Support Bugzilla API keys (pending support in python-bugzilla) #238
Conversation
|
Agreed. Any idea if python-bugzilla supports this yet? |
|
I think so - see the link. Assuming "token" and "API key" are the same (see python-bugzilla/python-bugzilla#5) |
|
+1 |
|
@ralphbean I've put in a PR for python-bugzilla at python-bugzilla/python-bugzilla#5 As far as using that from bugwarrior, currently it'd have to be configured as with bugwarrior configured to pass that along to Which would you prefer that I implement? |
|
Seems like each auth model has it's pros and cons. One only persists temporary keys (good for security) but presumably requires interactive authentication (bad for the server). The other uses long-term keys (ok if you have a secret management system). I would think we'd be happy to support either/or/both. |
|
Look, ma, now I'm a pull request! I've added support for api keys in python-bugzilla/python-bugzilla#5, although it is not in a released version yet. Still, I tested this with a temporary install of the latest git master and it worked OK both with password and api key auth. Once a new release is made, I would propose requiring that version in |
djmitche
changed the title
|
I just got word from @crobinso that he'll cut a new release of python-bugzilla in a few weeks, at which point we can depend on that version. |
|
(rebased onto latest develop) |
djmitche
force-pushed
the
issue238
branch
2 times, most recently
from
7db477e
to
322c984
Compare
|
(rebased again, and a requirement for the newly-released python-bugzilla>=2.1.0 added) ready for review and merging, I think! |
djmitche
changed the title
bugwarrior/services/bz.py
Outdated
| except TypeError: | ||
| raise Exception("This version of python-bugzilla does not support api keys") | ||
| else: | ||
| password = self.config.get('password', self.username) |
There was a problem hiding this comment.
Shouldn't this still be self.get_password?
bugwarrior/services/bz.py
Outdated
| if 'username' not in service_config: | ||
| die("[%s] has no 'bugzilla.username'" % (target,)) | ||
| if not ('password' in service_config or 'api_key' in service_config): | ||
| die("[%s] has no 'bugzilla.password' or 'bugzilla.api_key'" % (target,)) |
There was a problem hiding this comment.
The keys variable appears to be unused. My preference would be to stick with the loop where it works since that makes modifications to the required configuration values easy:
req = ['username', 'base_uri']
for option in req:
if option not in service_config:
die("[%s] has no 'bugzilla.%s'" % (target, option))
if not ('password' in service_config or 'api_key' in service_config):
die("[%s] has no 'bugzilla.password' or 'bugzilla.api_key'" % (target,))
setup.py
Outdated
| @@ -47,7 +47,7 @@ | |||
| activecollab=["pypandoc", "pyac>=0.1.5"], | |||
| bts=["PySimpleSOAP","python-debianbts>=2.6.1"], | |||
| trac=["offtrac"], | |||
| bugzilla=["python-bugzilla"], | |||
| bugzilla=["python-bugzilla>=2.1.0"], | |||
There was a problem hiding this comment.
Do we have to add this constraint? Couldn't one continue using password authentication with older versions?
|
By the way, thanks for persisting with this so long. My comments are regarding diffs that look far different from when you originally wrote the patch. |
|
No worries - it was more than a trivial rebase, so it definitely deserved another look. |
|
Branch updated |
python-bugzilla refers to these as tokens. It would be nice to be able to create an API key and provide it as