[Python-modules-commits] [python-social-auth] 17/32: Backward compatibility option. Refs #652
Wolfgang Borgert
debacle at moszumanska.debian.org
Sat Dec 24 15:13:47 UTC 2016
This is an automated email from the git hooks/post-receive script.
debacle pushed a commit to tag v0.2.12
in repository python-social-auth.
commit 8dae021252e8f9005ff407190f2f6e0c4580a7d9
Author: Matías Aguirre <matiasaguirre at gmail.com>
Date: Thu Jul 9 15:20:18 2015 -0300
Backward compatibility option. Refs #652
---
docs/backends/bitbucket.rst | 10 ++++++++++
social/backends/bitbucket.py | 13 +++++++++----
2 files changed, 19 insertions(+), 4 deletions(-)
diff --git a/docs/backends/bitbucket.rst b/docs/backends/bitbucket.rst
index a66478b..6572d7a 100644
--- a/docs/backends/bitbucket.rst
+++ b/docs/backends/bitbucket.rst
@@ -24,3 +24,13 @@ It's possible to avoid these users with this setting::
By default the setting is set to ``False`` since it's possible for a project to
gather this information by other methods.
+
+Bitbucket recommends the use of UUID_ as the user identifier instead
+of ``username`` since they can change and impose a security risk. For
+that reason ``UUID`` is used by default, but for backward
+compatibility reasons, it's possible to get the old behavior again by
+defining this setting::
+
+ SOCIAL_AUTH_BITBUCKET_USERNAME_AS_ID = True
+
+.. _UUID: https://confluence.atlassian.com/display/BITBUCKET/Use+the+Bitbucket+REST+APIs
diff --git a/social/backends/bitbucket.py b/social/backends/bitbucket.py
index c057465..2d78501 100644
--- a/social/backends/bitbucket.py
+++ b/social/backends/bitbucket.py
@@ -9,17 +9,22 @@ from social.backends.oauth import BaseOAuth1
class BitbucketOAuth(BaseOAuth1):
"""Bitbucket OAuth authentication backend"""
name = 'bitbucket'
+ ID_KEY = 'uuid'
AUTHORIZATION_URL = 'https://bitbucket.org/api/1.0/oauth/authenticate'
REQUEST_TOKEN_URL = 'https://bitbucket.org/api/1.0/oauth/request_token'
ACCESS_TOKEN_URL = 'https://bitbucket.org/api/1.0/oauth/access_token'
- # Bitbucket usernames can change. The account ID should always be the UUID
- # See: https://confluence.atlassian.com/display/BITBUCKET/Use+the+Bitbucket+REST+APIs
- ID_KEY = 'uuid'
+ def get_user_id(self, details, response):
+ id_key = self.ID_KEY
+ if self.setting('USERNAME_AS_ID', False):
+ id_key = 'username'
+ return response.get(id_key)
def get_user_details(self, response):
"""Return user details from Bitbucket account"""
- fullname, first_name, last_name = self.get_user_names(response['display_name'])
+ fullname, first_name, last_name = self.get_user_names(
+ response['display_name']
+ )
return {'username': response.get('username', ''),
'email': response.get('email', ''),
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-social-auth.git
More information about the Python-modules-commits
mailing list