mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2024-11-25 11:21:02 +00:00
Support github refresh tokens (#3811)
This commit is contained in:
Anbraten
GitHub
parent
bd349c8eaf
commit
53d6421940
24 changed files with 231 additions and 199 deletions
|
|
@ -159,13 +159,14 @@ func HandleAuth(c *gin.Context) {
|
|||
|
||||
// create the user account
|
||||
user = &model.User{
|
||||
Login: userFromForge.Login,
|
||||
ForgeID: forgeID,
|
||||
ForgeRemoteID: userFromForge.ForgeRemoteID,
|
||||
Token: userFromForge.Token,
|
||||
Secret: userFromForge.Secret,
|
||||
Login: userFromForge.Login,
|
||||
AccessToken: userFromForge.AccessToken,
|
||||
RefreshToken: userFromForge.RefreshToken,
|
||||
Expiry: userFromForge.Expiry,
|
||||
Email: userFromForge.Email,
|
||||
Avatar: userFromForge.Avatar,
|
||||
ForgeID: forgeID,
|
||||
Hash: base32.StdEncoding.EncodeToString(
|
||||
securecookie.GenerateRandomKey(32),
|
||||
),
|
||||
|
|
@ -225,8 +226,8 @@ func HandleAuth(c *gin.Context) {
|
|||
}
|
||||
|
||||
// update the user meta data and authorization data.
|
||||
user.Token = userFromForge.Token
|
||||
user.Secret = userFromForge.Secret
|
||||
user.AccessToken = userFromForge.AccessToken
|
||||
user.RefreshToken = userFromForge.RefreshToken
|
||||
user.Email = userFromForge.Email
|
||||
user.Avatar = userFromForge.Avatar
|
||||
user.ForgeID = forgeID
|
||||
|
|
|
|||
|
|
@ -111,8 +111,8 @@ type modelUser struct {
|
|||
|
||||
func (m *modelUser) asModel() *model.User {
|
||||
m.User.ForgeRemoteID = m.ForgeRemoteID
|
||||
m.User.Token = m.Token
|
||||
m.User.Secret = m.Secret
|
||||
m.User.AccessToken = m.Token
|
||||
m.User.RefreshToken = m.Secret
|
||||
m.User.Expiry = m.Expiry
|
||||
m.User.Hash = m.Hash
|
||||
return m.User
|
||||
|
|
@ -122,8 +122,8 @@ func modelUserFromModel(u *model.User) *modelUser {
|
|||
return &modelUser{
|
||||
User: u,
|
||||
ForgeRemoteID: u.ForgeRemoteID,
|
||||
Token: u.Token,
|
||||
Secret: u.Secret,
|
||||
Token: u.AccessToken,
|
||||
Secret: u.RefreshToken,
|
||||
Expiry: u.Expiry,
|
||||
Hash: u.Hash,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -117,15 +117,15 @@ func (c *config) Auth(ctx context.Context, token, secret string) (string, error)
|
|||
func (c *config) Refresh(ctx context.Context, user *model.User) (bool, error) {
|
||||
config := c.newOAuth2Config()
|
||||
source := config.TokenSource(
|
||||
ctx, &oauth2.Token{RefreshToken: user.Secret})
|
||||
ctx, &oauth2.Token{RefreshToken: user.RefreshToken})
|
||||
|
||||
token, err := source.Token()
|
||||
if err != nil || len(token.AccessToken) == 0 {
|
||||
return false, err
|
||||
}
|
||||
|
||||
user.Token = token.AccessToken
|
||||
user.Secret = token.RefreshToken
|
||||
user.AccessToken = token.AccessToken
|
||||
user.RefreshToken = token.RefreshToken
|
||||
user.Expiry = token.Expiry.UTC().Unix()
|
||||
return true, nil
|
||||
}
|
||||
|
|
@ -348,7 +348,7 @@ func (c *config) Netrc(u *model.User, _ *model.Repo) (*model.Netrc, error) {
|
|||
return &model.Netrc{
|
||||
Machine: "bitbucket.org",
|
||||
Login: "x-token-auth",
|
||||
Password: u.Token,
|
||||
Password: u.AccessToken,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
|
@ -428,7 +428,7 @@ func (c *config) newClient(ctx context.Context, u *model.User) *internal.Client
|
|||
if u == nil {
|
||||
return c.newClientToken(ctx, "", "")
|
||||
}
|
||||
return c.newClientToken(ctx, u.Token, u.Secret)
|
||||
return c.newClientToken(ctx, u.AccessToken, u.RefreshToken)
|
||||
}
|
||||
|
||||
// helper function to return the bitbucket oauth2 client.
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ func Test_bitbucket(t *testing.T) {
|
|||
netrc, _ := forge.Netrc(fakeUser, fakeRepo)
|
||||
g.Assert(netrc.Machine).Equal("bitbucket.org")
|
||||
g.Assert(netrc.Login).Equal("x-token-auth")
|
||||
g.Assert(netrc.Password).Equal(fakeUser.Token)
|
||||
g.Assert(netrc.Password).Equal(fakeUser.AccessToken)
|
||||
})
|
||||
|
||||
g.Describe("Given an authorization request", func() {
|
||||
|
|
@ -75,8 +75,8 @@ func Test_bitbucket(t *testing.T) {
|
|||
})
|
||||
g.Assert(err).IsNil()
|
||||
g.Assert(u.Login).Equal(fakeUser.Login)
|
||||
g.Assert(u.Token).Equal("2YotnFZFEjr1zCsicMWpAA")
|
||||
g.Assert(u.Secret).Equal("tGzv3JOkF0XG5Qx2TlKWIA")
|
||||
g.Assert(u.AccessToken).Equal("2YotnFZFEjr1zCsicMWpAA")
|
||||
g.Assert(u.RefreshToken).Equal("tGzv3JOkF0XG5Qx2TlKWIA")
|
||||
})
|
||||
g.It("Should handle failure to exchange code", func() {
|
||||
_, _, err := c.Login(ctx, &types.OAuthRequest{
|
||||
|
|
@ -94,12 +94,12 @@ func Test_bitbucket(t *testing.T) {
|
|||
|
||||
g.Describe("Given an access token", func() {
|
||||
g.It("Should return the authenticated user", func() {
|
||||
login, err := c.Auth(ctx, fakeUser.Token, fakeUser.Secret)
|
||||
login, err := c.Auth(ctx, fakeUser.AccessToken, fakeUser.RefreshToken)
|
||||
g.Assert(err).IsNil()
|
||||
g.Assert(login).Equal(fakeUser.Login)
|
||||
})
|
||||
g.It("Should handle a failure to resolve user", func() {
|
||||
_, err := c.Auth(ctx, fakeUserNotFound.Token, fakeUserNotFound.Secret)
|
||||
_, err := c.Auth(ctx, fakeUserNotFound.AccessToken, fakeUserNotFound.RefreshToken)
|
||||
g.Assert(err).IsNotNil()
|
||||
})
|
||||
})
|
||||
|
|
@ -109,8 +109,8 @@ func Test_bitbucket(t *testing.T) {
|
|||
ok, err := c.Refresh(ctx, fakeUserRefresh)
|
||||
g.Assert(err).IsNil()
|
||||
g.Assert(ok).IsTrue()
|
||||
g.Assert(fakeUserRefresh.Token).Equal("2YotnFZFEjr1zCsicMWpAA")
|
||||
g.Assert(fakeUserRefresh.Secret).Equal("tGzv3JOkF0XG5Qx2TlKWIA")
|
||||
g.Assert(fakeUserRefresh.AccessToken).Equal("2YotnFZFEjr1zCsicMWpAA")
|
||||
g.Assert(fakeUserRefresh.RefreshToken).Equal("tGzv3JOkF0XG5Qx2TlKWIA")
|
||||
})
|
||||
g.It("Should handle an empty access token", func() {
|
||||
ok, err := c.Refresh(ctx, fakeUserRefreshEmpty)
|
||||
|
|
@ -293,38 +293,38 @@ func Test_bitbucket(t *testing.T) {
|
|||
|
||||
var (
|
||||
fakeUser = &model.User{
|
||||
Login: "superman",
|
||||
Token: "cfcd2084",
|
||||
Login: "superman",
|
||||
AccessToken: "cfcd2084",
|
||||
}
|
||||
|
||||
fakeUserRefresh = &model.User{
|
||||
Login: "superman",
|
||||
Secret: "cfcd2084",
|
||||
Login: "superman",
|
||||
RefreshToken: "cfcd2084",
|
||||
}
|
||||
|
||||
fakeUserRefreshFail = &model.User{
|
||||
Login: "superman",
|
||||
Secret: "refresh_token_not_found",
|
||||
Login: "superman",
|
||||
RefreshToken: "refresh_token_not_found",
|
||||
}
|
||||
|
||||
fakeUserRefreshEmpty = &model.User{
|
||||
Login: "superman",
|
||||
Secret: "refresh_token_is_empty",
|
||||
Login: "superman",
|
||||
RefreshToken: "refresh_token_is_empty",
|
||||
}
|
||||
|
||||
fakeUserNotFound = &model.User{
|
||||
Login: "superman",
|
||||
Token: "user_not_found",
|
||||
Login: "superman",
|
||||
AccessToken: "user_not_found",
|
||||
}
|
||||
|
||||
fakeUserNoTeams = &model.User{
|
||||
Login: "superman",
|
||||
Token: "teams_not_found",
|
||||
Login: "superman",
|
||||
AccessToken: "teams_not_found",
|
||||
}
|
||||
|
||||
fakeUserNoRepos = &model.User{
|
||||
Login: "superman",
|
||||
Token: "repos_not_found",
|
||||
Login: "superman",
|
||||
AccessToken: "repos_not_found",
|
||||
}
|
||||
|
||||
fakeRepo = &model.Repo{
|
||||
|
|
|
|||
|
|
@ -133,8 +133,8 @@ func sshCloneLink(repo *internal.Repo) string {
|
|||
func convertUser(from *internal.Account, token *oauth2.Token) *model.User {
|
||||
return &model.User{
|
||||
Login: from.Login,
|
||||
Token: token.AccessToken,
|
||||
Secret: token.RefreshToken,
|
||||
AccessToken: token.AccessToken,
|
||||
RefreshToken: token.RefreshToken,
|
||||
Expiry: token.Expiry.UTC().Unix(),
|
||||
Avatar: from.Links.Avatar.Href,
|
||||
ForgeRemoteID: model.ForgeRemoteID(fmt.Sprint(from.UUID)),
|
||||
|
|
|
|||
|
|
@ -98,8 +98,8 @@ func Test_helper(t *testing.T) {
|
|||
result := convertUser(user, token)
|
||||
g.Assert(result.Avatar).Equal(user.Links.Avatar.Href)
|
||||
g.Assert(result.Login).Equal(user.Login)
|
||||
g.Assert(result.Token).Equal(token.AccessToken)
|
||||
g.Assert(result.Secret).Equal(token.RefreshToken)
|
||||
g.Assert(result.AccessToken).Equal(token.AccessToken)
|
||||
g.Assert(result.RefreshToken).Equal(token.RefreshToken)
|
||||
g.Assert(result.Expiry).Equal(token.Expiry.UTC().Unix())
|
||||
})
|
||||
|
||||
|
|
|
|||
|
|
@ -116,7 +116,7 @@ func (c *client) Login(ctx context.Context, req *forge_types.OAuthRequest) (*mod
|
|||
return nil, "", err
|
||||
}
|
||||
|
||||
bc, err := c.newClient(ctx, &model.User{Token: token.AccessToken})
|
||||
bc, err := c.newClient(ctx, &model.User{AccessToken: token.AccessToken})
|
||||
if err != nil {
|
||||
return nil, "", fmt.Errorf("unable to create bitbucket client: %w", err)
|
||||
}
|
||||
|
|
@ -143,7 +143,7 @@ func (c *client) Auth(ctx context.Context, accessToken, _ string) (string, error
|
|||
func (c *client) Refresh(ctx context.Context, u *model.User) (bool, error) {
|
||||
config := c.newOAuth2Config()
|
||||
t := &oauth2.Token{
|
||||
RefreshToken: u.Secret,
|
||||
RefreshToken: u.RefreshToken,
|
||||
}
|
||||
ts := config.TokenSource(ctx, t)
|
||||
|
||||
|
|
@ -623,7 +623,7 @@ func (c *client) newOAuth2Config() *oauth2.Config {
|
|||
func (c *client) newClient(ctx context.Context, u *model.User) (*bb.Client, error) {
|
||||
config := c.newOAuth2Config()
|
||||
t := &oauth2.Token{
|
||||
AccessToken: u.Token,
|
||||
AccessToken: u.AccessToken,
|
||||
}
|
||||
client := config.Client(ctx, t)
|
||||
return bb.NewClient(c.urlAPI, client)
|
||||
|
|
|
|||
|
|
@ -91,6 +91,6 @@ func TestBitbucketDC(t *testing.T) {
|
|||
}
|
||||
|
||||
var fakeUser = &model.User{
|
||||
Token: "fake",
|
||||
Expiry: time.Now().Add(1 * time.Hour).Unix(),
|
||||
AccessToken: "fake",
|
||||
Expiry: time.Now().Add(1 * time.Hour).Unix(),
|
||||
}
|
||||
|
|
|
|||
|
|
@ -169,7 +169,7 @@ func convertListOptions(p *model.ListOptions) bb.ListOptions {
|
|||
}
|
||||
|
||||
func updateUserCredentials(u *model.User, t *oauth2.Token) {
|
||||
u.Token = t.AccessToken
|
||||
u.Secret = t.RefreshToken
|
||||
u.AccessToken = t.AccessToken
|
||||
u.RefreshToken = t.RefreshToken
|
||||
u.Expiry = t.Expiry.UTC().Unix()
|
||||
}
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ func ExtractHostFromCloneURL(cloneURL string) (string, error) {
|
|||
|
||||
func UserToken(ctx context.Context, r *model.Repo, u *model.User) string {
|
||||
if u != nil {
|
||||
return u.Token
|
||||
return u.AccessToken
|
||||
}
|
||||
|
||||
_store, ok := store.TryFromContext(ctx)
|
||||
|
|
@ -62,5 +62,5 @@ func UserToken(ctx context.Context, r *model.Repo, u *model.User) string {
|
|||
if err != nil {
|
||||
return ""
|
||||
}
|
||||
return user.Token
|
||||
return user.AccessToken
|
||||
}
|
||||
|
|
|
|||
|
|
@ -133,8 +133,8 @@ func (c *Forgejo) Login(ctx context.Context, req *forge_types.OAuthRequest) (*mo
|
|||
}
|
||||
|
||||
return &model.User{
|
||||
Token: token.AccessToken,
|
||||
Secret: token.RefreshToken,
|
||||
AccessToken: token.AccessToken,
|
||||
RefreshToken: token.RefreshToken,
|
||||
Expiry: token.Expiry.UTC().Unix(),
|
||||
Login: account.UserName,
|
||||
Email: account.Email,
|
||||
|
|
@ -164,8 +164,8 @@ func (c *Forgejo) Refresh(ctx context.Context, user *model.User) (bool, error) {
|
|||
config.RedirectURL = ""
|
||||
|
||||
source := config.TokenSource(oauth2Ctx, &oauth2.Token{
|
||||
AccessToken: user.Token,
|
||||
RefreshToken: user.Secret,
|
||||
AccessToken: user.AccessToken,
|
||||
RefreshToken: user.RefreshToken,
|
||||
Expiry: time.Unix(user.Expiry, 0),
|
||||
})
|
||||
|
||||
|
|
@ -174,15 +174,15 @@ func (c *Forgejo) Refresh(ctx context.Context, user *model.User) (bool, error) {
|
|||
return false, err
|
||||
}
|
||||
|
||||
user.Token = token.AccessToken
|
||||
user.Secret = token.RefreshToken
|
||||
user.AccessToken = token.AccessToken
|
||||
user.RefreshToken = token.RefreshToken
|
||||
user.Expiry = token.Expiry.UTC().Unix()
|
||||
return true, nil
|
||||
}
|
||||
|
||||
// Teams is supported by the Forgejo driver.
|
||||
func (c *Forgejo) Teams(ctx context.Context, u *model.User) ([]*model.Team, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -211,7 +211,7 @@ func (c *Forgejo) TeamPerm(_ *model.User, _ string) (*model.Perm, error) {
|
|||
|
||||
// Repo returns the Forgejo repository.
|
||||
func (c *Forgejo) Repo(ctx context.Context, u *model.User, remoteID model.ForgeRemoteID, owner, name string) (*model.Repo, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -238,7 +238,7 @@ func (c *Forgejo) Repo(ctx context.Context, u *model.User, remoteID model.ForgeR
|
|||
// Repos returns a list of all repositories for the Forgejo account, including
|
||||
// organization repositories.
|
||||
func (c *Forgejo) Repos(ctx context.Context, u *model.User) ([]*model.Repo, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -267,7 +267,7 @@ func (c *Forgejo) Repos(ctx context.Context, u *model.User) ([]*model.Repo, erro
|
|||
|
||||
// File fetches the file from the Forgejo repository and returns its contents.
|
||||
func (c *Forgejo) File(ctx context.Context, u *model.User, r *model.Repo, b *model.Pipeline, f string) ([]byte, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -282,7 +282,7 @@ func (c *Forgejo) File(ctx context.Context, u *model.User, r *model.Repo, b *mod
|
|||
func (c *Forgejo) Dir(ctx context.Context, u *model.User, r *model.Repo, b *model.Pipeline, f string) ([]*forge_types.FileMeta, error) {
|
||||
var configs []*forge_types.FileMeta
|
||||
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -318,7 +318,7 @@ func (c *Forgejo) Dir(ctx context.Context, u *model.User, r *model.Repo, b *mode
|
|||
|
||||
// Status is supported by the Forgejo driver.
|
||||
func (c *Forgejo) Status(ctx context.Context, user *model.User, repo *model.Repo, pipeline *model.Pipeline, workflow *model.Workflow) error {
|
||||
client, err := c.newClientToken(ctx, user.Token)
|
||||
client, err := c.newClientToken(ctx, user.AccessToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -346,7 +346,7 @@ func (c *Forgejo) Netrc(u *model.User, r *model.Repo) (*model.Netrc, error) {
|
|||
|
||||
if u != nil {
|
||||
login = u.Login
|
||||
token = u.Token
|
||||
token = u.AccessToken
|
||||
}
|
||||
|
||||
host, err := common.ExtractHostFromCloneURL(r.Clone)
|
||||
|
|
@ -376,7 +376,7 @@ func (c *Forgejo) Activate(ctx context.Context, u *model.User, r *model.Repo, li
|
|||
Active: true,
|
||||
}
|
||||
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -398,7 +398,7 @@ func (c *Forgejo) Activate(ctx context.Context, u *model.User, r *model.Repo, li
|
|||
// Deactivate deactivates the repository be removing repository push hooks from
|
||||
// the Forgejo repository.
|
||||
func (c *Forgejo) Deactivate(ctx context.Context, u *model.User, r *model.Repo, link string) error {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -522,7 +522,7 @@ func (c *Forgejo) Hook(ctx context.Context, r *http.Request) (*model.Repo, *mode
|
|||
// OrgMembership returns if user is member of organization and if user
|
||||
// is admin/owner in this organization.
|
||||
func (c *Forgejo) OrgMembership(ctx context.Context, u *model.User, owner string) (*model.OrgPerm, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -545,7 +545,7 @@ func (c *Forgejo) OrgMembership(ctx context.Context, u *model.User, owner string
|
|||
}
|
||||
|
||||
func (c *Forgejo) Org(ctx context.Context, u *model.User, owner string) (*model.Org, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -630,7 +630,7 @@ func (c *Forgejo) getChangedFilesForPR(ctx context.Context, repo *model.Repo, in
|
|||
return nil, err
|
||||
}
|
||||
|
||||
client, err := c.newClientToken(ctx, user.Token)
|
||||
client, err := c.newClientToken(ctx, user.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -667,7 +667,7 @@ func (c *Forgejo) getTagCommitSHA(ctx context.Context, repo *model.Repo, tagName
|
|||
return "", err
|
||||
}
|
||||
|
||||
client, err := c.newClientToken(ctx, user.Token)
|
||||
client, err := c.newClientToken(ctx, user.AccessToken)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ func Test_forgejo(t *testing.T) {
|
|||
netrc, _ := forge.Netrc(fakeUser, fakeRepo)
|
||||
g.Assert(netrc.Machine).Equal("forgejo.org")
|
||||
g.Assert(netrc.Login).Equal(fakeUser.Login)
|
||||
g.Assert(netrc.Password).Equal(fakeUser.Token)
|
||||
g.Assert(netrc.Password).Equal(fakeUser.AccessToken)
|
||||
})
|
||||
g.It("Should return a netrc with the machine account", func() {
|
||||
forge, _ := New(Opts{})
|
||||
|
|
@ -165,13 +165,13 @@ func Test_forgejo(t *testing.T) {
|
|||
|
||||
var (
|
||||
fakeUser = &model.User{
|
||||
Login: "someuser",
|
||||
Token: "cfcd2084",
|
||||
Login: "someuser",
|
||||
AccessToken: "cfcd2084",
|
||||
}
|
||||
|
||||
fakeUserNoRepos = &model.User{
|
||||
Login: "someuser",
|
||||
Token: "repos_not_found",
|
||||
Login: "someuser",
|
||||
AccessToken: "repos_not_found",
|
||||
}
|
||||
|
||||
fakeRepo = &model.Repo{
|
||||
|
|
|
|||
|
|
@ -135,8 +135,8 @@ func (c *Gitea) Login(ctx context.Context, req *forge_types.OAuthRequest) (*mode
|
|||
}
|
||||
|
||||
return &model.User{
|
||||
Token: token.AccessToken,
|
||||
Secret: token.RefreshToken,
|
||||
AccessToken: token.AccessToken,
|
||||
RefreshToken: token.RefreshToken,
|
||||
Expiry: token.Expiry.UTC().Unix(),
|
||||
Login: account.UserName,
|
||||
Email: account.Email,
|
||||
|
|
@ -166,8 +166,8 @@ func (c *Gitea) Refresh(ctx context.Context, user *model.User) (bool, error) {
|
|||
config.RedirectURL = ""
|
||||
|
||||
source := config.TokenSource(oauth2Ctx, &oauth2.Token{
|
||||
AccessToken: user.Token,
|
||||
RefreshToken: user.Secret,
|
||||
AccessToken: user.AccessToken,
|
||||
RefreshToken: user.RefreshToken,
|
||||
Expiry: time.Unix(user.Expiry, 0),
|
||||
})
|
||||
|
||||
|
|
@ -176,15 +176,15 @@ func (c *Gitea) Refresh(ctx context.Context, user *model.User) (bool, error) {
|
|||
return false, err
|
||||
}
|
||||
|
||||
user.Token = token.AccessToken
|
||||
user.Secret = token.RefreshToken
|
||||
user.AccessToken = token.AccessToken
|
||||
user.RefreshToken = token.RefreshToken
|
||||
user.Expiry = token.Expiry.UTC().Unix()
|
||||
return true, nil
|
||||
}
|
||||
|
||||
// Teams is supported by the Gitea driver.
|
||||
func (c *Gitea) Teams(ctx context.Context, u *model.User) ([]*model.Team, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -213,7 +213,7 @@ func (c *Gitea) TeamPerm(_ *model.User, _ string) (*model.Perm, error) {
|
|||
|
||||
// Repo returns the Gitea repository.
|
||||
func (c *Gitea) Repo(ctx context.Context, u *model.User, remoteID model.ForgeRemoteID, owner, name string) (*model.Repo, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -240,7 +240,7 @@ func (c *Gitea) Repo(ctx context.Context, u *model.User, remoteID model.ForgeRem
|
|||
// Repos returns a list of all repositories for the Gitea account, including
|
||||
// organization repositories.
|
||||
func (c *Gitea) Repos(ctx context.Context, u *model.User) ([]*model.Repo, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -269,7 +269,7 @@ func (c *Gitea) Repos(ctx context.Context, u *model.User) ([]*model.Repo, error)
|
|||
|
||||
// File fetches the file from the Gitea repository and returns its contents.
|
||||
func (c *Gitea) File(ctx context.Context, u *model.User, r *model.Repo, b *model.Pipeline, f string) ([]byte, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -284,7 +284,7 @@ func (c *Gitea) File(ctx context.Context, u *model.User, r *model.Repo, b *model
|
|||
func (c *Gitea) Dir(ctx context.Context, u *model.User, r *model.Repo, b *model.Pipeline, f string) ([]*forge_types.FileMeta, error) {
|
||||
var configs []*forge_types.FileMeta
|
||||
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -320,7 +320,7 @@ func (c *Gitea) Dir(ctx context.Context, u *model.User, r *model.Repo, b *model.
|
|||
|
||||
// Status is supported by the Gitea driver.
|
||||
func (c *Gitea) Status(ctx context.Context, user *model.User, repo *model.Repo, pipeline *model.Pipeline, workflow *model.Workflow) error {
|
||||
client, err := c.newClientToken(ctx, user.Token)
|
||||
client, err := c.newClientToken(ctx, user.AccessToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -348,7 +348,7 @@ func (c *Gitea) Netrc(u *model.User, r *model.Repo) (*model.Netrc, error) {
|
|||
|
||||
if u != nil {
|
||||
login = u.Login
|
||||
token = u.Token
|
||||
token = u.AccessToken
|
||||
}
|
||||
|
||||
host, err := common.ExtractHostFromCloneURL(r.Clone)
|
||||
|
|
@ -378,7 +378,7 @@ func (c *Gitea) Activate(ctx context.Context, u *model.User, r *model.Repo, link
|
|||
Active: true,
|
||||
}
|
||||
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -400,7 +400,7 @@ func (c *Gitea) Activate(ctx context.Context, u *model.User, r *model.Repo, link
|
|||
// Deactivate deactivates the repository be removing repository push hooks from
|
||||
// the Gitea repository.
|
||||
func (c *Gitea) Deactivate(ctx context.Context, u *model.User, r *model.Repo, link string) error {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -529,7 +529,7 @@ func (c *Gitea) Hook(ctx context.Context, r *http.Request) (*model.Repo, *model.
|
|||
// OrgMembership returns if user is member of organization and if user
|
||||
// is admin/owner in this organization.
|
||||
func (c *Gitea) OrgMembership(ctx context.Context, u *model.User, owner string) (*model.OrgPerm, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -552,7 +552,7 @@ func (c *Gitea) OrgMembership(ctx context.Context, u *model.User, owner string)
|
|||
}
|
||||
|
||||
func (c *Gitea) Org(ctx context.Context, u *model.User, owner string) (*model.Org, error) {
|
||||
client, err := c.newClientToken(ctx, u.Token)
|
||||
client, err := c.newClientToken(ctx, u.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -637,7 +637,7 @@ func (c *Gitea) getChangedFilesForPR(ctx context.Context, repo *model.Repo, inde
|
|||
return nil, err
|
||||
}
|
||||
|
||||
client, err := c.newClientToken(ctx, user.Token)
|
||||
client, err := c.newClientToken(ctx, user.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -674,7 +674,7 @@ func (c *Gitea) getTagCommitSHA(ctx context.Context, repo *model.Repo, tagName s
|
|||
return "", err
|
||||
}
|
||||
|
||||
client, err := c.newClientToken(ctx, user.Token)
|
||||
client, err := c.newClientToken(ctx, user.AccessToken)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@ func Test_gitea(t *testing.T) {
|
|||
netrc, _ := forge.Netrc(fakeUser, fakeRepo)
|
||||
g.Assert(netrc.Machine).Equal("gitea.com")
|
||||
g.Assert(netrc.Login).Equal(fakeUser.Login)
|
||||
g.Assert(netrc.Password).Equal(fakeUser.Token)
|
||||
g.Assert(netrc.Password).Equal(fakeUser.AccessToken)
|
||||
})
|
||||
g.It("Should return a netrc with the machine account", func() {
|
||||
forge, _ := New(Opts{})
|
||||
|
|
@ -166,13 +166,13 @@ func Test_gitea(t *testing.T) {
|
|||
|
||||
var (
|
||||
fakeUser = &model.User{
|
||||
Login: "someuser",
|
||||
Token: "cfcd2084",
|
||||
Login: "someuser",
|
||||
AccessToken: "cfcd2084",
|
||||
}
|
||||
|
||||
fakeUserNoRepos = &model.User{
|
||||
Login: "someuser",
|
||||
Token: "repos_not_found",
|
||||
Login: "someuser",
|
||||
AccessToken: "repos_not_found",
|
||||
}
|
||||
|
||||
fakeRepo = &model.Repo{
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ import (
|
|||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/google/go-github/v66/github"
|
||||
"github.com/rs/zerolog/log"
|
||||
|
|
@ -133,7 +134,9 @@ func (c *client) Login(ctx context.Context, req *forge_types.OAuthRequest) (*mod
|
|||
return &model.User{
|
||||
Login: user.GetLogin(),
|
||||
Email: email.GetEmail(),
|
||||
Token: token.AccessToken,
|
||||
AccessToken: token.AccessToken,
|
||||
RefreshToken: token.RefreshToken,
|
||||
Expiry: token.Expiry.UTC().Unix(),
|
||||
Avatar: user.GetAvatarURL(),
|
||||
ForgeRemoteID: model.ForgeRemoteID(fmt.Sprint(user.GetID())),
|
||||
}, redirectURL, nil
|
||||
|
|
@ -149,9 +152,36 @@ func (c *client) Auth(ctx context.Context, token, _ string) (string, error) {
|
|||
return *user.Login, nil
|
||||
}
|
||||
|
||||
// Refresh refreshes the Gitlab oauth2 access token. If the token is
|
||||
// refreshed the user is updated and a true value is returned.
|
||||
func (c *client) Refresh(ctx context.Context, user *model.User) (bool, error) {
|
||||
// when using Github oAuth app no refresh token is provided
|
||||
if user.RefreshToken == "" {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
config := c.newConfig()
|
||||
|
||||
source := config.TokenSource(ctx, &oauth2.Token{
|
||||
AccessToken: user.AccessToken,
|
||||
RefreshToken: user.RefreshToken,
|
||||
Expiry: time.Unix(user.Expiry, 0),
|
||||
})
|
||||
|
||||
token, err := source.Token()
|
||||
if err != nil || len(token.AccessToken) == 0 {
|
||||
return false, err
|
||||
}
|
||||
|
||||
user.AccessToken = token.AccessToken
|
||||
user.RefreshToken = token.RefreshToken
|
||||
user.Expiry = token.Expiry.UTC().Unix()
|
||||
return true, nil
|
||||
}
|
||||
|
||||
// Teams returns a list of all team membership for the GitHub account.
|
||||
func (c *client) Teams(ctx context.Context, u *model.User) ([]*model.Team, error) {
|
||||
client := c.newClientToken(ctx, u.Token)
|
||||
client := c.newClientToken(ctx, u.AccessToken)
|
||||
|
||||
opts := new(github.ListOptions)
|
||||
opts.Page = 1
|
||||
|
|
@ -170,7 +200,7 @@ func (c *client) Teams(ctx context.Context, u *model.User) ([]*model.Team, error
|
|||
|
||||
// Repo returns the GitHub repository.
|
||||
func (c *client) Repo(ctx context.Context, u *model.User, id model.ForgeRemoteID, owner, name string) (*model.Repo, error) {
|
||||
client := c.newClientToken(ctx, u.Token)
|
||||
client := c.newClientToken(ctx, u.AccessToken)
|
||||
|
||||
if id.IsValid() {
|
||||
intID, err := strconv.ParseInt(string(id), 10, 64)
|
||||
|
|
@ -194,7 +224,7 @@ func (c *client) Repo(ctx context.Context, u *model.User, id model.ForgeRemoteID
|
|||
// Repos returns a list of all repositories for GitHub account, including
|
||||
// organization repositories.
|
||||
func (c *client) Repos(ctx context.Context, u *model.User) ([]*model.Repo, error) {
|
||||
client := c.newClientToken(ctx, u.Token)
|
||||
client := c.newClientToken(ctx, u.AccessToken)
|
||||
|
||||
opts := new(github.RepositoryListByAuthenticatedUserOptions)
|
||||
opts.PerPage = 100
|
||||
|
|
@ -219,7 +249,7 @@ func (c *client) Repos(ctx context.Context, u *model.User) ([]*model.Repo, error
|
|||
|
||||
// File fetches the file from the GitHub repository and returns its contents.
|
||||
func (c *client) File(ctx context.Context, u *model.User, r *model.Repo, b *model.Pipeline, f string) ([]byte, error) {
|
||||
client := c.newClientToken(ctx, u.Token)
|
||||
client := c.newClientToken(ctx, u.AccessToken)
|
||||
|
||||
opts := new(github.RepositoryContentGetOptions)
|
||||
opts.Ref = b.Commit
|
||||
|
|
@ -238,7 +268,7 @@ func (c *client) File(ctx context.Context, u *model.User, r *model.Repo, b *mode
|
|||
}
|
||||
|
||||
func (c *client) Dir(ctx context.Context, u *model.User, r *model.Repo, b *model.Pipeline, f string) ([]*forge_types.FileMeta, error) {
|
||||
client := c.newClientToken(ctx, u.Token)
|
||||
client := c.newClientToken(ctx, u.AccessToken)
|
||||
|
||||
opts := new(github.RepositoryContentGetOptions)
|
||||
opts.Ref = b.Commit
|
||||
|
|
@ -317,7 +347,7 @@ func (c *client) Netrc(u *model.User, r *model.Repo) (*model.Netrc, error) {
|
|||
token := ""
|
||||
|
||||
if u != nil {
|
||||
login = u.Token
|
||||
login = u.AccessToken
|
||||
token = "x-oauth-basic"
|
||||
}
|
||||
|
||||
|
|
@ -336,7 +366,7 @@ func (c *client) Netrc(u *model.User, r *model.Repo) (*model.Netrc, error) {
|
|||
// Deactivate deactivates the repository be removing registered push hooks from
|
||||
// the GitHub repository.
|
||||
func (c *client) Deactivate(ctx context.Context, u *model.User, r *model.Repo, link string) error {
|
||||
client := c.newClientToken(ctx, u.Token)
|
||||
client := c.newClientToken(ctx, u.AccessToken)
|
||||
hooks, _, err := client.Repositories.ListHooks(ctx, r.Owner, r.Name, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -352,7 +382,7 @@ func (c *client) Deactivate(ctx context.Context, u *model.User, r *model.Repo, l
|
|||
// OrgMembership returns if user is member of organization and if user
|
||||
// is admin/owner in this organization.
|
||||
func (c *client) OrgMembership(ctx context.Context, u *model.User, owner string) (*model.OrgPerm, error) {
|
||||
client := c.newClientToken(ctx, u.Token)
|
||||
client := c.newClientToken(ctx, u.AccessToken)
|
||||
org, _, err := client.Organizations.GetOrgMembership(ctx, u.Login, owner)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -362,7 +392,7 @@ func (c *client) OrgMembership(ctx context.Context, u *model.User, owner string)
|
|||
}
|
||||
|
||||
func (c *client) Org(ctx context.Context, u *model.User, owner string) (*model.Org, error) {
|
||||
client := c.newClientToken(ctx, u.Token)
|
||||
client := c.newClientToken(ctx, u.AccessToken)
|
||||
|
||||
user, _, err := client.Users.Get(ctx, owner)
|
||||
log.Trace().Msgf("GitHub user for owner %s = %v", owner, user)
|
||||
|
|
@ -487,7 +517,7 @@ var reDeploy = regexp.MustCompile(`.+/deployments/(\d+)`)
|
|||
// Status sends the commit status to the forge.
|
||||
// An example would be the GitHub pull request status.
|
||||
func (c *client) Status(ctx context.Context, user *model.User, repo *model.Repo, pipeline *model.Pipeline, workflow *model.Workflow) error {
|
||||
client := c.newClientToken(ctx, user.Token)
|
||||
client := c.newClientToken(ctx, user.AccessToken)
|
||||
|
||||
if pipeline.Event == model.EventDeploy {
|
||||
// Get id from url. If not found, skip.
|
||||
|
|
@ -521,7 +551,7 @@ func (c *client) Activate(ctx context.Context, u *model.User, r *model.Repo, lin
|
|||
if err := c.Deactivate(ctx, u, r, link); err != nil {
|
||||
return err
|
||||
}
|
||||
client := c.newClientToken(ctx, u.Token)
|
||||
client := c.newClientToken(ctx, u.AccessToken)
|
||||
hook := &github.Hook{
|
||||
Name: github.String("web"),
|
||||
Events: []string{
|
||||
|
|
@ -618,7 +648,7 @@ func (c *client) loadChangedFilesFromPullRequest(ctx context.Context, pull *gith
|
|||
opts := &github.ListOptions{Page: page}
|
||||
fileList := make([]string, 0, 16)
|
||||
for opts.Page > 0 {
|
||||
files, resp, err := c.newClientToken(ctx, user.Token).PullRequests.ListFiles(ctx, repo.Owner, repo.Name, pull.GetNumber(), opts)
|
||||
files, resp, err := c.newClientToken(ctx, user.AccessToken).PullRequests.ListFiles(ctx, repo.Owner, repo.Name, pull.GetNumber(), opts)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -652,7 +682,7 @@ func (c *client) getTagCommitSHA(ctx context.Context, repo *model.Repo, tagName
|
|||
return "", err
|
||||
}
|
||||
|
||||
gh := c.newClientToken(ctx, user.Token)
|
||||
gh := c.newClientToken(ctx, user.AccessToken)
|
||||
|
||||
page := 1
|
||||
var tag *github.RepositoryTag
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ func Test_github(t *testing.T) {
|
|||
forge, _ := New(Opts{})
|
||||
netrc, _ := forge.Netrc(fakeUser, fakeRepo)
|
||||
g.Assert(netrc.Machine).Equal("github.com")
|
||||
g.Assert(netrc.Login).Equal(fakeUser.Token)
|
||||
g.Assert(netrc.Login).Equal(fakeUser.AccessToken)
|
||||
g.Assert(netrc.Password).Equal("x-oauth-basic")
|
||||
})
|
||||
g.It("Should return a netrc with the machine account", func() {
|
||||
|
|
@ -115,8 +115,8 @@ func Test_github(t *testing.T) {
|
|||
|
||||
var (
|
||||
fakeUser = &model.User{
|
||||
Login: "octocat",
|
||||
Token: "cfcd2084",
|
||||
Login: "octocat",
|
||||
AccessToken: "cfcd2084",
|
||||
}
|
||||
|
||||
fakeRepo = &model.Repo{
|
||||
|
|
|
|||
|
|
@ -142,8 +142,9 @@ func (g *GitLab) Login(ctx context.Context, req *forge_types.OAuthRequest) (*mod
|
|||
Email: login.Email,
|
||||
Avatar: login.AvatarURL,
|
||||
ForgeRemoteID: model.ForgeRemoteID(fmt.Sprint(login.ID)),
|
||||
Token: token.AccessToken,
|
||||
Secret: token.RefreshToken,
|
||||
AccessToken: token.AccessToken,
|
||||
RefreshToken: token.RefreshToken,
|
||||
Expiry: token.Expiry.UTC().Unix(),
|
||||
}
|
||||
if !strings.HasPrefix(user.Avatar, "http") {
|
||||
user.Avatar = g.url + "/" + login.AvatarURL
|
||||
|
|
@ -159,8 +160,8 @@ func (g *GitLab) Refresh(ctx context.Context, user *model.User) (bool, error) {
|
|||
config.RedirectURL = ""
|
||||
|
||||
source := config.TokenSource(oauth2Ctx, &oauth2.Token{
|
||||
AccessToken: user.Token,
|
||||
RefreshToken: user.Secret,
|
||||
AccessToken: user.AccessToken,
|
||||
RefreshToken: user.RefreshToken,
|
||||
Expiry: time.Unix(user.Expiry, 0),
|
||||
})
|
||||
|
||||
|
|
@ -169,8 +170,8 @@ func (g *GitLab) Refresh(ctx context.Context, user *model.User) (bool, error) {
|
|||
return false, err
|
||||
}
|
||||
|
||||
user.Token = token.AccessToken
|
||||
user.Secret = token.RefreshToken
|
||||
user.AccessToken = token.AccessToken
|
||||
user.RefreshToken = token.RefreshToken
|
||||
user.Expiry = token.Expiry.UTC().Unix()
|
||||
return true, nil
|
||||
}
|
||||
|
|
@ -191,7 +192,7 @@ func (g *GitLab) Auth(ctx context.Context, token, _ string) (string, error) {
|
|||
|
||||
// Teams fetches a list of team memberships from the forge.
|
||||
func (g *GitLab) Teams(ctx context.Context, user *model.User) ([]*model.Team, error) {
|
||||
client, err := newClient(g.url, user.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, user.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -260,7 +261,7 @@ func (g *GitLab) getInheritedProjectMember(ctx context.Context, client *gitlab.C
|
|||
|
||||
// Repo fetches the repository from the forge.
|
||||
func (g *GitLab) Repo(ctx context.Context, user *model.User, remoteID model.ForgeRemoteID, owner, name string) (*model.Repo, error) {
|
||||
client, err := newClient(g.url, user.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, user.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -285,7 +286,7 @@ func (g *GitLab) Repo(ctx context.Context, user *model.User, remoteID model.Forg
|
|||
|
||||
// Repos fetches a list of repos from the forge.
|
||||
func (g *GitLab) Repos(ctx context.Context, user *model.User) ([]*model.Repo, error) {
|
||||
client, err := newClient(g.url, user.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, user.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -365,7 +366,7 @@ func (g *GitLab) PullRequests(ctx context.Context, u *model.User, r *model.Repo,
|
|||
|
||||
// File fetches a file from the forge repository and returns in string format.
|
||||
func (g *GitLab) File(ctx context.Context, user *model.User, repo *model.Repo, pipeline *model.Pipeline, fileName string) ([]byte, error) {
|
||||
client, err := newClient(g.url, user.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, user.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -382,7 +383,7 @@ func (g *GitLab) File(ctx context.Context, user *model.User, repo *model.Repo, p
|
|||
|
||||
// Dir fetches a folder from the forge repository.
|
||||
func (g *GitLab) Dir(ctx context.Context, user *model.User, repo *model.Repo, pipeline *model.Pipeline, path string) ([]*forge_types.FileMeta, error) {
|
||||
client, err := newClient(g.url, user.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, user.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -434,7 +435,7 @@ func (g *GitLab) Dir(ctx context.Context, user *model.User, repo *model.Repo, pi
|
|||
|
||||
// Status sends the commit status back to gitlab.
|
||||
func (g *GitLab) Status(ctx context.Context, user *model.User, repo *model.Repo, pipeline *model.Pipeline, workflow *model.Workflow) error {
|
||||
client, err := newClient(g.url, user.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, user.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -463,7 +464,7 @@ func (g *GitLab) Netrc(u *model.User, r *model.Repo) (*model.Netrc, error) {
|
|||
|
||||
if u != nil {
|
||||
login = "oauth2"
|
||||
token = u.Token
|
||||
token = u.AccessToken
|
||||
}
|
||||
|
||||
host, err := common.ExtractHostFromCloneURL(r.Clone)
|
||||
|
|
@ -491,7 +492,7 @@ func (g *GitLab) getTokenAndWebURL(link string) (token, webURL string, err error
|
|||
// Activate activates a repository by adding a Post-commit hook and
|
||||
// a Public Deploy key, if applicable.
|
||||
func (g *GitLab) Activate(ctx context.Context, user *model.User, repo *model.Repo, link string) error {
|
||||
client, err := newClient(g.url, user.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, user.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -526,7 +527,7 @@ func (g *GitLab) Activate(ctx context.Context, user *model.User, repo *model.Rep
|
|||
// Deactivate removes a repository by removing all the post-commit hooks
|
||||
// which are equal to link and removing the SSH deploy key.
|
||||
func (g *GitLab) Deactivate(ctx context.Context, user *model.User, repo *model.Repo, link string) error {
|
||||
client, err := newClient(g.url, user.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, user.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -671,7 +672,7 @@ func (g *GitLab) Hook(ctx context.Context, req *http.Request) (*model.Repo, *mod
|
|||
// OrgMembership returns if user is member of organization and if user
|
||||
// is admin/owner in this organization.
|
||||
func (g *GitLab) OrgMembership(ctx context.Context, u *model.User, owner string) (*model.OrgPerm, error) {
|
||||
client, err := newClient(g.url, u.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, u.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -725,7 +726,7 @@ func (g *GitLab) OrgMembership(ctx context.Context, u *model.User, owner string)
|
|||
}
|
||||
|
||||
func (g *GitLab) Org(ctx context.Context, u *model.User, owner string) (*model.Org, error) {
|
||||
client, err := newClient(g.url, u.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, u.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -783,7 +784,7 @@ func (g *GitLab) loadChangedFilesFromMergeRequest(ctx context.Context, tmpRepo *
|
|||
return nil, err
|
||||
}
|
||||
|
||||
client, err := newClient(g.url, user.Token, g.SkipVerify)
|
||||
client, err := newClient(g.url, user.AccessToken, g.SkipVerify)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ func Test_GitLab(t *testing.T) {
|
|||
|
||||
user := model.User{
|
||||
Login: "test_user",
|
||||
Token: "e3b0c44298fc1c149afbf4c8996fb",
|
||||
AccessToken: "e3b0c44298fc1c149afbf4c8996fb",
|
||||
ForgeRemoteID: "3",
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -43,13 +43,13 @@ type User struct {
|
|||
// required: true
|
||||
Login string `json:"login" xorm:"UNIQUE 'login'"`
|
||||
|
||||
// Token is the oauth2 token.
|
||||
Token string `json:"-" xorm:"TEXT 'token'"`
|
||||
// AccessToken is the oauth2 access token.
|
||||
AccessToken string `json:"-" xorm:"TEXT 'token'"`
|
||||
|
||||
// Secret is the oauth2 token secret.
|
||||
Secret string `json:"-" xorm:"TEXT 'secret'"`
|
||||
// RefreshToken is the oauth2 refresh token.
|
||||
RefreshToken string `json:"-" xorm:"TEXT 'secret'"`
|
||||
|
||||
// Expiry is the token and secret expiration timestamp.
|
||||
// Expiry is the AccessToken expiration timestamp (unix seconds).
|
||||
Expiry int64 `json:"-" xorm:"expiry"`
|
||||
|
||||
// Email is the email address for this user.
|
||||
|
|
|
|||
|
|
@ -220,7 +220,7 @@ func TestFetchFromConfigService(t *testing.T) {
|
|||
files, err := configFetcher.Fetch(
|
||||
context.Background(),
|
||||
f,
|
||||
&model.User{Token: "xxx"},
|
||||
&model.User{AccessToken: "xxx"},
|
||||
repo,
|
||||
&model.Pipeline{Commit: "89ab7b2d6bfb347144ac7c557e638ab402848fee"},
|
||||
[]*forge_types.FileMeta{},
|
||||
|
|
|
|||
|
|
@ -312,7 +312,7 @@ func TestFetch(t *testing.T) {
|
|||
files, err := configFetcher.Fetch(
|
||||
context.Background(),
|
||||
f,
|
||||
&model.User{Token: "xxx"},
|
||||
&model.User{AccessToken: "xxx"},
|
||||
repo,
|
||||
&model.Pipeline{Commit: "89ab7b2d6bfb347144ac7c557e638ab402848fee"},
|
||||
nil,
|
||||
|
|
|
|||
|
|
@ -27,9 +27,9 @@ func TestGetPipelineQueue(t *testing.T) {
|
|||
defer closer()
|
||||
|
||||
user := &model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
assert.NoError(t, store.CreateUser(user))
|
||||
|
||||
|
|
@ -63,9 +63,9 @@ func TestUserFeed(t *testing.T) {
|
|||
defer closer()
|
||||
|
||||
user := &model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
assert.NoError(t, store.CreateUser(user))
|
||||
|
||||
|
|
@ -109,9 +109,9 @@ func TestRepoListLatest(t *testing.T) {
|
|||
defer closer()
|
||||
|
||||
user := &model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
assert.NoError(t, store.CreateUser(user))
|
||||
|
||||
|
|
|
|||
|
|
@ -165,9 +165,9 @@ func TestRepoList(t *testing.T) {
|
|||
defer closer()
|
||||
|
||||
user := &model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
assert.NoError(t, store.CreateUser(user))
|
||||
|
||||
|
|
@ -212,9 +212,9 @@ func TestOwnedRepoList(t *testing.T) {
|
|||
defer closer()
|
||||
|
||||
user := &model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
assert.NoError(t, store.CreateUser(user))
|
||||
|
||||
|
|
|
|||
|
|
@ -46,9 +46,9 @@ func TestUsers(t *testing.T) {
|
|||
|
||||
g.It("Should Update a User", func() {
|
||||
user := model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
err1 := store.CreateUser(&user)
|
||||
err2 := store.UpdateUser(&user)
|
||||
|
|
@ -61,9 +61,9 @@ func TestUsers(t *testing.T) {
|
|||
|
||||
g.It("Should Add a new User", func() {
|
||||
user := model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
err := store.CreateUser(&user)
|
||||
g.Assert(err).IsNil()
|
||||
|
|
@ -72,11 +72,11 @@ func TestUsers(t *testing.T) {
|
|||
|
||||
g.It("Should Get a User", func() {
|
||||
user := &model.User{
|
||||
Login: "joe",
|
||||
Token: "f0b461ca586c27872b43a0685cbc2847",
|
||||
Secret: "976f22a5eef7caacb7e678d6c52f49b1",
|
||||
Email: "foo@bar.com",
|
||||
Avatar: "b9015b0857e16ac4d94a0ffd9a0b79c8",
|
||||
Login: "joe",
|
||||
AccessToken: "f0b461ca586c27872b43a0685cbc2847",
|
||||
RefreshToken: "976f22a5eef7caacb7e678d6c52f49b1",
|
||||
Email: "foo@bar.com",
|
||||
Avatar: "b9015b0857e16ac4d94a0ffd9a0b79c8",
|
||||
}
|
||||
|
||||
g.Assert(store.CreateUser(user)).IsNil()
|
||||
|
|
@ -84,17 +84,17 @@ func TestUsers(t *testing.T) {
|
|||
g.Assert(err).IsNil()
|
||||
g.Assert(user.ID).Equal(getUser.ID)
|
||||
g.Assert(user.Login).Equal(getUser.Login)
|
||||
g.Assert(user.Token).Equal(getUser.Token)
|
||||
g.Assert(user.Secret).Equal(getUser.Secret)
|
||||
g.Assert(user.AccessToken).Equal(getUser.AccessToken)
|
||||
g.Assert(user.RefreshToken).Equal(getUser.RefreshToken)
|
||||
g.Assert(user.Email).Equal(getUser.Email)
|
||||
g.Assert(user.Avatar).Equal(getUser.Avatar)
|
||||
})
|
||||
|
||||
g.It("Should Get a User By Login", func() {
|
||||
user := &model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
g.Assert(store.CreateUser(user))
|
||||
getUser, err := store.GetUserLogin(user.Login)
|
||||
|
|
@ -105,14 +105,14 @@ func TestUsers(t *testing.T) {
|
|||
|
||||
g.It("Should Enforce Unique User Login", func() {
|
||||
user1 := model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
user2 := model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "ab20g0ddaf012c744e136da16aa21ad9",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "ab20g0ddaf012c744e136da16aa21ad9",
|
||||
}
|
||||
err1 := store.CreateUser(&user1)
|
||||
err2 := store.CreateUser(&user2)
|
||||
|
|
@ -122,15 +122,15 @@ func TestUsers(t *testing.T) {
|
|||
|
||||
g.It("Should Get a User List", func() {
|
||||
user1 := model.User{
|
||||
Login: "jane",
|
||||
Email: "foo@bar.com",
|
||||
Token: "ab20g0ddaf012c744e136da16aa21ad9",
|
||||
Hash: "A",
|
||||
Login: "jane",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "ab20g0ddaf012c744e136da16aa21ad9",
|
||||
Hash: "A",
|
||||
}
|
||||
user2 := model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
g.Assert(store.CreateUser(&user1)).IsNil()
|
||||
g.Assert(store.CreateUser(&user2)).IsNil()
|
||||
|
|
@ -139,21 +139,21 @@ func TestUsers(t *testing.T) {
|
|||
g.Assert(len(users)).Equal(2)
|
||||
g.Assert(users[0].Login).Equal(user1.Login)
|
||||
g.Assert(users[0].Email).Equal(user1.Email)
|
||||
g.Assert(users[0].Token).Equal(user1.Token)
|
||||
g.Assert(users[0].AccessToken).Equal(user1.AccessToken)
|
||||
})
|
||||
|
||||
g.It("Should Get a User Count", func() {
|
||||
user1 := model.User{
|
||||
Login: "jane",
|
||||
Email: "foo@bar.com",
|
||||
Token: "ab20g0ddaf012c744e136da16aa21ad9",
|
||||
Hash: "A",
|
||||
Login: "jane",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "ab20g0ddaf012c744e136da16aa21ad9",
|
||||
Hash: "A",
|
||||
}
|
||||
user2 := model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Hash: "B",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
Hash: "B",
|
||||
}
|
||||
g.Assert(store.CreateUser(&user1)).IsNil()
|
||||
g.Assert(store.CreateUser(&user2)).IsNil()
|
||||
|
|
@ -170,9 +170,9 @@ func TestUsers(t *testing.T) {
|
|||
|
||||
g.It("Should Del a User", func() {
|
||||
user := &model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
g.Assert(store.CreateUser(user)).IsNil()
|
||||
user, err1 := store.GetUser(user.ID)
|
||||
|
|
@ -185,9 +185,9 @@ func TestUsers(t *testing.T) {
|
|||
|
||||
g.It("Should get the Pipeline feed for a User", func() {
|
||||
user := &model.User{
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
Token: "e42080dddf012c718e476da161d21ad5",
|
||||
Login: "joe",
|
||||
Email: "foo@bar.com",
|
||||
AccessToken: "e42080dddf012c718e476da161d21ad5",
|
||||
}
|
||||
g.Assert(store.CreateUser(user)).IsNil()
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue