Skip to content

Credential-based login is broken after removal of /session endpoint #380

New issue
New issue
Closed
Closed
Credential-based login is broken after removal of /session endpoint#380
Labels
docs
@GhostLyrics

Description

@GhostLyrics
GhostLyrics
opened on Nov 24, 2017

Remove Session API now that private tokens are removed from user API endpoints.

/api/v4/session has been removed and it is currently not possible to log in via email/password combination. [Deprecation notice, Changelog]

I use this to completely automate testing (e.g. create a GitLab instance, set a password for root, run some tests, tear everything down).

wget http://gitlab/api/v4/session
--2017-11-23 23:06:57--  http://gitlab/api/v4/session
Resolving gitlab (gitlab)... 192.168.34.151, 192.168.34.151
Connecting to gitlab (gitlab)|192.168.34.151|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2017-11-23 23:06:57 ERROR 404: Not Found.

import gitlab
s = gitlab.Gitlab('http://localhost',email='root',password='some_test_password',api_version=4)
s.auth()

Traceback (most recent call last):
  File "<input>", line 1, in <module>
    s.auth()
  File "/Users/ghostlyrics/.pyenv/versions/3.5.3/lib/python3.5/site-packages/gitlab/__init__
.py", line 197, in auth
    self._credentials_auth()
  File "/Users/ghostlyrics/.pyenv/versions/3.5.3/lib/python3.5/site-packages/gitlab/__init__
.py", line 216, in _credentials_auth
    r = self.http_post('/session', data)
  File "/Users/ghostlyrics/.pyenv/versions/3.5.3/lib/python3.5/site-packages/gitlab/__init__
.py", line 806, in http_post
    post_data=post_data, files=files, **kwargs)
  File "/Users/ghostlyrics/.pyenv/versions/3.5.3/lib/python3.5/site-packages/gitlab/__init__
.py", line 713, in http_request
    response_body=result.content)
gitlab.exceptions.GitlabHttpError: 404: b'{"error":"404 Not Found"}'

self = <gitlab.Gitlab object at 0x7f28dfd66da0>, verb = 'post', path = '/session', query_data = {'email': 'root', 'password': 'some_test_password'}, post_data = {}, streamed = False
files = None, kwargs = {}, sanitized_url = <function Gitlab.http_request.<locals>.sanitized_url at 0x7f28e17879d8>, url = 'http://localhost/api/v4/session'
params = {'email': 'root', 'password': 'some_test_password'}, opts = {'auth': None, 'headers': {'Content-type': 'application/json'}}, verify = True, timeout = None, req = <Request [post]>

    def http_request(self, verb, path, query_data={}, post_data={},
                     streamed=False, files=None, **kwargs):
        """Make an HTTP request to the Gitlab server.

            Args:
                verb (str): The HTTP method to call ('get', 'post', 'put',
                            'delete')
                path (str): Path or full URL to query ('/projects' or
                            'http://whatever/v4/api/projecs')
                query_data (dict): Data to send as query parameters
                post_data (dict): Data to send in the body (will be converted to
                                  json)
                streamed (bool): Whether the data should be streamed
                **kwargs: Extra data to make the query (e.g. sudo, per_page, page)

            Returns:
                A requests result object.

            Raises:
                GitlabHttpError: When the return code is not 2xx
            """

        def sanitized_url(url):
            parsed = six.moves.urllib.parse.urlparse(url)
            new_path = parsed.path.replace('.', '%2E')
            return parsed._replace(path=new_path).geturl()

        url = self._build_url(path)
        params = query_data.copy()
        params.update(kwargs)
        opts = self._get_session_opts(content_type='application/json')

        # don't set the content-type header when uploading files
        if files is not None:
            del opts["headers"]["Content-type"]

        verify = opts.pop('verify')
        timeout = opts.pop('timeout')

        # Requests assumes that `.` should not be encoded as %2E and will make
        # changes to urls using this encoding. Using a prepped request we can
        # get the desired behavior.
        # The Requests behavior is right but it seems that web servers don't
        # always agree with this decision (this is the case with a default
        # gitlab installation)
        req = requests.Request(verb, url, json=post_data, params=params,
                               files=files, **opts)
        prepped = self.session.prepare_request(req)
        prepped.url = sanitized_url(prepped.url)
        result = self.session.send(prepped, stream=streamed, verify=verify,
                                   timeout=timeout)

        if 200 <= result.status_code < 300:
            return result

        try:
            error_message = result.json()['message']
        except (KeyError, ValueError, TypeError):
            error_message = result.content

        if result.status_code == 401:
            raise GitlabAuthenticationError(response_code=result.status_code,
                                            error_message=error_message,
                                            response_body=result.content)

        raise GitlabHttpError(response_code=result.status_code,
                              error_message=error_message,
>                             response_body=result.content)
E       gitlab.exceptions.GitlabHttpError: 404: b'{"error":"404 Not Found"}'

Metadata

Metadata

Assignees

No one assigned

    Labels

    docs

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions