Merge pull request #4540 from bruntib/access_tokens

Personal access token

Author: dkrupp

docs/web/authentication.md

@@ -636,14 +636,24 @@ Personal tokens can be written instead of the user's password in the
 usage: CodeChecker cmd token new [-h] [--description DESCRIPTION]
                                  [--url SERVER_URL]
                                  [--verbose {info,debug,debug_analyzer}]
+                                 NAME
 
 Creating a new personal access token.
 
-optional arguments:
+positional arguments:
+  NAME                  A unique name that identifies the access token.
+
+options:
   -h, --help            show this help message and exit
   --description DESCRIPTION
                         A custom textual description to be shown alongside the
                         token.
+
+common arguments:
+  --url SERVER_URL      The URL of the server to access, in the format of
+                        '[http[s]://]host:port'. (default: localhost:8001)
+  --verbose {info,debug_analyzer,debug}
+                        Set verbosity level.
 ```
 </details>
 
@@ -656,13 +666,22 @@ optional arguments:
 ```
 usage: CodeChecker cmd token list [-h] [--url SERVER_URL]
                                   [-o {plaintext,html,rows,table,csv,json}]
-                                  [-e EXPORT_DIR] [-c]
                                   [--verbose {info,debug,debug_analyzer}]
 
 List the available personal access tokens.
 
-optional arguments:
+options:
   -h, --help            show this help message and exit
+  -o {plaintext,rows,table,csv,json}, --output {plaintext,rows,table,csv,json}
+                        The output format(s) to use in showing the data. Mind
+                        that some output formats are (like 'json') more verbose
+                        than others (like 'plaintext'). (default: plaintext)
+
+common arguments:
+  --url SERVER_URL      The URL of the server to access, in the format of
+                        '[http[s]://]host:port'. (default: localhost:8001)
+  --verbose {info,debug_analyzer,debug}
+                        Set verbosity level.
 ```
 </details>
 
@@ -675,11 +694,20 @@ optional arguments:
 ```
 usage: CodeChecker cmd token del [-h] [--url SERVER_URL]
                                  [--verbose {info,debug,debug_analyzer}]
-                                 TOKEN
+                                 NAME
 
 Removes the specified access token.
 
 positional arguments:
-  TOKEN                 Personal access token which will be deleted.
+  NAME                  Name of the personal access token that will be deleted.
+
+options:
+  -h, --help            show this help message and exit
+
+common arguments:
+  --url SERVER_URL      The URL of the server to access, in the format of
+                        '[http[s]://]host:port'. (default: localhost:8001)
+  --verbose {info,debug_analyzer,debug}
+                        Set verbosity level.
 ```
 </details>

web/api/authentication.thrift

@@ -33,6 +33,15 @@ struct SessionTokenData {
 }
 typedef list<SessionTokenData> SessionTokenDataList
 
+struct PersonalAccessToken {
+  1: string token,
+  2: string name,
+  3: string description,
+  4: string lastAccess,
+  5: string expiration,
+}
+typedef list<PersonalAccessToken> PersonalAccessTokenList
+
 struct Permissions {
   1: map<string, list<string>> user,
   2: map<string, list<string>> group,
@@ -154,4 +163,14 @@ service codeCheckerAuthentication {
   bool removeToken(1: string token)
                    throws (1: codechecker_api_shared.RequestFailed requestError)
 
+  PersonalAccessTokenList getPersonalAccessTokens()
+    throws (1: codechecker_api_shared.RequestFailed requestError)
+
+  PersonalAccessToken newPersonalAccessToken(
+    1: string name,
+    2: optional string description)
+    throws (1: codechecker_api_shared.RequestFailed requestError)
+
+  bool removePersonalAccessToken(1: string name)
+    throws (1: codechecker_api_shared.RequestFailed requestError)
 }

web/api/js/codechecker-api-node/dist/codechecker-api-6.62.0.tgz

@@ -1,6 +1,6 @@
 {
   "name": "codechecker-api",
-  "version": "6.62.0",
+  "version": "6.63.0",
   "description": "Generated node.js compatible API stubs for CodeChecker server.",
   "main": "lib",
   "homepage": "https://github.com/Ericsson/codechecker",

web/api/js/codechecker-api-node/dist/codechecker-api-6.63.0.tgz

@@ -8,7 +8,7 @@
 with open('README.md', encoding='utf-8', errors="ignore") as f:
     long_description = f.read()
 
-api_version = '6.62.0'
+api_version = '6.63.0'
 
 setup(
     name='codechecker_api',

web/api/js/codechecker-api-node/package.json

@@ -8,7 +8,7 @@
 with open('README.md', encoding='utf-8', errors="ignore") as f:
     long_description = f.read()
 
-api_version = '6.62.0'
+api_version = '6.63.0'
 
 setup(
     name='codechecker_api_shared',

web/api/py/codechecker_api/dist/codechecker_api.tar.gz

@@ -1233,6 +1233,11 @@ def __register_token(parser):
     """
 
     def __register_new(parser):
+        parser.add_argument("name",
+                            type=str,
+                            metavar='NAME',
+                            help="A unique name that identifies the access "
+                                 "token.")
         parser.add_argument("--description",
                             type=str,
                             metavar='DESCRIPTION',
@@ -1245,12 +1250,12 @@ def __register_del(parser):
         """
         Add argparse subcommand parser for the "del token" action.
         """
-        parser.add_argument("token",
+        parser.add_argument("name",
                             type=str,
-                            metavar='TOKEN',
+                            metavar='NAME',
                             default=argparse.SUPPRESS,
-                            help="Personal access token which will be "
-                                 "deleted.")
+                            help="Name of the personal access token that will "
+                                 "be deleted.")
 
     subcommands = parser.add_subparsers(title='available actions')
 

web/api/py/codechecker_api/setup.py

@@ -77,16 +77,17 @@ def login_user(protocol, host, port, username, login=False):
     If login is False the user will be logged out.
     """
     session = UserCredentials()
-    auth_client = ThriftAuthHelper(protocol, host, port,
-                                   '/v' + CLIENT_API + '/Authentication')
 
     if not login:
+        auth_client = init_auth_client(protocol, host, port)
         logout_done = auth_client.destroySession()
         if logout_done:
             session.save_token(host, port, None, True)
             LOG.info("Successfully logged out.")
         return
 
+    auth_client = setup_auth_client(protocol, host, port)
+
     try:
         handshake = auth_client.getAuthParameters()
 

web/api/py/codechecker_api_shared/dist/codechecker_api_shared.tar.gz

@@ -95,3 +95,15 @@ def removeToken(self, token):
     @thrift_client_call
     def getTokens(self):
         pass
+
+    @thrift_client_call
+    def newPersonalAccessToken(self, name, description):
+        pass
+
+    @thrift_client_call
+    def removePersonalAccessToken(self, name):
+        pass
+
+    @thrift_client_call
+    def getPersonalAccessTokens(self):
+        pass

web/api/py/codechecker_api_shared/setup.py

@@ -38,10 +38,11 @@ def handle_add_token(args):
     client = init_auth_client(protocol, host, port)
 
     description = args.description if 'description' in args else None
-    session = client.newToken(description)
+    personal_access_token = \
+        client.newPersonalAccessToken(args.name, description)
 
     print("The following access token has been generated for your account: " +
-          session.token)
+          personal_access_token.token)
 
 
 def handle_list_tokens(args):
@@ -58,15 +59,15 @@ def handle_list_tokens(args):
 
     protocol, host, port = split_server_url(args.server_url)
     client = init_auth_client(protocol, host, port)
-    tokens = client.getTokens()
+    tokens = client.getPersonalAccessTokens()
 
     if args.output_format == 'json':
         print(CmdLineOutputEncoder().encode(tokens))
     else:  # plaintext, csv
-        header = ['Token', 'Description', 'Last access']
+        header = ['Name', 'Description', 'Last access']
         rows = []
         for res in tokens:
-            rows.append((res.token,
+            rows.append((res.name,
                          res.description if res.description else '',
                          res.lastAccess))
 
@@ -82,14 +83,14 @@ def handle_del_token(args):
     protocol, host, port = split_server_url(args.server_url)
     client = init_auth_client(protocol, host, port)
 
-    token = args.token
+    name = args.name
     try:
-        success = client.removeToken(token)
+        success = client.removePersonalAccessToken(name)
 
         if success:
-            print("'" + token + "' has been successfully removed.")
+            print(f"'{name}' has been successfully removed.")
         else:
-            print("Error: '" + token + "' can not be removed.")
+            print(f"Error: '{name}' can not be removed.")
     except Exception as ex:
         LOG.error("Failed to remove the token!")
         LOG.error(ex)

web/client/codechecker_client/cli/cmd.py

@@ -20,7 +20,7 @@
 # The newest supported minor version (value) for each supported major version
 # (key) in this particular build.
 SUPPORTED_VERSIONS = {
-    6: 62
+    6: 63
 }
 
 # Used by the client to automatically identify the latest major and minor