这是indexloc提供的服务,不要输入任何密码
Skip to content

User Input: Flow should not trigger after granting additional scopes #2874

New issue
New issue
Closed
Closed
User Input: Flow should not trigger after granting additional scopes#2874
Labels
P0High priorityRolloverIssues which role over to the next sprintType: EnhancementImprovement of an existing feature
Milestone
Sprint 46
@fhollis

Description

@fhollis
fhollis
opened on Feb 25, 2021

When you're already connected, the user input flow is not "forced" upon you; by design you only see a dashboard notification that prompts you to do it instead. Only when you connect (or re-connect after disconnecting), the user input flow should be forced.

However, right now an existing user is also forced to answer the questions when they just want to activate a new module. After going through OAuth, the user input flow shows up the same way it would during the initial connection.

In this context it feels unrelated and IMO shouldn't happen.

Do not alter or remove anything below. The following sections will be managed by moderators only.

Acceptance criteria

  • The user input flow should never trigger after simply granting additional scopes. It should only be triggered when authenticating (i.e. get the first access token/refresh token after not being connected).

Implementation Brief

Update this action:

site-kit-wp/includes/Core/Authentication/Clients/OAuth_Client.php

Line 737 in 6e9e320

do_action( 'googlesitekit_authorize_user', $token_response );

From

do_action( 'googlesitekit_authorize_user', $token_response );

To:

do_action( 'googlesitekit_authorize_user', $token_response, $scopes, $previous_scopes );

The parameter $scopes already exists several lines up.

Get $previous_scopes with this:

site-kit-wp/includes/Core/Authentication/Clients/OAuth_Client.php

Line 416 in 6e9e320

public function get_granted_scopes() {

Update our hook call googlesitekit_authorize_user in

site-kit-wp/includes/Core/Authentication/Authentication.php

Line 296 in 6e9e320

add_action(
to use the $previous_scopes parameter and to check whether or not $previous_scopes is empty before calling $this->require_user_input();

Test Coverage

  • Add an integration test to ensure we don't need to go through user_input flow when it hasn't yet been completed, the site is already connected and we're enabling a new module:

site-kit-wp/tests/phpunit/integration/Core/Authentication/AuthenticationTest.php

Line 332 in 9ec8c98

public function test_require_user_input() {

Visual Regression Changes

QA Brief

  • Enable user input feature.
  • Connect a new site and ensure you are taken to the user input page /wp-admin/admin.php?page=googlesitekit-user-input.
  • Now reset your site.
  • Disable user input feature.
  • Connect the new site and ensure you are NOT taken to the user input page (as the feature is disabled).
  • Enable user input feature.
  • Connect another module, e.g. analytics.
  • After going through oauth flow (https://accounts.google.com/signin/oauth/consentsummary...), when you return back to sitekit, ensure that you are NOT taken to the user input page (even though the feature is enabled).

Changelog entry

  • Ensure that the user is not sent to the user input flow when granting additional scopes after being already authenticated, even if submitting the user input response is still required.

Metadata

Metadata

Assignees

No one assigned

    Labels

    P0High priorityRolloverIssues which role over to the next sprintType: EnhancementImprovement of an existing feature

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions