Four patches at:
http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-glib&name=tag
-support

AgService inherits tags from AgServiceType, unless .service file specifies tags.

I pushed some documentation improvements to the doc-improvements branch:

http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-glib&name=doc
-improvements

starting at:

http://code.google.com/p/accounts-sso/source/detail?r=50c31a401a1c338d2f16804afe
f9b05f6849985b&name=doc-improvements&repo=libaccounts-glib

Mostly minor stuff, except for the deprecation of ag_account_sign(), 
ag_account_verify() and ag_account_verify_with_tokens():

http://code.google.com/p/accounts-sso/source/detail?r=fb24d87ff5d79f06403f615bbb
ee9ff3a153fee6&name=doc-improvements&repo=libaccounts-glib

As those methods no longer do anything useful, I deprecated them and added some 
build infrastructure for disabling deprecation warnings while building the 
library.

http://code.google.com/p/accounts-sso/source/detail?r=d06904e2322c8a5ee362057dd2
b3b74eba62dce0&name=smack-ac&repo=signond

http://code.google.com/p/accounts-sso/source/detail?r=d272aa52048a22b5f5dcc8b7ec
b2bc5af16617ca&name=gvalue-deprecation&repo=libaccounts-glib

Fix a failure to build when deprecation warnings are treated as errors. Builds 
fine for me. More details at:

http://git.gnome.org/browse/glib/commit/?id=f42fe6cdc056b77f74ff6e332389d444c50a
e7dc

Allow per-user configuration of signond: read signond settings from 
~/config/signond.conf, with fallback to /etc/signond.conf.

http://code.google.com/p/accounts-sso/source/detail?r=5372d62a03572e4b23bdd49f11
f977ad70c74909&name=user-config&repo=signond
http://code.google.com/p/accounts-sso/source/detail?r=43f26cb3cc7f72ac33a0005fab
feba832c57156c&name=user-config&repo=signond

branch: 
http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-glib&name=aut
h-settings

(all commits after this:
http://code.google.com/p/accounts-sso/source/detail?r=c321c8d3461062aaeb2c4df984
c2b355a1044c28&name=auth-settings&repo=libaccounts-glib
)

The target branch is the ubuntu branch, because this new functionality is not 
useful if authentication parameters are not stored in the accounts under a 
different schema.

However, if Jussi thinks that this way of storing authentication parameters is 
also useful for Tizen, then we can target the "master" branch as well.


The schema we are going to use for storing the authentication data is the 
following:

- the method and mechanism names are stored in the "auth/method" and 
"auth/mechanism" keys, respectively.

- the authentication parameters (for the libsignon AuthSession::process() 
method, for instance) are stored under the "auth/<method>/<mechanism>/" group: 
all keys present under this prefix will be returned to the application.

In both cases, both the service and the global sections of the account are 
read, and their data is merged together (precedence goes to service-specific 
settings).
The application is in any case able to override these parameters, and add its 
own.

Unit tests are currently failing, due to fde7709de87a.

Branch:
http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-glib&name=dat
adir

Commit: "ad336041ce46 - Store accounts.db under $XDG_CONFIG_HOME."

This branch removes the dependency on libcryptsetup: an AbstractCryptoManager 
with a dummy default implementation (DefaultCryptoManager) is added.
The existing libcryptsetup-based implementation is moved into another directory 
as an extension, which is compiled only if libcryptsetup is installed.

Jussi, if you are working on changes to the CryptoManager I'd recommend you to 
use this branch, because otherwise merging our works might become tricky (since 
I moved some files to another directory).

Also, let me know if you prefer to move the CryptoManager extension into a new 
repository; that would make things simpler.

See "applications" branch, from this commit on:
http://code.google.com/p/accounts-sso/source/detail?r=736640bf875b37f17e1d9ed4f1
59e74421c57ef1&name=applications&repo=libaccounts-glib

See commit messages

http://code.google.com/p/accounts-sso/source/detail?r=28911ce5d59c056346c9730dcb
5905688451beb6&name=bindings&repo=libaccounts-glib

http://code.google.com/p/accounts-sso/source/detail?r=c4df83bc7cf34803a395d0c792
215eaafc07f050&name=bindings&repo=libaccounts-glib

See the commit messages for details:

http://code.google.com/p/accounts-sso/source/detail?r=027db232cf80eea8d1318b1527
64f834cb64b15e&name=mechanism-and-store&repo=signond

http://code.google.com/p/accounts-sso/source/detail?r=cd235fee7ad288ab99b9ae91a1
a302ddabab3b13&name=mechanism-and-store&repo=signond

Purpose of code changes on this branch:
New AccountService API

Please review commits from June 22nd:
http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-glib&name=acc
ount-service-impl

Please see the commits after this, from the "username" branch:

http://code.google.com/p/accounts-sso/source/detail?r=371d1d588c370582e0af51656a
e27439cbd1cf3b&name=username&repo=signond

The main feature is that when we get the username and password back from the 
signon UI, both can be stored in the identity (if it's not yet validated), and 
not just the password.

The commits also clean up the update logic a bit, and avoid storing the 
username in the secrets DB unless the username is secret.

This branch makes it possible to run signond unit tests locally, without having 
to run "make install".

http://code.google.com/p/accounts-sso/source/list?repo=signond&name=tests

This branch also include other commits from 
http://code.google.com/p/accounts-sso/issues/detail?id=7 and 
http://code.google.com/p/accounts-sso/issues/detail?id=9, so I'd recommend to 
review those branches first.

The current way of reading settings out of the accounts DB is quite cumbersome 
for language bindings, because it requires initializing a GValue.

We should add override files for Python and Vala which provide methods like 
::get_string(), ::get_int(), ::get_bool(), both to the Account and 
AccountService classes.

Please see the commits in:

http://code.google.com/p/accounts-sso/source/list?repo=libsignon-glib&name=tests
-no-dbus

from "43590db63315 - Tests: do not install test scripts" on.

Purpose of code changes on the documentation-updates branch:

http://code.google.com/p/accounts-sso/source/list?repo=libsignon-glib&name=docum
entation-updates

Improve the gtk-doc documentation build setup so that a test is run during make 
check in order to verify full documentation coverage of public symbols. I made 
the test pass by adding missing documentation and fixing markup in some places.

After the review, I'll merge this branch into:

master

GObject introspection facilitates the development of language bindings.

If a the client's session data contained a window ID, remember it and
use it for all UI requests which will happen on this session.

http://code.google.com/p/accounts-sso/source/detail?r=24c12821a62c65de1a47198ae0
1593c8ed7fa80f&name=window-id&repo=signond

Branch:
http://code.google.com/p/accounts-sso/source/list?repo=libsignon-glib&name=intro
spection

Commits:
c2931b6 Remove signon_identity_verify_user()
a45d0f5 Remove signon_identity_info_{get,set}_identity_ref_count
bcd863c Add GObject introspection tags
f0caffe Define SignonIdentityInfo as boxed type
5805883 Fix a dangerous typo
71d7cae Move SignonIdentityInfo to own source file
00a1cd4 Update gitignore
e1a8cdf Setup GObject introspection

    Forward the credentials ID to signon-ui

    Letting signon-ui know the ID of the credentials being processed allows
    it to implement some caching functionality: for instance, the browser
    cookies could be reused across different invocations of signon-ui for
    the same identity.
    By all means, this is not meant to be a way for signon-ui to query the
    signond DB.

http://code.google.com/p/accounts-sso/source/detail?r=11d4eb8292137efb4c9748d4c9
5ffcee258fc250&name=sso-id&repo=signond

Please see commits in:

http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-qt&name=fix-t
ests

starting from "4839cc840449 - Fix Account::allKeys".

I am trying to remove aegis/mssf dependency from the main AccessControlManager 
class by making it virtual and then writing the MSSFAccessControlManager and 
SmackAccessControlManager implementations for it. The header file for the 
virtual class in in the attachment. I just slightly modified some functions 
names to be more generic, added a function to check a particular access (I 
believe that it is a basic function that should be exposed by any generic 
access control manager).

Please provide your comments on API. 

See all commits in the branch

http://code.google.com/p/accounts-sso/source/list?repo=signond&name=dbus-test-ru
nner

since 06111ec7548f (included).


The first commit fixes the checkPassword() API, which I recently broke (and 
forgot to run unit tests back then...).

Then there are a few patches which introduce a way to have the signond process 
quit after a configurable timeout.

Finally, some more changes to the tests, to prevent loading of extensions while 
running the tests, and use dbus-test-runner (if available) to run the tests 
under a separate D-Bus session.

The attached patch ensures the pkgconfig files get installed.

This branch adds GObject introspection:
http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-glib&name=int
rospection

Commits:
03c646b Add introspection information
93faf1d Require Glib 2.26
8bf5001 Avoid including files in between of declarations
b73c2b6 Setup GObject introspection

See all commits in the session-data, from this on:
http://code.google.com/p/accounts-sso/source/detail?r=978d82285c9dfd9967240570c7
99d0cc02b1988f&name=session-data&repo=signond

The first commit reverts a mistake which I recently mada: the window ID should 
not be cached as a member in the SignonSessionCore object, since the same 
objects is potentially used multiple times (and by different applications).

The second commit takes a copy of the original SessionData which the 
application sent, and allows the signon UI to access that.

The last commit simply defines a new key.

Right now, an extension which wants to reimplement just one factory method 
needs to reimplement all methods and make the return 0.

The following changes make the interface non abstract:

http://code.google.com/p/accounts-sso/source/detail?r=7ea9548d610553698a201a628d
3c2bcdc356c44b&name=non-abstract-interface&repo=signond

http://code.google.com/p/accounts-sso/source/detail?r=e804388ae992791aba09c530eb
1803d9ef583d9e&name=non-abstract-interface&repo=signond

Although ‘id’ is a struct field, it is marked as being writable and 
construct-only when it is installed, so cannot be easily read via 
GObject-Introspection consumers, such as Vala.

http://code.google.com/p/accounts-sso/source/detail?r=34bdf7e4689be9e9adb44488b2
7e04eff95c2da3&name=agaccount-id&repo=libaccounts-glib

The above commit marks the property as readable, and adds a GObject property 
getter. The other properties on AgAccount might also be treated in the same 
way, and I can add that if desired.

[deleted issue]

http://code.google.com/p/accounts-sso/source/detail?r=49be1510c1ff23ee9263bcaaaf
fd3ebfc2c8f9c8&name=password&repo=signon-plugin-oauth2

This allows prefilling the login form.

http://code.google.com/p/accounts-sso/source/detail?r=b56afaa779755d281caa3d3b07
435875f04cd0b3&name=display&repo=signon-plugin-oauth2

Strings should be URL-encoded UTF-8 to support international strings.

At least one place is broken.
http://code.google.com/p/accounts-sso/source/detail?r=37bbd4e87879f5f8c0ec72e547
969d05709ba6f2&name=fixes&repo=signon-plugin-oauth2

Just a couple of trivial commits:

http://code.google.com/p/accounts-sso/source/list?repo=signond&name=fix-warnings

The main reason to introduce this change was supporting string lists types 
(G_TYPE_STRV).
Using GVariant brings in support for all types supported by D-Bus, but the 
g_dbus_gvalue_to_gvariant() functions we are using limits the support to the 
basic types only; however, when compared with the home-backed type conversion, 
this change brings in support for arrays of strings and doubles.


http://code.google.com/p/accounts-sso/source/detail?r=5dcc0fb793434ea387aac6598f
d1b26a55b3f3ec&name=stringlist&repo=libaccounts-glib
http://code.google.com/p/accounts-sso/source/detail?repo=libaccounts-glib&name=s
tringlist&r=fa8270a67122b3f6d5e6791d332440e2b367c8ed
(these first two commits are not relevant to this specific issue)

http://code.google.com/p/accounts-sso/source/detail?repo=libaccounts-glib&name=s
tringlist&r=ccce41276bc74bc18a0082051a1caee5d074ca00
http://code.google.com/p/accounts-sso/source/detail?repo=libaccounts-glib&name=s
tringlist&r=cfda9e2a879dc983adc13d72b73881ece7db4414

SASL plugin introduces external dependencies to the signond source package and 
should be moved to a separate source package to limit signond source package 
dependencies to those strictly necessary for the core functionality.

I made some general improvements to the gtk-doc comments and build process, so 
the documentation is now a lot more complete, to the point where a newly-added 
test passes with 100% symbol coverage. I split the changes into a few separate 
patches, on the minor-fixes branch.

https://code.google.com/p/accounts-sso/source/detail?r=3febaea9a6a75264354c93f58
ee678ca4f2eb642&name=minor-fixes&repo=libaccounts-glib
https://code.google.com/p/accounts-sso/source/detail?repo=libaccounts-glib&name=
minor-fixes&r=d28c0583280e31ecb3b69c5f8e17806ba0e02acc
https://code.google.com/p/accounts-sso/source/detail?repo=libaccounts-glib&name=
minor-fixes&r=e1d913d0ee379a8e1e646cc3bade848494aa55a1
https://code.google.com/p/accounts-sso/source/detail?repo=libaccounts-glib&name=
minor-fixes&r=58e1ffb113ec19ac632deb26069ccbe23bce21e3
https://code.google.com/p/accounts-sso/source/detail?repo=libaccounts-glib&name=
minor-fixes&r=21559bce52366d281257be45c2a0303db807ecbc
https://code.google.com/p/accounts-sso/source/detail?repo=libaccounts-glib&name=
minor-fixes&r=73d9e2fbbdb0ed2caf8cc3da75b180589002856b

    Currently PyGObject doesn't support marshalling of string lists (see
    https://bugzilla.gnome.org/show_bug.cgi?id=666636 ), so we need to
    workaround this limitation somehow.
    This is a quick hack: we add a GI overrides file which hooks into the
    Signon.AuthSession.process() methods and converts string arrays into a
    single concatenated string; this string gets recognized in
    libsignon-glib and the argument is converted to a GStrv just before the
    arguments are sent to D-Bus.

http://code.google.com/p/accounts-sso/source/detail?r=2df696970e20dd3540a5d04983
d020b088f56c79&name=python&repo=libsignon-glib

GObject introspection facilitates the development of language bindings.

Please see the commits in:

http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-glib&name=dbu
s-test-runner

starting from "35fe879cb89e - Do not install test scripts".

Move access control checks into extensions and use abstract as a default no-op 
one.

http://code.google.com/p/accounts-sso/source/list?repo=signond&name=ac-plugins

Remove D-Bus encryption support for signond. This allows us to drop the 
dependency on libsignoncrypto-{qt,glib} and simplify the code a bit.

The plan is to switch to p2p D-Bus or to some other IPC which doesn't allow 
eavesdropping.

http://code.google.com/p/accounts-sso/source/detail?r=f7897a3e74daea8a0f9c3f6c89
a352beaa08f104&name=no-dbus-encryption&repo=signond

Purpose of code changes on this branch:
64bit compilation, execution of unit tests.

http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-qt&name=ubunt
u-fixes

These changes introduce the possibility of replacing the default SQLite-based 
storage for the user credentials via SignOn extensions.

In Ubuntu, this will be used to interface signond with GNOME keyring. The GNOME 
keyring interfaces is already written:
http://bazaar.launchpad.net/~webcredentials-team/opensesame-keyring-extension/tr
unk/files

The new class is AbstractSecretsStorage, and the current SQLite-based 
implementation is moved DefaultSecretsStorage.

The branch is 
http://code.google.com/p/accounts-sso/source/list?repo=signond&name=credentials-
plugin
The commits to review are (the others are already in master):
http://code.google.com/p/accounts-sso/source/detail?r=76c19dbeb14009733bd1a3ed8c
88d3f37a76f463&name=credentials-plugin&repo=signond
http://code.google.com/p/accounts-sso/source/detail?r=b913cbf8a0887fd8e69b402fd6
d529fea6c145a1&name=credentials-plugin&repo=signond
http://code.google.com/p/accounts-sso/source/detail?r=e79cfd873e6b18182123b2f535
6b9e174fd5724a&name=credentials-plugin&repo=signond
http://code.google.com/p/accounts-sso/source/detail?r=2e8883a3244cc28f66a1882212
0b9f7ef92a862e&name=credentials-plugin&repo=signond
http://code.google.com/p/accounts-sso/source/detail?r=ff53fcb30c33d477f658df8104
7c2b6ff43ae495&name=credentials-plugin&repo=signond

If you desire to try it out, please merge this into a merge derived from the 
current master (because this branch is a bit old and doesn't have all the 64bit 
build fixes in it).

AgApplication was missing from the generated documentation, and there were a 
few errors from gtk-doc which meant that ‘make check’ failed. Changes on 
the documentation-fixes branch:

http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-glib&name=doc
umentation-fixes

Three commits starting at:

http://code.google.com/p/accounts-sso/source/detail?r=8b550937a21f4cad184e9dabef
bee5dbdda7d833&name=documentation-fixes&repo=libaccounts-glib

The change to make ag_manager_get_application() public was to keep it in line 
with the other getters in AgManager, and because it was already linked from the 
AgApplication documentation. If this is not desired, I can remove the 
references to it.

This method exists in the signond D-Bus interface, but it's not available in 
the GLib client API.

Hi,

We have been discussing with Jussi on making small (mostly conceptual changes) 
to AC in signond in order to make it fit the strict mandatory access control 
policies that certain platforms might require. I have written a summary of 
proposal in the attached doc with an example and would like to bring it for a 
wider review now. 

Please provide your comments/suggestions. 

Best Regards,
Elena.

Fix build for x86-64:
http://code.google.com/p/accounts-sso/source/list?repo=libaccounts-qt&name=x64-b
uildfix

A couple of adjustments for having unit tests execute properly in the 
uninstalled case:

http://code.google.com/p/accounts-sso/source/detail?r=f89257fb8e393c7e4f4722819c
359a263dc4a215&name=fix-unit-test&repo=signond
http://code.google.com/p/accounts-sso/source/detail?r=b898b4188cbebdc47440b710ab
2cba74d634c72c&name=fix-unit-test&repo=signond