Added a management command for resetting GitHub auth tokens.

Review Request #5684 — Created April 8, 2014 and submitted

Information

Review Board
release-1.7.x
e884a43...

Reviewers

With the new Heartbleed vulnerability in the wild, GitHub recommends
resetting all authentication tokens, just to be sure. This change
introduces a management command that makes that somewhat easy.

This command will loop through all GitHub accounts that are linked to
Review Board, resetting their tokens and replacing them new, valid
tokens.

If using a registered GitHub OAuth app for Review Board, then the resets
won't require any credentials. However, for personal tokens (which is
the standard case), it will require a password, and possibly a
two-factor auth token.

Reset a valid working personal OAuth token.

Reset an OAuth token I had locally that had no corresponding entry on GitHub. Saw it create a valid entry.

Reset an OAuth token backed by a registered OAuth app.

In each case, I verified the token payload contents and verified that I could fetch files from GitHub in the diff viewer.

Tested the --yes and --local-sites options.

Unit tests pass.

Description From Last Updated

This should be marked for localization.

daviddavid

l10n.

daviddavid

l10n.

daviddavid

l10n.

daviddavid

This should be self.stdout.write. Also, l10n.

daviddavid

l10n.

daviddavid

The break doesn't do anything here.

daviddavid
david
  1. 
      
  2. reviewboard/hostingsvcs/github.py (Diff revision 1)
     
     

    Make sure you change these to use the 'as' syntax when you merge to release-2.0.x/master.

    1. Yep. Actually wrote this on 2.0, and then cherry-picked and changed everything for 1.7.

    2. Care to post the 2.0 version?

  3. Make sure that you do relevant unicode bits when merging this to release-2.0.x/master.

  4. Show all issues

    This should be marked for localization.

  5. Show all issues

    l10n.

  6. Show all issues

    l10n.

  7. Make sure to do the six input stuff here when you merge.

  8. Show all issues

    l10n.

  9. Show all issues

    This should be self.stdout.write. Also, l10n.

  10. Show all issues

    l10n.

  11. Show all issues

    The break doesn't do anything here.

  12. 
      
chipx86
david
  1. Ship It!

  2. 
      
chipx86
Review request changed
Status:
Completed