[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Rtliber-help] User credentials
From: |
jdcampo |
Subject: |
[Rtliber-help] User credentials |
Date: |
Sat, 30 Jul 2016 13:36:23 -0300 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.0.94 (gnu/linux) |
Dear Yoni,
I've recently started using rt-liberation, and it's great.
However, I was a bit confused about how it handles user credentials. The
only way I see to set the password is to store it in the
rt-liber-rest-password variable.
Since I didn't want to put my plaintext password in my .emacs, I added
some code to rt-liberation-rest to use auth-source to handle user
credentials (the code is a modified version of nnimap-credentials).
While I was at it, I also moved the credentials to the data part of the
http request, instead of sending them in the query string. I think
it's a bit safer this way.
I'm attaching the patch with these changes, in case you're interested.
Regards,
Juan
diff --git a/rt-liberation-rest.el b/rt-liberation-rest.el
index b46867c..fd0b860 100644
--- a/rt-liberation-rest.el
+++ b/rt-liberation-rest.el
@@ -31,6 +31,7 @@
(require 'url)
(require 'url-util)
+(require 'auth-source)
(defvar rt-liber-rest-debug-buffer-name "*rt-liber-rest debug log*"
@@ -65,73 +66,73 @@
(goto-char (point-max))
(insert str))))
-(defun rt-liber-rest-search-string (scheme url username password query)
+(defun rt-liber-rest-search-string (scheme url query)
"Return the search query string."
- (let ((user (url-encode-url username))
- (pass (url-encode-url password)))
- (concat scheme
- "://"
- url
- "/REST/1.0/search/ticket" "?"
- "user=" user "&"
- "pass=" pass "&"
- "query=" (url-encode-url query) "&"
- "format=i" "&"
- "orderby=+Created")))
-
-(defun rt-liber-rest-show-string (scheme url ticket-id-list username password
query)
+ (concat scheme
+ "://"
+ url
+ "/REST/1.0/search/ticket" "?"
+ "query=" (url-encode-url query) "&"
+ "format=i" "&"
+ "orderby=+Created"))
+
+(defun rt-liber-rest-show-string (scheme url ticket-id-list query)
"Return the ticket show string."
- (let ((user (url-encode-url username))
- (pass (url-encode-url password)))
- (concat scheme
- "://"
- url
- "/REST/1.0/ticket/" ticket-id-list
- "/show" "?"
- "user=" user "&"
- "pass=" pass "&")))
-
-(defun rt-liber-rest-history-string (scheme url ticket-id username password)
+ (concat scheme
+ "://"
+ url
+ "/REST/1.0/ticket/" ticket-id-list
+ "/show"))
+
+(defun rt-liber-rest-history-string (scheme url ticket-id)
"Return the ticket show string."
- (let ((user (url-encode-url username))
- (pass (url-encode-url password)))
- (concat scheme
- "://"
- url
- "/REST/1.0/ticket/" ticket-id
- "/history" "?"
- "format=l" "&"
- "user=" user "&"
- "pass=" pass)))
-
-(defun rt-liber-rest-command-edit-string (scheme url ticket-id username
password)
+ (concat scheme
+ "://"
+ url
+ "/REST/1.0/ticket/" ticket-id
+ "/history" "?"
+ "format=l"))
+
+(defun rt-liber-rest-command-edit-string (scheme url ticket-id)
"Return the ticket edit string."
- (let ((user (url-encode-url username))
- (pass (url-encode-url password)))
- (concat scheme
- "://"
- url
- "/REST/1.0/ticket/" ticket-id
- "/edit" "?"
- "user=" user "&"
- "pass=" pass)))
-
-(defun rt-liber-rest-call (url)
+ (concat scheme
+ "://"
+ url
+ "/REST/1.0/ticket/" ticket-id
+ "/edit"))
+
+(defun rt-liber-rest-call (url username)
"Perform a REST call with URL."
- (let ((url-request-method "POST"))
- (let ((response
- (url-retrieve-synchronously url))
- str)
- (setq str
- (decode-coding-string
- (with-current-buffer response
- (buffer-substring-no-properties (point-min)
- (point-max)))
- 'utf-8))
-
- (rt-liber-rest-write-debug
- (format "outgoing rest call -->\n%s\n<-- incoming\n%s\n" url str))
- str)))
+ (let* ((auth-source-creation-prompts
+ '((user . "RT user at %h: ")
+ (secret . "RT password for address@hidden: ")))
+ (auth (nth 0 (auth-source-search :max 1
+ :host (car (split-string
rt-liber-rest-url "/"))
+ :user username
+ :require '(user secret)
+ :create t)))
+ (user (url-encode-url (plist-get auth :user)))
+ (secret (plist-get auth :secret))
+ (password (url-encode-url
+ (if (functionp secret)
+ (funcall secret)
+ secret)))
+ (url-request-method "POST")
+ (url-request-extra-headers
+ '(("Content-Type" . "application/x-www-form-urlencoded")))
+ (url-request-data (concat "user=" user "&" "pass=" password))
+ (response (url-retrieve-synchronously url))
+ str)
+ (setq str
+ (decode-coding-string
+ (with-current-buffer response
+ (buffer-substring-no-properties (point-min)
+ (point-max)))
+ 'utf-8))
+
+ (rt-liber-rest-write-debug
+ (format "outgoing rest call -->\n%s\n<-- incoming\n%s\n" url str))
+ str))
(defun rt-liber-rest-query-runner (op query-string)
"Run OP on QUERY-STRING."
@@ -142,24 +143,21 @@
(rt-liber-rest-call
(rt-liber-rest-search-string rt-liber-rest-scheme
rt-liber-rest-url
- rt-liber-rest-username
- rt-liber-rest-password
- query-string)))
+ query-string)
+ rt-liber-rest-username))
((string= op "show")
(rt-liber-rest-call
(rt-liber-rest-show-string rt-liber-rest-scheme
rt-liber-rest-url
query-string
- rt-liber-rest-username
- rt-liber-rest-password
- query-string)))
+ query-string)
+ rt-liber-rest-username))
((string= op "history")
(rt-liber-rest-call
(rt-liber-rest-history-string rt-liber-rest-scheme
rt-liber-rest-url
- query-string
- rt-liber-rest-username
- rt-liber-rest-password)))
+ query-string)
+ rt-liber-rest-username))
(t (error "unknown op [%s]" op))))
(defun rt-liber-rest-parse-http-header ()
@@ -260,9 +258,7 @@
(rt-liber-rest-command-edit-string
rt-liber-rest-scheme
rt-liber-rest-url
- ticket-id
- rt-liber-rest-username
- rt-liber-rest-password)))
+ ticket-id)))
(rt-liber-rest-handle-response response-buffer)))
(message "edit command ended at %s" (current-time-string)))
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Rtliber-help] User credentials,
jdcampo <=