Revert "Fix github app authentication to work with checks API endpoints"
This breaks the anonymous fallback in GitHub when app authentication
is used on repos not having installed the zuul app.
This reverts commit 037f2ce537
.
Change-Id: Ie601f8412fd5a646284364d0d0ea08ba32e02c26
This commit is contained in:
parent
1f09f22c15
commit
d36ace088e
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
When using GitHub app authentication the fallback to anonymous access
|
||||||
|
was broken for repositories not having installed the zuul app.
|
|
@ -34,7 +34,6 @@ import jwt
|
||||||
import requests
|
import requests
|
||||||
import github3
|
import github3
|
||||||
import github3.exceptions
|
import github3.exceptions
|
||||||
from github3.session import AppInstallationTokenAuth
|
|
||||||
|
|
||||||
from zuul.connection import BaseConnection
|
from zuul.connection import BaseConnection
|
||||||
from zuul.lib.gearworker import ZuulGearWorker
|
from zuul.lib.gearworker import ZuulGearWorker
|
||||||
|
@ -1017,29 +1016,7 @@ class GithubConnection(BaseConnection):
|
||||||
# if you're authenticating for a project and you're an integration then
|
# if you're authenticating for a project and you're an integration then
|
||||||
# you need to use the installation specific token.
|
# you need to use the installation specific token.
|
||||||
if project and self.app_id:
|
if project and self.app_id:
|
||||||
# Call get_installation_key to ensure the token gets refresehd in
|
github.login(token=self._get_installation_key(project))
|
||||||
# case it's expired.
|
|
||||||
token = self._get_installation_key(project)
|
|
||||||
|
|
||||||
# To set the AppInstallationAuthToken on the github session, we
|
|
||||||
# also need the expiry date, but in the correct ISO format.
|
|
||||||
installation_id = self.installation_map.get(project)
|
|
||||||
_, expiry = self.installation_token_cache.get(installation_id)
|
|
||||||
format_expiry = datetime.datetime.strftime(
|
|
||||||
expiry, "%Y-%m-%dT%H:%M:%SZ"
|
|
||||||
)
|
|
||||||
|
|
||||||
# Usually one should use github.login_as_app_installation() to
|
|
||||||
# authenticate as github app. This method will then request the
|
|
||||||
# access token for the installation or refresh it if necessary and
|
|
||||||
# set the correct class on the github.session.auth attribute to be
|
|
||||||
# identified as github app. As we are alreaedy managing the
|
|
||||||
# installation tokens by ourselves, we just have to set the correct
|
|
||||||
# TokenAuth class on the github.session.auth attribute.
|
|
||||||
github.session.auth = AppInstallationTokenAuth(
|
|
||||||
token, format_expiry
|
|
||||||
)
|
|
||||||
|
|
||||||
github._zuul_project = project
|
github._zuul_project = project
|
||||||
github._zuul_user_id = self.installation_map.get(project)
|
github._zuul_user_id = self.installation_map.get(project)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue