Removal of /info/ endpoint causes problems for sites not using Django templating about django-browserid HOT 5 CLOSED

So to avoid getting the Persona popup blocked by popup blocking while still fetching the URLs and arguments that /info/ provided, you have to either:

1. Embed the data into the HTML (the path we chose).
2. Fetch the data before the user clicks a login button via AJAX.

The second one is problematic because, depending on how long it takes to fetch the data, a user might click the login button and be blocked on the AJAX request finishing. I'm pretty sure (but not 100% sure) that waiting for that request will cause you to lose the "user-triggered action" bit and cause the popup to be blocked anyway, so I don't think adding the /info/ view back to django-browserid will help.

The goal is really just to tell our library's JS a few URLs and some arguments for the call to navigator.id.request. Given that you control the backend URLs yourself (whereas django-browserid the library doesn't), it's probably fine to just have treeherder-ui manually add a <div id="browserid-info"> tag to its pages with the right URLs and arguments.

(And if you're worried about those URLs changing in a future version of django-browserid, don't be. Sometime within the next month or two I'm going to enable Django 1.8 testing, ensure that the library works on Django 1.8 with no warnings, and then roll a 1.0 release and call the API frozen.)

Would that be a decent solution?

from django-browserid.

I thought /info/ contained more than just URLs, since https://treeherder.mozilla.org/browserid/info/ returns:
..., "userEmail": "emorley@<snip>.com", ...
...when I am logged in, so it seemed like that was the only way to figure out the user's email (I'm really not familiar with browserid, or django-browserid in the slightest).

If that's not the case, then great :-)

from django-browserid.

@edmorley we can get some user info from https://treeherder.mozilla.org/api/user/ so manually adding the browserid bits in a tag seems to cover our case 😃 thanks @Osmose !

from django-browserid.

I thought /info/ contained more than just URLs

It used to, but doesn't anymore. We used to need the user's email to tell Persona what state the user was in for some weird auto-login behavior (like if a user was logged in to your site but not into Persona they'd auto-trigger a logout and some other weird crap), but Persona added a stateless mode that we use which is much simpler.

Nowadays it just has three URLs and some kwargs for navigator.id.request. Check out https://github.com/mozilla/django-browserid/blob/master/django_browserid/helpers.py#L47 for details.

Glad this seems to work for you, feel free to reopen if you run into more issues. :D

from django-browserid.

It used to, but doesn't anymore. We used to need the user's email to tell Persona what state the user was in for some weird auto-login behavior (like if a user was logged in to your site but not into Persona they'd auto-trigger a logout and some other weird crap), but Persona added a stateless mode that we use which is much simpler.

Ah, that makes sense, thank you :-)

from django-browserid.