Remove user OAuth tokens stored in database for Bitbucket, GitHub, and GitLab

and request them each session. Pass these tokens to the project import data.

This prevents the need to encrypt these tokens and clear them in case they
expire or get revoked.

For example, if you deleted and re-created OAuth2 keys for Bitbucket, you would get
an Error 500 with no way to recover:

```
Started GET "/import/bitbucket/status" for x.x.x.x at 2015-08-07 05:24:10 +0000
Processing by Import::BitbucketController#status as HTML
Completed 500 Internal Server Error in 607ms (ActiveRecord: 2.3ms)

NameError (uninitialized constant Import::BitbucketController::Unauthorized):
  app/controllers/import/bitbucket_controller.rb:77:in `rescue in go_to_bitbucket_for_permissions'
  app/controllers/import/bitbucket_controller.rb:74:in `go_to_bitbucket_for_permissions'
  app/controllers/import/bitbucket_controller.rb:86:in `bitbucket_unauthorized'
```

Closes #1871

2 files changed, 16 insertions, 10 deletions

diff --git a/lib/gitlab/gitlab_import/importer.rb b/lib/gitlab/gitlab_import/importer.rb
index c5304a0699b..50594d2b24f 100644
--- a/lib/gitlab/gitlab_import/importer.rb
+++ b/lib/gitlab/gitlab_import/importer.rb
@@ -5,7 +5,9 @@ module Gitlab
 
       def initialize(project)
         @project = project
-        @client = Client.new(project.creator.gitlab_access_token)
+        import_data = project.import_data.try(:data)
+        gitlab_session = import_data["gitlab_session"] if import_data
+        @client = Client.new(gitlab_session["gitlab_access_token"])
         @formatter = Gitlab::ImportFormatter.new
       end
 
@@ -14,12 +16,12 @@ module Gitlab
 
         #Issues && Comments
         issues = client.issues(project_identifier)
-        
+
         issues.each do |issue|
           body = @formatter.author_line(issue["author"]["name"], issue["description"])
-          
+
           comments = client.issue_comments(project_identifier, issue["id"])
-          
+
           if comments.any?
             body += @formatter.comments_header
           end
@@ -29,13 +31,13 @@ module Gitlab
           end
 
           project.issues.create!(
-            description: body, 
+            description: body,
             title: issue["title"],
             state: issue["state"],
             author_id: gl_user_id(project, issue["author"]["id"])
           )
         end
-        
+
         true
       end
 
diff --git a/lib/gitlab/gitlab_import/project_creator.rb b/lib/gitlab/gitlab_import/project_creator.rb
index f0d7141bf56..d9452de6a50 100644
--- a/lib/gitlab/gitlab_import/project_creator.rb
+++ b/lib/gitlab/gitlab_import/project_creator.rb
@@ -1,16 +1,17 @@
 module Gitlab
   module GitlabImport
     class ProjectCreator
-      attr_reader :repo, :namespace, :current_user
+      attr_reader :repo, :namespace, :current_user, :session_data
 
-      def initialize(repo, namespace, current_user)
+      def initialize(repo, namespace, current_user, session_data)
         @repo = repo
         @namespace = namespace
         @current_user = current_user
+        @session_data = session_data
       end
 
       def execute
-        ::Projects::CreateService.new(current_user,
+        project = ::Projects::CreateService.new(current_user,
           name: repo["name"],
           path: repo["path"],
           description: repo["description"],
@@ -18,8 +19,11 @@ module Gitlab
           visibility_level: repo["visibility_level"],
           import_type: "gitlab",
           import_source: repo["path_with_namespace"],
-          import_url: repo["http_url_to_repo"].sub("://", "://oauth2:#{current_user.gitlab_access_token}@")
+          import_url: repo["http_url_to_repo"].sub("://", "://oauth2:#{@session_data[:gitlab_access_token]}@")
         ).execute
+
+        project.create_import_data(data: { "gitlab_session" => session_data } )
+        project
       end
     end
   end