def wrapped(*args, **kwargs):
# if yotta is being run noninteractively, then we never retry, but we
# do call auth.authorizeUser, so that a login URL can be displayed:
interactive = globalconf.get('interactive')
def retryWithAuthOrRaise(original_exception):
# in all cases ask for auth, so that in non-interactive mode a
# login URL is displayed
auth.authorizeUser(provider='github', interactive=interactive)
if not interactive:
raise original_exception
else:
logger.debug('trying with authtoken: %s', settings.getProperty('github', 'authtoken'))
return fn(*args, **kwargs)
# authorised requests have a higher rate limit, but display a warning
# message in this case, as the user might not expect the requirement to
# auth:
def handleRateLimitExceeded(original_exception):
if not _userAuthedWithGithub():
logger.warning('github rate limit for anonymous requests exceeded: you must log in')
return retryWithAuthOrRaise(original_exception)
else:
raise original_exception
try:
return fn(*args, **kwargs)
except requests.exceptions.HTTPError as e:
if e.response.status_code == 403:
# 403 = rate limit exceeded
return handleRateLimitExceeded(e)
if e.response.status_code == 401:
# 401 = unauthorised
return retryWithAuthOrRaise(e)
raise
except github.BadCredentialsException as e:
logger.debug("github: bad credentials")
return retryWithAuthOrRaise(e)
except github.UnknownObjectException as e:
logger.debug("github: unknown object")
# some endpoints return 404 if the user doesn't have access, maybe
# it would be better to prompt for another username and password,
# and store multiple tokens that we can try for each request....
# but for now we assume that if the user is logged in then a 404
# really is a 404
if not _userAuthedWithGithub():
logger.info('failed to fetch Github object, re-trying with authentication...')
return retryWithAuthOrRaise(e)
raise
except github.RateLimitExceededException as e:
return handleRateLimitExceeded(e)
except github.GithubException as e:
if e.status == 403:
# 403 = rate limit exceeded
return handleRateLimitExceeded(e)
raise
def wrapped(*args, **kwargs):
# if yotta is being run noninteractively, then we never retry, but we
# do call auth.authorizeUser, so that a login URL can be displayed:
interactive = globalconf.get('interactive')
if not interactive:
try:
return fn(*args, **kwargs)
except requests.exceptions.HTTPError as e:
if e.response.status_code == 401:
auth.authorizeUser(provider='github', interactive=False)
raise
except github.BadCredentialsException:
logger.debug("github: bad credentials")
auth.authorizeUser(provider='github', interactive=False)
raise
except github.UnknownObjectException:
logger.debug("github: unknown object")
# some endpoints return 404 if the user doesn't have access:
if not _userAuthedWithGithub():
logger.info(
'failed to fetch Github object, try re-authing...')
auth.authorizeUser(provider='github', interactive=False)
raise
else:
try:
return fn(*args, **kwargs)
except requests.exceptions.HTTPError as e:
if e.response.status_code == 401:
auth.authorizeUser(provider='github')
return fn(*args, **kwargs)
raise
except github.BadCredentialsException:
logger.debug("github: bad credentials")
auth.authorizeUser(provider='github')
logger.debug('trying with authtoken:',
settings.getProperty('github', 'authtoken'))
return fn(*args, **kwargs)
except github.UnknownObjectException:
logger.debug("github: unknown object")
# some endpoints return 404 if the user doesn't have access, maybe
# it would be better to prompt for another username and password,
# and store multiple tokens that we can try for each request....
# but for now we assume that if the user is logged in then a 404
# really is a 404
if not _userAuthedWithGithub():
logger.info(
'failed to fetch Github object, re-trying with authentication...'
)
auth.authorizeUser(provider='github')
return fn(*args, **kwargs)
raise
def wrapped(*args, **kwargs):
# if yotta is being run noninteractively, then we never retry, but we
# do call auth.authorizeUser, so that a login URL can be displayed:
interactive = globalconf.get('interactive')
try:
return fn(*args, **kwargs)
except requests.exceptions.HTTPError as e:
if e.response.status_code == requests.codes.unauthorized: #pylint: disable=no-member
logger.debug('%s unauthorised', fn)
# any provider is sufficient for registry auth
auth.authorizeUser(provider=None, interactive=interactive)
if interactive:
logger.debug('retrying after authentication...')
return fn(*args, **kwargs)
raise
def wrapped(*args, **kwargs):
# if yotta is being run noninteractively, then we never retry, but we
# do call auth.authorizeUser, so that a login URL can be displayed:
interactive = globalconf.get('interactive')
try:
return fn(*args, **kwargs)
except requests.exceptions.HTTPError as e:
if e.response.status_code == requests.codes.unauthorized: #pylint: disable=no-member
logger.debug('%s unauthorised', fn)
# any provider is sufficient for registry auth
auth.authorizeUser(provider=None, interactive=interactive)
if interactive:
logger.debug('retrying after authentication...')
return fn(*args, **kwargs)
raise
def wrapped(*args, **kwargs):
# if yotta is being run noninteractively, then we never retry, but we
# do call auth.authorizeUser, so that a login URL can be displayed:
interactive = globalconf.get('interactive')
if not interactive:
try:
return fn(*args, **kwargs)
except requests.exceptions.HTTPError as e:
if e.response.status_code == 401:
auth.authorizeUser(provider='github', interactive=False)
raise
except github.BadCredentialsException:
logger.debug("github: bad credentials")
auth.authorizeUser(provider='github', interactive=False)
raise
except github.UnknownObjectException:
logger.debug("github: unknown object")
# some endpoints return 404 if the user doesn't have access:
if not _userAuthedWithGithub():
logger.info('failed to fetch Github object, try re-authing...')
auth.authorizeUser(provider='github', interactive=False)
raise
else:
try:
return fn(*args, **kwargs)
except requests.exceptions.HTTPError as e:
if e.response.status_code == 401:
auth.authorizeUser(provider='github')
return fn(*args, **kwargs)
raise
except github.BadCredentialsException:
logger.debug("github: bad credentials")
auth.authorizeUser(provider='github')
logger.debug('trying with authtoken:', settings.getProperty('github', 'authtoken'))
return fn(*args, **kwargs)
except github.UnknownObjectException:
logger.debug("github: unknown object")
# some endpoints return 404 if the user doesn't have access, maybe
# it would be better to prompt for another username and password,
# and store multiple tokens that we can try for each request....
# but for now we assume that if the user is logged in then a 404
# really is a 404
if not _userAuthedWithGithub():
logger.info('failed to fetch Github object, re-trying with authentication...')
auth.authorizeUser(provider='github')
return fn(*args, **kwargs)
raise
def authorizeUser(registry=None, provider='github', interactive=True):
if not globalconf.get('plain'):
DIM = colorama.Style.DIM #pylint: disable=no-member
BRIGHT = colorama.Style.BRIGHT #pylint: disable=no-member
NORMAL = colorama.Style.NORMAL #pylint: disable=no-member
else:
DIM = BRIGHT = NORMAL = u''
# poll once with any existing public key, just in case a previous login
# attempt was interrupted after it completed
try:
if _pollForAuth(registry=registry):
return 0
except registry_access.AuthError as e:
logger.error('%s' % e)
return 1
# python 2 + 3 compatibility
try:
global input
input = raw_input
except NameError:
pass
if interactive:
login_instruction = '\nYou need to log in to do this.\n'
if provider == 'github':
login_instruction = '\nYou need to log in with Github to do this.\n'
sys.stdout.write(login_instruction)
if os.name == 'nt' or os.environ.get('DISPLAY'):
input(BRIGHT + 'Press enter to continue.\n' + DIM +
'Your browser will open to complete login.' + NORMAL + '\n')
_openBrowserLogin(provider=provider, registry=registry)
sys.stdout.write('waiting for response...')
sys.stdout.write(
DIM +
'\nIf you are unable to use a browser on this machine, please copy and '
+ 'paste this URL into a browser:\n' +
registry_access.getLoginURL(provider=provider,
registry=registry) + '\n' + NORMAL)
sys.stdout.flush()
else:
sys.stdout.write(
'\nyotta is unable to open a browser for you to complete login '
+ 'on this machine. Please copy and paste this URL into a '
'browser to complete login:\n' + registry_access.getLoginURL(
provider=provider, registry=registry) + '\n')
sys.stdout.write('waiting for response...')
sys.stdout.flush()
poll_start = datetime.datetime.utcnow()
while datetime.datetime.utcnow() - poll_start < datetime.timedelta(
minutes=5):
time.sleep(5)
sys.stdout.write('.')
sys.stdout.flush()
try:
if _pollForAuth(registry=registry):
sys.stdout.write('\n')
return 0
except registry_access.AuthError as e:
logger.error('%s' % e)
return 1
raise AuthTimedOut('timed out: please try again.')
else:
logger.error(
'login required (yotta is running in noninteractive mode)')
logger.info(
'login URL: %s',
registry_access.getLoginURL(provider=provider, registry=registry))
return 1
def authorizeUser(registry=None, provider='github', interactive=True):
if not globalconf.get('plain'):
DIM = colorama.Style.DIM #pylint: disable=no-member
BRIGHT = colorama.Style.BRIGHT #pylint: disable=no-member
NORMAL = colorama.Style.NORMAL #pylint: disable=no-member
else:
DIM = BRIGHT = NORMAL = u''
# poll once with any existing public key, just in case a previous login
# attempt was interrupted after it completed
try:
if _pollForAuth(registry=registry):
return 0
except registry_access.AuthError as e:
logger.error('%s' % e)
return 1
# python 2 + 3 compatibility
try:
global input
input = raw_input
except NameError:
pass
if interactive:
login_instruction = '\nYou need to log in to do this.\n'
if provider == 'github':
login_instruction = '\nYou need to log in with Github to do this.\n'
sys.stdout.write(login_instruction)
if os.name == 'nt' or os.environ.get('DISPLAY'):
input(
BRIGHT+
'Press enter to continue.\n'+
DIM+
'Your browser will open to complete login.'+
NORMAL+'\n'
)
_openBrowserLogin(provider=provider, registry=registry)
sys.stdout.write('waiting for response...')
sys.stdout.write(
DIM+
'\nIf you are unable to use a browser on this machine, please copy and '+
'paste this URL into a browser:\n'+
registry_access.getLoginURL(provider=provider, registry=registry)+'\n'+
NORMAL
)
sys.stdout.flush()
else:
sys.stdout.write(
'\nyotta is unable to open a browser for you to complete login '+
'on this machine. Please copy and paste this URL into a '
'browser to complete login:\n'+
registry_access.getLoginURL(provider=provider, registry=registry)+'\n'
)
sys.stdout.write('waiting for response...')
sys.stdout.flush()
poll_start = datetime.datetime.utcnow()
while datetime.datetime.utcnow() - poll_start < datetime.timedelta(minutes=5):
time.sleep(5)
sys.stdout.write('.')
sys.stdout.flush()
try:
if _pollForAuth(registry=registry):
sys.stdout.write('\n')
return 0
except registry_access.AuthError as e:
logger.error('%s' % e)
return 1
raise AuthTimedOut('timed out: please try again.')
else:
logger.error('login required (yotta is running in noninteractive mode)')
logger.info('login URL: %s', registry_access.getLoginURL(provider=provider, registry=registry))
return 1
def wrapped(*args, **kwargs):
# if yotta is being run noninteractively, then we never retry, but we
# do call auth.authorizeUser, so that a login URL can be displayed:
interactive = globalconf.get('interactive')
def retryWithAuthOrRaise(original_exception):
# in all cases ask for auth, so that in non-interactive mode a
# login URL is displayed
auth.authorizeUser(provider='github', interactive=interactive)
if not interactive:
raise original_exception
else:
logger.debug('trying with authtoken: %s',
settings.getProperty('github', 'authtoken'))
return fn(*args, **kwargs)
# authorised requests have a higher rate limit, but display a warning
# message in this case, as the user might not expect the requirement to
# auth:
def handleRateLimitExceeded(original_exception):
if not _userAuthedWithGithub():
logger.warning(
'github rate limit for anonymous requests exceeded: you must log in'
)
return retryWithAuthOrRaise(original_exception)
else:
raise original_exception
try:
return fn(*args, **kwargs)
except requests.exceptions.HTTPError as e:
if e.response.status_code == 403:
# 403 = rate limit exceeded
return handleRateLimitExceeded(e)
if e.response.status_code == 401:
# 401 = unauthorised
return retryWithAuthOrRaise(e)
raise
except github.BadCredentialsException as e:
logger.debug("github: bad credentials")
return retryWithAuthOrRaise(e)
except github.UnknownObjectException as e:
logger.debug("github: unknown object")
# some endpoints return 404 if the user doesn't have access, maybe
# it would be better to prompt for another username and password,
# and store multiple tokens that we can try for each request....
# but for now we assume that if the user is logged in then a 404
# really is a 404
if not _userAuthedWithGithub():
logger.info(
'failed to fetch Github object, re-trying with authentication...'
)
return retryWithAuthOrRaise(e)
raise
except github.RateLimitExceededException as e:
return handleRateLimitExceeded(e)
except github.GithubException as e:
if e.status == 403:
# 403 = rate limit exceeded
return handleRateLimitExceeded(e)
raise
