flake8
failed.
JSHint
passed.
flake8
-
rbtools/utils/web_login_server.py (Diff revision 1)
Add web-based logon.
Review Request #12981 — Created May 5, 2023 and submitted
This adds web-based logon for to RBTools. This allows users of RBTools to
authenticate to the Review Board server via a web browser. This is useful for
users who authenticate to Review Board using SSO or similar methods, and would
like to use those methods to authenticate to RBTools. To do this we spin up a
local server which redirects to Review Board's login page and then receives
an API token from the Review Board server to authenticate with.
- Ran unit tests.
- Manually tested the login flow with successful logins and failed logins.
- Tested logging in again while logged in and logging out
- Tested with automatically opening a browser (the
-oflag). - Tested logging in/out with the traditional login flow.
- Tested exiting the command.
- Tested running two instances of the web login server at the same time.
Saw that the servers ran on different ports and was able to complete
the login flow on both. - Tested timing out the web login server.
- Tested on RB5, RB6 and RB7.
- Tested using a version that is too old to support web-based login.
- Tested using a version that have the
client_web_loginserver
capabilities bug (5.0.5-5.0.7 and 6.0-6.0.2). - Tested using RB7 with the capabilities bug fix.
| Summary | ID |
|---|---|
| 2182d1057713651347ffa618c02240d58d179eb7 |
| Description | From | Last Updated |
|---|---|---|
|
There's one design consideration we should figure out. This all works great for the case of rbt commands, but RBTools … |
 chipx86
|
|
|
I'm not sure of how I should add unit tests for this request handler. I'm not sure how to mock … |
 maubin
|
|
|
line too long (80 > 79 characters) Column: 80 Error code: E501 |
 reviewbot
|
|
|
): should be on the next line. Can you update this to specify types while here? |
chipx86
|
|
|
Let's require keyword arguments here. Helps with letting us add/rearrange arguments as we go without breaking API. |
chipx86
|
|
|
These are missing documentation. |
chipx86
|
|
|
, optional |
chipx86
|
|
|
I think we should use the same user agent we use for API requests (defined in api/request.py), so we can … |
chipx86
|
|
|
Let's make these keyword-only. Same with ones below. |
chipx86
|
|
|
Version Added will show as part of the description, so this will need to be above Args. |
chipx86
|
|
|
For logging statements, we should avoid f-strings and instead pass parameters to the logging function. These get tracked separately, allowing … |
chipx86
|
|
|
Blank line between statements and blocks. |
chipx86
|
|
|
Since we're repeating this block of code, we should have a standard function somewhere for opening pages in a browser. |
chipx86
|
|
|
This should go before Returns. |
chipx86
|
|
|
Can we use constants to define this range? Even if just as arguments to this function. That'll help document them … |
chipx86
|
|
|
Hmm. Instead of "traditional", maybe "console" or "terminal"? |
 david
|
|
|
I think I'd prefer to revert this change. |
david
|
|
|
Type here doesn't match the type hint. |
david
|
|
|
Typo: loggin -> logging |
david
|
|
|
Let's plumb the capabilities object in the command through to here, so we can use capabilities.has_capability('authentication', 'client_web_login') |
david
|
|
|
Too many logins. Let's say "The login command now directs the user to log in via the Review Board web … |
david
|
|
|
And here. |
david
|
|
|
Could do: if capabilities is None: capabilities = Capabilities(server_info.capabilities) return capabilities.has_capability(...) |
david
|
|
|
This is technically not a Python Standard Library, so it should go in a 3rd-party group. |
chipx86
|
|
|
"shut down" |
chipx86
|
|
|
Types should go on the next line, indented 4. Same below. |
chipx86
|
|
|
Summary must be a single line. Same with ones below. |
chipx86
|
|
|
Let's call this timeout_time_secs, so it's always clear what the unit is. |
chipx86
|
|
|
Let's add a unit of time here as well. Does it need to be a float? |
chipx86
|
|
|
We should just use the local variables here. |
chipx86
|
|
|
Both of these should be , optional. |
chipx86
|
|
|
I'd rather we avoid a SystemExit here, since potentially this is being used in a third-party codebase. It'd be better … |
chipx86
|
|
|
Same comment as above re: the type being on the next line. This applies throughout the file. |
chipx86
|
|
|
Missing docs for this. |
chipx86
|
|
|
There's an extra blank line here. |
chipx86
|
|
|
This string should use single quotes. Also noticed that the casing is different than the other headers. Pretty sure these … |
chipx86
|
|
|
This function doesn't have a return type, so no need for the return None. |
chipx86
|
-
-
rbtools/utils/web_login_server.py (Diff revision 1) I'm not sure of how I should add unit tests for this request handler. I'm not sure how to mock an
HTTPServerin order to test things, or if I should just run a server on localhost:8000 or something during the tests.
Summary: |
|
|||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Description: |
|
|||||||||||||||||||||||||||||||||
Testing Done: |
|
|||||||||||||||||||||||||||||||||
Commits: |
|
|||||||||||||||||||||||||||||||||
Branch: |
|
|||||||||||||||||||||||||||||||||
Depends On: |
|
|||||||||||||||||||||||||||||||||
Diff: |
Revision 2 (+1376 -22) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
-
-
There's one design consideration we should figure out. This all works great for the case of
rbtcommands, but RBTools can also be consumed via services that may need to talk to multiple Review Board servers (in theory) and may or may not be multi-threaded.Right now, the web server and its state are global, so the first login to a server wins. There's also only one server that can run at a time. And we have to block on response.
I think an alternative approach could provide wider compatibility with different use cases:
-
Have a class that manages all this state and the server.
WebLoginManageror something. This would contain the functionality for creating a server, starting it, and querying successful login. -
Allow this to take a callback function for when login is successful, which is called immediately after setting
self.login_successful. -
Add a
wait_successful()method or something that can do the blocking loop waiting for success/fail (you'll probably want atime.sleep(0.1)to avoid high-CPU usage), making it easy to use for therbtcase. -
Introduce timeouts. This should probably be on
WebLoginManager. After a certain amount of time, the server shuts down and any blocking operations give up. This avoids the situation where a background process outputs a URL and just stalls for ever, and covers the blocking loop and async results usages.
This would allow for multiple (even concurrent) web login processes, and avoid global state to avoid threading issues. It'd also give async processes a way to wait for successful login/timeout (important for UI processes, such as possible IDE integrations)
-
-
rbtools/utils/users.py (Diff revision 2) ):should be on the next line.Can you update this to specify types while here?
-
rbtools/utils/web_login_server.py (Diff revision 2) Let's require keyword arguments here. Helps with letting us add/rearrange arguments as we go without breaking API.
-
-
-
rbtools/utils/web_login_server.py (Diff revision 2) I think we should use the same user agent we use for API requests (defined in
api/request.py), so we can more easily trace user agent activity in logs. -
rbtools/utils/web_login_server.py (Diff revision 2) Let's make these keyword-only. Same with ones below.
-
rbtools/utils/web_login_server.py (Diff revision 2) Version Addedwill show as part of the description, so this will need to be aboveArgs. -
rbtools/utils/web_login_server.py (Diff revision 2) For logging statements, we should avoid f-strings and instead pass parameters to the logging function. These get tracked separately, allowing the message and the arguments to be pulled out separately by logging implementations.
Same elsewhere.
-
-
rbtools/utils/web_login_server.py (Diff revision 2) Since we're repeating this block of code, we should have a standard function somewhere for opening pages in a browser.
-
-
rbtools/utils/web_login_server.py (Diff revision 2) Can we use constants to define this range? Even if just as arguments to this function. That'll help document them a bit better.
Testing Done: |
|
|||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Commits: |
|
|||||||||||||||||||||||||||
Depends On: |
|
|||||||||||||||||||||||||||
Diff: |
Revision 3 (+1894 -26) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
-
-
rbtools/commands/login.py (Diff revision 3) Hmm. Instead of "traditional", maybe "console" or "terminal"?
-
-
Commits: |
|
|||||||
|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 4 (+1892 -24) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
Change Summary:
- Updated docs.
- Checks if the server supports web-based login before doing it.
Testing Done: |
|
|||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Commits: |
|
|||||||||||||||||||||||||||
Diff: |
Revision 5 (+1960 -38) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
Change Summary:
Does a better check to see if the server supports web-based login.
Testing Done: |
|
||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Commits: |
|
||||||||||||||||||||||||||||||||||||
Diff: |
Revision 6 (+2038 -38) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
-
-
-
rbtools/utils/web_login.py (Diff revisions 4 - 6) Let's plumb the capabilities object in the command through to here, so we can use
capabilities.has_capability('authentication', 'client_web_login') -
docs/rbtools/rbt/commands/login.rst (Diff revision 6) Too many logins.
Let's say "The login command now directs the user to log in via the Review Board web page, instead of ..."
-
Commits: |
|
|||||||
|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 7 (+2108 -38) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
-
-
rbtools/utils/web_login.py (Diff revisions 6 - 7) Could do:
if capabilities is None: capabilities = Capabilities(server_info.capabilities) return capabilities.has_capability(...)
Commits: |
|
|||||||
|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 8 (+2098 -38) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.
-
-
rbtools/utils/web_login.py (Diff revision 8) This is technically not a Python Standard Library, so it should go in a 3rd-party group.
-
-
rbtools/utils/web_login.py (Diff revision 8) Types should go on the next line, indented 4.
Same below.
-
-
rbtools/utils/web_login.py (Diff revision 8) Let's call this
timeout_time_secs, so it's always clear what the unit is. -
rbtools/utils/web_login.py (Diff revision 8) Let's add a unit of time here as well.
Does it need to be a float?
-
-
-
rbtools/utils/web_login.py (Diff revision 8) I'd rather we avoid a
SystemExithere, since potentially this is being used in a third-party codebase. It'd be better to have a more relevant exception to raise. -
rbtools/utils/web_login.py (Diff revision 8) Same comment as above re: the type being on the next line.
This applies throughout the file.
-
-
-
rbtools/utils/web_login.py (Diff revision 8) This string should use single quotes.
Also noticed that the casing is different than the other headers. Pretty sure these get normalized, but for consistency, maybe we want to use
Content-Typehere. -
rbtools/utils/web_login.py (Diff revision 8) This function doesn't have a return type, so no need for the
return None.
Change Summary:
- Renamed
timeout_timetotimeout_epoch_secsfor less confusion withtimeout_secs. - Addressed the rest of the review feedback.
Commits: |
|
|||||||
|---|---|---|---|---|---|---|---|---|
Diff: |
Revision 9 (+2142 -38) |
Checks run (2 succeeded)
flake8
passed.
JSHint
passed.