GNOME Bugzilla – Bug 680776
Store passwords in libaccounts
Last modified: 2012-08-27 13:49:02 UTC
This will make easier for passwords to be shared among services.
Created attachment 222324 [details] [review] Remember password at least until session restart
Created attachment 222325 [details] [review] UOA: Set password auth mechanism/method on generic IM services
Created attachment 222326 [details] [review] UOA: Use an AgManager singleton This is especially useful in empathy-keyring where it would reload all accounts each time we set a password.
Created attachment 222327 [details] [review] UOA: Store password into signond instead of gnome-keyring
Created attachment 222328 [details] [review] Move X-TELEPATHY-PASSWORD mechanism code into empathy-sasl-mechanisms.c
Created attachment 222329 [details] [review] UOA auth: rename QueryInforData to AuthContext This data is not used only to for the query_info call anymore, so better have a more generic name.
Created attachment 222330 [details] [review] UOA auth: factor out auth_context_done()
Created attachment 222331 [details] [review] UOA auth: Move more code into auth_context_new()
Created attachment 222332 [details] [review] UOA auth: Wait for callback when requesting password signon_auth_session_process() does not keep its own ref on the session object, so freeing the AuthContext before callback cancels the call.
Created attachment 222333 [details] [review] UOA auth: handle the password mechanism as well Since password is stored in SSO now, we can use the same code path than other accounts.
Created attachment 222334 [details] [review] UOA mc plugin: Use create_account_async The sync API is racy because the AgAccountId isn't known until ag_account_store() is done. This means that the storage identifier isn't valid until then.
Created attachment 222335 [details] [review] UOA auth: Request password if no credentials have ever be stored
git branch: http://cgit.collabora.com/git/user/xclaesse/empathy.git/log/?h=uoa-pwd
(In reply to comment #11) > Created an attachment (id=222334) [details] [review] > UOA mc plugin: Use create_account_async > > The sync API is racy because the AgAccountId isn't known > until ag_account_store() is done. This means that the storage > identifier isn't valid until then. This one is unrelated. It is for bug #682608. I've removed it from this git branch.
Note that there is a known bug in signond: http://code.google.com/p/accounts-sso/issues/detail?id=108 That means that if you don't check "remember password" box, it won't work. But in theory that should then remember the password in RAM, so until you restart the session.
Review of attachment 222324 [details] [review]: ++ but please test extensively
Review of attachment 222325 [details] [review]: ++
Review of attachment 222326 [details] [review]: ++
Review of attachment 222327 [details] [review]: ::: libempathy/empathy-keyring.c @@ +451,3 @@ + g_simple_async_result_set_from_error (data->result, error); + + I don't think you have to use _in_idle as we are already in a callback. @@ +468,3 @@ + { + g_simple_async_result_set_from_error (data->result, error); +static void I don't think you have to use _in_idle as we are already in a callback. @@ +516,3 @@ + /* This is the first time we store password for this account */ + params = tp_account_get_parameters (tp_account); + Add a comment saying this is for IRC. @@ +695,3 @@ + /* I see no other way to forget the stored password than overwriting + * with an empty one. */ + Shouldn't the 3rd arg be TRUE to actually erase it accross sessions?
Review of attachment 222328 [details] [review]: ++ ::: libempathy/empathy-sasl-mechanisms.c @@ +44,3 @@ { EMPATHY_SASL_MECHANISM_WLM, MECH_WLM }, { EMPATHY_SASL_MECHANISM_GOOGLE, MECH_GOOGLE }, + { EMPATHY_SASL_MECHANISM_PASSWORD, MECH_PASSWORD }, Move it to the first line as it's the more generic one?
Review of attachment 222329 [details] [review]: ++
Review of attachment 222330 [details] [review]: ++
Review of attachment 222331 [details] [review]: ++
Review of attachment 222332 [details] [review]: ++
Review of attachment 222335 [details] [review]: A bit tricky but ok.
Review of attachment 222333 [details] [review]: ++
(In reply to comment #19) > @@ +695,3 @@ > + /* I see no other way to forget the stored password than overwriting > + * with an empty one. */ > + > > Shouldn't the 3rd arg be TRUE to actually erase it accross sessions? According to Mardy it will erase the pwd even when FALSE, and there is no benefit in storing an empty password... :)
(In reply to comment #20) > Review of attachment 222328 [details] [review]: > > ++ > > ::: libempathy/empathy-sasl-mechanisms.c > @@ +44,3 @@ > { EMPATHY_SASL_MECHANISM_WLM, MECH_WLM }, > { EMPATHY_SASL_MECHANISM_GOOGLE, MECH_GOOGLE }, > + { EMPATHY_SASL_MECHANISM_PASSWORD, MECH_PASSWORD }, > > Move it to the first line as it's the more generic one? Actually no, otherwise it will be prefered over other mechs. I've added a comment.
All fixed and merged.