jirashell broken for OAuth with pre-authentication & access tokens #100
Comments
milo-minderbinder
added a commit
to milo-minderbinder/jira
that referenced
this issue
Jul 15, 2015
The problem is that 'oauth_dance' should be an optional option argument, if it is not set, or if it is set to false, a valid use case still exists where OAuth should be used if the user supplies access_token and access_token_secret through command line or configuration file options. This would be the case if the user had already authenticated externally with OAuth and had valid, authenticated tokens to pass to jirashell. Commit d585674 doesn't fix the issue anyway, since configuration file options are all read by value, and interpreted as strings, but, presumably, oauth_dance should be a boolean option. The result is that "if oauth['oauth_dance']:" will always be True, if oauth_dance is set to anything (including False) in the configuration file.
milo-minderbinder
added a commit
to milo-minderbinder/jira
that referenced
this issue
Jul 15, 2015
…ycontribs#66, and tweaks fix from d585674. The oauth_dance and print_tokens options specified in jirashell.ini configuration file are now correctly parsed as boolean values and OAuth with pre-authenticated access_token and access_token_secret (skipping oauth_dance) is fixed. OAuth options are now minimally validated for completeness, so pycontribs#66 is fixed, allowing for basic_auth without causing issue pycontribs#102 as the merged commit d585674 did previously.
ssbarnea
pushed a commit
that referenced
this issue
Nov 21, 2016
The problem is that 'oauth_dance' should be an optional option argument, if it is not set, or if it is set to false, a valid use case still exists where OAuth should be used if the user supplies access_token and access_token_secret through command line or configuration file options. This would be the case if the user had already authenticated externally with OAuth and had valid, authenticated tokens to pass to jirashell. Commit d585674 doesn't fix the issue anyway, since configuration file options are all read by value, and interpreted as strings, but, presumably, oauth_dance should be a boolean option. The result is that "if oauth['oauth_dance']:" will always be True, if oauth_dance is set to anything (including False) in the configuration file.
ssbarnea
pushed a commit
that referenced
this issue
Nov 21, 2016
…rom d585674. The oauth_dance and print_tokens options specified in jirashell.ini configuration file are now correctly parsed as boolean values and OAuth with pre-authenticated access_token and access_token_secret (skipping oauth_dance) is fixed. OAuth options are now minimally validated for completeness, so #66 is fixed, allowing for basic_auth without causing issue #102 as the merged commit d585674 did previously.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Broken by d585674
The problem is that 'oauth_dance' should be an optional option argument, if it is not set, or if it is set to false, a valid use case still exists where OAuth should be used if the user supplies access_token and access_token_secret through command line or configuration file options. This would be the case if the user had already authenticated externally with OAuth and had valid, authenticated tokens to pass to jirashell.
Commit d585674 doesn't fix the issue anyway, since configuration file options are all read by value, and interpreted as strings, but, presumably, oauth_dance should be a boolean option. The result is that "if oauth['oauth_dance']:" will always be True, if oauth_dance is set to anything (including False) in the configuration file.
The text was updated successfully, but these errors were encountered: