new file mode 100644
--- /dev/null
+++ b/build/moz.configure/keyfiles.configure
@@ -0,0 +1,64 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+@template
+def keyfile(desc, help=None, callback=lambda x: x):
+ help = help or ('Use the secret key contained in the given keyfile '
+ 'for %s requests' % desc)
+ name = desc.lower().replace(' ', '-')
+ no_key = callback('no-%s-key' % name)
+
+ option('--with-%s-keyfile' % name, nargs=1, help=help)
+
+ @depends('--with-%s-keyfile' % name)
+ @checking('for the %s key' % desc, lambda x: x and x is not no_key)
+ @imports(_from='__builtin__', _import='open')
+ def keyfile(value):
+ if value:
+ try:
+ with open(value[0]) as fh:
+ result = fh.read().strip()
+ if result:
+ return callback(result)
+ except FatalCheckError:
+ raise
+ except:
+ pass
+ return no_key
+
+ return keyfile
+
+
+@template
+def simple_keyfile(desc):
+ set_config('MOZ_%s_KEY' % desc.upper().replace(' ', '_'),
+ keyfile(desc))
+
+
+@template
+def id_and_secret_keyfile(desc):
+ def id_and_secret(value):
+ if value.startswith('no-') and value.endswith('-key'):
+ id = value[:-3] + 'clientid'
+ secret = value
+ elif ' ' in value:
+ id, secret = value.split(' ', 1)
+ else:
+ raise FatalCheckError('%s key file has an invalid format.' % desc)
+ return namespace(
+ id=id,
+ secret=secret,
+ )
+
+ content = keyfile(desc, help='Use the client id and secret key contained '
+ 'in the given keyfile for %s requests' % desc,
+ callback=id_and_secret)
+
+
+ name = desc.upper().replace(' ', '_')
+ set_config('MOZ_%s_CLIENTID' % name, delayed_getattr(content, 'id'))
+ set_config('MOZ_%s_KEY' % name, delayed_getattr(content, 'secret'))
--- a/build/moz.configure/old.configure
+++ b/build/moz.configure/old.configure
@@ -260,46 +260,42 @@ def old_configure_options(*options):
'--enable-webrtc',
'--enable-websms-backend',
'--enable-webspeech',
'--enable-webspeechtestbackend',
'--enable-xul',
'--enable-zipwriter',
'--no-create',
'--prefix',
- '--with-adjust-sdk-keyfile',
'--with-android-cxx-stl',
'--with-android-distribution-directory',
'--with-android-max-sdk',
'--with-android-min-sdk',
'--with-android-sdk',
'--with-app-basename',
'--with-app-name',
'--with-arch',
- '--with-bing-api-keyfile',
'--with-branding',
'--with-crashreporter-enable-percent',
'--with-cross-lib',
'--with-debug-label',
'--with-default-mozilla-five-home',
'--with-distribution-id',
'--with-doc-include-dirs',
'--with-doc-input-dirs',
'--with-doc-output-dir',
'--with-float-abi',
'--with-fpu',
- '--with-google-api-keyfile',
'--with-intl-api',
'--with-ios-sdk',
'--with-jitreport-granularity',
'--with-linux-headers',
'--with-macbundlename-prefix',
'--with-macos-private-frameworks',
'--with-macos-sdk',
- '--with-mozilla-api-keyfile',
'--with-nspr-cflags',
'--with-nspr-exec-prefix',
'--with-nspr-libs',
'--with-nspr-prefix',
'--with-nss-exec-prefix',
'--with-nss-prefix',
'--with-pthreads',
'--with-qemu-exe',
--- a/mobile/android/base/adjust_sdk_app_token.in
+++ b/mobile/android/base/adjust_sdk_app_token.in
@@ -1,3 +1,3 @@
//#ifdef MOZ_INSTALL_TRACKING
-//#define MOZ_INSTALL_TRACKING_ADJUST_SDK_APP_TOKEN @MOZ_INSTALL_TRACKING_ADJUST_SDK_APP_TOKEN@
+//#define MOZ_INSTALL_TRACKING_ADJUST_SDK_APP_TOKEN @MOZ_SDK_APP_KEY@
//#endif
--- a/mobile/android/base/moz.build
+++ b/mobile/android/base/moz.build
@@ -960,19 +960,19 @@ if CONFIG['MOZ_ANDROID_DISTRIBUTION_DIRE
# If you change this, also change its equivalent in mobile/android/bouncer.
if not CONFIG['MOZ_ANDROID_PACKAGE_INSTALL_BOUNCER']:
# If we are packaging the bouncer, it will have the distribution, so don't put
# it in the main APK as well.
ANDROID_ASSETS_DIRS += [
'%' + CONFIG['MOZ_ANDROID_DISTRIBUTION_DIRECTORY'] + '/assets',
]
-# We do not expose MOZ_INSTALL_TRACKING_ADJUST_SDK_APP_TOKEN here because that
-# would leak the value to build logs. Instead we expose the token quietly where
-# appropriate in Makefile.in.
+# We do not expose MOZ_ADJUST_SDK_KEY here because that # would leak the value
+# to build logs. Instead we expose the token quietly where appropriate in
+# Makefile.in.
for var in ('MOZ_ANDROID_ANR_REPORTER', 'MOZ_LINKER_EXTRACT', 'MOZ_DEBUG',
'MOZ_ANDROID_SEARCH_ACTIVITY', 'MOZ_NATIVE_DEVICES', 'MOZ_ANDROID_MLS_STUMBLER',
'MOZ_ANDROID_DOWNLOADS_INTEGRATION', 'MOZ_INSTALL_TRACKING',
'MOZ_ANDROID_GCM', 'MOZ_ANDROID_EXCLUDE_FONTS', 'MOZ_LOCALE_SWITCHER',
'MOZ_ANDROID_BEAM', 'MOZ_ANDROID_DOWNLOAD_CONTENT_SERVICE',
'MOZ_SWITCHBOARD', 'MOZ_ANDROID_CUSTOM_TABS',
'MOZ_ANDROID_ACTIVITY_STREAM'):
if CONFIG[var]:
--- a/mobile/android/docs/adjust.rst
+++ b/mobile/android/docs/adjust.rst
@@ -137,20 +137,19 @@ returned.
No trace of the Adjust SDK should be present in Fennec if
``MOZ_INSTALL_TRACKING`` is not defined.
Access to the Adjust backend is controlled by a private App-specific
token. Fennec's token is managed by Release Engineering and should not
be exposed if at all possible; for example, it should *not* leak to build
logs. The value of the token is read from the file specified using the
``configure`` flag ``--with-adjust-sdk-keyfile=KEYFILE`` and stored in
-the build variable ``MOZ_INSTALL_TRACKING_ADJUST_SDK_APP_TOKEN``. The
-mozconfig specified above defaults to submitting data to a special Adjust
-sandbox allowing a developer to test Adjust without submitting false
-data to our backend.
+the build variable ``MOZ_ADJUST_SDK_KEY``. The mozconfig specified above
+defaults to submitting data to a special Adjust sandbox allowing a
+developer to test Adjust without submitting false data to our backend.
We throw an assertion if ``MOZ_INSTALL_TRACKING`` is specified but
``--with-adjust-sdk-keyfile`` is not to ensure our builders have a proper
adjust token for release and beta builds. It's great to catch some
errors at compile-time rather than in release. That being said, ideally
we'd specify a default ``--with-adjust-sdk-keyfile`` for developer builds
but I don't know how to do that.
--- a/old-configure.in
+++ b/old-configure.in
@@ -2413,56 +2413,16 @@ case "${target}" in
NSS_DISABLE_DBM=1
MOZ_THEME_FASTSTRIPE=1
MOZ_TREE_FREETYPE=1
MOZ_RAW=1
;;
esac
-# Allow to specify a Mozilla API key file that contains the secret key to be
-# used for various Mozilla API requests.
-MOZ_ARG_WITH_STRING(mozilla-api-keyfile,
-[ --with-mozilla-api-keyfile=file Use the secret key contained in the given keyfile for Mozilla API requests],
- MOZ_MOZILLA_API_KEY=`cat $withval`)
-if test -z "$MOZ_MOZILLA_API_KEY"; then
- MOZ_MOZILLA_API_KEY=no-mozilla-api-key
-fi
-AC_SUBST(MOZ_MOZILLA_API_KEY)
-
-# Allow to specify a Google API key file that contains the secret key to be
-# used for various Google API requests.
-MOZ_ARG_WITH_STRING(google-api-keyfile,
-[ --with-google-api-keyfile=file Use the secret key contained in the given keyfile for Google API requests],
- MOZ_GOOGLE_API_KEY=`cat $withval`)
-if test -z "$MOZ_GOOGLE_API_KEY"; then
- MOZ_GOOGLE_API_KEY=no-google-api-key
-fi
-AC_SUBST(MOZ_GOOGLE_API_KEY)
-
-# Allow specifying a Bing API key file that contains the client ID and the
-# secret key to be used for the Bing Translation API requests.
-MOZ_ARG_WITH_STRING(bing-api-keyfile,
-[ --with-bing-api-keyfile=file Use the client id and secret key contained in the given keyfile for Bing API requests],
- [MOZ_BING_API_CLIENTID=`cat $withval | cut -f 1 -d " "`
- MOZ_BING_API_KEY=`cat $withval | cut -f 2 -d " "`])
-if test -z "$MOZ_BING_API_CLIENTID"; then
- MOZ_BING_API_CLIENTID=no-bing-api-clientid
- MOZ_BING_API_KEY=no-bing-api-key
-fi
-AC_SUBST(MOZ_BING_API_CLIENTID)
-AC_SUBST(MOZ_BING_API_KEY)
-
-# Allow specifying an Adjust SDK key file that contains the app token used for
-# Adjust SDK requests.
-MOZ_ARG_WITH_STRING(adjust-sdk-keyfile,
-[ --with-adjust-sdk-keyfile=file Use the app token contained in the given keyfile for Adjust SDK requests],
- MOZ_INSTALL_TRACKING_ADJUST_SDK_APP_TOKEN=`cat $withval`)
-AC_SUBST(MOZ_INSTALL_TRACKING_ADJUST_SDK_APP_TOKEN)
-
# Optional Firefox for Android partner distribution directory.
MOZ_ARG_WITH_STRING(android-distribution-directory,
[ --with-android-distribution-directory=dir
Optional Firefox for Android partner distribution directory.],
MOZ_ANDROID_DISTRIBUTION_DIRECTORY=$withval)
if test -n "$MOZ_ANDROID_DISTRIBUTION_DIRECTORY"; then
# A distribution directory must have an assets/distribution directory.
@@ -2977,17 +2937,17 @@ dnl ====================================
if test -n "$MOZ_EXCLUDE_HYPHENATION_DICTIONARIES"; then
AC_DEFINE(MOZ_EXCLUDE_HYPHENATION_DICTIONARIES)
fi
dnl ========================================================
dnl = Include install tracking on Android
dnl ========================================================
if test -n "$MOZ_INSTALL_TRACKING"; then
- if test -z "$MOZ_INSTALL_TRACKING_ADJUST_SDK_APP_TOKEN"; then
+ if test -z "$MOZ_ADJUST_SDK_KEY"; then
AC_MSG_ERROR([Must specify --with-adjust-sdk-keyfile when MOZ_INSTALL_TRACKING is defined!])
fi
fi
dnl ========================================================
dnl = Enable IPDL's "expensive" unit tests
dnl ========================================================
MOZ_IPDL_TESTS=
--- a/python/mozbuild/mozbuild/test/configure/test_checks_configure.py
+++ b/python/mozbuild/mozbuild/test/configure/test_checks_configure.py
@@ -5,17 +5,20 @@
from __future__ import absolute_import, print_function, unicode_literals
from StringIO import StringIO
import os
import sys
import textwrap
import unittest
-from mozunit import main
+from mozunit import (
+ main,
+ MockedOpen,
+)
from mozbuild.configure import (
ConfigureError,
ConfigureSandbox,
)
from mozbuild.util import exec_
from mozpack import path as mozpath
@@ -800,11 +803,102 @@ class TestChecksConfigure(unittest.TestC
includes=includes)
self.assertEqual(status, 1)
self.assertEqual(output, textwrap.dedent('''\
checking for pkg_config... %s
checking for pkg-config version... 0.8.10
ERROR: *** Your version of pkg-config is too old. You need version 0.9.0 or newer.
''' % mock_pkg_config_path))
+ def test_simple_keyfile(self):
+ includes = ('util.configure', 'checks.configure', 'keyfiles.configure')
+
+ config, output, status = self.get_result(
+ "simple_keyfile('Mozilla API')", includes=includes)
+ self.assertEqual(status, 0)
+ self.assertEqual(output, textwrap.dedent('''\
+ checking for the Mozilla API key... no
+ '''))
+ self.assertEqual(config, {
+ 'MOZ_MOZILLA_API_KEY': 'no-mozilla-api-key',
+ })
+
+ config, output, status = self.get_result(
+ "simple_keyfile('Mozilla API')",
+ args=['--with-mozilla-api-keyfile=/foo/bar/does/not/exist'],
+ includes=includes)
+ self.assertEqual(status, 0)
+ self.assertEqual(output, textwrap.dedent('''\
+ checking for the Mozilla API key... no
+ '''))
+ self.assertEqual(config, {
+ 'MOZ_MOZILLA_API_KEY': 'no-mozilla-api-key',
+ })
+
+ with MockedOpen({'key': 'fake-key\n'}):
+ config, output, status = self.get_result(
+ "simple_keyfile('Mozilla API')",
+ args=['--with-mozilla-api-keyfile=key'],
+ includes=includes)
+ self.assertEqual(status, 0)
+ self.assertEqual(output, textwrap.dedent('''\
+ checking for the Mozilla API key... yes
+ '''))
+ self.assertEqual(config, {
+ 'MOZ_MOZILLA_API_KEY': 'fake-key',
+ })
+
+ def test_id_and_secret_keyfile(self):
+ includes = ('util.configure', 'checks.configure', 'keyfiles.configure')
+
+ config, output, status = self.get_result(
+ "id_and_secret_keyfile('Bing API')", includes=includes)
+ self.assertEqual(status, 0)
+ self.assertEqual(output, textwrap.dedent('''\
+ checking for the Bing API key... no
+ '''))
+ self.assertEqual(config, {
+ 'MOZ_BING_API_CLIENTID': 'no-bing-api-clientid',
+ 'MOZ_BING_API_KEY': 'no-bing-api-key',
+ })
+
+ config, output, status = self.get_result(
+ "id_and_secret_keyfile('Bing API')",
+ args=['--with-bing-api-keyfile=/foo/bar/does/not/exist'],
+ includes=includes)
+ self.assertEqual(status, 0)
+ self.assertEqual(output, textwrap.dedent('''\
+ checking for the Bing API key... no
+ '''))
+ self.assertEqual(config, {
+ 'MOZ_BING_API_CLIENTID': 'no-bing-api-clientid',
+ 'MOZ_BING_API_KEY': 'no-bing-api-key',
+ })
+
+ with MockedOpen({'key': 'fake-id fake-key\n'}):
+ config, output, status = self.get_result(
+ "id_and_secret_keyfile('Bing API')",
+ args=['--with-bing-api-keyfile=key'],
+ includes=includes)
+ self.assertEqual(status, 0)
+ self.assertEqual(output, textwrap.dedent('''\
+ checking for the Bing API key... yes
+ '''))
+ self.assertEqual(config, {
+ 'MOZ_BING_API_CLIENTID': 'fake-id',
+ 'MOZ_BING_API_KEY': 'fake-key',
+ })
+
+ with MockedOpen({'key': 'fake-key\n'}):
+ config, output, status = self.get_result(
+ "id_and_secret_keyfile('Bing API')",
+ args=['--with-bing-api-keyfile=key'],
+ includes=includes)
+ self.assertEqual(status, 1)
+ self.assertEqual(output, textwrap.dedent('''\
+ checking for the Bing API key... no
+ ERROR: Bing API key file has an invalid format.
+ '''))
+ self.assertEqual(config, {})
+
if __name__ == '__main__':
main()
--- a/toolkit/moz.configure
+++ b/toolkit/moz.configure
@@ -458,8 +458,20 @@ system_gpsd = pkg_check_modules('MOZ_GPS
set_config('MOZ_GPSD', system_gpsd)
# Miscellaneous programs
# ==============================================================
check_prog('TAR', ('gnutar', 'gtar', 'tar'))
check_prog('UNZIP', ('unzip',))
check_prog('ZIP', ('zip',))
+
+# Key files
+# ==============================================================
+include('../build/moz.configure/keyfiles.configure')
+
+simple_keyfile('Mozilla API')
+
+simple_keyfile('Google API')
+
+id_and_secret_keyfile('Bing API')
+
+simple_keyfile('Adjust SDK')