Committer: ailyin
LJSUP-13871 (Consider Facebook's access token expiration)U trunk/bin/upgrading/en_LJ.dat U trunk/bin/upgrading/proplists-local.dat A trunk/bin/worker/facebook-connect-expire U trunk/htdocs/manage/settings/facebook.bml
Modified: trunk/bin/upgrading/en_LJ.dat =================================================================== --- trunk/bin/upgrading/en_LJ.dat 2012-10-09 14:15:34 UTC (rev 12738) +++ trunk/bin/upgrading/en_LJ.dat 2012-10-09 14:40:18 UTC (rev 12739) @@ -3514,6 +3514,18 @@ facebook.email.too_many.subject|staleness=1 facebook.email.too_many.subject=You can not crosspost to Facebook +facebookconnect.expired.body<< +Dear [[username]], + +For security reasons, we have disabled the link between your LiveJournal account and your Facebook account [[facebook_link]]. You can link your accounts again at the settings page: [[siteroot]]/manage/settings/?cat=extensions. + +Best regards, +LiveJournal team +http://www.livejournal.com/ +. + +facebookconnect.expired.subject=Your Facebook.Connect account in LiveJournal has been disabled + facebookconnect.link|staleness=1 facebookconnect.link=link Modified: trunk/bin/upgrading/proplists-local.dat =================================================================== --- trunk/bin/upgrading/proplists-local.dat 2012-10-09 14:15:34 UTC (rev 12738) +++ trunk/bin/upgrading/proplists-local.dat 2012-10-09 14:40:18 UTC (rev 12739) @@ -475,6 +475,11 @@ des: a link to the user's profile on facebook (for identities of type 'facebook' only) cldversion: 8 +userproplist.facebook_token_exptime: + datatype: char + des: UNIX timestamp when the user's access token expires + cldversion: 8 + userproplist.im_openid: datatype: char des: a user-provided OpenID identity, to be displayed in the user's profile Added: trunk/bin/worker/facebook-connect-expire =================================================================== --- trunk/bin/worker/facebook-connect-expire (rev 0) +++ trunk/bin/worker/facebook-connect-expire 2012-10-09 14:40:18 UTC (rev 12739) @@ -0,0 +1,75 @@ +#!/usr/bin/perl +use strict; +use warnings; + +use lib "$ENV{'LJHOME'}/cgi-bin"; +BEGIN { require 'ljlib.pl'; } + +use base 'LJ::NewWorker::TheSchwartz'; +sub capabilities { 'LJ::Worker::FacebookConnectExpire' }; + +main->start; + +package LJ::Worker::FacebookConnectExpire; +use base qw( TheSchwartz::Worker ); + +my @PropsToClear; +BEGIN { + @PropsToClear = qw( + facebook_access_token + facebook_name + facebook_link + facebook_token_exptime + ); +} + +sub work { + my ( $class, $job ) = @_; + + my $userid = $job->arg->{'userid'}; + my $u = LJ::load_userid($userid); + + unless ($u) { + die "unknown user $userid"; + } + + if ( $u->is_expunged ) { + return $job->completed; + } + + my $exptime = $u->prop('facebook_token_exptime'); + unless ( $exptime && $exptime < time ) { + return $job->completed; + } + + my $facebook_link = $u->prop('facebook_link'); + + foreach my $prop (@PropsToClear) { + $u->clear_prop($prop); + } + + my $log_notes = 'Automatically disconnected because the token has expired'; + LJ::statushistory_add( $u->userid, LJ::get_userid('system'), + 'facebook_connect', $log_notes ); + + if ( $u->is_visible && $u->is_validated ) { + LJ::set_remote($u); + + my $body = LJ::Lang::ml( 'facebookconnect.expired.body', { + 'username' => $u->display_name, + 'facebook_link' => $facebook_link, + 'siteroot' => $LJ::SITEROOT, + } ); + + LJ::send_mail({ + 'to' => $u->email_raw, + 'from' => $LJ::DONOTREPLY_EMAIL, + 'subject' => LJ::Lang::ml('facebookconnect.expired.subject'), + 'body' => $body, + }); + } + + return $job->completed; +} + +1; Property changes on: trunk/bin/worker/facebook-connect-expire ___________________________________________________________________ Added: svn:executable + * Modified: trunk/htdocs/manage/settings/facebook.bml =================================================================== --- trunk/htdocs/manage/settings/facebook.bml 2012-10-09 14:15:34 UTC (rev 12738) +++ trunk/htdocs/manage/settings/facebook.bml 2012-10-09 14:40:18 UTC (rev 12739) @@ -80,14 +80,30 @@ my $fb_userdata = LJ::JSON->from_json($res->content); - $u->set_prop('facebook_access_token' => $fb_token); - $u->set_prop('facebook_name' => $fb_userdata->{'name'}); - $u->set_prop('facebook_link' => $fb_userdata->{'link'}); + my $duration = $params_returned{'expires'}; + my $exptime = time + $duration; + $u->set_prop('facebook_access_token' => $fb_token); + $u->set_prop('facebook_name' => $fb_userdata->{'name'}); + $u->set_prop('facebook_link' => $fb_userdata->{'link'}); + $u->set_prop('facebook_token_exptime' => $exptime ); + my $sys_uid = LJ::get_userid("system"); - my $notes = "Connected with " . $fb_userdata->{'link'}; + my $notes = "Connected with " . $fb_userdata->{'link'} . + ', token expires on ' . $exptime . + ' (' . scalar( gmtime $exptime ) . ')'; + LJ::statushistory_add($u->userid, $sys_uid, 'facebook_connect', $notes); + my $sclient = LJ::theschwartz(); + $sclient->insert( + TheSchwartz::Job->new( + 'funcname' => 'LJ::Worker::FacebookConnectExpire', + 'arg' => { 'userid' => $u->userid }, + 'run_after' => $exptime, + ), + ); + my $facebook_name = $fb_userdata->{'name'}; return LJ::Request->redirect($settings_page);