session: Rework how auth params are passed to backends

REST backend relies on session to set the params, but XMLRPC does it in the backend. Switch it so session hands a param dictionary off to the backend. This will help with upcoming changes that make param values more conditional, and a possible future where bugzilla doesn't accept auth via URL params Signed-off-by: Cole Robinson <crobinso@redhat.com>
testing-farm · Oct 5, 2021 · 6573d90 · 6573d90
1 parent 380fc34
commit 6573d90
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 31 deletions.
diff --git a/bugzilla/_backendrest.py b/bugzilla/_backendrest.py
@@ -49,14 +49,14 @@ def _op(self, method, apiurl, paramdict=None):
         log.debug("Bugzilla REST %s %s params=%s", method, fullurl, paramdict)
 
         data = None
-        params = None
+        authparams = self._bugzillasession.get_auth_params()
         if method == "GET":
-            params = paramdict
+            authparams.update(paramdict or {})
         else:
             data = json.dumps(paramdict or {})
 
         response = self._bugzillasession.request(method, fullurl, data=data,
-                params=params)
+                params=authparams)
         return self._handle_response(response.text)
 
     def _get(self, *args, **kwargs):

diff --git a/bugzilla/_backendxmlrpc.py b/bugzilla/_backendxmlrpc.py
@@ -118,18 +118,12 @@ def _ServerProxy__request(self, methodname, params):
         newparams = params and params[0].copy() or {}
 
         log.debug("XMLRPC call: %s(%s)", methodname, newparams)
-        api_key = self.__bugzillasession.get_api_key()
-        token_value = self.__bugzillasession.get_token_value()
-
-        if api_key is not None:
-            if 'Bugzilla_api_key' not in newparams:
-                newparams['Bugzilla_api_key'] = api_key
-        elif token_value is not None:
-            if 'Bugzilla_token' not in newparams:
-                newparams['Bugzilla_token'] = token_value
+        authparams = self.__bugzillasession.get_auth_params()
+        authparams.update(newparams)
 
         # pylint: disable=no-member
-        ret = ServerProxy._ServerProxy__request(self, methodname, (newparams,))
+        ret = ServerProxy._ServerProxy__request(
+            self, methodname, (authparams,))
         # pylint: enable=no-member
 
         if isinstance(ret, dict) and 'token' in ret.keys():

diff --git a/bugzilla/_session.py b/bugzilla/_session.py
@@ -40,7 +40,6 @@ def __init__(self, url, user_agent,
         if sslverify is False:
             self._session.verify = False
         self._session.headers["User-Agent"] = self._user_agent
-        self._set_tokencache_param()
 
     def _get_timeout(self):
         # Default to 5 minutes. This is longer than bugzilla.redhat.com's
@@ -52,10 +51,6 @@ def _get_timeout(self):
 
     def set_rest_defaults(self):
         self._session.headers["Content-Type"] = "application/json"
-        # Bugzilla 5.0 only supports api_key as a query parameter.
-        # Bugzilla 5.1+ takes it as a X-BUGZILLA-API-KEY header as well,
-        # with query param taking preference.
-        self._session.params["Bugzilla_api_key"] = self._api_key
     def set_xmlrpc_defaults(self):
         self._is_xmlrpc = True
         self._session.headers["Content-Type"] = "text/xml"
@@ -64,23 +59,25 @@ def get_user_agent(self):
         return self._user_agent
     def get_scheme(self):
         return self._scheme
-    def get_api_key(self):
-        return self._api_key
-    def get_token_value(self):
-        return self._tokencache.get_value(self._url)
     def set_token_value(self, value):
         self._tokencache.set_value(self._url, value)
-        self._set_tokencache_param()
 
-    def _set_tokencache_param(self):
+    def get_auth_params(self):
+        # Don't add a token to the params list if an API key is set.
+        # Keeping API key solo means bugzilla will definitely fail
+        # if the key expires. Passing in a token could hide that
+        # fact, which could make it confusing to pinpoint the issue.
         if self._api_key:
-            # Don't add a token to the params list if an API key is set.
-            # Keeping API key solo means bugzilla will definitely fail
-            # if the key expires. Passing in a token could hide that
-            # fact, which could make it confusing to pinpoint the issue.
-            return
-        token = self.get_token_value()
-        self._session.params["Bugzilla_token"] = token
+            # Bugzilla 5.0 only supports api_key as a query parameter.
+            # Bugzilla 5.1+ takes it as a X-BUGZILLA-API-KEY header as well,
+            # with query param taking preference.
+            return {"Bugzilla_api_key": self._api_key}
+
+        token = self._tokencache.get_value(self._url)
+        if token:
+            return {"Bugzilla_token": token}
+
+        return {}
 
     def get_requests_session(self):
         return self._session