Provide GitHub auth tokens in the Authorization header and not URL.

Review Request #10878 — Created Feb. 3, 2020 and submitted

chipx86
Review Board
release-3.0.x
reviewboard

GitHub has recently deprecated some aspects of their Authorizations API
and authentication methods, and one of those deprecations became very
public today. Review Board has historically provided the user's access
token in the URL, which is now deprecated and triggering e-mails from
GitHub warning about this deprecation.

The correct way forward is to use the Authorization header to provide
this token. This change updates all our GitHub support to do this, and
to make note of a few places where upcoming deprecations will be
affecting us.

Tested all file retrieval operations (file existence checks, file fetching)
and repository browsing (fetching of branches and commits) by way of viewing
diffs and performing operations through the New Review Request page.

Tested linking a new account, with and without a registered GitHub OAuth
app.

Tested editing account credentials, with and without a registered GitHub
OAuth app.

Unit tests pass.

Summary
Provide GitHub auth tokens in the Authorization header and not URL.
Description From Last Updated

E501 line too long (116 > 79 characters)

reviewbotreviewbot

E501 line too long (96 > 79 characters)

reviewbotreviewbot
Checks run (1 failed, 1 succeeded)
flake8 failed.
JSHint passed.

flake8

david
  1. Ship It!
  2. 
      
chipx86
Review request changed

Status: Closed (submitted)

Change Summary:

Pushed to release-3.0.x (4b205c0)
Loading...