Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

feat(client): warn user on misconfigured URL inauth()#2222

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
JohnVillalovos merged 3 commits intomainfromfeat/warn-user-misconfigured-url
Aug 4, 2022
Merged
Show file tree
Hide file tree
Changes fromall commits
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
71 changes: 37 additions & 34 deletionsgitlab/client.py
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -363,12 +363,14 @@ def _merge_auth(
return (None, None, None)

def auth(self) -> None:
"""Performs an authentication using private token.
"""Performs an authentication using private token. Warns the user if a
potentially misconfigured URL is detected on the client or server side.

The `user` attribute will hold a `gitlab.objects.CurrentUser` object on
success.
"""
self.user = self._objects.CurrentUserManager(self).get()
self._check_url(self.user.web_url, path=self.user.username)

def version(self) -> Tuple[str, str]:
"""Returns the version and revision of the gitlab server.
Expand DownExpand Up@@ -576,6 +578,36 @@ def _build_url(self, path: str) -> str:
return path
return f"{self._url}{path}"

def _check_url(self, url: Optional[str], *, path: str = "api") -> Optional[str]:
"""
Checks if ``url`` starts with a different base URL from the user-provided base
URL and warns the user before returning it. If ``keep_base_url`` is set to
``True``, instead returns the URL massaged to match the user-provided base URL.
"""
if not url or url.startswith(self.url):
return url

match = re.match(rf"(^.*?)/{path}", url)
if not match:
return url

base_url = match.group(1)
if self.keep_base_url:
return url.replace(base_url, f"{self._base_url}")

utils.warn(
message=(
f"The base URL in the server response differs from the user-provided "
f"base URL ({self.url} -> {base_url}).\nThis is usually caused by a "
f"misconfigured base URL on your side or a misconfigured external_url "
f"on the server side, and can lead to broken pagination and unexpected "
f"behavior. If this is intentional, use `keep_base_url=True` when "
f"initializing the Gitlab instance to keep the user-provided base URL."
),
category=UserWarning,
)
return url

@staticmethod
def _check_redirects(result: requests.Response) -> None:
# Check the requests history to detect 301/302 redirections.
Expand DownExpand Up@@ -1130,40 +1162,11 @@ def _query(
query_data = query_data or {}
result = self._gl.http_request("get", url, query_data=query_data, **kwargs)
try:
links = result.links
if links:
next_url = links["next"]["url"]
else:
next_url = requests.utils.parse_header_links(result.headers["links"])[
0
]["url"]
# if the next url is different with user provided server URL
# then give a warning it may because of misconfiguration
# but if the option to fix provided then just reconstruct it
if not next_url.startswith(self._gl.url):
search_api_url = re.search(r"(^.*?/api)", next_url)
if search_api_url:
next_api_url = search_api_url.group(1)
if self._gl.keep_base_url:
next_url = next_url.replace(
next_api_url, f"{self._gl._base_url}/api"
)
else:
utils.warn(
message=(
f"The base URL in the server response"
f"differs from the user-provided base URL "
f"({self._gl.url}/api/ -> {next_api_url}/). "
f"This may lead to unexpected behavior and "
f"broken pagination. Use `keep_base_url=True` "
f"when initializing the Gitlab instance "
f"to follow the user-provided base URL."
),
category=UserWarning,
)
self._next_url = next_url
next_url = result.links["next"]["url"]
except KeyError:
self._next_url = None
next_url = None

self._next_url = self._gl._check_url(next_url)
self._current_page: Optional[str] = result.headers.get("X-Page")
self._prev_page: Optional[str] = result.headers.get("X-Prev-Page")
self._next_page: Optional[str] = result.headers.get("X-Next-Page")
Expand Down
1 change: 1 addition & 0 deletionstests/functional/cli/test_cli.py
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -100,6 +100,7 @@ def test_private_token_overrides_job_token(
# CLI first calls .auth() when private token is present
resp_auth_with_token = copy.deepcopy(resp_get_project_with_token)
resp_auth_with_token.update(url=f"{DEFAULT_URL}/api/v4/user")
resp_auth_with_token["json"].update(username="user", web_url=f"{DEFAULT_URL}/user")

responses.add(**resp_get_project_with_token)
responses.add(**resp_auth_with_token)
Expand Down
24 changes: 23 additions & 1 deletiontests/unit/test_gitlab.py
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -37,7 +37,11 @@ def resp_get_user():
return {
"method": responses.GET,
"url": "http://localhost/api/v4/user",
"json": {"id": 1, "username": "username"},
"json": {
"id": 1,
"username": "username",
"web_url": "http://localhost/username",
},
"content_type": "application/json",
"status": 200,
}
Expand DownExpand Up@@ -254,6 +258,24 @@ def test_gitlab_token_auth(gl, resp_get_user):
assert isinstance(gl.user, gitlab.v4.objects.CurrentUser)


@responses.activate
def test_gitlab_auth_with_mismatching_url_warns():
responses.add(
method=responses.GET,
url="http://first.example.com/api/v4/user",
json={
"username": "test-user",
"web_url": "http://second.example.com/test-user",
},
content_type="application/json",
status=200,
)
gl = gitlab.Gitlab("http://first.example.com")

with pytest.warns(UserWarning):
gl.auth()


def test_gitlab_default_url():
gl = gitlab.Gitlab()
assert gl.url == gitlab.const.DEFAULT_URL
Expand Down
[8]ページ先頭
©2009-2025 Movatter.jp