Add support for OAuth2 in the web API

Review Request #9030 - Created June 23, 2017 and submitted

Barret Rennie
Djblets
release-0.10.x
9072
537d872...
djblets

Djblets now supports OAuth2 authentication in the Web API. Documentation
has been added, in the form of a guide, showing how to enable OAuth2
token access in applications.

This support is added via the django_oauth_toolkit package, which is a
development dependnecy but not a deployment dependency. The OAuth2
features will simply be non-functional if the dependency is not
installed.

Some minor cleanup has been done in the ResourceAPITokenMixin to
help ensure methods from mixins don't override eachother. Additionally,
The WebAPITestCaseMixin was fixed so that additional arguments can be
passed to the underlying client request.

Based on work by: Minh Le Hoang (https://reviews.reviewboard.org/r/7997/)

  • Ran unit tests.
  • Tested this with an upcoming change for adding OAuth2 token access to
    Review Board.
  • Built the docs and read through them.
Loading file attachments...

  • 0
  • 0
  • 60
  • 0
  • 60
Description From Last Updated
Checks run (1 failed, 1 succeeded)
flake8 failed.
JSHint passed.

flake8

Barret Rennie
Review request changed
Barret Rennie
Barret Rennie
Review request changed
Barret Rennie
David Trowbridge
  1. This is looking pretty good to me. Christian should probably give his sign-off too.

  2. djblets/webapi/oauth2_scopes.py (Diff revision 3)
     
     
     

    When importing just a single item, continuation is ok.

  3. 
      
Barret Rennie
Review request changed

Change Summary:

  • Add a mixin for django authentication backends.
  • Update guide.
  • Add screenshot of guide.

Diff:

Revision 4 (+1303 -23)

Show changes

Added Files:

Checks run (1 failed, 1 succeeded)

flake8 failed.
JSHint passed.

flake8

Barret Rennie
David Trowbridge
  1. 
      
  2. djblets/webapi/auth/backends/oauth2_tokens.py (Diff revisions 3 - 5)
     
     
     

    Is there any reason to not include request in the kwargs in the function?

  3. djblets/webapi/auth/backends/oauth2_tokens.py (Diff revisions 3 - 5)
     
     
     
     
     
     

    Would be a little bit nicer as:

    if (valid and
        self.verify_request(request, r.access_token, r.user)):
        return r.user
    else:
        return None
    
  4. djblets/webapi/auth/backends/oauth2_tokens.py (Diff revisions 3 - 5)
     
     

    I'm on the edge of my seat.

  5. 
      
Barret Rennie
Review request changed

Checks run (1 failed, 1 succeeded)

flake8 failed.
JSHint passed.

flake8

Barret Rennie
Review request changed

Checks run (1 failed, 1 succeeded)

flake8 failed.
JSHint passed.

flake8

Barret Rennie
Review request changed

Checks run (1 failed, 1 succeeded)

flake8 failed.
JSHint passed.

flake8

Barret Rennie
Review request changed

Checks run (1 failed, 1 succeeded)

flake8 failed.
JSHint passed.

flake8

Barret Rennie
Barret Rennie
David Trowbridge
  1. 
      
  2. djblets/forms/fieldsets.py (Diff revision 11)
     
     
     

    Isn't this part of another change?

  3. 
      
Barret Rennie
Barret Rennie
Barret Rennie
Review request changed

Checks run (1 failed, 1 succeeded)

flake8 failed.
JSHint passed.

flake8

Barret Rennie
David Trowbridge
  1. 
      
  2. You posted the wrong revision range. The latest diff here includes other changes.

  3. 
      
Barret Rennie
Review request changed
Barret Rennie
Barret Rennie
Review request changed

Checks run (1 failed, 1 succeeded)

flake8 failed.
JSHint passed.

flake8

David Trowbridge
  1. 
      
  2. djblets/webapi/auth/backends/oauth2_tokens.py (Diff revision 18)
     
     
     

    Too many blank lines.

  3. 
      
Barret Rennie
Review request changed

Status: Closed (submitted)

Change Summary:

Pushed to release-0.10.x (4f3a958)
Loading...