Page MenuHomePhabricator
Create Task
Maniphest T341795

Change how access tokens are generated and stored
Closed, ResolvedPublic8 Estimated Story Points
Actions

Description

Doctrine DBAL will remove its event system in version 4.0 and logs deprecation warnings whenever code uses the event system. Our code uses the event system to generate access and update tokens for donations and memberships when they are saved. To avoid filling our log files with deprecation warnings (which make debugging harder because they clutter the log files and may lead to false assumptions) and make our code ready for updating to Doctrine version 4, we need to change the way how and when we store security tokens.

Background information
When we wrote the Fundraising Application and created the domain model, we did not want to "pollute" our domain object (Donation) with HTTP-specific access control properties, so we opted for "sneaking them in" through the Doctrine entity when the donation is saved.

Solution
We still want the general concept of access control (in this case "the owner has a token that allows them access") inside our use cases. We need to pass an interface into the AddDonation and AddMembership use cases that'll allow us to create the credentials.

Currently, the TokenFetcher dependency of the use case exposes the existence of tokens to the domain. With the refactorings for the Paypal API we'll use a system that doesn't expose concepts like tokens on the wrong layers.

Acceptance criteria:

  • The deprecation warning for the event system no longer occurs

Non-Goals:

  • Extracting the access tokens from the data blob in spenden into their own table - This would be too much effort right now. However, make sure that there is only one class for interacting with the database, so they can be swapped out in the future.

Implementation details:

When integrating the changed bounded contexts into the Fundraising App, you can remove event-related code from ContextFactoryCollection, DoctrineFactory and FunFunFactory. In FunFunFactory, getPlainEntityManager can become the new getEntityManager.

The Fundraising Operation Center does not need any changes - it doesn't call the "Add Donation" and "Add Membership" use cases and doesn't initialize Doctrine with event subscribers.

Suggested Approach for generating tokens inside the "create" use cases:

  • The payment bounded context has an interface addAuthenticationTokensToUrl (for meodifing application URLs) and getAuthenticationParametersForPaymentProvider (for passing authentication parameters to payment providers that return them as URL/Form parameters when sending a notification)
  • The membership and donation bounded contexts have interfaces that can "announce" an entity to the authentication layer (e.g. createAuthorizationForDonation(id) and createAuthorizationForMembership(id)). These methods might be added to the existing DonationAuthorizer and MembershipAuthorizer interfaces.
  • The Fundraising Application has an authorizer implementation of the 3 interfaces. It creates in-memory tokens when the createAuthorizationForDonation(id) and createAuthorizationForMembership(id) are called and appends them to URLs. The authorizer should also implement event handlers for the "donation created" and "membership crated" *domain* events to write the in-memory tokens to the database (see FunFunFactorysetupEventListeners).
  • The addAuthenticationTokensToUrl implementation will take over some of the functionality of the UrlGenerators in the payment domain (because in the long run we want to be more flexible with our Application-Level URL parameters and should not encode them in the Payment bounded context). This means we'll have to check the target URL (with URL values from the payment section if the application configuration) and append the right parameters:
    • application domain (test-spenden-2.wikimedia.de, spenden.wikimedia.de, etc): check the path and append path-dependent parameters:
      • donation-confirmation: append accessToken
      • handle-paypal-payment-notification accessToken

the getAuthenticationParametersForPaymentProvider method needs to look at the url provider class and return the following parameters

  • CreditCardURLGenerator: token (accesstoken), utoken (update token)
  • LegacyPayPalURLGenerator:custom, a a json-encoded parameter with an object that has (sid (donation id) and utoken (update token)).

You need to test if the payment and notification flows are still working!

Related Objects

Event Timeline

gabriel-wmde created this task.Jul 13 2023, 1:49 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 13 2023, 1:50 PM
Maintenance_bot added a project: WMDE-FUN-Team.Jul 13 2023, 2:30 PM
gabriel-wmde added a project: WMDE-Fundraising-CFR.Jul 14 2023, 8:46 AM
gabriel-wmde updated the task description. (Show Details)Jul 14 2023, 8:57 AM
gabriel-wmde moved this task from Backlog to Ready for Estimation on the WMDE-Fundraising-CFR board.Jul 21 2023, 7:08 PM
kai.nissen moved this task from Ready for estimation to Backlog on the WMDE-Fundraising-Tech board.Aug 17 2023, 11:39 AM
gabriel-wmde updated the task description. (Show Details)Aug 18 2023, 2:34 PM
gabriel-wmde updated the task description. (Show Details)Aug 18 2023, 2:41 PM
gabriel-wmde updated the task description. (Show Details)
gabriel-wmde updated the task description. (Show Details)
gabriel-wmde updated the task description. (Show Details)Aug 18 2023, 3:52 PM
gabriel-wmde added a subtask: T329162: Adapt the PayPal notification controller to handle the new types of transaction IDs.Aug 18 2023, 4:08 PM
gabriel-wmde renamed this task from Remove reliance on Doctrine event system to Change how access tokens are generated and stored.Aug 21 2023, 8:27 AM
gabriel-wmde added a project: WMDE-FUN-Sprint-2023-08-21.
gabriel-wmde set the point value for this task to 8.
gabriel-wmde moved this task from Todo to Doing on the WMDE-FUN-Sprint-2023-08-21 board.Aug 21 2023, 1:13 PM
gabriel-wmde updated the task description. (Show Details)Aug 23 2023, 8:15 AM
AbbanWMDE moved this task from Doing to Todo on the WMDE-FUN-Sprint-2023-08-21 board.Aug 28 2023, 4:32 AM
kai.nissen added a project: WMDE-FUN-Sprint-2023-09-04.Sep 4 2023, 8:29 AM
gabriel-wmde moved this task from Backlog to Sprint ready on the WMDE-Fundraising-Tech board.Sep 21 2023, 8:39 AM
gabriel-wmde moved this task from Ready for Estimation to Sprint Ready on the WMDE-Fundraising-CFR board.Oct 11 2023, 4:18 PM
gabriel-wmde added a project: WMDE-FUN-Funban-2023.Oct 16 2023, 4:06 PM
gabriel-wmde added a comment.EditedOct 16 2023, 4:10 PM

This ticket needed changes across all bounded contexts and the application:

All tickets except the Application one have been group-reviewed.

The branch is currently deployed to the test server

gabriel-wmde moved this task from Backlog to Code Review (max. 4 tasks) on the WMDE-FUN-Funban-2023 board.Oct 16 2023, 4:10 PM
gabriel-wmde moved this task from Code Review (max. 4 tasks) to Deploy to Production on the WMDE-FUN-Funban-2023 board.Oct 24 2023, 6:26 PM
kai.nissen moved this task from Deploy to Production to Done on the WMDE-FUN-Funban-2023 board.Oct 30 2023, 3:48 PM
kai.nissen closed this task as Resolved.Jan 10 2024, 9:32 AM
gabriel-wmde removed a subtask: T329162: Adapt the PayPal notification controller to handle the new types of transaction IDs.Jan 12 2024, 5:35 PM
gabriel-wmde mentioned this in T369102: 🐛 Investigate access_denied_donation_confirmation errors.Tue, Jul 2, 6:37 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits