-
Notifications
You must be signed in to change notification settings - Fork 411
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Apple Pass integration #6248
Apple Pass integration #6248
Conversation
Hi @ThiefMaster , can you please stop reviewing this PR? It is marked in DRAFT and I explicitly required @OmeGak to review it. |
Don't worry, I did not plan to go more in-depth, but those are things I noticed immediately while skimming over it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Towards the end of my review I realized that Apple has stopped publicly using the term "Apple Pass" in favor of "Pass for Apple Wallet". I would suggest that we stick to this name for all variable and setting names in the code (e.g. apple_wallet
). The benefit is that both Google and Apple wallet related code will share the _wallet
suffix, making it more explicit that they are very closely related.
Besides this, please note that there a couple of issues with header checks.
indico/migrations/versions/20240227_1339_16c9445951f4_add_apple_pass_integration.py
Outdated
Show resolved
Hide resolved
indico/migrations/versions/20240227_1339_16c9445951f4_add_apple_pass_integration.py
Outdated
Show resolved
Hide resolved
I did a quick search about that, and it looks to me that the name Pass still indicates the object created, and Wallet the software to keep/display the passes. |
I think there's still lots of value in using similar terminology in the codebase, ie |
26d750b
to
2dd748a
Compare
I'll squash all the single commits AFTER the whole review process is completed. |
No need to squash since you do not have merge commits int here :) We'll squash+merge at the end anyway (same like in the google wallet PR and most other PRs), so the individual commits in the PR are perfectly fine to leave around. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Following @ThiefMaster, let's make sure to rename all apple_pass_whatever
variable names to `apple_wallet_whatever.
a85e1bc
to
bc9849b
Compare
Done. |
Just as a hint: pkpass support is not restricted to Apple, on Android e.g.the walletpasses app (check walletpasses.io) happily ingests them as well. So when presenting things to users, keep that in mind. |
@ThiefMaster, feel free to go ahead with your review. Most of my comments were already resolved. Some of the outstanding ones would help your feedback still. |
I am a bit unsure if storing signing keys and their password in the same database is something that is good security practice. I would have made those per-instance fields that are configure in the config file only. |
This is just Apple being Apple. The fact that those passbook files even NEED to be signed is kind of ridiculous. And we want to have this configurable by category, and requiring this go go through indico.conf would not scale. FWIW, the cleanest option would be some kind of "set credentials" UI that would be write-only, instead of integrating this in the general settings form. Might still be a good idea at a later point (for both the Google and Apple credentials). But overkill for the initial version (even more so while this is gated behind a feature flag in indico.conf). |
indico/modules/events/registration/templates/display/conference_home.html
Outdated
Show resolved
Hide resolved
6b46ee7
to
4149382
Compare
Co-authored-by: Adrian <adrian@planetcoding.net>
Co-authored-by: Adrian <adrian@planetcoding.net>
Co-authored-by: Adrian <adrian@planetcoding.net>
Co-authored-by: Adrian <adrian@planetcoding.net>
Also improve field labels/descriptions
We always pass a loaded cert object and never a string there
This is just to make it easier to compare it with the google one to see that they are indeed very similar
It's a no-op when it's reassigned the same value, but it feels cleaner that way
This is the standard abbrevisation we use everywhere else
a35e120
to
fdd7300
Compare
Original ticket: https://rtce-jira.unog.ch/browse/IND2-3018