From 2da8567df73d21481f32e5bda6aca3cc50a75bbb Mon Sep 17 00:00:00 2001
From: Emily Stark <emily@meteor.com>
Date: Mon, 12 May 2014 13:49:35 -0700
Subject: [PATCH] Add OAuth login to package stats reporting

---
 tools/auth.js  | 13 ++++++++++---
 tools/stats.js | 24 +++++++++++++++++++-----
 2 files changed, 29 insertions(+), 8 deletions(-)

diff --git a/tools/auth.js b/tools/auth.js
index 80233c1615..7f43d901fa 100644
--- a/tools/auth.js
+++ b/tools/auth.js
@@ -473,8 +473,12 @@ var oauthFlow = function (conn, options) {
     credentialToken
   );
 
+  // XXX We're using a test-only flag here to just get the raw
+  // credential secret (instead of a bunch of code that communicates the
+  // credential secret somewhere else); this should be temporary until
+  // we give this a nicer name and make it not just test only.
   var redirectResult = httpHelpers.request({
-    url: authorizeResult.location,
+    url: authorizeResult.location + '&only_credential_secret_for_test=1',
     method: 'GET',
     strictSSL: true
   });
@@ -489,7 +493,10 @@ var oauthFlow = function (conn, options) {
 
   // XXX tokenId???
   var loginResult = conn.apply('login', [{
-    oauth: { credentialToken: credentialToken }
+    oauth: {
+      credentialToken: credentialToken,
+      credentialSecret: response.body
+    }
   }], { wait: true });
 
   if (loginResult.token && loginResult.id) {
@@ -1028,7 +1035,7 @@ exports.loggedInUsername = function () {
   return loggedIn(data) ? currentUsername(data) : false;
 };
 
-// Given a DDP connection, log in with OAuth using Meteor developer
+// Given a ServiceConnection, log in with OAuth using Meteor developer
 // accounts. Assumes the user is already logged in to the developer
 // accounts server.
 exports.loginWithTokenOrOAuth = function (conn, url, domain, sessionType) {
diff --git a/tools/stats.js b/tools/stats.js
index 2b816b8d58..2e718d749c 100644
--- a/tools/stats.js
+++ b/tools/stats.js
@@ -1,8 +1,11 @@
+var Fiber = require("fibers");
+var _ = require("underscore");
+
 var config = require("./config.js");
 var uniload = require("./uniload.js");
-var Fiber = require("fibers");
 var project = require("./project.js");
-var _ = require("underscore");
+var auth = require("./auth.js");
+var ServiceConnection = require("./service-connection.js");
 
 // Return a list of packages used by this app, both directly and
 // indirectly. Formatted as a list of objects with 'name', 'version'
@@ -28,11 +31,22 @@ var recordPackages = function (appDir) {
   // to the package stats server. If we can't connect, for example, we
   // don't care; we'll just miss out on recording these packages.
   Fiber(function () {
-    var DDP = uniload.load({
+    var Package = uniload.load({
       packages: ["livedata"]
-    }).livedata.DDP;
-    var conn = DDP.connect(config.getPackageStatsServerUrl());
+    });
+    var conn = new ServiceConnection(
+      Package,
+      config.getPackageStatsServerUrl()
+    );
 
+    if (auth.isLoggedIn()) {
+      auth.loginWithTokenOrOAuth(
+        conn,
+        config.getPackageStatsServerUrl(),
+        config.getPackageStatsServerDomain(),
+        "package-stats-server"
+      );
+    }
     // XXX do the right thing in the following cases:
     // not logged in to meteor account
     // logged in to meteor accounts, but not logged into package stats server