Exemple #1
0
    def wrapped(*args, **kwargs):
        # if yotta is being run noninteractively, then we never retry, but we
        # do call auth.authorizeUser, so that a login URL can be displayed:
        interactive = globalconf.get('interactive')

        def retryWithAuthOrRaise(original_exception):
            # in all cases ask for auth, so that in non-interactive mode a
            # login URL is displayed
            auth.authorizeUser(provider='github', interactive=interactive)
            if not interactive:
                raise original_exception
            else:
                logger.debug('trying with authtoken: %s', settings.getProperty('github', 'authtoken'))
                return fn(*args, **kwargs)

        # authorised requests have a higher rate limit, but display a warning
        # message in this case, as the user might not expect the requirement to
        # auth:
        def handleRateLimitExceeded(original_exception):
            if not _userAuthedWithGithub():
                logger.warning('github rate limit for anonymous requests exceeded: you must log in')
                return retryWithAuthOrRaise(original_exception)
            else:
                raise original_exception

        try:
            return fn(*args, **kwargs)
        except requests.exceptions.HTTPError as e:
            if e.response.status_code == 403:
                # 403 = rate limit exceeded
                return handleRateLimitExceeded(e)
            if e.response.status_code == 401:
                # 401 = unauthorised
                return retryWithAuthOrRaise(e)
            raise
        except github.BadCredentialsException as e:
            logger.debug("github: bad credentials")
            return retryWithAuthOrRaise(e)
        except github.UnknownObjectException as e:
            logger.debug("github: unknown object")
            # some endpoints return 404 if the user doesn't have access, maybe
            # it would be better to prompt for another username and password,
            # and store multiple tokens that we can try for each request....
            # but for now we assume that if the user is logged in then a 404
            # really is a 404
            if not _userAuthedWithGithub():
                logger.info('failed to fetch Github object, re-trying with authentication...')
                return retryWithAuthOrRaise(e)
            raise
        except github.RateLimitExceededException as e:
            return handleRateLimitExceeded(e)
        except github.GithubException as e:
            if e.status == 403:
                # 403 = rate limit exceeded
                return handleRateLimitExceeded(e)
            raise
Exemple #2
0
 def wrapped(*args, **kwargs):
     # if yotta is being run noninteractively, then we never retry, but we
     # do call auth.authorizeUser, so that a login URL can be displayed:
     interactive = globalconf.get('interactive')
     if not interactive:
         try:
             return fn(*args, **kwargs)
         except requests.exceptions.HTTPError as e:
             if e.response.status_code == 401:
                 auth.authorizeUser(provider='github', interactive=False)
             raise
         except github.BadCredentialsException:
             logger.debug("github: bad credentials")
             auth.authorizeUser(provider='github', interactive=False)
             raise
         except github.UnknownObjectException:
             logger.debug("github: unknown object")
             # some endpoints return 404 if the user doesn't have access:
             if not _userAuthedWithGithub():
                 logger.info(
                     'failed to fetch Github object, try re-authing...')
                 auth.authorizeUser(provider='github', interactive=False)
             raise
     else:
         try:
             return fn(*args, **kwargs)
         except requests.exceptions.HTTPError as e:
             if e.response.status_code == 401:
                 auth.authorizeUser(provider='github')
                 return fn(*args, **kwargs)
             raise
         except github.BadCredentialsException:
             logger.debug("github: bad credentials")
             auth.authorizeUser(provider='github')
             logger.debug('trying with authtoken:',
                          settings.getProperty('github', 'authtoken'))
             return fn(*args, **kwargs)
         except github.UnknownObjectException:
             logger.debug("github: unknown object")
             # some endpoints return 404 if the user doesn't have access, maybe
             # it would be better to prompt for another username and password,
             # and store multiple tokens that we can try for each request....
             # but for now we assume that if the user is logged in then a 404
             # really is a 404
             if not _userAuthedWithGithub():
                 logger.info(
                     'failed to fetch Github object, re-trying with authentication...'
                 )
                 auth.authorizeUser(provider='github')
                 return fn(*args, **kwargs)
             raise
Exemple #3
0
 def wrapped(*args, **kwargs):
     # if yotta is being run noninteractively, then we never retry, but we
     # do call auth.authorizeUser, so that a login URL can be displayed:
     interactive = globalconf.get('interactive')
     try:
         return fn(*args, **kwargs)
     except requests.exceptions.HTTPError as e:
         if e.response.status_code == requests.codes.unauthorized: #pylint: disable=no-member
             logger.debug('%s unauthorised', fn)
             # any provider is sufficient for registry auth
             auth.authorizeUser(provider=None, interactive=interactive)
             if interactive:
                 logger.debug('retrying after authentication...')
                 return fn(*args, **kwargs)
         raise
Exemple #4
0
 def wrapped(*args, **kwargs):
     # if yotta is being run noninteractively, then we never retry, but we
     # do call auth.authorizeUser, so that a login URL can be displayed:
     interactive = globalconf.get('interactive')
     try:
         return fn(*args, **kwargs)
     except requests.exceptions.HTTPError as e:
         if e.response.status_code == requests.codes.unauthorized:  #pylint: disable=no-member
             logger.debug('%s unauthorised', fn)
             # any provider is sufficient for registry auth
             auth.authorizeUser(provider=None, interactive=interactive)
             if interactive:
                 logger.debug('retrying after authentication...')
                 return fn(*args, **kwargs)
         raise
Exemple #5
0
 def wrapped(*args, **kwargs):
     # if yotta is being run noninteractively, then we never retry, but we
     # do call auth.authorizeUser, so that a login URL can be displayed:
     interactive = globalconf.get('interactive')
     if not interactive:
         try:
             return fn(*args, **kwargs)
         except requests.exceptions.HTTPError as e:
             if e.response.status_code == 401:
                 auth.authorizeUser(provider='github', interactive=False)
             raise
         except github.BadCredentialsException:
             logger.debug("github: bad credentials")
             auth.authorizeUser(provider='github', interactive=False)
             raise
         except github.UnknownObjectException:
             logger.debug("github: unknown object")
             # some endpoints return 404 if the user doesn't have access:
             if not _userAuthedWithGithub():
                 logger.info('failed to fetch Github object, try re-authing...')
                 auth.authorizeUser(provider='github', interactive=False)
             raise
     else:
         try:
             return fn(*args, **kwargs)
         except requests.exceptions.HTTPError as e:
             if e.response.status_code == 401:
                 auth.authorizeUser(provider='github')
                 return fn(*args, **kwargs)
             raise
         except github.BadCredentialsException:
             logger.debug("github: bad credentials")
             auth.authorizeUser(provider='github')
             logger.debug('trying with authtoken:', settings.getProperty('github', 'authtoken'))
             return fn(*args, **kwargs)
         except github.UnknownObjectException:
             logger.debug("github: unknown object")
             # some endpoints return 404 if the user doesn't have access, maybe
             # it would be better to prompt for another username and password,
             # and store multiple tokens that we can try for each request....
             # but for now we assume that if the user is logged in then a 404
             # really is a 404
             if not _userAuthedWithGithub():
                 logger.info('failed to fetch Github object, re-trying with authentication...')
                 auth.authorizeUser(provider='github')
                 return fn(*args, **kwargs)
             raise
Exemple #6
0
def authorizeUser(registry=None, provider='github', interactive=True):
    if not globalconf.get('plain'):
        DIM = colorama.Style.DIM  #pylint: disable=no-member
        BRIGHT = colorama.Style.BRIGHT  #pylint: disable=no-member
        NORMAL = colorama.Style.NORMAL  #pylint: disable=no-member
    else:
        DIM = BRIGHT = NORMAL = u''

    # poll once with any existing public key, just in case a previous login
    # attempt was interrupted after it completed
    try:
        if _pollForAuth(registry=registry):
            return 0
    except registry_access.AuthError as e:
        logger.error('%s' % e)
        return 1

    # python 2 + 3 compatibility
    try:
        global input
        input = raw_input
    except NameError:
        pass

    if interactive:
        login_instruction = '\nYou need to log in to do this.\n'
        if provider == 'github':
            login_instruction = '\nYou need to log in with Github to do this.\n'

        sys.stdout.write(login_instruction)

        if os.name == 'nt' or os.environ.get('DISPLAY'):
            input(BRIGHT + 'Press enter to continue.\n' + DIM +
                  'Your browser will open to complete login.' + NORMAL + '\n')

            _openBrowserLogin(provider=provider, registry=registry)

            sys.stdout.write('waiting for response...')
            sys.stdout.write(
                DIM +
                '\nIf you are unable to use a browser on this machine, please copy and '
                + 'paste this URL into a browser:\n' +
                registry_access.getLoginURL(provider=provider,
                                            registry=registry) + '\n' + NORMAL)
            sys.stdout.flush()
        else:
            sys.stdout.write(
                '\nyotta is unable to open a browser for you to complete login '
                + 'on this machine. Please copy and paste this URL into a '
                'browser to complete login:\n' + registry_access.getLoginURL(
                    provider=provider, registry=registry) + '\n')
            sys.stdout.write('waiting for response...')
            sys.stdout.flush()

        poll_start = datetime.datetime.utcnow()
        while datetime.datetime.utcnow() - poll_start < datetime.timedelta(
                minutes=5):
            time.sleep(5)
            sys.stdout.write('.')
            sys.stdout.flush()
            try:
                if _pollForAuth(registry=registry):
                    sys.stdout.write('\n')
                    return 0
            except registry_access.AuthError as e:
                logger.error('%s' % e)
                return 1
        raise AuthTimedOut('timed out: please try again.')

    else:
        logger.error(
            'login required (yotta is running in noninteractive mode)')
        logger.info(
            'login URL: %s',
            registry_access.getLoginURL(provider=provider, registry=registry))
        return 1
Exemple #7
0
def authorizeUser(registry=None, provider='github', interactive=True):
    if not globalconf.get('plain'):
        DIM    = colorama.Style.DIM    #pylint: disable=no-member
        BRIGHT = colorama.Style.BRIGHT #pylint: disable=no-member
        NORMAL = colorama.Style.NORMAL #pylint: disable=no-member
    else:
        DIM = BRIGHT = NORMAL = u''

    # poll once with any existing public key, just in case a previous login
    # attempt was interrupted after it completed
    try:
        if _pollForAuth(registry=registry):
            return 0
    except registry_access.AuthError as e:
        logger.error('%s' % e)
        return 1

    # python 2 + 3 compatibility
    try:
        global input
        input = raw_input
    except NameError:
        pass

    if interactive:
        login_instruction = '\nYou need to log in to do this.\n'
        if provider == 'github':
            login_instruction = '\nYou need to log in with Github to do this.\n'

        sys.stdout.write(login_instruction)

        if os.name == 'nt' or os.environ.get('DISPLAY'):
            input(
                BRIGHT+
                'Press enter to continue.\n'+
                DIM+
                'Your browser will open to complete login.'+
                NORMAL+'\n'
            )

            _openBrowserLogin(provider=provider, registry=registry)

            sys.stdout.write('waiting for response...')
            sys.stdout.write(
                DIM+
                '\nIf you are unable to use a browser on this machine, please copy and '+
                'paste this URL into a browser:\n'+
                registry_access.getLoginURL(provider=provider, registry=registry)+'\n'+
                NORMAL
            )
            sys.stdout.flush()
        else:
            sys.stdout.write(
                '\nyotta is unable to open a browser for you to complete login '+
                'on this machine. Please copy and paste this URL into a '
                'browser to complete login:\n'+
                registry_access.getLoginURL(provider=provider, registry=registry)+'\n'
            )
            sys.stdout.write('waiting for response...')
            sys.stdout.flush()

        poll_start = datetime.datetime.utcnow()
        while datetime.datetime.utcnow() - poll_start < datetime.timedelta(minutes=5):
            time.sleep(5)
            sys.stdout.write('.')
            sys.stdout.flush()
            try:
                if _pollForAuth(registry=registry):
                    sys.stdout.write('\n')
                    return 0
            except registry_access.AuthError as e:
                logger.error('%s' % e)
                return 1
        raise AuthTimedOut('timed out: please try again.')

    else:
        logger.error('login required (yotta is running in noninteractive mode)')
        logger.info('login URL: %s', registry_access.getLoginURL(provider=provider, registry=registry))
        return 1
Exemple #8
0
    def wrapped(*args, **kwargs):
        # if yotta is being run noninteractively, then we never retry, but we
        # do call auth.authorizeUser, so that a login URL can be displayed:
        interactive = globalconf.get('interactive')

        def retryWithAuthOrRaise(original_exception):
            # in all cases ask for auth, so that in non-interactive mode a
            # login URL is displayed
            auth.authorizeUser(provider='github', interactive=interactive)
            if not interactive:
                raise original_exception
            else:
                logger.debug('trying with authtoken: %s',
                             settings.getProperty('github', 'authtoken'))
                return fn(*args, **kwargs)

        # authorised requests have a higher rate limit, but display a warning
        # message in this case, as the user might not expect the requirement to
        # auth:
        def handleRateLimitExceeded(original_exception):
            if not _userAuthedWithGithub():
                logger.warning(
                    'github rate limit for anonymous requests exceeded: you must log in'
                )
                return retryWithAuthOrRaise(original_exception)
            else:
                raise original_exception

        try:
            return fn(*args, **kwargs)
        except requests.exceptions.HTTPError as e:
            if e.response.status_code == 403:
                # 403 = rate limit exceeded
                return handleRateLimitExceeded(e)
            if e.response.status_code == 401:
                # 401 = unauthorised
                return retryWithAuthOrRaise(e)
            raise
        except github.BadCredentialsException as e:
            logger.debug("github: bad credentials")
            return retryWithAuthOrRaise(e)
        except github.UnknownObjectException as e:
            logger.debug("github: unknown object")
            # some endpoints return 404 if the user doesn't have access, maybe
            # it would be better to prompt for another username and password,
            # and store multiple tokens that we can try for each request....
            # but for now we assume that if the user is logged in then a 404
            # really is a 404
            if not _userAuthedWithGithub():
                logger.info(
                    'failed to fetch Github object, re-trying with authentication...'
                )
                return retryWithAuthOrRaise(e)
            raise
        except github.RateLimitExceededException as e:
            return handleRateLimitExceeded(e)
        except github.GithubException as e:
            if e.status == 403:
                # 403 = rate limit exceeded
                return handleRateLimitExceeded(e)
            raise