Add support for OAuth2 in the web API

 






 

 


  Review Request #9030
  —
  Created June 22, 2017 and submitted 

 


















 

  

   Information

  





 
 

  brennie
 









 
 

  Djblets
 









 
 

  release-0.10.x
 









 
 

  
 









 
 

  
 









 
 

  9072
 









 
 

  537d872...
 






 




 

  

   Reviewers

  





 
 

  djblets
 









 
 

  
 






 








 





  


 
 

  
Djblets now supports OAuth2 authentication in the Web API. Documentation

has been added, in the form of a guide, showing how to enable OAuth2

token access in applications.


This support is added via the django_oauth_toolkit package, which is a

development dependnecy but not a deployment dependency. The OAuth2

features will simply be non-functional if the dependency is not

installed.


Some minor cleanup has been done in the ResourceAPITokenMixin to

help ensure methods from mixins don't override eachother. Additionally,

The WebAPITestCaseMixin was fixed so that additional arguments can be

passed to the underlying client request.


Based on work by: Minh Le Hoang (https://reviews.reviewboard.org/r/7997/)

 








  


 
 

  
    

  • Ran unit tests.
    • 

  • Tested this with an upcoming change for adding OAuth2 token access to
    
  Review Board.
    • 

  • Built the docs and read through them.
    • 


 







 









 





  








 

  
  


   

    

     

     

     

    

   


   

  

 







 
 
 

  

   

    

     
    

    
    
     
  • 
      
     
    • 
     
  • 
      
     
    • 
     
  • 
      
     
    • 
     
  • 
      
     
    • 
     
  • 
      
     
    • 
    

   

   

    
     

      Description
      From
      Last Updated
     

    
    



     

      
       
       
You posted the wrong revision range. The latest diff here includes other changes.

      		
      
       daviddavid
      
      
       
      
     




     

      
       
       
F841 local variable 'old__setattr__' is assigned to but never used

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
E501 line too long (85 > 79 characters)

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W391 blank line at end of file

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
E501 line too long (85 > 79 characters)

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
Is there any reason to not include request in the kwargs in the function?

      		
      
       daviddavid
      
      
       
      
     




     

      
       
       
Would be a little bit nicer as: if (valid and self.verify_request(request, r.access_token, r.user)): return r.user else: return None

      		
      
       daviddavid
      
      
       
      
     




     

      
       
       
I'm on the edge of my seat.

      		
      
       daviddavid
      
      
       
      
     




     

      
       
       
When importing just a single item, continuation is ok.

      		
      
       daviddavid
      
      
       
      
     




     

      
       
       
E501 line too long (85 > 79 characters)

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
E303 too many blank lines (3)

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
F401 'oauth2_provider.models.AccessToken' imported but unused

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
E703 statement ends with a semicolon

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
E703 statement ends with a semicolon

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
E703 statement ends with a semicolon

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W291 trailing whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
W293 blank line contains whitespace

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
Isn't this part of another change?

      		
      
       daviddavid
      
      
       
      
     




     

      
       
       
F401 'djblets.webapi.errors.PERMISSION_DENIED' imported but unused

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
F401 'djblets.webapi.errors.OAUTH_EXPIRED_ERROR' imported but unused

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
F401 'djblets.webapi.errors.NOT_LOGGED_IN' imported but unused

      		
      
       reviewbotreviewbot
      
      
       
      
     




     

      
       
       
Too many blank lines.

      		
      
       daviddavid
      
      
       
      
     




     

      
       
       
E501 line too long (94 > 79 characters)

      		
      
       reviewbotreviewbot
      
      
       
      
     


    
   

  

 







 






  

 



















 




 

  


   

   

    
 
Checks run (1 failed, 1 succeeded)


    
   


  

  

  





 

 flake8
 failed.
 





 

 JSHint
 passed.
 













 
flake8

 


 










  

 





 














 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  








 
Change Summary:

 
flake8 fixups





 



  

   
Diff:

   
    
 Revision 2 (+1240 -25)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
    djblets/webapi/resources/mixins/oauth2_tokens.py 
  8 more
 

   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 



 

  

   




brennie




   

   

  

 



 















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  











 



  

   
Diff:

   
    
 Revision 3 (+1238 -23)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
    djblets/webapi/resources/mixins/oauth2_tokens.py 
  8 more
 

   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 



 

  

   




brennie




   

   

  

 



 















 





 

  

   




david




   

   







  

 



 

  


   

   

    
 
david


    
   


  

  

  



    




  1. 
 
    
  
    
   
    This is looking pretty good to me. Christian should probably give his sign-off too.
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    2. 

















  2. 
 
    
  
  
    
  
 
    
  
    
   
    
    
     
      djblets/webapi/oauth2_scopes.py
      


       (Diff revision 3)


      
     
    
    
       
   
    
     
    

    
     
    

    
     
    

       
  
    
 
    

   
    
    
    




    
 
    
  
  
  

  
  
   Show all issues
  
 
    

    



    
    When importing just a single item,  continuation is ok.
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    3. 




  3. 
 
    
  
    
   
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    4. 




  

 
















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  








 
Change Summary:

 
    

  • Add a mixin for django authentication backends.
    • 

  • Update guide.
    • 

  • Add screenshot of guide.
    • 






 



  

   
Diff:

   
    
 Revision 4 (+1303 -23)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
    djblets/webapi/resources/mixins/oauth2_tokens.py 
  8 more
 

   		
  






  

   
Added Files:

   
    






   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 



 

  

   




brennie




   

   

  

 



 















 





 

  

   




david




   

   







  

 



 

  


   

   

    
 
david


    
   


  

  

  



    




  1. 
 
    
  
    
   
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    2. 

















  2. 
 
    
  
  
    
  
 
    
  
    
   
    
    
     
      djblets/webapi/auth/backends/oauth2_tokens.py
      


       (Diff revisions 3 - 5)


      
     
    
    
       
   
    
     
    

    
     
    

    
     
    

       
  
    
 
    

   
    
    
    




    
 
    
  
  
  

  
  
   Show all issues
  
 
    

    



    
    Is there any reason to not include request in the kwargs in the function?
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    3. 






  3. 
 
    
  
  
    
  
 
    
  
    
   
    
    
     
      djblets/webapi/auth/backends/oauth2_tokens.py
      


       (Diff revisions 3 - 5)


      
     
    
    
       
   
    
     
    

    
     
    

    
     
    

    
     
    

    
     
    

    
     
    

       
  
    
 
    

   
    
    
    




    
 
    
  
  
  

  
  
   Show all issues
  
 
    

    



    
    Would be a little bit nicer as:
    

    

    if (valid and
    self.verify_request(request, r.access_token, r.user)):
    return r.user
else:
    return None

    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    4. 






  4. 
 
    
  
  
    
  
 
    
  
    
   
    
    
     
      djblets/webapi/auth/backends/oauth2_tokens.py
      


       (Diff revisions 3 - 5)


      
     
    
    
       
   
    
     
    

    
     
    

       
  
    
 
    

   
    
    
    




    
 
    
  
  
  

  
  
   Show all issues
  
 
    

    



    
    I'm on the edge of my seat.
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    5. 




  5. 
 
    
  
    
   
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    6. 




  

 
















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  








 
Change Summary:

 
    

  • Addressed David's issues.
    • 

  • Now support token information stored in sessions so we don't need to auth every request.
    • 

  • More unit tests!
    • 






 



  

   
Diff:

   
    
 Revision 6 (+1493 -26)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
    djblets/webapi/resources/mixins/oauth2_tokens.py 
  8 more
 

   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  








 
Change Summary:

 
Remove print statement





 



  

   
Diff:

   
    
 Revision 7 (+1494 -26)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
    djblets/webapi/resources/mixins/oauth2_tokens.py 
  8 more
 

   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  











 



  

   
Diff:

   
    
 Revision 8 (+1493 -26)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
    djblets/webapi/resources/mixins/oauth2_tokens.py 
  8 more
 

   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  








 
Change Summary:

 
Flake8 fixups





 



  

   
Diff:

   
    
 Revision 9 (+1493 -26)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
    djblets/webapi/resources/mixins/oauth2_tokens.py 
  8 more
 

   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 



 

  

   




brennie




   

   

  

 



 















 



 

  

   




brennie




   

   

  

 



 















 





 

  

   




david




   

   







  

 



 

  


   

   

    
 
david


    
   


  

  

  



    




  1. 
 
    
  
    
   
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    2. 

















  2. 
 
    
  
  
    
  
 
    
  
    
   
    
    
     
      djblets/forms/fieldsets.py
      


       (Diff revision 11)


      
     
    
    
       
   
    
     
    

    
     
    

    
     
    

       
  
    
 
    

   
    
    
    




    
 
    
  
  
  

  
  
   Show all issues
  
 
    

    



    
    Isn't this part of another change?
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    3. 




  3. 
 
    
  
    
   
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    4. 




  

 
















 



 

  

   




brennie




   

   

  

 



 















 



 

  

   




brennie




   

   

  

 



 















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  








 
Change Summary:

 
Add new WebAPI errors for OAuth failures.





 



  

   
Diff:

   
    
 Revision 14 (+1543 -26)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/errors.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
  9 more
 

   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 



 

  

   




brennie




   

   

  

 



 















 





 

  

   




david




   

   







  

 



 

  


   

   

    
 
david


    
   


  

  

  



    




  1. 
 
    
  
    
   
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    2. 







  2. 
 
    
  
  
    
  
   
    
    
    




    
 
    
  
  
  

  
  
   Show all issues
  
 
    

    



    
    You posted the wrong revision range. The latest diff here includes other changes.
    
  
    
 
    

 
    
  


    
 
    
 
      

  


    1. 
 
 
      
 
      
  
 
      
 
      
  
      I am a professional.
      
 
      

      2. 


 
    


    

 
    

    3. 













  3. 
 
    
  
    
   
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    4. 




  

 
















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  








 
Change Summary:

 
Post correct revision range





 



  

   
Diff:

   
    
 Revision 16 (+1516 -26)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
    djblets/webapi/resources/mixins/oauth2_tokens.py 
  8 more
 

   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 



 

  

   




brennie




   

   

  

 



 















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  








 
Change Summary:

 
Restore changes I accidentally blew away





 



  

   
Diff:

   
    
 Revision 18 (+1555 -26)
Show changes
 
    dev-requirements.txt 
    djblets/extensions/manager.py 
    djblets/extensions/signals.py 
    djblets/webapi/errors.py 
    djblets/webapi/oauth2_scopes.py 
    djblets/webapi/auth/backends/base.py 
    djblets/webapi/auth/backends/oauth2_tokens.py 
    djblets/webapi/resources/mixins/api_tokens.py 
  9 more
 

   		
  



 









 

  
Checks run (1 failed, 1 succeeded)



  

 flake8
 failed.
 





  

 JSHint
 passed.
 





 







 
flake8

 


 















  

 
















 





 

  

   




david




   

   









  

 



 

  


   

   

    
 
david


    
   


  

  

  



    




  1. 
 
    
  
    
   
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    2. 

















  2. 
 
    
  
  
    
  
 
    
  
    
   
    
    
     
      djblets/webapi/auth/backends/oauth2_tokens.py
      


       (Diff revision 18)


      
     
    
    
       
   
    
     
    

    
     
    

    
     
    

       
  
    
 
    

   
    
    
    




    
 
    
  
  
  

  
  
   Show all issues
  
 
    

    



    
    Too many blank lines.
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    3. 




  3. 
 
    
  
    
   
    
  
    
 
    

 
    
  


    
 
    
 
      

  

 
    


    

 
    

    4. 




  

 
















 



 

  

   




brennie




   

   

  

 



 

  


   

   

    
 Review request changed

    
   


  

  

  






 

  Status:
  

  Closed (submitted)

  
 




 
Change Summary:

 
Pushed to release-0.10.x (4f3a958)





 


 










  

 









     

    

   

  

  

   
   Loading...