Allow separate gitea oauth URL (#3513)

closes https://github.com/woodpecker-ci/woodpecker/issues/3470

---------

Co-authored-by: Robert Kaussow <xoxys@rknet.org>
This commit is contained in:
qwerty287 2024-03-21 11:37:02 +01:00 committed by GitHub
parent 5fb732a734
commit fbdfa14a00
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 32 additions and 17 deletions

View file

@ -386,6 +386,11 @@ var flags = append([]cli.Flag{
Name: "gitea-skip-verify",
Usage: "gitea skip ssl verification",
},
&cli.StringFlag{
EnvVars: []string{"WOODPECKER_DEV_GITEA_OAUTH_URL"},
Name: "gitea-oauth-server",
Usage: "user-facing gitea server url for oauth",
},
//
// Bitbucket
//

View file

@ -141,14 +141,23 @@ func setupBitbucket(c *cli.Context) (forge.Forge, error) {
return bitbucket.New(opts)
}
// setupGitea helper function to setup the Gitea forge from the CLI arguments.
// setupGitea helper function to set up the Gitea forge from the CLI arguments.
func setupGitea(c *cli.Context) (forge.Forge, error) {
server, err := url.Parse(c.String("gitea-server"))
if err != nil {
return nil, err
}
oauth2Server := c.String("gitea-oauth-server")
if oauth2Server != "" {
oauth2URL, err := url.Parse(oauth2Server)
if err != nil {
return nil, err
}
oauth2Server = strings.TrimRight(oauth2URL.String(), "/")
}
opts := gitea.Opts{
URL: strings.TrimRight(server.String(), "/"),
OAuth2URL: oauth2Server,
Client: c.String("gitea-client"),
Secret: c.String("gitea-secret"),
SkipVerify: c.Bool("gitea-skip-verify"),

View file

@ -93,3 +93,11 @@ Read the value for `WOODPECKER_GITEA_SECRET` from the specified filepath
> Default: `false`
Configure if SSL verification should be skipped.
## Advanced options
### `WOODPECKER_DEV_GITEA_OAUTH_URL`
> Default: value of `WOODPECKER_GITEA_URL`
Configures the user-facing Gitea server address. Should be used if `WOODPECKER_GITEA_URL` points to an internal URL used for API requests.

View file

@ -23,9 +23,7 @@ import (
"crypto/tls"
"errors"
"fmt"
"net"
"net/http"
"net/url"
"path"
"path/filepath"
"strconv"
@ -49,11 +47,12 @@ const (
authorizeTokenURL = "%s/login/oauth/authorize"
accessTokenURL = "%s/login/oauth/access_token"
defaultPageSize = 50
giteaDevVersion = "v1.18.0"
giteaDevVersion = "v1.21.0"
)
type Gitea struct {
url string
oauth2URL string
ClientID string
ClientSecret string
SkipVerify bool
@ -63,6 +62,7 @@ type Gitea struct {
// Opts defines configuration options.
type Opts struct {
URL string // Gitea server url.
OAuth2URL string // User-facing Gitea server url for OAuth2.
Client string // OAuth2 Client ID
Secret string // OAuth2 Client Secret
SkipVerify bool // Skip ssl verification.
@ -71,16 +71,13 @@ type Opts struct {
// New returns a Forge implementation that integrates with Gitea,
// an open source Git service written in Go. See https://gitea.io/
func New(opts Opts) (forge.Forge, error) {
u, err := url.Parse(opts.URL)
if err != nil {
return nil, err
}
host, _, err := net.SplitHostPort(u.Host)
if err == nil {
u.Host = host
if opts.OAuth2URL != "" {
opts.OAuth2URL = opts.URL
}
return &Gitea{
url: opts.URL,
oauth2URL: opts.OAuth2URL,
ClientID: opts.Client,
ClientSecret: opts.Secret,
SkipVerify: opts.SkipVerify,
@ -102,8 +99,8 @@ func (c *Gitea) oauth2Config(ctx context.Context) (*oauth2.Config, context.Conte
ClientID: c.ClientID,
ClientSecret: c.ClientSecret,
Endpoint: oauth2.Endpoint{
AuthURL: fmt.Sprintf(authorizeTokenURL, c.url),
TokenURL: fmt.Sprintf(accessTokenURL, c.url),
AuthURL: fmt.Sprintf(authorizeTokenURL, c.oauth2URL),
TokenURL: fmt.Sprintf(accessTokenURL, c.oauth2URL),
},
RedirectURL: fmt.Sprintf("%s/authorize", server.Config.Server.OAuthHost),
},

View file

@ -62,10 +62,6 @@ func Test_gitea(t *testing.T) {
g.Assert(f.url).Equal("http://localhost:8080")
g.Assert(f.SkipVerify).Equal(true)
})
g.It("Should handle malformed url", func() {
_, err := New(Opts{URL: "%gh&%ij"})
g.Assert(err).IsNotNil()
})
})
g.Describe("Generating a netrc file", func() {