Updated django-oauth2-provider

[clintonb]

New package includes support for client credentials grant.

[clintonb]

@nedbat @feanil please review. A diff of the OAuth lib is available at edx/django-oauth2-provider@0.2.7-fork-edx-6a...0.5.0. I'm not quite sure why it includes commits from 2013.

[clintonb]

jenkins run all

[feanil]

This part of paver, is not run on production builds, is it a requirement for this to get deployed correctly. If the version numbers of the new requirements have been upped, you shouldn't need that right?

[clintonb]

@feanil I assume you're referring to the uninstall code. I don't know if installing the new package atop the previously-editable version will have any side-effects (e.g. the old version take precedence).

Do we have the option of building this AMI from scratch instead of the previously-deployed AMI?

[feanil]

The option to build AMIs from scratch does exist but it means the release master/devops engineer need to be made aware that they need to do it. It seems like the code precedence is something you can check quickly in a local virtualenv. My expectation is that if the packages have the same name, the last pip install will win.

[clintonb]

I installed locally, and the assumption that the last-installed version is used is incorrect. Both packages are installed, but the editable version takes precedence. We will need to build from scratch.

edxapp@precise64:~/edx-platform$ python
Python 2.7.10 (default, Jun 29 2015, 22:38:23) 
[GCC 4.6.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import provider
>>> provider.__version__
'0.2.7-fork-edx-6'

edxapp@precise64:~/edx-platform$ pip freeze | grep oauth2-provider
-e git+https://github.com/edx/django-oauth2-provider.git@764601a74b368a6b7296c229673a23a7e940be3f#egg=django_oauth2_provider-0.2.7-fork-edx-6a
edx-django-oauth2-provider==0.5.0
edx-oauth2-provider==0.5.9

[clintonb]

@feanil @nedbat thumbs?

[feanil]

@nasthagiri @fredsmith you will be in-charge of the release when this goes out so I want you both to be aware. This change will require building edxapp AMIs from scratch.

👍 @clintonb I want both of them to confirm they have seen this before you merge this.

[nedbat]

This won't run unless you also update expected_version on line 186. Are you sure you need to perform an explicit uninstall?

[feanil]

@nedbat it turns out he does, because the egg names are different. django-oauth2-provider vs edx-django-oauth2-provider

[nedbat]

Oh, sorry, I missed the egg-name change.

[nedbat]

You need to change the expected_version to get this uninstall to run.

[nedbat]

There are commits from 2013 in the diff because @justinabrahms pulled them in with this commit: edx/django-oauth2-provider@c1cbc3b
which merged them in? Do we want those commits?

[nasthagiri]

How does this change relate to what @jcdyer is doing in his PR https://github.com/edx/edx-platform/pull/11397?

We had decided to wait on releasing Cliff's PR until we validated those changes with his next set of changes for django-oauth-toolkit. So there would be only one operational migration hiccup.

[clintonb]

@nasthagiri Cliff's change includes a renaming of the exported package, requiring code changes. I have only changed the name of the package in setup.py (to support PyPI publishing). Merging this will result in one less thing for Cliff to do—uninstall the editable package.

[clintonb]

@nedbat looking at edx/django-oauth2-provider#14, we made an explicit decision to retain the history and properly credit the original author of the implicit grant work. Yes, we are fine with the pre-2015 commits.

[nasthagiri]

@clintonb 👍

[fredsmith]

👍 from devops

[nedbat]

What is the point of my reviewing this and saying (twice) that you need to change a value in the uninstall code to get it to run, if you are going to merge it anyway? :(

[clintonb]

@nedbat I apologize. I thought this had been resolved during the discussion with @feanil. I will create another PR with the updated text file.

[jzoldak]

@clintonb @feanil @nedbat @benpatterson this has broken ansible provisioning for a new jenkins worker. See https://build.testeng.edx.org/job/build-packer-ami/496/consoleText

    amazon-ebs: Successfully uninstalled edxval-0.0.9
    amazon-ebs: pip uninstall --disable-pip-version-check -y django-oauth2-provider
    amazon-ebs:
    amazon-ebs:
    amazon-ebs: Captured Task Output:
    amazon-ebs: ---------------------
    amazon-ebs:
    amazon-ebs: ---> pavelib.bok_choy.test_bokchoy
    amazon-ebs: ---> pavelib.prereqs.install_prereqs
    amazon-ebs: ---> pavelib.prereqs.install_node_prereqs
    amazon-ebs: ---> pavelib.prereqs.uninstall_python_packages
    amazon-ebs: pip freeze
    amazon-ebs: pip uninstall --disable-pip-version-check -y edxval
    amazon-ebs: pip uninstall --disable-pip-version-check -y django-oauth2-provider
    amazon-ebs:

[...]

    amazon-ebs: Build failed running pavelib.bok_choy.test_bokchoy: Subprocess return code: 1
    amazon-ebs: Cannot uninstall requirement django-oauth2-provider, not installed