python-gitlab/python-gitlabPublic

NotificationsYou must be signed in to change notification settings
Fork673
Star2.4k

Commitda40e09

Massimiliano Riva

authored and

JohnVillalovos

committed

feat(api): add support for token self-rotation

1 parent938b0d9 commitda40e09Copy full SHA for da40e09

File tree

7 files changed

+100

-3

lines changed

7 files changed

+100

-3

lines changed

`‎docs/gl_objects/group_access_tokens.rst`

Lines changed: 6 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -46,3 +46,9 @@ Rotate a group access token and retrieve its new value::`
`46`	`46`	`# or directly using a token ID`
`47`	`47`	`new_token = group.access_tokens.rotate(42)`
`48`	`48`	`print(new_token.token)`
	`49`	`+`
	`50`	`+Self-Rotate the group access token you are using to authenticate the request and retrieve its new value::`
	`51`	`+`
	`52`	`+ token = group.access_tokens.get(42, lazy=True)`
	`53`	`+ token.rotate(self_rotate=True)`
	`54`	`+ print(token.token)`

`‎docs/gl_objects/personal_access_tokens.rst`

Lines changed: 6 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -61,6 +61,12 @@ Rotate a personal access token and retrieve its new value::`
`61`	`61`	`new_token_dict = gl.personal_access_tokens.rotate(42)`
`62`	`62`	`print(new_token_dict)`
`63`	`63`
	`64`	`+Self-Rotate the personal access token you are using to authenticate the request and retrieve its new value::`
	`65`	`+`
	`66`	`+ token = gl.personal_access_tokens.get(42, lazy=True)`
	`67`	`+ token.rotate(self_rotate=True)`
	`68`	`+ print(token.token)`
	`69`	`+`
`64`	`70`	`Create a personal access token for a user (admin only)::`
`65`	`71`
`66`	`72`	`user = gl.users.get(25, lazy=True)`

`‎docs/gl_objects/project_access_tokens.rst`

Lines changed: 6 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -46,3 +46,9 @@ Rotate a project access token and retrieve its new value::`
`46`	`46`	`# or directly using a token ID`
`47`	`47`	`new_token = project.access_tokens.rotate(42)`
`48`	`48`	`print(new_token.token)`
	`49`	`+`
	`50`	`+Self-Rotate the project access token you are using to authenticate the request and retrieve its new value::`
	`51`	`+`
	`52`	`+ token = project.access_tokens.get(42, lazy=True)`
	`53`	`+ token.rotate(self_rotate=True)`
	`54`	`+ print(new_token.token)`

`‎gitlab/mixins.py`

Lines changed: 4 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -660,10 +660,11 @@ class ObjectRotateMixin(_RestObjectBase):`
`660`	`660`	`optional=("expires_at",),`
`661`	`661`	`)`
`662`	`662`	`@exc.on_http_error(exc.GitlabRotateError)`
`663`		`-defrotate(self,**kwargs:Any)->dict[str,Any]:`
	`663`	`+defrotate(self,,self_rotate:bool=False,*kwargs:Any)->dict[str,Any]:`
`664`	`664`	`"""Rotate the current access token object.`
`665`	`665`
`666`	`666`	`Args:`
	`667`	`+ self_rotate: If True, the current access token object will be rotated.`
`667`	`668`	`**kwargs: Extra options to send to the server (e.g. sudo)`
`668`	`669`
`669`	`670`	`Raises:`
`@@ -673,7 +674,8 @@ def rotate(self, **kwargs: Any) -> dict[str, Any]:`
`673`	`674`	`ifTYPE_CHECKING:`
`674`	`675`	`assertisinstance(self.manager,RotateMixin)`
`675`	`676`	`assertself.encoded_idisnotNone`
`676`		`-server_data=self.manager.rotate(self.encoded_id,**kwargs)`
	`677`	`+token_id="self"ifself_rotateelseself.encoded_id`
	`678`	`+server_data=self.manager.rotate(token_id,**kwargs)`
`677`	`679`	`self._update_attrs(server_data)`
`678`	`680`	`returnserver_data`
`679`	`681`

`‎tests/unit/objects/test_group_access_tokens.py`

Lines changed: 25 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -91,6 +91,19 @@ def resp_rotate_group_access_token(token_content):`
`91`	`91`	`yieldrsps`
`92`	`92`
`93`	`93`
	`94`	`+@pytest.fixture`
	`95`	`+defresp_self_rotate_group_access_token(token_content):`
	`96`	`+withresponses.RequestsMock()asrsps:`
	`97`	`+rsps.add(`
	`98`	`+method=responses.POST,`
	`99`	`+url="http://localhost/api/v4/groups/1/access_tokens/self/rotate",`
	`100`	`+json=token_content,`
	`101`	`+content_type="application/json",`
	`102`	`+status=200,`
	`103`	`+ )`
	`104`	`+yieldrsps`
	`105`	`+`
	`106`	`+`
`94`	`107`	`deftest_list_group_access_tokens(gl,resp_list_group_access_token):`
`95`	`108`	`access_tokens=gl.groups.get(1,lazy=True).access_tokens.list()`
`96`	`109`	`assertlen(access_tokens)==1`
`@@ -127,3 +140,15 @@ def test_rotate_group_access_token(group, resp_rotate_group_access_token):`
`127`	`140`	`access_token.rotate()`
`128`	`141`	`assertisinstance(access_token,GroupAccessToken)`
`129`	`142`	`assertaccess_token.token=="s3cr3t"`
	`143`	`+`
	`144`	`+`
	`145`	`+deftest_self_rotate_group_access_token(group,resp_self_rotate_group_access_token):`
	`146`	`+access_token=group.access_tokens.get(1,lazy=True)`
	`147`	`+access_token.rotate(self_rotate=True)`
	`148`	`+assertisinstance(access_token,GroupAccessToken)`
	`149`	`+assertaccess_token.token=="s3cr3t"`
	`150`	`+`
	`151`	`+# Verify that the url contains "self"`
	`152`	`+rotation_calls=resp_self_rotate_group_access_token.calls`
	`153`	`+assertlen(rotation_calls)==1`
	`154`	`+assert"self/rotate"inrotation_calls[0].request.url`

`‎tests/unit/objects/test_personal_access_tokens.py`

Lines changed: 26 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -102,6 +102,19 @@ def resp_rotate_personal_access_token(token_content):`
`102`	`102`	`yieldrsps`
`103`	`103`
`104`	`104`
	`105`	`+@pytest.fixture`
	`106`	`+defresp_self_rotate_personal_access_token(token_content):`
	`107`	`+withresponses.RequestsMock()asrsps:`
	`108`	`+rsps.add(`
	`109`	`+method=responses.POST,`
	`110`	`+url="http://localhost/api/v4/personal_access_tokens/self/rotate",`
	`111`	`+json=token_content,`
	`112`	`+content_type="application/json",`
	`113`	`+status=200,`
	`114`	`+ )`
	`115`	`+yieldrsps`
	`116`	`+`
	`117`	`+`
`105`	`118`	`deftest_create_personal_access_token(gl,resp_create_user_personal_access_token):`
`106`	`119`	`user=gl.users.get(1,lazy=True)`
`107`	`120`	`access_token=user.personal_access_tokens.create(`
`@@ -148,8 +161,20 @@ def test_revoke_personal_access_token_by_id(gl, resp_delete_personal_access_toke`
`148`	`161`	`gl.personal_access_tokens.delete(token_id)`
`149`	`162`
`150`	`163`
`151`		`-deftest_rotate_project_access_token(gl,resp_rotate_personal_access_token):`
	`164`	`+deftest_rotate_personal_access_token(gl,resp_rotate_personal_access_token):`
`152`	`165`	`access_token=gl.personal_access_tokens.get(1,lazy=True)`
`153`	`166`	`access_token.rotate()`
`154`	`167`	`assertisinstance(access_token,PersonalAccessToken)`
`155`	`168`	`assertaccess_token.token=="s3cr3t"`
	`169`	`+`
	`170`	`+`
	`171`	`+deftest_self_rotate_personal_access_token(gl,resp_self_rotate_personal_access_token):`
	`172`	`+access_token=gl.personal_access_tokens.get(1,lazy=True)`
	`173`	`+access_token.rotate(self_rotate=True)`
	`174`	`+assertisinstance(access_token,PersonalAccessToken)`
	`175`	`+assertaccess_token.token=="s3cr3t"`
	`176`	`+`
	`177`	`+# Verify that the url contains "self"`
	`178`	`+rotation_calls=resp_self_rotate_personal_access_token.calls`
	`179`	`+assertlen(rotation_calls)==1`
	`180`	`+assert"self/rotate"inrotation_calls[0].request.url`

`‎tests/unit/objects/test_project_access_tokens.py`

Lines changed: 27 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -91,6 +91,19 @@ def resp_rotate_project_access_token(token_content):`
`91`	`91`	`yieldrsps`
`92`	`92`
`93`	`93`
	`94`	`+@pytest.fixture`
	`95`	`+defresp_self_rotate_project_access_token(token_content):`
	`96`	`+withresponses.RequestsMock()asrsps:`
	`97`	`+rsps.add(`
	`98`	`+method=responses.POST,`
	`99`	`+url="http://localhost/api/v4/projects/1/access_tokens/self/rotate",`
	`100`	`+json=token_content,`
	`101`	`+content_type="application/json",`
	`102`	`+status=200,`
	`103`	`+ )`
	`104`	`+yieldrsps`
	`105`	`+`
	`106`	`+`
`94`	`107`	`deftest_list_project_access_tokens(gl,resp_list_project_access_token):`
`95`	`108`	`access_tokens=gl.projects.get(1,lazy=True).access_tokens.list()`
`96`	`109`	`assertlen(access_tokens)==1`
`@@ -127,3 +140,17 @@ def test_rotate_project_access_token(project, resp_rotate_project_access_token):`
`127`	`140`	`access_token.rotate()`
`128`	`141`	`assertisinstance(access_token,ProjectAccessToken)`
`129`	`142`	`assertaccess_token.token=="s3cr3t"`
	`143`	`+`
	`144`	`+`
	`145`	`+deftest_self_rotate_project_access_token(`
	`146`	`+project,resp_self_rotate_project_access_token`
	`147`	`+):`
	`148`	`+access_token=project.access_tokens.get(1,lazy=True)`
	`149`	`+access_token.rotate(self_rotate=True)`
	`150`	`+assertisinstance(access_token,ProjectAccessToken)`
	`151`	`+assertaccess_token.token=="s3cr3t"`
	`152`	`+`
	`153`	`+# Verify that the url contains "self"`
	`154`	`+rotation_calls=resp_self_rotate_project_access_token.calls`
	`155`	`+assertlen(rotation_calls)==1`
	`156`	`+assert"self/rotate"inrotation_calls[0].request.url`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitda40e09

File tree

7 files changed

7 files changed

`‎docs/gl_objects/group_access_tokens.rst`

`‎docs/gl_objects/personal_access_tokens.rst`

`‎docs/gl_objects/project_access_tokens.rst`

`‎gitlab/mixins.py`

`‎tests/unit/objects/test_group_access_tokens.py`

`‎tests/unit/objects/test_personal_access_tokens.py`

`‎tests/unit/objects/test_project_access_tokens.py`

0 commit comments