mirrors/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2025-06-06 09:28:51 +00:00
Code Issues Projects Releases Wiki Activity

Respect WOODPECKER_GITEA_SKIP_VERIFY (#1152)

Browse source
This commit is contained in:
6543 2022-09-01 22:48:33 +02:00 committed by GitHub
parent efdad4a9fc
commit 3f2af06bbc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 22 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
server/remote/gitea/gitea.go
View file

@ -27,6 +27,7 @@ import (
"path" "path"
"path/filepath" "path/filepath"
"strings" "strings"
"time"
"code.gitea.io/sdk/gitea" "code.gitea.io/sdk/gitea"
"github.com/rs/zerolog/log" "github.com/rs/zerolog/log"
@ -84,22 +85,27 @@ func (c *Gitea) Name() string {
return "gitea" return "gitea"
} }
func (c *Gitea) oauth2Config() *oauth2.Config { func (c *Gitea) oauth2Config(ctx context.Context) (*oauth2.Config, context.Context) {
return &oauth2.Config{ return &oauth2.Config{
ClientID: c.ClientID, ClientID: c.ClientID,
ClientSecret: c.ClientSecret, ClientSecret: c.ClientSecret,
Endpoint: oauth2.Endpoint{ Endpoint: oauth2.Endpoint{
AuthURL: fmt.Sprintf(authorizeTokenURL, c.URL), AuthURL: fmt.Sprintf(authorizeTokenURL, c.URL),
TokenURL: fmt.Sprintf(accessTokenURL, c.URL), TokenURL: fmt.Sprintf(accessTokenURL, c.URL),
},
RedirectURL: fmt.Sprintf("%s/authorize", server.Config.Server.OAuthHost),
}, },
RedirectURL: fmt.Sprintf("%s/authorize", server.Config.Server.OAuthHost),
} context.WithValue(ctx, oauth2.HTTPClient, &http.Client{Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: c.SkipVerify},
Proxy: http.ProxyFromEnvironment,
}})
} }
// Login authenticates an account with Gitea using basic authentication. The // Login authenticates an account with Gitea using basic authentication. The
// Gitea account details are returned when the user is successfully authenticated. // Gitea account details are returned when the user is successfully authenticated.
func (c *Gitea) Login(ctx context.Context, w http.ResponseWriter, req *http.Request) (*model.User, error) { func (c *Gitea) Login(ctx context.Context, w http.ResponseWriter, req *http.Request) (*model.User, error) {
config := c.oauth2Config() config, oauth2Ctx := c.oauth2Config(ctx)
// get the OAuth errors // get the OAuth errors
if err := req.FormValue("error"); err != "" { if err := req.FormValue("error"); err != "" {
@ -117,7 +123,7 @@ func (c *Gitea) Login(ctx context.Context, w http.ResponseWriter, req *http.Requ
return nil, nil return nil, nil
} }
token, err := config.Exchange(ctx, code) token, err := config.Exchange(oauth2Ctx, code)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -158,10 +164,14 @@ func (c *Gitea) Auth(ctx context.Context, token, secret string) (string, error)
// Refresh refreshes the Gitea oauth2 access token. If the token is // Refresh refreshes the Gitea oauth2 access token. If the token is
// refreshed the user is updated and a true value is returned. // refreshed the user is updated and a true value is returned.
func (c *Gitea) Refresh(ctx context.Context, user *model.User) (bool, error) { func (c *Gitea) Refresh(ctx context.Context, user *model.User) (bool, error) {
config := c.oauth2Config() config, oauth2Ctx := c.oauth2Config(ctx)
config.RedirectURL = "" config.RedirectURL = ""
source := config.TokenSource(ctx, &oauth2.Token{RefreshToken: user.Secret}) source := config.TokenSource(oauth2Ctx, &oauth2.Token{
AccessToken: user.Token,
RefreshToken: user.Secret,
Expiry: time.Unix(user.Expiry, 0),
})
token, err := source.Token() token, err := source.Token()
if err != nil || len(token.AccessToken) == 0 { if err != nil || len(token.AccessToken) == 0 {