source.dussan.org Git - gitea.git/commit

author	zeripath <art27@cantab.net>
	Tue, 13 Jul 2021 13:28:07 +0000 (14:28 +0100)
committer	GitHub <noreply@github.com>
	Tue, 13 Jul 2021 13:28:07 +0000 (15:28 +0200)
commit	b82293270c7d2d36d79cb9c5731d07c3f5b33f6b
tree	a79131e08ecf19cc8e642fcc032bfee0e30959c0	tree \| snapshot
parent	67f135ca5ddfcab4391a00af4936d0260079cd97	commit \| diff

Add option to provide signature for a token to verify key ownership (#14054)

* Add option to provide signed token to verify key ownership

Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.

* Ensure verified keys can act for all active emails for the user

* Add code to mark keys as verified

* Slight UI adjustments

* Slight UI adjustments 2

* Simplify signature verification slightly

* fix postgres test

* add api routes

* handle swapped primary-keys

* Verify the no-reply address for verified keys

* Only add email addresses that are activated to keys

* Fix committer shortcut properly

* Restructure gpg_keys.go

* Use common Verification Token code

Signed-off-by: Andrew Thornton <art27@cantab.net>

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

RSS Atom

integrations/api_gpg_keys_test.go		diff \| blob \| history
models/error.go		diff \| blob \| history
models/gpg_key.go		diff \| blob \| history
models/gpg_key_add.go	[new file with mode: 0644]	blob
models/gpg_key_commit_verification.go	[new file with mode: 0644]	blob
models/gpg_key_common.go	[new file with mode: 0644]	blob
models/gpg_key_import.go	[new file with mode: 0644]	blob
models/gpg_key_test.go		diff \| blob \| history
models/gpg_key_verify.go	[new file with mode: 0644]	blob
models/migrations/migrations.go		diff \| blob \| history
models/migrations/v188.go	[new file with mode: 0644]	blob
modules/convert/convert.go		diff \| blob \| history
modules/structs/user_gpgkey.go		diff \| blob \| history
options/locale/locale_en-US.ini		diff \| blob \| history
routers/api/v1/api.go		diff \| blob \| history
routers/api/v1/user/gpg_key.go		diff \| blob \| history
routers/web/user/setting/keys.go		diff \| blob \| history
services/forms/user_form.go		diff \| blob \| history
templates/swagger/v1_json.tmpl		diff \| blob \| history
templates/user/settings/keys_gpg.tmpl		diff \| blob \| history