Remove git authentication username/password opton (#10144)

* Remove git authentication username/password opton

* yarn dev

* update snapshot

* Fix tests

* remove GIT_AUTH_TYPE from test

* fixed unused import

* Fix flake

medusa/__main__.py

@@ -459,9 +459,6 @@ def initialize(self, console_logging=True):
             app.ENCRYPTION_SECRET = check_setting_str(app.CFG, 'General', 'encryption_secret', helpers.generate_cookie_secret(), censor_log='low')
 
             # git login info
-            app.GIT_AUTH_TYPE = check_setting_int(app.CFG, 'General', 'git_auth_type', 0)
-            app.GIT_USERNAME = check_setting_str(app.CFG, 'General', 'git_username', '')
-            app.GIT_PASSWORD = check_setting_str(app.CFG, 'General', 'git_password', '', censor_log='low')
             app.GIT_TOKEN = check_setting_str(app.CFG, 'General', 'git_token', '', censor_log='low', encrypted=True)
             app.DEVELOPER = bool(check_setting_int(app.CFG, 'General', 'developer', 0))
             app.PYTHON_VERSION = check_setting_list(app.CFG, 'General', 'python_version', [], transform=int)
@@ -1570,9 +1567,6 @@ def save_config():
         # For passwords you must include the word `password` in the item_name
         # and add `helpers.encrypt(ITEM_NAME, ENCRYPTION_VERSION)` in save_config()
         new_config['General'] = {}
-        new_config['General']['git_auth_type'] = app.GIT_AUTH_TYPE
-        new_config['General']['git_username'] = app.GIT_USERNAME
-        new_config['General']['git_password'] = helpers.encrypt(app.GIT_PASSWORD, app.ENCRYPTION_VERSION)
         new_config['General']['git_token'] = helpers.encrypt(app.GIT_TOKEN, app.ENCRYPTION_VERSION)
         new_config['General']['git_reset'] = int(app.GIT_RESET)
         new_config['General']['git_reset_branches'] = app.GIT_RESET_BRANCHES

medusa/app.py

@@ -139,9 +139,6 @@ def __init__(self):
         self.GIT_REMOTE = ''
         self.GIT_REMOTE_URL = ''
         self.CUR_COMMIT_BRANCH = ''
-        self.GIT_AUTH_TYPE = 0
-        self.GIT_USERNAME = None
-        self.GIT_PASSWORD = None
         self.GIT_TOKEN = None
         self._GIT_PATH = ''
         self.DEVELOPER = False

medusa/issue_submitter.py

@@ -14,7 +14,7 @@
 
 from medusa import app, db
 from medusa.classes import ErrorViewer
-from medusa.github_client import authenticate, get_github_repo, token_authenticate
+from medusa.github_client import get_github_repo, token_authenticate
 from medusa.logger.adapters.style import BraceAdapter
 
 from six import text_type
@@ -41,7 +41,6 @@
 class IssueSubmitter(object):
     """GitHub issue submitter."""
 
-    MISSING_CREDENTIALS = 'Please set your GitHub Username and Password in the config. Unable to submit issue ticket to GitHub.'
     MISSING_CREDENTIALS_TOKEN = 'Please set your GitHub personal access token in the config. Unable to submit issue ticket to GitHub.'
     DEBUG_NOT_ENABLED = 'Please enable Debug mode in the config. Unable to submit issue ticket to GitHub.'
     NO_ISSUES = 'No issue to be submitted to GitHub.'
@@ -168,12 +167,9 @@ def result(message, level=logging.WARNING):
         if not app.DEBUG:
             return result(self.DEBUG_NOT_ENABLED)
 
-        if app.GIT_AUTH_TYPE == 1 and not app.GIT_TOKEN:
+        if not app.GIT_TOKEN:
             return result(self.MISSING_CREDENTIALS_TOKEN)
 
-        if app.GIT_AUTH_TYPE == 0 and not (app.GIT_USERNAME and app.GIT_PASSWORD):
-            return result(self.MISSING_CREDENTIALS)
-
         if not ErrorViewer.errors:
             return result(self.NO_ISSUES, logging.INFO)
 
@@ -185,10 +181,7 @@ def result(message, level=logging.WARNING):
 
         self.running = True
         try:
-            if app.GIT_AUTH_TYPE:
-                github = token_authenticate(app.GIT_TOKEN)
-            else:
-                github = authenticate(app.GIT_USERNAME, app.GIT_PASSWORD)
+            github = token_authenticate(app.GIT_TOKEN)
             if not github:
                 return result(self.BAD_CREDENTIALS)
 

medusa/server/api/v2/config.py

@@ -170,10 +170,7 @@ class ConfigHandler(BaseRequestHandler):
         'developer': BooleanField(app, 'DEVELOPER'),
         'experimental': BooleanField(app, 'EXPERIMENTAL'),
 
-        'git.username': StringField(app, 'GIT_USERNAME'),
-        'git.password': StringField(app, 'GIT_PASSWORD'),
         'git.token': StringField(app, 'GIT_TOKEN'),
-        'git.authType': IntegerField(app, 'GIT_AUTH_TYPE'),
         'git.remote': StringField(app, 'GIT_REMOTE'),
         'git.path': StringField(app, 'GIT_PATH'),
         'git.org': StringField(app, 'GIT_ORG'),
@@ -757,10 +754,7 @@ def data_main():
         section_data['experimental'] = bool(app.EXPERIMENTAL)
 
         section_data['git'] = {}
-        section_data['git']['username'] = app.GIT_USERNAME
-        section_data['git']['password'] = app.GIT_PASSWORD
         section_data['git']['token'] = app.GIT_TOKEN
-        section_data['git']['authType'] = int(app.GIT_AUTH_TYPE)
         section_data['git']['remote'] = app.GIT_REMOTE
         section_data['git']['path'] = app.GIT_PATH
         section_data['git']['org'] = app.GIT_ORG

medusa/server/web/config/general.py

@@ -2,23 +2,15 @@
 
 from __future__ import unicode_literals
 
-import os
-
-from github import GithubException
-
 from medusa import (
     app,
     config,
-    github_client,
     helpers,
-    logger,
-    ui,
 )
 from medusa.common import (
     Quality,
     WANTED,
 )
-from medusa.helper.common import try_int
 from medusa.server.web.config.handler import Config
 from medusa.server.web.core import PageTemplate
 
@@ -64,149 +56,3 @@ def saveAddShowDefaults(default_status, allowed_qualities, preferred_qualities,
 
         app.SCENE_DEFAULT = config.checkbox_to_value(scene)
         app.instance.save_config()
-
-    def saveGeneral(self, log_dir=None, log_nr=5, log_size=1, web_port=None, notify_on_login=None, web_log=None, encryption_version=None, web_ipv6=None,
-                    trash_remove_show=None, trash_rotate_logs=None, update_frequency=None, skip_removed_files=None,
-                    indexerDefaultLang='en', ep_default_deleted_status=None, launch_browser=None, showupdate_hour=3, web_username=None,
-                    api_key=None, indexer_default=None, timezone_display=None, cpu_preset='NORMAL', layout_wide=None,
-                    web_password=None, version_notify=None, enable_https=None, https_cert=None, https_key=None,
-                    handle_reverse_proxy=None, sort_article=None, auto_update=None, notify_on_update=None,
-                    proxy_setting=None, proxy_indexers=None, anon_redirect=None, git_path=None, git_remote=None,
-                    calendar_unprotected=None, calendar_icons=None, debug=None, ssl_verify=None, no_restart=None, coming_eps_missed_range=None,
-                    fuzzy_dating=None, trim_zero=None, date_preset=None, date_preset_na=None, time_preset=None,
-                    indexer_timeout=None, download_url=None, rootDir=None, theme_name=None, default_page=None,
-                    git_reset=None, git_reset_branches=None, git_auth_type=0, git_username=None, git_password=None, git_token=None,
-                    subliminal_log=None, privacy_level='normal', fanart_background=None, fanart_background_opacity=None,
-                    dbdebug=None, fallback_plex_enable=1, fallback_plex_notifications=1, fallback_plex_timeout=3, web_root=None, ssl_ca_bundle=None):
-
-        results = []
-
-        # Misc
-        app.INDEXER_DEFAULT_LANGUAGE = indexerDefaultLang
-        app.EP_DEFAULT_DELETED_STATUS = int(ep_default_deleted_status)
-        app.SKIP_REMOVED_FILES = config.checkbox_to_value(skip_removed_files)
-        app.LAUNCH_BROWSER = config.checkbox_to_value(launch_browser)
-        config.change_SHOWUPDATE_HOUR(showupdate_hour)
-        config.change_VERSION_NOTIFY(config.checkbox_to_value(version_notify))
-        app.AUTO_UPDATE = config.checkbox_to_value(auto_update)
-        app.NOTIFY_ON_UPDATE = config.checkbox_to_value(notify_on_update)
-        # app.LOG_DIR is set in config.change_LOG_DIR()
-        app.LOG_NR = log_nr
-        app.LOG_SIZE = float(log_size)
-
-        app.TRASH_REMOVE_SHOW = config.checkbox_to_value(trash_remove_show)
-        app.TRASH_ROTATE_LOGS = config.checkbox_to_value(trash_rotate_logs)
-        config.change_UPDATE_FREQUENCY(update_frequency)
-        app.LAUNCH_BROWSER = config.checkbox_to_value(launch_browser)
-        app.SORT_ARTICLE = config.checkbox_to_value(sort_article)
-        app.CPU_PRESET = cpu_preset
-        app.ANON_REDIRECT = anon_redirect
-        app.PROXY_SETTING = proxy_setting
-        app.PROXY_INDEXERS = config.checkbox_to_value(proxy_indexers)
-        app.GIT_AUTH_TYPE = int(git_auth_type)
-        app.GIT_USERNAME = git_username
-        app.GIT_PASSWORD = git_password
-        app.GIT_TOKEN = git_token
-        app.GIT_RESET = config.checkbox_to_value(git_reset)
-        app.GIT_RESET_BRANCHES = [helpers.to_text(branch) for branch in
-                                  helpers.ensure_list(git_reset_branches)]
-        if git_path is not None and app.GIT_PATH != git_path:
-            app.GIT_PATH = git_path
-        app.GIT_REMOTE = git_remote
-        app.CALENDAR_UNPROTECTED = config.checkbox_to_value(calendar_unprotected)
-        app.CALENDAR_ICONS = config.checkbox_to_value(calendar_icons)
-        app.NO_RESTART = config.checkbox_to_value(no_restart)
-
-        app.SSL_VERIFY = config.checkbox_to_value(ssl_verify)
-        app.SSL_CA_BUNDLE = ssl_ca_bundle
-        # app.LOG_DIR is set in config.change_LOG_DIR()
-        app.COMING_EPS_MISSED_RANGE = int(coming_eps_missed_range)
-        app.NOTIFY_ON_LOGIN = config.checkbox_to_value(notify_on_login)
-        app.WEB_PORT = int(web_port)
-        app.WEB_IPV6 = config.checkbox_to_value(web_ipv6)
-        app.ENCRYPTION_VERSION = config.checkbox_to_value(encryption_version)
-        app.WEB_USERNAME = web_username
-        app.WEB_PASSWORD = web_password
-        app.WEB_ROOT = web_root
-
-        app.DEBUG = config.checkbox_to_value(debug)
-        app.DBDEBUG = config.checkbox_to_value(dbdebug)
-        app.WEB_LOG = config.checkbox_to_value(web_log)
-        app.SUBLIMINAL_LOG = config.checkbox_to_value(subliminal_log)
-
-        # Added for tvdb / plex fallback
-        app.FALLBACK_PLEX_ENABLE = config.checkbox_to_value(fallback_plex_enable)
-        app.FALLBACK_PLEX_NOTIFICATIONS = config.checkbox_to_value(fallback_plex_notifications)
-        app.FALLBACK_PLEX_TIMEOUT = try_int(fallback_plex_timeout)
-
-        if not config.change_LOG_DIR(log_dir):
-            results += ['Unable to create directory {dir}, '
-                        'log directory not changed.'.format(dir=os.path.normpath(log_dir))]
-
-        # Reconfigure the logger
-        logger.reconfigure()
-
-        # Validate github credentials
-        try:
-            if app.GIT_AUTH_TYPE == 0:
-                github_client.authenticate(app.GIT_USERNAME, app.GIT_PASSWORD)
-            else:
-                github = github_client.token_authenticate(app.GIT_TOKEN)
-                if app.GIT_USERNAME and app.GIT_USERNAME != github_client.get_user(gh=github):
-                    app.GIT_USERNAME = github_client.get_user(gh=github)
-        except (GithubException, IOError):
-            logger.log('Error while validating your Github credentials.', logger.WARNING)
-
-        app.PRIVACY_LEVEL = privacy_level.lower()
-
-        app.FUZZY_DATING = config.checkbox_to_value(fuzzy_dating)
-        app.TRIM_ZERO = config.checkbox_to_value(trim_zero)
-
-        if date_preset:
-            app.DATE_PRESET = date_preset
-
-        if indexer_default:
-            app.INDEXER_DEFAULT = try_int(indexer_default)
-
-        if indexer_timeout:
-            app.INDEXER_TIMEOUT = try_int(indexer_timeout)
-
-        if time_preset:
-            app.TIME_PRESET_W_SECONDS = time_preset
-            app.TIME_PRESET = app.TIME_PRESET_W_SECONDS.replace(u':%S', u'')
-
-        app.TIMEZONE_DISPLAY = timezone_display
-
-        app.API_KEY = api_key
-
-        app.ENABLE_HTTPS = config.checkbox_to_value(enable_https)
-
-        if not config.change_HTTPS_CERT(https_cert):
-            results += ['Unable to create directory {dir}, '
-                        'https cert directory not changed.'.format(dir=os.path.normpath(https_cert))]
-
-        if not config.change_HTTPS_KEY(https_key):
-            results += ['Unable to create directory {dir}, '
-                        'https key directory not changed.'.format(dir=os.path.normpath(https_key))]
-
-        app.HANDLE_REVERSE_PROXY = config.checkbox_to_value(handle_reverse_proxy)
-
-        config.change_theme(theme_name)
-
-        app.LAYOUT_WIDE = config.checkbox_to_value(layout_wide)
-        app.FANART_BACKGROUND = config.checkbox_to_value(fanart_background)
-        app.FANART_BACKGROUND_OPACITY = fanart_background_opacity
-
-        app.DEFAULT_PAGE = default_page
-
-        app.instance.save_config()
-
-        if results:
-            for x in results:
-                logger.log(x, logger.ERROR)
-            ui.notifications.error('Error(s) Saving Configuration',
-                                   '<br>\n'.join(results))
-        else:
-            ui.notifications.message('Configuration Saved', os.path.join(app.CONFIG_FILE))
-
-        return self.redirect('/config/general/')

tests/apiv2/test_config.py

@@ -156,10 +156,7 @@ def config_main(monkeypatch, app_config):
     section_data['experimental'] = bool(app.EXPERIMENTAL)
 
     section_data['git'] = {}
-    section_data['git']['username'] = app.GIT_USERNAME
-    section_data['git']['password'] = app.GIT_PASSWORD
     section_data['git']['token'] = app.GIT_TOKEN
-    section_data['git']['authType'] = int(app.GIT_AUTH_TYPE)
     section_data['git']['remote'] = app.GIT_REMOTE
     section_data['git']['path'] = app.GIT_PATH
     section_data['git']['org'] = app.GIT_ORG

tests/legacy/test_lib.py

@@ -98,8 +98,6 @@ def create_test_cache_folder():
 
 app.BRANCH = config.check_setting_str(app.CFG, 'General', 'branch', '')
 app.CUR_COMMIT_HASH = config.check_setting_str(app.CFG, 'General', 'cur_commit_hash', '')
-app.GIT_USERNAME = config.check_setting_str(app.CFG, 'General', 'git_username', '')
-app.GIT_PASSWORD = config.check_setting_str(app.CFG, 'General', 'git_password', '', censor_log='low')
 
 app.LOG_DIR = os.path.join(TEST_DIR, 'Logs')
 logger.log_file = os.path.join(app.LOG_DIR, 'test_application.log')

tests/test_issue_submitter.py

@@ -25,58 +25,42 @@
     {  # p1: debug not set
         'expected': [(IssueSubmitter.DEBUG_NOT_ENABLED, None)]
     },
-    {  # p2: username and password set, but debug not enabled
+    {  # p2: token set, but debug not enabled
         'debug': False,
-        'username': 'user',
-        'password': 'pass',
+        'token': '!@#$%',
         'expected': [(IssueSubmitter.DEBUG_NOT_ENABLED, None)]
     },
-    {  # p3: debug enabled, but no username
+    {  # p3: debug enabled, username and password set, but no errors to report
         'debug': True,
-        'password': 'pass',
-        'expected': [(IssueSubmitter.MISSING_CREDENTIALS, None)]
-    },
-    {  # p4: debug enabled, but no password
-        'debug': True,
-        'username': 'user',
-        'expected': [(IssueSubmitter.MISSING_CREDENTIALS, None)]
-    },
-    {  # p5: debug enabled, username and password set, but no errors to report
-        'debug': True,
-        'username': 'user',
-        'password': 'pass',
+        'token': '!@#$%',
         'expected': [(IssueSubmitter.NO_ISSUES, None)]
     },
-    {  # p6: debug enabled, username and password set, errors to report but update is needed
+    {  # p4: debug enabled, token set, errors to report but update is needed
         'debug': True,
-        'username': 'user',
-        'password': 'pass',
+        'token': '!@#$%',
         'errors': ['Some Error'],
         'need_update': True,
         'expected': [(IssueSubmitter.UNSUPPORTED_VERSION, None)]
     },
-    {  # p7: debug enabled, username and password set, errors to report, no update is needed, but it's already running
+    {  # p5: debug enabled, token set, errors to report, no update is needed, but it's already running
         'debug': True,
-        'username': 'user',
-        'password': 'pass',
+        'token': '!@#$%',
         'errors': ['Some Error'],
         'running': True,
         'expected': [(IssueSubmitter.ALREADY_RUNNING, None)]
     },
-    {  # p8: debug enabled, username and password set, errors to report, update is needed but I'M A DEVELOPER :-)
+    {  # p6: debug enabled, token set, errors to report, update is needed but I'M A DEVELOPER :-)
         'debug': True,
-        'username': 'user',
-        'password': 'pass',
+        'token': '!@#$%',
         'errors': ['Some Error'],
         'need_update': True,
         'developer': True,
         'exception': [BadCredentialsException, 401],
         'expected': [(IssueSubmitter.BAD_CREDENTIALS, None)]
     },
-    {  # p9: debug enabled, username and password set, errors to report, update is not needed but rate limit exception happened
+    {  # p7: debug enabled, token set, errors to report, update is not needed but rate limit exception happened
         'debug': True,
-        'username': 'user',
-        'password': 'pass',
+        'token': '!@#$%',
         'errors': ['Some Error'],
         'exception': [RateLimitExceededException, 429],
         'expected': [(IssueSubmitter.RATE_LIMIT, None)]
@@ -88,8 +72,8 @@ def test_submit_github_issue__basic_validations(monkeypatch, logger, version_che
     for error in p.get('errors', []):
         logger.error(error)
     monkeypatch.setattr(app, 'DEBUG', p.get('debug'))
-    monkeypatch.setattr(app, 'GIT_USERNAME', p.get('username'))
-    monkeypatch.setattr(app, 'GIT_PASSWORD', p.get('password'))
+    monkeypatch.setattr(app, 'GIT_TOKEN', p.get('token'))
+
     monkeypatch.setattr(app, 'DEVELOPER', p.get('developer', False))
     monkeypatch.setattr(version_checker, 'need_update', lambda: p.get('need_update', False))
     monkeypatch.setattr(sut, 'running', p.get('running', False))