flake8
passed.
JSHint
passed.
Allow API tokens to be flagged as deprecated.
Review Request #12627 — Created Sept. 26, 2022 and submitted
This change introduces a concept of deprecated token generators and allows API
tokens to be considered as deprecated if they were generated by a deprecated
token generator. The deprecated token generators can be set via the
DJBLETS_DEPRECATED_TOKEN_GENERATORSsetting.Now when a deprecated token is used for authentication, a deprecation notice
will be sent via a response header. Previously, the baseWebAPIResource
class would include headers set by authentication backends in the response
only when the authentication failed. For the purposes of including
deprecation notices in successful responses, we modified theWebAPIResource
to always include any headers set by authentication backends.
- Ran all unit tests
- Made requests using deprecated and non deprecated tokens to some
Reviewboard API endpoints (specifically GET and POST requests to
/review-requests/id/reviews/) - Ran all webapi tests in the Reviewboard test suite.
| Summary | ID |
|---|---|
| d05fdaa1ac8507c72f043fbfbcba13c798c16449 |
| Description | From | Last Updated |
|---|---|---|
|
For type comparisons, it's best to use is instead of ==. Though in this case, an assertion isn't going to … |
 chipx86
|
|
|
Blank line between statements and comments. |
chipx86
|
|
|
This is best as "Returns whether ...", since it's a function and not a property. |
chipx86
|
|
|
Do we need both this and setting headers= above in some classes? |
chipx86
|
|
|
Let's alphabetize the keys. |
chipx86
|
|
|
Returns -> Return |
 david
|
|
|
Might as well update this to "Return" while we're here too. |
david
|
|
|
The final .0 isn't needed here. |
chipx86
|
|
|
Same here. This can be 3.1. |
chipx86
|
- Summary:
-
[WIP] Allow API tokens to be flagged as deprecated.Allow API tokens to be flagged as deprecated.
- Description:
-
This change introduces a concept of deprecated token generators and allows API
tokens to be considered as deprecated if they were generated by a deprecated ~ token generator. The set of deprecated token generators can be set via the ~ token generator. The deprecated token generators can be set via the DJBLETS_DEPRECATED_TOKEN_GENERATORSsetting.~ This change is still a
[WIP]due to the uncertainty over where to set~ response headers for deprecation notices when using deprecated API tokens to ~ authenticate through the API. ~ ~ Question: Should we have a setting for toggling the deprecation notices? Then
~ use this to decide if we should include the deprecation response ~ Now when a deprecated token is used for authentication, a deprecation notice
~ will be sent via a response header. Previously, the base WebAPIResource~ class would include headers set by authentication backends in the response ~ only when the authentication failed. For the purposes of including ~ deprecation notices in successful responses, we modified the WebAPIResource~ to always include any headers set by authentication backends. - header and display the deprecation notice from the tokens config page. - Testing Done:
-
+ - Ran all unit tests
+ - Made requests using deprecated and non deprecated tokens to some
Reviewboard API endpoints (specifically GET and POST requests to
/review-requests/id/reviews/)
+ - Ran all webapi tests in the Reviewboard test suite.
- Commits:
-
Summary ID 71f4f9244887b8dab56d0bf4acfb5f95dbaa8b35 d1863d4f37528d02583c42431f3a2ea794a06046 - Diff:
-
Revision 2 (+376 -38)
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
-
-
For
typecomparisons, it's best to useisinstead of==.Though in this case, an assertion isn't going to tell a consumer much. Assertions are best done when we control the input and output.
Instead, if we want to check this, we should do a conditional that raises an
ImproperlyConfigured, which is a Django exception that means "this setting (or something similar) is wrong." -
-
-
-
- Commits:
-
Summary ID d1863d4f37528d02583c42431f3a2ea794a06046 8d47a8d14201aba5de3623b9960dcdc032abb07c - Diff:
-
Revision 3 (+378 -38)
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
- Change Summary:
-
Changed the deprecation notice message.
- Commits:
-
Summary ID 8d47a8d14201aba5de3623b9960dcdc032abb07c dbc99923d3c41f3a4977b5c62374126613416e4a - Diff:
-
Revision 4 (+382 -38)
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
- Change Summary:
-
Changed "Returns" to "Return" in some docstrings.
- Commits:
-
Summary ID dbc99923d3c41f3a4977b5c62374126613416e4a 7eb80d5904f4b4ceab0c62921db5afefac73364e - Diff:
-
Revision 5 (+384 -40)
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
- Change Summary:
-
Changed
Version Added:'s to 3.1.0 and added type hints to some functions. - Commits:
-
Summary ID 7eb80d5904f4b4ceab0c62921db5afefac73364e d4e64ce8df5143b3577e1e296723743455bc45ac - Diff:
-
Revision 6 (+394 -42)
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
- Commits:
-
Summary ID d4e64ce8df5143b3577e1e296723743455bc45ac d05fdaa1ac8507c72f043fbfbcba13c798c16449 - Diff:
-
Revision 7 (+394 -42)
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.