Add API token support to the Djblets web API infrastructure.

Review Request #7475 — Created July 2, 2015 and submitted

Information

Djblets
release-0.9.x
9a80f73...

Reviewers

Review Board 2.5 introduced support for using API tokens for
authentication, but this was limited to Review Board. This change ports
over that logic into Djblets, so that other applications can make use of
the same API token capabilities.

This consists of backends for authentication, mixins for WebAPIResource
subclasses, an abstract model that projects can subclass for storing API
token data, policy validation and enforcement, and a model manager.

There are also unit tests for API token policy validation, plus a new
assertion function for helping test ValidationError messages.

Unit tests for both Djblets and Review Board pass (with the API token code
ripped out of Review Board).

Description From Last Updated

undefined name 'WebAPIToken'

reviewbotreviewbot

Col: 1 W391 blank line at end of file

reviewbotreviewbot

Col: 80 E501 line too long (82 > 79 characters)

reviewbotreviewbot

Col: 80 E501 line too long (82 > 79 characters)

reviewbotreviewbot

Col: 80 E501 line too long (80 > 79 characters)

reviewbotreviewbot

Col: 80 E501 line too long (80 > 79 characters)

reviewbotreviewbot

The key that gets passed in to sha1 needs to be bytes, not unicode. I'd suggest assembling the key and …

daviddavid

Add a period at the end?

daviddavid

Can we swap the single and double quotes in this string?

daviddavid

Same here?

daviddavid

Same here?

daviddavid

And here?

daviddavid

And here?

daviddavid

And here? I see more below but I'm not going to add comments for them.

daviddavid

Docstring?

daviddavid

This should probably be self.api_token_model.DoesNotExist.

brenniebrennie

You don't need pass with a docstring.

brenniebrennie

if not policy ?

brenniebrennie

I think this should use six.string_types instead of basestring.

daviddavid

'ObjectDoesNotExist' imported but unused

reviewbotreviewbot
reviewbot
  1. Tool: Pyflakes
    Processed Files:
        djblets/webapi/auth/backends/api_tokens.py
        djblets/webapi/resources/mixins/api_tokens.py
        djblets/webapi/errors.py
        djblets/webapi/models.py
        djblets/webapi/tests/test_api_policy.py
        djblets/webapi/managers.py
    
    Ignored Files:
        djblets/webapi/resources/mixins/__init__.py
        docs/djblets/coderef/index.rst
    
    
    
    Tool: PEP8 Style Checker
    Processed Files:
        djblets/webapi/auth/backends/api_tokens.py
        djblets/webapi/resources/mixins/api_tokens.py
        djblets/webapi/errors.py
        djblets/webapi/models.py
        djblets/webapi/tests/test_api_policy.py
        djblets/webapi/managers.py
    
    Ignored Files:
        djblets/webapi/resources/mixins/__init__.py
        docs/djblets/coderef/index.rst
    
    
  2.  undefined name 'WebAPIToken'
    
  3. Col: 1
     W391 blank line at end of file
    
  4. djblets/webapi/tests/test_api_policy.py (Diff revision 1)
     
     
    Col: 80
     E501 line too long (82 > 79 characters)
    
  5. djblets/webapi/tests/test_api_policy.py (Diff revision 1)
     
     
    Col: 80
     E501 line too long (82 > 79 characters)
    
  6. djblets/webapi/tests/test_api_policy.py (Diff revision 1)
     
     
    Col: 80
     E501 line too long (80 > 79 characters)
    
  7. djblets/webapi/tests/test_api_policy.py (Diff revision 1)
     
     
    Col: 80
     E501 line too long (80 > 79 characters)
    
  8. 
      
chipx86
reviewbot
  1. Tool: PEP8 Style Checker
    Processed Files:
        djblets/webapi/auth/backends/api_tokens.py
        djblets/webapi/resources/mixins/api_tokens.py
        djblets/webapi/errors.py
        djblets/webapi/models.py
        djblets/webapi/tests/test_api_policy.py
        djblets/webapi/managers.py
    
    Ignored Files:
        djblets/webapi/resources/mixins/__init__.py
        docs/djblets/coderef/index.rst
    
    
    
    Tool: Pyflakes
    Processed Files:
        djblets/webapi/auth/backends/api_tokens.py
        djblets/webapi/resources/mixins/api_tokens.py
        djblets/webapi/errors.py
        djblets/webapi/models.py
        djblets/webapi/tests/test_api_policy.py
        djblets/webapi/managers.py
    
    Ignored Files:
        djblets/webapi/resources/mixins/__init__.py
        docs/djblets/coderef/index.rst
    
    
  2. 
      
david
  1. 
      
  2. djblets/webapi/managers.py (Diff revision 2)
     
     
     

    The key that gets passed in to sha1 needs to be bytes, not unicode. I'd suggest assembling the key and then calling .encode('utf-8').

    1. This code is all directly copied from Review Board, and seems to be working?

    2. >>> hashlib.sha1(u'abc').hexdigest()
      'a9993e364706816aba3e25717850c26c9cd0d89d'
      
      >>> hashlib.sha1('abc').hexdigest()
      'a9993e364706816aba3e25717850c26c9cd0d89d'
      
    3. I think that's because Python 2 will coerce it. Python 3 won't.

  3. djblets/webapi/managers.py (Diff revision 2)
     
     

    Add a period at the end?

  4. djblets/webapi/models.py (Diff revision 2)
     
     

    Can we swap the single and double quotes in this string?

  5. djblets/webapi/models.py (Diff revision 2)
     
     

    Same here?

  6. djblets/webapi/models.py (Diff revision 2)
     
     

    Same here?

  7. djblets/webapi/models.py (Diff revision 2)
     
     

    And here?

  8. djblets/webapi/models.py (Diff revision 2)
     
     

    And here?

  9. djblets/webapi/models.py (Diff revision 2)
     
     

    And here?

    I see more below but I'm not going to add comments for them.

  10. 
      
chipx86
reviewbot
  1. Tool: Pyflakes
    Processed Files:
        djblets/webapi/auth/backends/api_tokens.py
        djblets/webapi/resources/mixins/api_tokens.py
        djblets/webapi/tests/test_api_policy.py
        djblets/testing/testcases.py
        djblets/webapi/models.py
        djblets/webapi/errors.py
        djblets/webapi/managers.py
    
    Ignored Files:
        djblets/webapi/resources/mixins/__init__.py
        docs/djblets/coderef/index.rst
    
    
    
    Tool: PEP8 Style Checker
    Processed Files:
        djblets/webapi/auth/backends/api_tokens.py
        djblets/webapi/resources/mixins/api_tokens.py
        djblets/webapi/tests/test_api_policy.py
        djblets/testing/testcases.py
        djblets/webapi/models.py
        djblets/webapi/errors.py
        djblets/webapi/managers.py
    
    Ignored Files:
        djblets/webapi/resources/mixins/__init__.py
        docs/djblets/coderef/index.rst
    
    
  2. 
      
brennie
  1. 
      
  2. This should probably be self.api_token_model.DoesNotExist.

  3. djblets/webapi/errors.py (Diff revision 3)
     
     

    You don't need pass with a docstring.

  4. djblets/webapi/models.py (Diff revision 3)
     
     

    if not policy ?

  5. 
      
chipx86
reviewbot
  1. Tool: Pyflakes
    Processed Files:
        djblets/webapi/auth/backends/api_tokens.py
        djblets/webapi/resources/mixins/api_tokens.py
        djblets/webapi/tests/test_api_policy.py
        djblets/testing/testcases.py
        djblets/webapi/models.py
        djblets/webapi/errors.py
        djblets/webapi/managers.py
    
    Ignored Files:
        djblets/webapi/resources/mixins/__init__.py
        docs/djblets/coderef/index.rst
    
    
    
    Tool: PEP8 Style Checker
    Processed Files:
        djblets/webapi/auth/backends/api_tokens.py
        djblets/webapi/resources/mixins/api_tokens.py
        djblets/webapi/tests/test_api_policy.py
        djblets/testing/testcases.py
        djblets/webapi/models.py
        djblets/webapi/errors.py
        djblets/webapi/managers.py
    
    Ignored Files:
        djblets/webapi/resources/mixins/__init__.py
        docs/djblets/coderef/index.rst
    
    
  2.  'ObjectDoesNotExist' imported but unused
    
  3. 
      
david
  1. 
      
  2. djblets/testing/testcases.py (Diff revision 4)
     
     

    I think this should use six.string_types instead of basestring.

  3. 
      
chipx86
Review request changed

Status: Closed (submitted)

Change Summary:

Pushed to release-0.9.x (8cc58e8)
Loading...