git-webkit setup: Fix various pitfalls with credentials input

[ntrrgc]

3ab5d8e

git-webkit setup: Fix various pitfalls with credentials input
https://bugs.webkit.org/show_bug.cgi?id=240574

Reviewed by Jonathan Bedard.

Yesterday I tried to run `git webkit setup`.

To put it mildly, it wasn't a smooth ride. I ended up having to debug the
tooling for hours just to be able to get it running.

This patch fixes several issues I found during the process, so that the next
unlucky person doesn't have to go through this again.

1. Whenever a request failed, the response from the server was not shown in
anyway, instead printing an unhelpful generic message. This patch adds code to
write to the screen the responses obtained from the GitHub API, so that the
next person having problems with it doesn't need to add debugging code to know
what is wrong.

2. When copying and pasting tokens from the browser it's very easy to
accidentally grab some leading or trailing whitespace. This is especially easy
to miss for the blind terminal key prompt. This patch adds code to trim these
fields. This is generally good UX practice since leading and trailing spaces
are virtually always accidental. [1]

3. The validation code for GitHub username and token was not run under `git
webkit setup`. Looking at the code it's clear the intention was for that
validation to be done to check (1) a plain GitHub username is used instead of
an email address associated to that account and (2) that a test log-in
succeeds. But because the credentials function is called in many places, the
first instance that actually gets called happens to not set validate=True in
the arguments.

   Validating passwords that have just been input for the first time should not
be an optional feature that is disabled by default. Otherwise any mistake in
the credentials input can cause cryptic errors and the user is left on their
own to figure out what is going on, and eventually, how to manually interact
with the keychain to remove or edit the bogus username and/or token. This patch
makes changes so that validation is made whenever the user is prompt for
username and token, no matter in what codepath this becomes necessary.

[1] https://tonyshowoff.com/articles/should-you-trim-passwords/

* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/bugzilla.py:
(Tracker.credentials):
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/github.py:
* Tools/Scripts/libraries/webkitcorepy/webkitcorepy/credentials.py:
(credentials):
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/setup.py:
(Setup.github):

Canonical link: https://commits.webkit.org/250750@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@294491 268f45cc-cd09-0410-ab3c-d52691b4dbfc

[JonWBedard]

Want to make sure @sundiamonde sees this change, it's the thorough fix for what she encountered last week that I half-fixed in https://commits.webkit.org/250423@main

[webkit-early-warning-system]

Committed r294491 (250750@main): https://commits.webkit.org/250750@main

Reviewed commits have been landed. Closing PR #779 and removing active labels.