Add API token support to the Djblets web API infrastructure.
Review Request #7475 — Created July 2, 2015 and submitted
Review Board 2.5 introduced support for using API tokens for
authentication, but this was limited to Review Board. This change ports
over that logic into Djblets, so that other applications can make use of
the same API token capabilities.This consists of backends for authentication, mixins for WebAPIResource
subclasses, an abstract model that projects can subclass for storing API
token data, policy validation and enforcement, and a model manager.There are also unit tests for API token policy validation, plus a new
assertion function for helping testValidationErrormessages.
Unit tests for both Djblets and Review Board pass (with the API token code
ripped out of Review Board).
| Description | From | Last Updated |
|---|---|---|
|
undefined name 'WebAPIToken' |
 reviewbot
|
|
|
Col: 1 W391 blank line at end of file |
reviewbot
|
|
|
Col: 80 E501 line too long (82 > 79 characters) |
reviewbot
|
|
|
Col: 80 E501 line too long (82 > 79 characters) |
reviewbot
|
|
|
Col: 80 E501 line too long (80 > 79 characters) |
reviewbot
|
|
|
Col: 80 E501 line too long (80 > 79 characters) |
reviewbot
|
|
|
The key that gets passed in to sha1 needs to be bytes, not unicode. I'd suggest assembling the key and … |
 david
|
|
|
Add a period at the end? |
david
|
|
|
Can we swap the single and double quotes in this string? |
david
|
|
|
Same here? |
david
|
|
|
Same here? |
david
|
|
|
And here? |
david
|
|
|
And here? |
david
|
|
|
And here? I see more below but I'm not going to add comments for them. |
david
|
|
|
Docstring? |
david
|
|
|
This should probably be self.api_token_model.DoesNotExist. |
 brennie
|
|
|
You don't need pass with a docstring. |
brennie
|
|
|
if not policy ? |
brennie
|
|
|
I think this should use six.string_types instead of basestring. |
david
|
|
|
'ObjectDoesNotExist' imported but unused |
reviewbot
|
- Change Summary:
-
Fixd the PyFlakes complaints.
- Commit:
-
a398b4137b1491d41b296cea224952cb0ce726ac4ca5ef343281357c6d4874668571b14c4f141f99
- Diff:
-
Revision 2 (+1212)
-
Tool: PEP8 Style Checker Processed Files: djblets/webapi/auth/backends/api_tokens.py djblets/webapi/resources/mixins/api_tokens.py djblets/webapi/errors.py djblets/webapi/models.py djblets/webapi/tests/test_api_policy.py djblets/webapi/managers.py Ignored Files: djblets/webapi/resources/mixins/__init__.py docs/djblets/coderef/index.rst Tool: Pyflakes Processed Files: djblets/webapi/auth/backends/api_tokens.py djblets/webapi/resources/mixins/api_tokens.py djblets/webapi/errors.py djblets/webapi/models.py djblets/webapi/tests/test_api_policy.py djblets/webapi/managers.py Ignored Files: djblets/webapi/resources/mixins/__init__.py docs/djblets/coderef/index.rst
- Change Summary:
-
- Encoded the raw API token to a UTF-8 string.
- Swapped quotes in the validation errors to show double quotes in the error message.
- Added a docstring to
call_method_view. - Added an
assertRaisesValidationErrorthat helps to sanely compare a given string to that of aValidationError.
- Description:
-
Review Board 2.5 introduced support for using API tokens for
authentication, but this was limited to Review Board. This change ports over that logic into Djblets, so that other applications can make use of the same API token capabilities. This consists of backends for authentication, mixins for WebAPIResource
subclasses, an abstract model that projects can subclass for storing API token data, policy validation and enforcement, and a model manager. ~ There are also unit tests for API token policy validation.
~ There are also unit tests for API token policy validation, plus a new
+ assertion function for helping test ValidationErrormessages. - Commit:
-
4ca5ef343281357c6d4874668571b14c4f141f9934a8ea628a3ef888be97db40b3a77075a33471f3
- Diff:
-
Revision 3 (+1231)
-
Tool: Pyflakes Processed Files: djblets/webapi/auth/backends/api_tokens.py djblets/webapi/resources/mixins/api_tokens.py djblets/webapi/tests/test_api_policy.py djblets/testing/testcases.py djblets/webapi/models.py djblets/webapi/errors.py djblets/webapi/managers.py Ignored Files: djblets/webapi/resources/mixins/__init__.py docs/djblets/coderef/index.rst Tool: PEP8 Style Checker Processed Files: djblets/webapi/auth/backends/api_tokens.py djblets/webapi/resources/mixins/api_tokens.py djblets/webapi/tests/test_api_policy.py djblets/testing/testcases.py djblets/webapi/models.py djblets/webapi/errors.py djblets/webapi/managers.py Ignored Files: djblets/webapi/resources/mixins/__init__.py docs/djblets/coderef/index.rst
- Commit:
-
34a8ea628a3ef888be97db40b3a77075a33471f39a80f7384ec8a319e4591f6d0ba95644a271b00b
- Diff:
-
Revision 4 (+1230)
-
Tool: Pyflakes Processed Files: djblets/webapi/auth/backends/api_tokens.py djblets/webapi/resources/mixins/api_tokens.py djblets/webapi/tests/test_api_policy.py djblets/testing/testcases.py djblets/webapi/models.py djblets/webapi/errors.py djblets/webapi/managers.py Ignored Files: djblets/webapi/resources/mixins/__init__.py docs/djblets/coderef/index.rst Tool: PEP8 Style Checker Processed Files: djblets/webapi/auth/backends/api_tokens.py djblets/webapi/resources/mixins/api_tokens.py djblets/webapi/tests/test_api_policy.py djblets/testing/testcases.py djblets/webapi/models.py djblets/webapi/errors.py djblets/webapi/managers.py Ignored Files: djblets/webapi/resources/mixins/__init__.py docs/djblets/coderef/index.rst -
Tool: Pyflakes Processed Files: djblets/webapi/auth/backends/api_tokens.py djblets/webapi/resources/mixins/api_tokens.py djblets/webapi/errors.py djblets/webapi/models.py djblets/webapi/tests/test_api_policy.py djblets/webapi/managers.py Ignored Files: djblets/webapi/resources/mixins/__init__.py docs/djblets/coderef/index.rst Tool: PEP8 Style Checker Processed Files: djblets/webapi/auth/backends/api_tokens.py djblets/webapi/resources/mixins/api_tokens.py djblets/webapi/errors.py djblets/webapi/models.py djblets/webapi/tests/test_api_policy.py djblets/webapi/managers.py Ignored Files: djblets/webapi/resources/mixins/__init__.py docs/djblets/coderef/index.rst