Warehouse: API feature to request new project-scoped upload API token
From @takluyver:
Is there any plan for an API to create upload tokens? E.g. I'd like to have a command-line tool prompt me once for my password & 2FA code, then obtain and store a project-scoped token to use for uploads.
This is a followup to #994.
brainwane
All 6 comments
I will be working on this issue next!
rcipkins
on 19 Sep 2019
@brainwane I have a few questions regarding this issue. Should the command line tool be created in Twine? Should this tool create tokens for entire projects or should it implement the new caveats implemented in #6255 ?
rcipkins
on 24 Sep 2019
As my request was a bit vague: what I'm really looking for is a public, documented HTTP interface for creating API tokens. I maintain a command line tool, which handles project uploads, and I'd like to extend it to use API tokens. But I'm not aware of any way to create them programmatically. Once the HTTP interface exists, no doubt other tools will use it too.
Thanks for working on it!
takluyver
on 24 Sep 2019
Sorry for the wait in replying to you @rcipkins -- I think @di or @ewdurbin would be better placed to answer you!
brainwane
on 7 Oct 2019
This may be part of (or blocked on) https://github.com/pypa/warehouse/issues/284 -- we don't currently have any authenticated APIs (aside from the upload API) but it seems reasonable that this would be part of some future JSON API which could support authentication.
di
on 8 Oct 2019
~@takluyver can't you generate an unscoped macaroon and then narrow the scope of it with Caveats yourself before storing it?~
ah this was already mentioned
graingert
on 29 Sep 2020
Related issues
LarsFronius
路
4Comments
nlhkabu
路
4Comments
nlhkabu
路
4Comments
toddrme2178
路
3Comments
webknjaz
路
4Comments