New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add functionality for auto-revoking auth tokens #224
Conversation
Auth objects can now be closed, which prevents them from being used to request new tokens. This will also revoke any existing tokens. Also introduces a `closing()` context manager method, which will auto-close the auth object on exit. Clients can use this to make sure that their tokens don't live longer than they need them for.
Verified that @jmoldow has signed the CLA. Thanks for the pull request! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we add an auto-revoking client that uses this auth behavior?
|
||
def _check_closed(self): | ||
if self.closed: | ||
raise ValueError("operation on a closed auth object") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure ValueError
is correct here. I'd raise RuntimeError
or a custom Exception
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ValueError
is what the standard library uses for similar purposes:
jmoldow Lib ((detached from v3.6.2)) $ git grep -C9 "if .*closed.*[:]" | grep -v asyncio | grep -v pyio | grep -v "test" | grep --color=always " raise "
_compression.py-14- raise ValueError("I/O operation on closed file")
_compression.py-18- raise io.UnsupportedOperation("File not open for reading")
_compression.py-22- raise io.UnsupportedOperation("File not open for writing")
chunk.py-95- raise ValueError("I/O operation on closed file")
chunk.py-105- raise ValueError("I/O operation on closed file")
chunk.py-107- raise OSError("cannot seek")
chunk.py-113- raise RuntimeError
chunk.py-119- raise ValueError("I/O operation on closed file")
chunk.py-129- raise ValueError("I/O operation on closed file")
chunk.py-153- raise ValueError("I/O operation on closed file")
idlelib/run.py-339- raise ValueError("write to closed file")
idlelib/run.py-342- raise TypeError('must be str, not ' + type(s).__name__)
idlelib/run.py-359- raise ValueError("read from closed file")
idlelib/run.py-363- raise TypeError('must be int, not ' + type(size).__name__)
idlelib/run.py-382- raise ValueError("read from closed file")
idlelib/run.py-386- raise TypeError('must be int, not ' + type(size).__name__)
pathlib.py-1011- raise ValueError("I/O operation on closed path")
pathlib.py-1072- raise ValueError("Unacceptable pattern: {!r}".format(pattern))
pathlib.py-1191- raise TypeError('data must be str, not %s' %
socket.py-615- raise ValueError("I/O operation on closed socket.")
socket.py-622- raise ValueError("I/O operation on closed socket.")
socket.py-629- raise ValueError("I/O operation on closed socket.")
subprocess.py-188- raise ValueError("already closed")
tarfile.py-408- raise CompressionError("unknown compression type %r" % comptype)
tarfile.py-2365- raise OSError("%s is closed" % self.__class__.__name__)
tarfile.py-2367- raise OSError("bad operation for mode %r" % self.mode)
tempfile.py-678- raise ValueError("Cannot enter context with closed file")
urllib/response.py-30- raise ValueError("I/O operation on closed file")
zipfile.py-985- raise ValueError('I/O operation on closed file.')
@Jeff-Meadows see my comment in #175. I experimented with adding a For the client, we could think about making it into a context manager, which invoke's |
Auth objects can now be closed, which prevents them from being used to request new tokens. This will also revoke any existing tokens. Also introduces a `closing()` context manager method, which will auto-close the auth object on exit. Clients can use this to make sure that their tokens don't live longer than they need them for.
Auth objects can now be closed, which prevents them from being
used to request new tokens. This will also revoke any existing
tokens. Also introduces a
closing()
context manager method,which will auto-close the auth object on exit. Clients can use
this to make sure that their tokens don't live longer than they
need them for.