Skip to content

fix oauth token access #174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

fix oauth token access #174

wants to merge 1 commit into from

Conversation

deanrock
Copy link

authorization header doesn't have a colon in it's value, requests' auth parameter overrides custom authorization header

(and there was a PEP8 error for line 441)

@deanrock deanrock mentioned this pull request Oct 26, 2016
Closed
@dzervas
Copy link

dzervas commented Oct 27, 2016

I think that this will have problems with HTTP requests apart from GET (have you tested PUT/PUSH/DELETE?) 'cause the authorization header is overwritten by basic auth.

I fixed all these just yesterday (I wish I could see your request earlier...). Have a look #176

@deanrock
Copy link
Author

@dzervas yes, you are correct, I didn't test with other requests :/

can you please fix example: 3164a0b#diff-8a23d682236897c1a2f5bafede722cb3L28 ?

@dzervas
Copy link

dzervas commented Oct 27, 2016

I think that the example should not be fixed, as the private key is not static (and you should give that "feel" in the documentation). It's not doing the whole auth thing (you have to talk with the server to gain the key).

@gpocentek
Copy link
Contributor

@deanrock @dzervas thank you for your patches and comments, really appreciated. I should be able to review and test the changes next week.

gpocentek
gpocentek suggested changes Nov 5, 2016
View reviewed changes
Copy link
Contributor

@gpocentek gpocentek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please see my suggestion inline, I think there's a nicer way to handle both oauth and basic HTTP auth.

Thanks!

gitlab/__init__.py
auth = requests.auth.HTTPBasicAuth(
self.http_username,
self.http_password)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is one thing bothering me here: with oauth token we explicitly define headers, with basic HTTP auth we don't and use a python-requests feature instead. I'd prefer to have the same method for both authentication methods.

Updating the _create_headers method might be the easiest way to achieve consistency. This would also avoid code duplication in the _raw_* methods.

What do you think about this?

@gpocentek
Copy link
Contributor

Hi @deanrock

This MR has not been updated in almost a year so I'm closing it. #357 is a new proposal to support oauth.

Thank you for your time.

@gpocentek gpocentek closed this Nov 4, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gpocentek gpocentek gpocentek requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@deanrock @dzervas @gpocentek