From cbbcebc8cf2064ccd42535792f21472465266d7f Mon Sep 17 00:00:00 2001
From: Dan Nicholson <nicholson@endlessm.com>
Date: Mon, 10 Feb 2020 09:42:45 -0700
Subject: [PATCH] Use HTTP basic authentication to API

GitHub API authentication using the `access_token` query paramater has
been deprecated[1]. Instead, use HTTP basic authentication. This
requires using a `urllib2.Request` object to supply additional headers.
In the future this code should probably switch to using `requests`.

1. https://developer.github.com/changes/2019-11-05-deprecated-passwords-and-authorizations-api/#authenticating-using-query-parameters

https://phabricator.endlessm.com/T29306
---
 update_repos | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/update_repos b/update_repos
index 717e4f4..7286cdd 100755
--- a/update_repos
+++ b/update_repos
@@ -1,6 +1,7 @@
 #!/usr/bin/python
 # encoding: utf-8
 
+import base64
 import sys
 import os
 import argparse
@@ -8,7 +9,7 @@ from collections import namedtuple
 from subprocess import Popen, PIPE
 
 from urllib import urlencode
-from urllib2 import urlopen
+from urllib2 import Request, urlopen
 import json
 from urlparse import urlparse
 
@@ -16,7 +17,6 @@ WHITELIST=[]
 BLACKLIST=[]
 
 LISTINGS_PER_PAGE = 100
-ACCESS_TOKEN_PARAM = 'access_token'
 LISTINGS_PER_PAGE_PARAM = 'per_page'
 LISTING_PAGE_PARAM = 'page'
 GITHUB_API_HOST = 'https://api.github.com'
@@ -76,16 +76,22 @@ class AttributeDict(dict):
 
 def read_api_uri(uri, config, page=1):
     params = {
-        ACCESS_TOKEN_PARAM: config.token,
         LISTINGS_PER_PAGE_PARAM: LISTINGS_PER_PAGE,
         LISTING_PAGE_PARAM: page,
     }
     uri += '?' + urlencode(params)
 
+    creds = base64.b64encode(config.token.encode('utf-8')).decode('ascii')
+    basic_auth = 'Basic {}'.format(creds)
+    headers = {
+        'Authorization': basic_auth,
+    }
+
     if config.debug:
-        print "Trying:", uri
+        print "Trying URI {} with headers {}".format(uri, headers)
 
-    return urlopen(uri).read()
+    req = Request(uri, headers=headers)
+    return urlopen(req).read()
 
 def get_json(uri, config, obj_type=AttributeDict, page=1):
     return json.loads(read_api_uri(uri, config, page), object_hook=obj_type)
-- 
GitLab