Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

9117: Prevent api_key sharing #9130

Merged
merged 6 commits into from
Feb 10, 2019
Merged

9117: Prevent api_key sharing #9130

merged 6 commits into from
Feb 10, 2019

Conversation

ruslanlazin
Copy link
Contributor

@ruslanlazin ruslanlazin commented Jan 28, 2019
edited
Loading

PR checklist

  • Read the contribution guidelines.
  • Ran the shell script under ./bin/ to update Petstore sample so that CIs can verify the change. (For instance, only need to run ./bin/{LANG}-petstore.sh and ./bin/security/{LANG}-petstore.sh if updating the {LANG} (e.g. php, ruby, python, etc) code generator or {LANG} client's mustache templates). Windows batch files can be found in .\bin\windows\.
  • Filed the PR against the correct branch: 3.0.0 branch for changes related to OpenAPI spec 3.0. Default: master.
  • Copied the technical committee to review the pull request if your PR is targeting a particular programming language.

Description of the PR

These changes prevent sharing api_key, api_key_prefix, logger between configuration instances.
Error was caused by using shallow copy in #6554

Test cases added.

fix #9117

@ruslanlazin
Copy link
Contributor Author

@kenjones-cisco
review please

kenjones-cisco
kenjones-cisco reviewed Jan 28, 2019
View reviewed changes
modules/swagger-codegen/src/main/resources/python/configuration.mustache Outdated
@@ -22,10 +22,16 @@ class TypeWithDefault(type):
def __call__(cls):
if cls._default is None:
cls._default = type.__call__(cls)
return copy.copy(cls._default)
return cls._two_level_copy(cls._default)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

did you try to use copy.deepcopy(cls._default) to see if that would provide the expected behavior?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, sure. Deepcopy fails with TypeError: can't pickle thread.lock objects cause we have reach attributes such as logger file/handler.

@ruslanlazin
Copy link
Contributor Author

@kenjones-cisco
I've refactored it to make more readable and avoid coping when default configuration is not used.
Tests added.
Please review

@kenjones-cisco
Copy link
Contributor

This would definitely be much easier to read and maintain.
LGTM!

@ruslanlazin ruslanlazin mentioned this pull request Feb 8, 2019
Merged
@ruslanlazin
Copy link
Contributor Author

@wing328 Seems to be ready fo merge.

@HugoMario
Copy link
Contributor

thanks @ruslanlazin @kenjones-cisco , i'll take a time to port these changes to 3.0.0 version.

@HugoMario HugoMario merged commit eb7a60a into swagger-api:master Feb 10, 2019
This was referenced Nov 17, 2020
Closed
Open
@paddycarey paddycarey mentioned this pull request Mar 3, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kenjones-cisco kenjones-cisco kenjones-cisco left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[PYTHON] Apikey mess between Configuration() instances in Python client.
3 participants
@ruslanlazin @kenjones-cisco @HugoMario