Improve authentication method support

thesmallestduck commented 7 years ago

why

Mixpanel documentation clearly states signature-based authentication is considered deprecated. However, on several occasions we have been informed there are no plans to discontinue support of signature-based authentication. There has been some interest in supporting the new "secret in header" means of authentication. Two PRs have been submitted to that effect:

https://github.com/cooncesean/mixpanel-query-py/pull/27 https://github.com/cooncesean/mixpanel-query-py/pull/29

In the interest of keeping this repo up to date, we should strive to conform to the latest documentation from Mixpanel.

what

this PR:

creates a new mixpanel_query.auth module with two classes, SignatureAuth and SecretAuth
adjusts mixpanel_query.client.MixpanelQueryClient to accept an auth_class upon initialization. This auth class is used to create an instance upon initialization for future use in authorizing requests
adjusts mixpanel_query.connection.Connection to use the client's auth instance to authenticate requests
moves the unicode_urlencode method from the connection class to mixpanel_query.utils so both authentication classes could use it

new usage

If we merge this PR and update the pip version, you should not have to make any changes to your code in a production environment what-so-ever. The same signature method of authentication will be used, any unit tests you have setup to introspect url parameters should see everything behaving as usual.

However, if you wish to switch production code to use the secret-based means of authentication, you should be able to do so like this:

BEFORE:

from mixpanel_query.client import MixpanelQueryClient

signature_client = MixpanelQueryClient(API_KEY, API_SECRET)

AFTER:

rom mixpanel_query.client import MixpanelQueryClient
from mixpanel_query.auth import SecretAuth

secret_client = MixpanelQueryClient(API_KEY, API_SECRET, auth_class=SecretAuth)

notes

in the future, we can consider changing the default auth_class used by the client to be SecretAuth. We should most certainly do so if Mixpanel ever communicates their intent to discontinue support of the signature-based authentication method.
thank you @drathm and @robin900 for your prior PRs on this (I leaned heavily on your PRs for the SecretAuth class.
I have tested both authentication methods using the get_segmentation and get_export methods, and both are functioning well. I'd appreciate any additional tire-kicking folks can bring to the PR.

drathm commented 7 years ago

Great change! I've added JQL support to my local fork which requires the use of POST instead of the assumed GET in the connection class so I'll need to massage this a bit into my local branch.

I'm happy to submit another PR if desired. Here's my local branch with JQL https://github.com/Resly/mixpanel-query-py/tree/add-jql

thesmallestduck commented 7 years ago

@drathm it'd be great to support JQL, for sure. I'll take a look at your fork sometime this week. Otherwise PRs are always welcome.

cooncesean / mixpanel-query-py