mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2024-11-26 20:01:02 +00:00
Merge pull request #856 from Bugagazavr/gitlab-ouath
Refresh only expired tokens
This commit is contained in:
commit
64aeeff3ae
11 changed files with 48 additions and 21 deletions
|
@ -230,7 +230,11 @@ func (r *Gitlab) OpenRegistration() bool {
|
|||
}
|
||||
|
||||
func (r *Gitlab) GetToken(user *model.User) (*model.Token, error) {
|
||||
expiry := time.Now().Truncate(7200 * time.Second)
|
||||
expiry := time.Unix(user.TokenExpiry, 0)
|
||||
if expiry.Sub(time.Now()) > (60 * time.Second) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
t := &oauth.Transport{
|
||||
Config: NewOauthConfig(r, ""),
|
||||
Token: &oauth.Token{
|
||||
|
@ -247,5 +251,6 @@ func (r *Gitlab) GetToken(user *model.User) (*model.Token, error) {
|
|||
var token = new(model.Token)
|
||||
token.AccessToken = t.Token.AccessToken
|
||||
token.RefreshToken = t.Token.RefreshToken
|
||||
token.Expiry = t.Token.Expiry.Unix()
|
||||
return token, nil
|
||||
}
|
||||
|
|
|
@ -38,6 +38,7 @@ func Connect(driver, datasource string) (*sql.DB, error) {
|
|||
var migrations = []migration.Migrator{
|
||||
migrate.Setup,
|
||||
migrate.Migrate_20142110,
|
||||
migrate.Migrate_20152701,
|
||||
}
|
||||
return migration.Open(driver, datasource, migrations)
|
||||
}
|
||||
|
|
|
@ -39,6 +39,20 @@ func Migrate_20142110(tx migration.LimitedTx) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// Migrate_20142110 is a database migration on Oct-10 2014.
|
||||
func Migrate_20152701(tx migration.LimitedTx) error {
|
||||
var stmts = []string{
|
||||
addUserTokenExpires, // index the commit table repo_id column
|
||||
}
|
||||
for _, stmt := range stmts {
|
||||
_, err := tx.Exec(transform(stmt))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
var userTable = `
|
||||
CREATE TABLE IF NOT EXISTS users (
|
||||
user_id INTEGER PRIMARY KEY AUTOINCREMENT
|
||||
|
@ -144,3 +158,7 @@ CREATE TABLE IF NOT EXISTS blobs (
|
|||
,UNIQUE(blob_path)
|
||||
);
|
||||
`
|
||||
|
||||
var addUserTokenExpires = `
|
||||
ALTER TABLE users ADD COLUMN user_access_expires INTEGER
|
||||
`
|
||||
|
|
|
@ -103,6 +103,7 @@ func PostCommit(c web.C, w http.ResponseWriter, r *http.Request) {
|
|||
if user_token != nil {
|
||||
owner.Access = user_token.AccessToken
|
||||
owner.Secret = user_token.RefreshToken
|
||||
owner.TokenExpiry = user_token.Expiry
|
||||
datastore.PutUser(ctx, owner)
|
||||
} else if err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
|
|
|
@ -81,6 +81,7 @@ func PostHook(c web.C, w http.ResponseWriter, r *http.Request) {
|
|||
if user_token != nil {
|
||||
user.Access = user_token.AccessToken
|
||||
user.Secret = user_token.RefreshToken
|
||||
user.TokenExpiry = user_token.Expiry
|
||||
datastore.PutUser(ctx, user)
|
||||
} else if err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
|
|
|
@ -90,6 +90,7 @@ func GetLogin(c web.C, w http.ResponseWriter, r *http.Request) {
|
|||
u.Access = login.Access
|
||||
u.Secret = login.Secret
|
||||
u.Name = login.Name
|
||||
u.TokenExpiry = login.Expiry
|
||||
u.SetEmail(login.Email)
|
||||
u.Syncing = u.IsStale()
|
||||
|
||||
|
|
|
@ -109,6 +109,7 @@ func PostRepo(c web.C, w http.ResponseWriter, r *http.Request) {
|
|||
if user_token != nil {
|
||||
user.Access = user_token.AccessToken
|
||||
user.Secret = user_token.RefreshToken
|
||||
user.TokenExpiry = user_token.Expiry
|
||||
datastore.PutUser(ctx, user)
|
||||
} else if err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
|
|
|
@ -163,6 +163,7 @@ func PostUserSync(c web.C, w http.ResponseWriter, r *http.Request) {
|
|||
if user_token != nil {
|
||||
user.Access = user_token.AccessToken
|
||||
user.Secret = user_token.RefreshToken
|
||||
user.TokenExpiry = user_token.Expiry
|
||||
} else if err != nil {
|
||||
w.WriteHeader(http.StatusNotFound)
|
||||
return
|
||||
|
|
|
@ -9,4 +9,5 @@ type Login struct {
|
|||
Secret string
|
||||
Name string
|
||||
Email string
|
||||
Expiry int64
|
||||
}
|
||||
|
|
|
@ -1,11 +1,7 @@
|
|||
package model
|
||||
|
||||
import (
|
||||
"time"
|
||||
)
|
||||
|
||||
type Token struct {
|
||||
AccessToken string
|
||||
RefreshToken string
|
||||
Expiry time.Time
|
||||
Expiry int64
|
||||
}
|
||||
|
|
|
@ -5,21 +5,22 @@ import (
|
|||
)
|
||||
|
||||
type User struct {
|
||||
ID int64 `meddler:"user_id,pk" json:"-"`
|
||||
Remote string `meddler:"user_remote" json:"remote"`
|
||||
Login string `meddler:"user_login" json:"login"`
|
||||
Access string `meddler:"user_access" json:"-"`
|
||||
Secret string `meddler:"user_secret" json:"-"`
|
||||
Name string `meddler:"user_name" json:"name"`
|
||||
Email string `meddler:"user_email" json:"email,omitempty"`
|
||||
Gravatar string `meddler:"user_gravatar" json:"gravatar"`
|
||||
Token string `meddler:"user_token" json:"-"`
|
||||
Admin bool `meddler:"user_admin" json:"admin"`
|
||||
Active bool `meddler:"user_active" json:"active"`
|
||||
Syncing bool `meddler:"user_syncing" json:"syncing"`
|
||||
Created int64 `meddler:"user_created" json:"created_at"`
|
||||
Updated int64 `meddler:"user_updated" json:"updated_at"`
|
||||
Synced int64 `meddler:"user_synced" json:"synced_at"`
|
||||
ID int64 `meddler:"user_id,pk" json:"-"`
|
||||
Remote string `meddler:"user_remote" json:"remote"`
|
||||
Login string `meddler:"user_login" json:"login"`
|
||||
Access string `meddler:"user_access" json:"-"`
|
||||
Secret string `meddler:"user_secret" json:"-"`
|
||||
Name string `meddler:"user_name" json:"name"`
|
||||
Email string `meddler:"user_email" json:"email,omitempty"`
|
||||
Gravatar string `meddler:"user_gravatar" json:"gravatar"`
|
||||
Token string `meddler:"user_token" json:"-"`
|
||||
Admin bool `meddler:"user_admin" json:"admin"`
|
||||
Active bool `meddler:"user_active" json:"active"`
|
||||
Syncing bool `meddler:"user_syncing" json:"syncing"`
|
||||
Created int64 `meddler:"user_created" json:"created_at"`
|
||||
Updated int64 `meddler:"user_updated" json:"updated_at"`
|
||||
Synced int64 `meddler:"user_synced" json:"synced_at"`
|
||||
TokenExpiry int64 `meddler:"user_access_expires" json:"-"`
|
||||
}
|
||||
|
||||
func NewUser(remote, login, email string) *User {
|
||||
|
|
Loading…
Reference in a new issue