ref(oauth): Oauth now only uses access-token

9e428df3 · EorlBruder · 2db6be8f · 9e428df3 · 9e428df3 · 9e428df3
Verified Commit 9e428df3 authored 3 years ago by EorlBruder
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@ funkwhale
 venv
 .idea
 funkwhale_cli.egg-info
+**/__pycache__
--- a/README.md
+++ b/README.md
@@ -32,7 +32,7 @@ funkwhale --help
 # get help on a specific command
 funkwhale tracks ls --help

-# get login - You need to create an application in your Funkwhale-settings. Then you need to provide the client-id and the client-secret of that application here
+# get login - You need to create an application in your Funkwhale-settings. Then you need to provide the access-token of that application here
 funkwhale -H https://demo.funkwhale.audio login  

 # Store the server URL to avoid specifying it on the CLI

--- a/funkwhale_cli/api.py
+++ b/funkwhale_cli/api.py
@@ -47,40 +47,6 @@ def clean_nodeinfo(data):
    return result.data


-async def get_oauth_token(session, url, client_id, client_secret):
-    args = {"response_type": "code", "redirect_uri": "urn:ietf:wg:oauth:2.0:oob", "client_id": client_id,
-            "client_secret": client_secret, "scope": "read write"}
-    browser_url = f"{url}authorize?{urllib.parse.urlencode(args)}"
-    webbrowser.open(browser_url)
-    code = input("Enter the code from funkwhale")
-    api_url = f"{url}api/v1/oauth/token/"
-    response = await session.post(
-        api_url, data={"client_id": client_id, "client_secret": client_secret,
-                       "grant_type": "authorization_code", "code": code}
-    )
-    return await extract_tokens(response)
-
-
-async def refresh_oauth_token(session, url, client_id, client_secret, refresh_token):
-    api_url = f"{url}api/v1/oauth/token/"
-    response = await session.post(
-        api_url, data={"client_id": client_id, "client_secret": client_secret,
-                       "grant_type": "refresh_token", "refresh_token": refresh_token}
-    )
-    return await extract_tokens(response)
-
-
-async def extract_tokens(response):
-    if response.status == 400:
-        raise exceptions.AuthenticationError(
-            "Unable to log in with provided credentials"
-        )
-    response_json = await response.json()
-    access_token = response_json["access_token"]
-    refresh_token = response_json["refresh_token"]
-    return access_token, refresh_token
-
-
 class API(object):
    def __init__(self, base_url, token):
        self.base_url = base_url

--- a/funkwhale_cli/cli/auth.py
+++ b/funkwhale_cli/cli/auth.py
@@ -68,54 +68,21 @@ def init_keyring():


 @base.cli.command()
-@click.option("-i", "--client-id", envvar="FUNKWHALE_CLIENT_ID", prompt=True)
-@click.option(
-    "-s", "--client-secret", envvar="FUNKWHALE_CLIENT_SECRET", prompt=True, hide_input=True
-)
+@click.option("-t", "--access-token", envvar="FUNKWHALE_ACCESS_TOKEN", prompt=True, hide_input=True)
 @click.pass_context
 @base.async_command
-async def login(ctx, client_id, client_secret):
-    async with api.get_session() as session:
-        access_token, refresh_token = await api.get_oauth_token(
-            session, ctx.obj["SERVER_URL"], client_id=client_id, client_secret=client_secret
-        )
-
-    process_access_tokens(ctx, access_token, refresh_token)
-    click.echo("Login successful!")
-
-
-@base.cli.command()
-@click.option("-i", "--client-id", envvar="FUNKWHALE_CLIENT_ID", prompt=True)
-@click.option(
-    "-s", "--client-secret", envvar="FUNKWHALE_CLIENT_SECRET", prompt=True, hide_input=True
-)
-@click.pass_context
-@base.async_command
-async def refresh_auth(ctx, client_id, client_secret):
-    refresh_token = keyring.get_password(ctx.obj["SERVER_URL"], "refresh")
-    async with api.get_session() as session:
-        access_token, refresh_token = await api.refresh_oauth_token(
-            session, ctx.obj["SERVER_URL"], client_id=client_id, client_secret=client_secret,
-            refresh_token=refresh_token
-        )
-
-    process_access_tokens(ctx, access_token, refresh_token)
-    click.echo("Login successful, tokens are refreshed!")
-
-
-def process_access_tokens(ctx, access_token, refresh_token):
+async def login(ctx, access_token):
    try:
        keyring.set_password(ctx.obj["SERVER_URL"], "_", access_token)
-        keyring.set_password(ctx.obj["SERVER_URL"], "refresh", refresh_token)
    except ValueError as e:
        raise click.ClickException(
-            "Error while saving password to keyring: {}.".format(
+            "Error while saving access-token to keyring: {}.".format(
                e.args[0]
            )
        )
    except Exception as e:
        raise click.ClickException(
-            "Error while saving password to keyring: {}".format(e.args[0])
+            "Error while saving access-token to keyring: {}".format(e.args[0])
        )


@@ -124,5 +91,4 @@ def process_access_tokens(ctx, access_token, refresh_token):
 @base.async_command
 async def logout(ctx):
    keyring.delete_password(ctx.obj["SERVER_URL"], "_")
-    keyring.delete_password(ctx.obj["SERVER_URL"], "refresh")
    click.echo("Logout successful!")
--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@@ -24,7 +24,8 @@ def cli_ctx(mocker):
        obj={
            "remote": api.get_api(
                domain="test.funkwhale", protocol="https", token="test_token"
-            )
+            ),
+            "SERVER_URL": "http://testurl"
        },
        color=None,
    )
@@ -82,6 +83,15 @@ def test_lazy_credential(mocker):
    str(credential)
    assert get_password.call_count == 1

+def test_login(cli_ctx, session, mocker):
+    command = cli.auth.login
+
+    set_password = mocker.patch("keyring.set_password")
+    
+    command.callback(access_token="password")
+
+    set_password.assert_called_once_with("http://testurl", "_", "password")
+

 def test_users_me(cli_ctx, session, responses, get_requests):
    command = cli.users.users_me