From 1487b463e4b66dc6ab9dfd404354a0c83b645efd Mon Sep 17 00:00:00 2001
From: Dmitry Verkhoturov <paskal.07@gmail.com>
Date: Sun, 20 Oct 2024 22:30:03 +0100
Subject: [PATCH] Deprecate Twitter OAuth and remove from feature list

---
 README.md                                          | 2 +-
 backend/app/cmd/server.go                          | 8 +++++++-
 backend/app/cmd/server_test.go                     | 4 ++++
 compose-dev-backend.yml                            | 2 --
 site/src/docs/configuration/authorization/index.md | 9 ---------
 site/src/docs/configuration/email/index.md         | 2 +-
 site/src/docs/configuration/parameters/index.md    | 4 ++--
 site/src/pages/index.md                            | 2 +-
 8 files changed, 16 insertions(+), 17 deletions(-)

diff --git a/README.md b/README.md
index d37390b6e4..08bf0df9de 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 
 Remark42 is a self-hosted, lightweight and simple (yet functional) comment engine, which doesn't spy on users. It can be embedded into blogs, articles, or any other place where readers add comments.
 
-* Social login via Google, Twitter, Facebook, Microsoft, GitHub, Yandex, Patreon and Telegram
+* Social login via Google, Facebook, Microsoft, GitHub, Apple, Yandex, Patreon and Telegram
 * Login via email
 * Optional anonymous access
 * Multi-level nested comments with both tree and plain presentations
diff --git a/backend/app/cmd/server.go b/backend/app/cmd/server.go
index a0bbeef1c8..8635c2e9d5 100644
--- a/backend/app/cmd/server.go
+++ b/backend/app/cmd/server.go
@@ -105,7 +105,7 @@ type ServerCommand struct {
 		Facebook  AuthGroup  `group:"facebook" namespace:"facebook" env-namespace:"FACEBOOK" description:"Facebook OAuth"`
 		Microsoft AuthGroup  `group:"microsoft" namespace:"microsoft" env-namespace:"MICROSOFT" description:"Microsoft OAuth"`
 		Yandex    AuthGroup  `group:"yandex" namespace:"yandex" env-namespace:"YANDEX" description:"Yandex OAuth"`
-		Twitter   AuthGroup  `group:"twitter" namespace:"twitter" env-namespace:"TWITTER" description:"Twitter OAuth"`
+		Twitter   AuthGroup  `group:"twitter" namespace:"twitter" env-namespace:"TWITTER" description:"[deprecated, doesn't work] Twitter OAuth"`
 		Patreon   AuthGroup  `group:"patreon" namespace:"patreon" env-namespace:"PATREON" description:"Patreon OAuth"`
 		Telegram  bool       `long:"telegram" env:"TELEGRAM" description:"Enable Telegram auth (using token from telegram.token)"`
 		Dev       bool       `long:"dev" env:"DEV" description:"enable dev (local) oauth2"`
@@ -407,6 +407,12 @@ func (s *ServerCommand) HandleDeprecatedFlags() (result []DeprecatedFlag) {
 	if s.Notify.Telegram.API != "https://api.telegram.org/bot" {
 		result = append(result, DeprecatedFlag{Old: "notify.telegram.api", Version: "1.9"})
 	}
+	if s.Auth.Twitter.CID != "" {
+		result = append(result, DeprecatedFlag{Old: "auth.twitter.cid", Version: "1.14"})
+	}
+	if s.Auth.Twitter.CSEC != "" {
+		result = append(result, DeprecatedFlag{Old: "auth.twitter.csec", Version: "1.14"})
+	}
 	return append(result, s.findDeprecatedFlagsCollisions()...)
 }
 
diff --git a/backend/app/cmd/server_test.go b/backend/app/cmd/server_test.go
index 170e2d6205..ff6664e7cd 100644
--- a/backend/app/cmd/server_test.go
+++ b/backend/app/cmd/server_test.go
@@ -457,6 +457,8 @@ func TestServerApp_DeprecatedArgs(t *testing.T) {
 		"--notify.telegram.token=abcd",
 		"--notify.telegram.timeout=3m",
 		"--notify.telegram.api=http://example.org",
+		"--auth.twitter.cid=123",
+		"--auth.twitter.csec=456",
 	}
 	assert.Empty(t, s.SMTP.Host)
 	assert.Empty(t, s.SMTP.Port)
@@ -482,6 +484,8 @@ func TestServerApp_DeprecatedArgs(t *testing.T) {
 			{Old: "notify.telegram.token", New: "telegram.token", Version: "1.9"},
 			{Old: "notify.telegram.timeout", New: "telegram.timeout", Version: "1.9"},
 			{Old: "notify.telegram.api", Version: "1.9"},
+			{Old: "auth.twitter.cid", Version: "1.14"},
+			{Old: "auth.twitter.csec", Version: "1.14"},
 		},
 		deprecatedFlags)
 	assert.Equal(t, "smtp.example.org", s.SMTP.Host)
diff --git a/compose-dev-backend.yml b/compose-dev-backend.yml
index 2a14fa8610..27addf29ec 100644
--- a/compose-dev-backend.yml
+++ b/compose-dev-backend.yml
@@ -66,8 +66,6 @@ services:
       - AUTH_GITHUB_CSEC=1111
       - AUTH_FACEBOOK_CID=1111
       - AUTH_FACEBOOK_CSEC=1111
-      - AUTH_TWITTER_CID=1111
-      - AUTH_TWITTER_CSEC=1111
       - AUTH_PATREON_CID=1111
       - AUTH_PATREON_CSEC=1111
     volumes:
diff --git a/site/src/docs/configuration/authorization/index.md b/site/src/docs/configuration/authorization/index.md
index abe34f0a53..541bdccafa 100644
--- a/site/src/docs/configuration/authorization/index.md
+++ b/site/src/docs/configuration/authorization/index.md
@@ -83,15 +83,6 @@ _instructions for Google OAuth2 setup borrowed from [oauth2_proxy](https://githu
 4. Choose the new project from the top right project dropdown (only if another project is selected)
 5. Select **"Certificates & secrets"** and click on **"+ New Client Secret"** (`AUTH_MICROSOFT_CSEC`)
 
-### Twitter
-
-> **Important**: Twitter developer accounts created after _November 15th 2021_ need "Elevated access" to use the Standard v1.1 API routes required to work properly. Apply for this access from within the Twitter developer portal.
-
-1. Create a new Twitter application https://developer.twitter.com/en/apps
-2. Fill **App name**, **Description** and **URL** of your site
-3. In the field **Callback URLs** enter the correct URL of your callback handler, e.g. domain + `/auth/twitter/callback`
-4. Under **Key and tokens** take note of the **Consumer API Key** and **Consumer API Secret key**. Those will be used as `AUTH_TWITTER_CID` and `AUTH_TWITTER_CSEC`
-
 ### Yandex
 
 1. Create a new **"OAuth App"**: https://oauth.yandex.com/client/new
diff --git a/site/src/docs/configuration/email/index.md b/site/src/docs/configuration/email/index.md
index 94c5013598..fdfda1e373 100644
--- a/site/src/docs/configuration/email/index.md
+++ b/site/src/docs/configuration/email/index.md
@@ -14,7 +14,7 @@ This documentation describes how to enable the email-related capabilities of Rem
 
 - email notifications for any users except anonymous:
 
-  GitHub or Google or Twitter or any other kind of user gets the ability to get email notifications about new replies to their comments (and any of the responses down the tree):
+  GitHub or Google or any other kind of user gets the ability to get email notifications about new replies to their comments (and any of the responses down the tree):
 
   ![Email notifications subscription](images/email_notifications.png)
 
diff --git a/site/src/docs/configuration/parameters/index.md b/site/src/docs/configuration/parameters/index.md
index 6e36fbf829..3d1f135c3a 100644
--- a/site/src/docs/configuration/parameters/index.md
+++ b/site/src/docs/configuration/parameters/index.md
@@ -93,8 +93,6 @@ services:
 | auth.microsoft.csec            | AUTH_MICROSOFT_CSEC            |                         | Microsoft OAuth client secret                            |
 | auth.github.cid                | AUTH_GITHUB_CID                |                         | GitHub OAuth client ID                                   |
 | auth.github.csec               | AUTH_GITHUB_CSEC               |                         | GitHub OAuth client secret                               |
-| auth.twitter.cid               | AUTH_TWITTER_CID               |                         | Twitter Consumer API Key                                 |
-| auth.twitter.csec              | AUTH_TWITTER_CSEC              |                         | Twitter Consumer API Secret key                          |
 | auth.patreon.cid               | AUTH_PATREON_CID               |                         | Patreon OAuth Client ID                                  |
 | auth.patreon.csec              | AUTH_PATREON_CSEC              |                         | Patreon OAuth Client Secret                              |
 | auth.telegram                  | AUTH_TELEGRAM                  | `false`                 | Enable Telegram auth (telegram.token must be present)    |
@@ -190,6 +188,8 @@ The following list of command-line options is deprecated and might be removed in
 | notify.email.notify_admin | notify.admins=email | NOTIFY_EMAIL_ADMIN | NOTIFY_ADMINS=email | |     | 1.9.0               |
 | notify.telegram.token | telegram.token | NOTIFY_TELEGRAM_TOKEN | TELEGRAM_TOKEN | | Telegram token | 1.9.0               |
 | notify.telegram.timeout | telegram.timeout | NOTIFY_TELEGRAM_TIMEOUT | TELEGRAM_TIMEOUT | | Telegram timeout | 1.9.0     |
+| auth.twitter.cid    | none        | AUTH_TWITTER_CID      | none         |        | Twitter Consumer API Key | 1.14.0     |                                  |
+| auth.twitter.csec   | none        | AUTH_TWITTER_CSEC     | none         |     | Twitter Consumer API Secret key | 1.14.0 |                           |
 
 </details>
 
diff --git a/site/src/pages/index.md b/site/src/pages/index.md
index 698fe05093..1a7af72261 100644
--- a/site/src/pages/index.md
+++ b/site/src/pages/index.md
@@ -8,7 +8,7 @@ title: Remark42 – Privacy-focused lightweight commenting engine
 
 Remark42 allows you to have a self-hosted, lightweight, and simple (yet functional) comment engine, which doesn't spy on users. It can be embedded into blogs, articles or any other place where readers add comments.
 
-- Social login via Google, Twitter, Facebook, Microsoft, GitHub, Apple, Yandex, Patreon and Telegram
+- Social login via Google, Facebook, Microsoft, GitHub, Apple, Yandex, Patreon and Telegram
 - Login via email
 - Optional anonymous access
 - Multi-level nested comments with both tree and plain presentations