GNOME Bugzilla – Bug 793755
Implement an Ubuntu Single Sign-on Provider
Last modified: 2021-02-03 20:44:03 UTC
Right now gnome-software implements a Ubuntu SSO UI in order to install snaps. In the near future we plan to use Ubuntu SSO in other applications. It would be nice to have a Ubuntu SSO g-o-a provider.
Created attachment 368921 [details] [review] backend: Add Ubuntu Single Sing-On provider Implement an Ubuntu Single Sign-On provider. This talks with the on-system snapd in order to authenticate the user. At the moment the credentials can be used to install and remove snaps from gnome-software.
Created attachment 368922 [details] [review] backend: Add Ubuntu Single Sing-On provider Implement an Ubuntu Single Sign-On provider. This talks with the on-system snapd in order to authenticate the user. At the moment the credentials can be used to install and remove snaps from gnome-software.
Created attachment 369048 [details] [review] Convert snapd error to string in order to facilitate translations.
Created attachment 369054 [details] [review] Update error strings.
Created attachment 369062 [details] [review] Properly clear GErrors.
Created attachment 369070 [details] [review] backend: Add Ubuntu Single Sing-On provider Implement an Ubuntu Single Sign-On provider. This talks with the on-system snapd in order to authenticate the user. At the moment the credentials can be used to install and remove snaps from gnome-software.
Created attachment 369073 [details] [review] backend: Add Ubuntu Single Sing-On provider Implement an Ubuntu Single Sign-On provider. This talks with the on-system snapd in order to authenticate the user. At the moment the credentials can be used to install and remove snaps from gnome-software.
Created attachment 369109 [details] [review] backend: Add Ubuntu Single Sing-On provider Implement an Ubuntu Single Sign-On provider. This talks with the on-system snapd in order to authenticate the user. At the moment the credentials can be used to install and remove snaps from gnome-software.
Created attachment 369128 [details] [review] backend: Add Ubuntu Single Sing-On provider Implement an Ubuntu Single Sign-On provider. This talks with the on-system snapd in order to authenticate the user. At the moment the credentials can be used to install and remove snaps from gnome-software.
Sorry about all the clutter. I had to update the design several times.
Review of attachment 369128 [details] [review]: From an u1 point of view, code looks good and works fine.
Any news on this? Thanks
Review of attachment 369128 [details] [review]: Thanks for the patch, Andrea! The code looks sane to me. A closer look might uncover a few nitpicky details, leaks and such, but nothing that would be insurmountable. I haven't actually tried to run it though. I have installed the snapd libraries, so I am half-way there. I guess you don't need this provider in the GNOME 3.28 release, right? In that case, would it be fine if we merged right after 3.28.0 is out? ::: src/goabackend/goaubuntussoprovider.c @@ +39,3 @@ + goa_provider_ensure_extension_points_registered (); + g_io_extension_point_implement (GOA_PROVIDER_EXTENSION_POINT_NAME, + g_define_type_id, Nitpick: this, and the follow two lines, should be aligned with the GOA_PROVIDER_EXTENSION_POINT_NAME symbol. @@ +852,3 @@ +on_handle_get_password (GoaPasswordBased *interface, + GDBusMethodInvocation *invocation, + const gchar *id, Just so I understand it correctly, are applications expected to call goa_password_based_call_get_password with id="macaroon" and id="discharges"? Or is it supposed to just work as long as snapd has been setup properly and applications won't ever need to use the o.g.OnlineAccounts.PasswordBased interface? If it's the latter, then maybe there's no need to export the interface?
(In reply to Debarshi Ray from comment #14) > Review of attachment 369128 [details] [review] [review]: > > Thanks for the patch, Andrea! > > The code looks sane to me. A closer look might uncover a few nitpicky > details, leaks and such, but nothing that would be insurmountable. > > I haven't actually tried to run it though. I have installed the snapd > libraries, so I am half-way there. I guess you don't need this provider in > the GNOME 3.28 release, right? In that case, would it be fine if we merged > right after 3.28.0 is out? Yeah, that should be fine! > > ::: src/goabackend/goaubuntussoprovider.c > @@ +39,3 @@ > + goa_provider_ensure_extension_points_registered (); > + g_io_extension_point_implement > (GOA_PROVIDER_EXTENSION_POINT_NAME, > + g_define_type_id, > > Nitpick: this, and the follow two lines, should be aligned with the > GOA_PROVIDER_EXTENSION_POINT_NAME symbol. > > @@ +852,3 @@ > +on_handle_get_password (GoaPasswordBased *interface, > + GDBusMethodInvocation *invocation, > + const gchar *id, > > Just so I understand it correctly, are applications expected to call > goa_password_based_call_get_password with id="macaroon" and id="discharges"? That's the idea. > Or is it supposed to just work as long as snapd has been setup properly and > applications won't ever need to use the o.g.OnlineAccounts.PasswordBased > interface? If it's the latter, then maybe there's no need to export the > interface?
Created attachment 371319 [details] [review] backend: Add Ubuntu Single Sing-On provider Implement an Ubuntu Single Sign-On provider. This talks with the on-system snapd in order to authenticate the user. At the moment the credentials can be used to install and remove snaps from gnome-software.
I updated the patch to better handle the case the user dismiss the polkit dialog.
I am currently away at the Libre Graphics Meeting. I plan to merge this once I am back next week.
Also filed as https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/issues/161
Thanks for triaging this, Andre!