New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Bugzilla API keys (pending support in python-bugzilla) #238
Conversation
Agreed. Any idea if python-bugzilla supports this yet? |
I think so - see the link. Assuming "token" and "API key" are the same (see python-bugzilla/python-bugzilla#5) |
+1 |
@ralphbean I've put in a PR for python-bugzilla at python-bugzilla/python-bugzilla#5 As far as using that from bugwarrior, currently it'd have to be configured as
with bugwarrior configured to pass that along to Which would you prefer that I implement? |
Seems like each auth model has it's pros and cons. One only persists temporary keys (good for security) but presumably requires interactive authentication (bad for the server). The other uses long-term keys (ok if you have a secret management system). I would think we'd be happy to support either/or/both. |
Look, ma, now I'm a pull request! I've added support for api keys in python-bugzilla/python-bugzilla#5, although it is not in a released version yet. Still, I tested this with a temporary install of the latest git master and it worked OK both with password and api key auth. Once a new release is made, I would propose requiring that version in |
I just got word from @crobinso that he'll cut a new release of python-bugzilla in a few weeks, at which point we can depend on that version. |
(rebased onto latest develop) |
7db477e
to
322c984
Compare
(rebased again, and a requirement for the newly-released python-bugzilla>=2.1.0 added) ready for review and merging, I think! |
bugwarrior/services/bz.py
Outdated
except TypeError: | ||
raise Exception("This version of python-bugzilla does not support api keys") | ||
else: | ||
password = self.config.get('password', self.username) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't this still be self.get_password
?
bugwarrior/services/bz.py
Outdated
if 'username' not in service_config: | ||
die("[%s] has no 'bugzilla.username'" % (target,)) | ||
if not ('password' in service_config or 'api_key' in service_config): | ||
die("[%s] has no 'bugzilla.password' or 'bugzilla.api_key'" % (target,)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The keys
variable appears to be unused. My preference would be to stick with the loop where it works since that makes modifications to the required configuration values easy:
req = ['username', 'base_uri']
for option in req:
if option not in service_config:
die("[%s] has no 'bugzilla.%s'" % (target, option))
if not ('password' in service_config or 'api_key' in service_config):
die("[%s] has no 'bugzilla.password' or 'bugzilla.api_key'" % (target,))
setup.py
Outdated
@@ -47,7 +47,7 @@ | |||
activecollab=["pypandoc", "pyac>=0.1.5"], | |||
bts=["PySimpleSOAP","python-debianbts>=2.6.1"], | |||
trac=["offtrac"], | |||
bugzilla=["python-bugzilla"], | |||
bugzilla=["python-bugzilla>=2.1.0"], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we have to add this constraint? Couldn't one continue using password authentication with older versions?
By the way, thanks for persisting with this so long. My comments are regarding diffs that look far different from when you originally wrote the patch. |
No worries - it was more than a trivial rebase, so it definitely deserved another look. |
Branch updated |
python-bugzilla refers to these as tokens. It would be nice to be able to create an API key and provide it as