flake8
-
rbtools/utils/web_login_server.py (Diff revision 1)
Review Request #12981 — Created May 5, 2023 and submitted
This adds web-based logon for to RBTools. This allows users of RBTools to
authenticate to the Review Board server via a web browser. This is useful for
users who authenticate to Review Board using SSO or similar methods, and would
like to use those methods to authenticate to RBTools. To do this we spin up a
local server which redirects to Review Board's login page and then receives
an API token from the Review Board server to authenticate with.
-o
flag).client_web_login
serverSummary | ID |
---|---|
2182d1057713651347ffa618c02240d58d179eb7 |
Description | From | Last Updated |
---|---|---|
There's one design consideration we should figure out. This all works great for the case of rbt commands, but RBTools … |
chipx86 | |
I'm not sure of how I should add unit tests for this request handler. I'm not sure how to mock … |
maubin | |
line too long (80 > 79 characters) Column: 80 Error code: E501 |
reviewbot | |
): should be on the next line. Can you update this to specify types while here? |
chipx86 | |
Let's require keyword arguments here. Helps with letting us add/rearrange arguments as we go without breaking API. |
chipx86 | |
These are missing documentation. |
chipx86 | |
, optional |
chipx86 | |
I think we should use the same user agent we use for API requests (defined in api/request.py), so we can … |
chipx86 | |
Let's make these keyword-only. Same with ones below. |
chipx86 | |
Version Added will show as part of the description, so this will need to be above Args. |
chipx86 | |
For logging statements, we should avoid f-strings and instead pass parameters to the logging function. These get tracked separately, allowing … |
chipx86 | |
Blank line between statements and blocks. |
chipx86 | |
Since we're repeating this block of code, we should have a standard function somewhere for opening pages in a browser. |
chipx86 | |
This should go before Returns. |
chipx86 | |
Can we use constants to define this range? Even if just as arguments to this function. That'll help document them … |
chipx86 | |
Hmm. Instead of "traditional", maybe "console" or "terminal"? |
david | |
I think I'd prefer to revert this change. |
david | |
Type here doesn't match the type hint. |
david | |
Typo: loggin -> logging |
david | |
Let's plumb the capabilities object in the command through to here, so we can use capabilities.has_capability('authentication', 'client_web_login') |
david | |
Too many logins. Let's say "The login command now directs the user to log in via the Review Board web … |
david | |
And here. |
david | |
Could do: if capabilities is None: capabilities = Capabilities(server_info.capabilities) return capabilities.has_capability(...) |
david | |
This is technically not a Python Standard Library, so it should go in a 3rd-party group. |
chipx86 | |
"shut down" |
chipx86 | |
Types should go on the next line, indented 4. Same below. |
chipx86 | |
Summary must be a single line. Same with ones below. |
chipx86 | |
Let's call this timeout_time_secs, so it's always clear what the unit is. |
chipx86 | |
Let's add a unit of time here as well. Does it need to be a float? |
chipx86 | |
We should just use the local variables here. |
chipx86 | |
Both of these should be , optional. |
chipx86 | |
I'd rather we avoid a SystemExit here, since potentially this is being used in a third-party codebase. It'd be better … |
chipx86 | |
Same comment as above re: the type being on the next line. This applies throughout the file. |
chipx86 | |
Missing docs for this. |
chipx86 | |
There's an extra blank line here. |
chipx86 | |
This string should use single quotes. Also noticed that the casing is different than the other headers. Pretty sure these … |
chipx86 | |
This function doesn't have a return type, so no need for the return None. |
chipx86 |
rbtools/utils/web_login_server.py (Diff revision 1) |
---|
I'm not sure of how I should add unit tests for this request handler. I'm not sure how to mock an
HTTPServer
in order to test things, or if I should just run a server on localhost:8000 or something during the tests.
Summary: |
|
|||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Description: |
|
|||||||||||||||||||||||||||||||||
Testing Done: |
|
|||||||||||||||||||||||||||||||||
Commits: |
|
|||||||||||||||||||||||||||||||||
Branch: |
|
|||||||||||||||||||||||||||||||||
Depends On: |
|
|||||||||||||||||||||||||||||||||
Diff: |
Revision 2 (+1376 -22) |
There's one design consideration we should figure out. This all works great for the case of
rbt
commands, but RBTools can also be consumed via services that may need to talk to multiple Review Board servers (in theory) and may or may not be multi-threaded.Right now, the web server and its state are global, so the first login to a server wins. There's also only one server that can run at a time. And we have to block on response.
I think an alternative approach could provide wider compatibility with different use cases:
Have a class that manages all this state and the server.
WebLoginManager
or something. This would contain the functionality for creating a server, starting it, and querying successful login.Allow this to take a callback function for when login is successful, which is called immediately after setting
self.login_successful
.Add a
wait_successful()
method or something that can do the blocking loop waiting for success/fail (you'll probably want atime.sleep(0.1)
to avoid high-CPU usage), making it easy to use for therbt
case.Introduce timeouts. This should probably be on
WebLoginManager
. After a certain amount of time, the server shuts down and any blocking operations give up. This avoids the situation where a background process outputs a URL and just stalls for ever, and covers the blocking loop and async results usages.This would allow for multiple (even concurrent) web login processes, and avoid global state to avoid threading issues. It'd also give async processes a way to wait for successful login/timeout (important for UI processes, such as possible IDE integrations)
rbtools/utils/users.py (Diff revision 2) |
---|
):
should be on the next line.Can you update this to specify types while here?
rbtools/utils/web_login_server.py (Diff revision 2) |
---|
Let's require keyword arguments here. Helps with letting us add/rearrange arguments as we go without breaking API.
rbtools/utils/web_login_server.py (Diff revision 2) |
---|
I think we should use the same user agent we use for API requests (defined in
api/request.py
), so we can more easily trace user agent activity in logs.
rbtools/utils/web_login_server.py (Diff revision 2) |
---|
Let's make these keyword-only. Same with ones below.
rbtools/utils/web_login_server.py (Diff revision 2) |
---|
Version Added
will show as part of the description, so this will need to be aboveArgs
.
rbtools/utils/web_login_server.py (Diff revision 2) |
---|
For logging statements, we should avoid f-strings and instead pass parameters to the logging function. These get tracked separately, allowing the message and the arguments to be pulled out separately by logging implementations.
Same elsewhere.
rbtools/utils/web_login_server.py (Diff revision 2) |
---|
Since we're repeating this block of code, we should have a standard function somewhere for opening pages in a browser.
rbtools/utils/web_login_server.py (Diff revision 2) |
---|
Can we use constants to define this range? Even if just as arguments to this function. That'll help document them a bit better.
Testing Done: |
|
|||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Commits: |
|
|||||||||||||||||||||||||||
Depends On: |
|
|||||||||||||||||||||||||||
Diff: |
Revision 3 (+1894 -26) |
rbtools/commands/login.py (Diff revision 3) |
---|
Hmm. Instead of "traditional", maybe "console" or "terminal"?
Commits: |
|
|||||||
---|---|---|---|---|---|---|---|---|
Diff: |
Revision 4 (+1892 -24) |
Testing Done: |
|
|||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Commits: |
|
|||||||||||||||||||||||||||
Diff: |
Revision 5 (+1960 -38) |
Does a better check to see if the server supports web-based login.
Testing Done: |
|
||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Commits: |
|
||||||||||||||||||||||||||||||||||||
Diff: |
Revision 6 (+2038 -38) |
rbtools/utils/web_login.py (Diff revisions 4 - 6) |
---|
Let's plumb the capabilities object in the command through to here, so we can use
capabilities.has_capability('authentication', 'client_web_login')
docs/rbtools/rbt/commands/login.rst (Diff revision 6) |
---|
Too many logins.
Let's say "The login command now directs the user to log in via the Review Board web page, instead of ..."
Commits: |
|
|||||||
---|---|---|---|---|---|---|---|---|
Diff: |
Revision 7 (+2108 -38) |
rbtools/utils/web_login.py (Diff revisions 6 - 7) |
---|
Could do:
if capabilities is None: capabilities = Capabilities(server_info.capabilities) return capabilities.has_capability(...)
Commits: |
|
|||||||
---|---|---|---|---|---|---|---|---|
Diff: |
Revision 8 (+2098 -38) |
rbtools/utils/web_login.py (Diff revision 8) |
---|
This is technically not a Python Standard Library, so it should go in a 3rd-party group.
rbtools/utils/web_login.py (Diff revision 8) |
---|
Types should go on the next line, indented 4.
Same below.
rbtools/utils/web_login.py (Diff revision 8) |
---|
Let's call this
timeout_time_secs
, so it's always clear what the unit is.
rbtools/utils/web_login.py (Diff revision 8) |
---|
Let's add a unit of time here as well.
Does it need to be a float?
rbtools/utils/web_login.py (Diff revision 8) |
---|
I'd rather we avoid a
SystemExit
here, since potentially this is being used in a third-party codebase. It'd be better to have a more relevant exception to raise.
rbtools/utils/web_login.py (Diff revision 8) |
---|
Same comment as above re: the type being on the next line.
This applies throughout the file.
rbtools/utils/web_login.py (Diff revision 8) |
---|
This string should use single quotes.
Also noticed that the casing is different than the other headers. Pretty sure these get normalized, but for consistency, maybe we want to use
Content-Type
here.
rbtools/utils/web_login.py (Diff revision 8) |
---|
This function doesn't have a return type, so no need for the
return None
.
timeout_time
to timeout_epoch_secs
for less confusion with timeout_secs
.Commits: |
|
|||||||
---|---|---|---|---|---|---|---|---|
Diff: |
Revision 9 (+2142 -38) |