.mayfirst.org
cd id.mayfirst.org
git config remote.origin.pushurl gitosis@git.mayfirst.org:mfpl/id.mayfirst.org

(leave out the last line if you have no need to push changes).

comment:4 Changed 6 years ago by Ross

Okay, I just pushed a new branch mysql-functions to this repository. It contains working code that uses mysql functions for checking validating passwords and users rather than needing the openid mysql user to have select privileges on the red_item_user_account table.

comment:5 Changed 6 years ago by Ross

Resolution: fixed
Status: assignedclosed

We have now moved this completely to git.mayfirst.org. In the process we re-wrote the mfpl_openid drupal module so that the seso user does not have select access to any tables in the red database, adding an additional level of security.

~/ross

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.