Backport Migration Option AuthToken (#13101)

fix #13085

Backport #12862
Backport Parts of #12672

diff --git a/modules/migrations/gitea.go b/modules/migrations/gitea.go
index b51dc99037a9d04318f5eea4816b18bebeeac1a7..3c711feb8b88653eee3f9d0f05dc3f3604b89ea6 100644 (file)
--- a/modules/migrations/gitea.go
+++ b/modules/migrations/gitea.go
@@ -93,12 +93,15 @@ func (g *GiteaLocalUploader) CreateRepo(repo *base.Repository, opts base.Migrate
        }
 
        var remoteAddr = repo.CloneURL
-       if len(opts.AuthUsername) > 0 {
+       if len(opts.AuthToken) > 0 || len(opts.AuthUsername) > 0 {
                u, err := url.Parse(repo.CloneURL)
                if err != nil {
                        return err
                }
                u.User = url.UserPassword(opts.AuthUsername, opts.AuthPassword)
+               if len(opts.AuthToken) > 0 {
+                       u.User = url.UserPassword("oauth2", opts.AuthToken)
+               }
                remoteAddr = u.String()
        }
 

diff --git a/modules/migrations/gitea_test.go b/modules/migrations/gitea_test.go
index 3f03cbab3137094526ed3e0f487a5e84414b958d..7834dc26eec40374e3822f490bccbc707f8c6a7a 100644 (file)
--- a/modules/migrations/gitea_test.go
+++ b/modules/migrations/gitea_test.go
@@ -26,7 +26,7 @@ func TestGiteaUploadRepo(t *testing.T) {
        user := models.AssertExistsAndLoadBean(t, &models.User{ID: 1}).(*models.User)
 
        var (
-               downloader = NewGithubDownloaderV3("", "", "go-xorm", "builder")
+               downloader = NewGithubDownloaderV3("", "", "", "go-xorm", "builder")
                repoName   = "builder-" + time.Now().Format("2006-01-02-15-04-05")
                uploader   = NewGiteaLocalUploader(graceful.GetManager().HammerContext(), user, user.Name, repoName)
        )

diff --git a/modules/migrations/github.go b/modules/migrations/github.go
index a6b8fab59de5d0aeb02e2da7ebe0e2c7dc6140a4..570c91bfd6200db37a3cbd0cbe6db542a13c67b0 100644 (file)
--- a/modules/migrations/github.go
+++ b/modules/migrations/github.go
@@ -60,7 +60,7 @@ func (f *GithubDownloaderV3Factory) New(opts base.MigrateOptions) (base.Download
 
        log.Trace("Create github downloader: %s/%s", oldOwner, oldName)
 
-       return NewGithubDownloaderV3(opts.AuthUsername, opts.AuthPassword, oldOwner, oldName), nil
+       return NewGithubDownloaderV3(opts.AuthUsername, opts.AuthPassword, opts.AuthToken, oldOwner, oldName), nil
 }
 
 // GitServiceType returns the type of git service
@@ -81,7 +81,7 @@ type GithubDownloaderV3 struct {
 }
 
 // NewGithubDownloaderV3 creates a github Downloader via github v3 API
-func NewGithubDownloaderV3(userName, password, repoOwner, repoName string) *GithubDownloaderV3 {
+func NewGithubDownloaderV3(userName, password, token, repoOwner, repoName string) *GithubDownloaderV3 {
        var downloader = GithubDownloaderV3{
                userName:  userName,
                password:  password,
@@ -90,23 +90,19 @@ func NewGithubDownloaderV3(userName, password, repoOwner, repoName string) *Gith
                repoName:  repoName,
        }
 
-       var client *http.Client
-       if userName != "" {
-               if password == "" {
-                       ts := oauth2.StaticTokenSource(
-                               &oauth2.Token{AccessToken: userName},
-                       )
-                       client = oauth2.NewClient(downloader.ctx, ts)
-               } else {
-                       client = &http.Client{
-                               Transport: &http.Transport{
-                                       Proxy: func(req *http.Request) (*url.URL, error) {
-                                               req.SetBasicAuth(userName, password)
-                                               return nil, nil
-                                       },
-                               },
-                       }
-               }
+       client := &http.Client{
+               Transport: &http.Transport{
+                       Proxy: func(req *http.Request) (*url.URL, error) {
+                               req.SetBasicAuth(userName, password)
+                               return nil, nil
+                       },
+               },
+       }
+       if token != "" {
+               ts := oauth2.StaticTokenSource(
+                       &oauth2.Token{AccessToken: token},
+               )
+               client = oauth2.NewClient(downloader.ctx, ts)
        }
        downloader.client = github.NewClient(client)
        return &downloader

diff --git a/modules/migrations/github_test.go b/modules/migrations/github_test.go
index 708ea6dc91b28b1eaac1beb5107b8bbb741fc40c..bffacabc5d5c2a29200a43ef994155184bb15c70 100644 (file)
--- a/modules/migrations/github_test.go
+++ b/modules/migrations/github_test.go
@@ -64,7 +64,7 @@ func assertLabelEqual(t *testing.T, name, color, description string, label *base
 
 func TestGitHubDownloadRepo(t *testing.T) {
        GithubLimitRateRemaining = 3 //Wait at 3 remaining since we could have 3 CI in //
-       downloader := NewGithubDownloaderV3(os.Getenv("GITHUB_READ_TOKEN"), "", "go-gitea", "test_repo")
+       downloader := NewGithubDownloaderV3("", "", os.Getenv("GITHUB_READ_TOKEN"), "go-gitea", "test_repo")
        err := downloader.RefreshRate()
        assert.NoError(t, err)
 

diff --git a/modules/migrations/gitlab.go b/modules/migrations/gitlab.go
index 09e1a77d36e6e08a27fd057dcc7dc01a6db3d018..02b5aa588776b4d2fce9c7ea0b189b8bb618822d 100644 (file)
--- a/modules/migrations/gitlab.go
+++ b/modules/migrations/gitlab.go
@@ -56,10 +56,11 @@ func (f *GitlabDownloaderFactory) New(opts base.MigrateOptions) (base.Downloader
 
        baseURL := u.Scheme + "://" + u.Host
        repoNameSpace := strings.TrimPrefix(u.Path, "/")
+       repoNameSpace = strings.TrimSuffix(repoNameSpace, ".git")
 
        log.Trace("Create gitlab downloader. BaseURL: %s RepoName: %s", baseURL, repoNameSpace)
 
-       return NewGitlabDownloader(baseURL, repoNameSpace, opts.AuthUsername, opts.AuthPassword), nil
+       return NewGitlabDownloader(baseURL, repoNameSpace, opts.AuthUsername, opts.AuthPassword, opts.AuthToken), nil
 }
 
 // GitServiceType returns the type of git service
@@ -85,15 +86,12 @@ type GitlabDownloader struct {
 // NewGitlabDownloader creates a gitlab Downloader via gitlab API
 //   Use either a username/password, personal token entered into the username field, or anonymous/public access
 //   Note: Public access only allows very basic access
-func NewGitlabDownloader(baseURL, repoPath, username, password string) *GitlabDownloader {
-       var gitlabClient *gitlab.Client
-       var err error
-       if username != "" {
-               if password == "" {
-                       gitlabClient, err = gitlab.NewClient(username, gitlab.WithBaseURL(baseURL))
-               } else {
-                       gitlabClient, err = gitlab.NewBasicAuthClient(username, password, gitlab.WithBaseURL(baseURL))
-               }
+func NewGitlabDownloader(baseURL, repoPath, username, password, token string) *GitlabDownloader {
+       gitlabClient, err := gitlab.NewClient(token, gitlab.WithBaseURL(baseURL))
+       // Only use basic auth if token is blank and password is NOT
+       // Basic auth will fail with empty strings, but empty token will allow anonymous public API usage
+       if token == "" && password != "" {
+               gitlabClient, err = gitlab.NewBasicAuthClient(username, password, gitlab.WithBaseURL(baseURL))
        }
 
        if err != nil {

diff --git a/modules/migrations/gitlab_test.go b/modules/migrations/gitlab_test.go
index a06646e2cc435cb10db5be936db55438e54b48c3..2c7b19046febf2e750515a0e0dfd5aec1685a073 100644 (file)
--- a/modules/migrations/gitlab_test.go
+++ b/modules/migrations/gitlab_test.go
@@ -27,7 +27,7 @@ func TestGitlabDownloadRepo(t *testing.T) {
                t.Skipf("Can't access test repo, skipping %s", t.Name())
        }
 
-       downloader := NewGitlabDownloader("https://gitlab.com", "gitea/test_repo", gitlabPersonalAccessToken, "")
+       downloader := NewGitlabDownloader("https://gitlab.com", "gitea/test_repo", "", "", gitlabPersonalAccessToken)
        if downloader == nil {
                t.Fatal("NewGitlabDownloader is nil")
        }

diff --git a/modules/migrations/migrate.go b/modules/migrations/migrate.go
index c970ba69208836cec2c4e7e7c742869575387731..2a0e1eb68fa5789413ed51097522791d4cc5b107 100644 (file)
--- a/modules/migrations/migrate.go
+++ b/modules/migrations/migrate.go
@@ -36,6 +36,12 @@ func MigrateRepository(ctx context.Context, doer *models.User, ownerName string,
                theFactory base.DownloaderFactory
        )
 
+       // determine if user is token
+       if len(opts.AuthUsername) != 0 && len(opts.AuthPassword) == 0 {
+               opts.AuthToken = opts.AuthUsername
+               opts.AuthUsername = ""
+       }
+
        for _, factory := range factories {
                if match, err := factory.Match(opts); err != nil {
                        return nil, err

diff --git a/modules/structs/repo.go b/modules/structs/repo.go
index 70de9b74694f7bc500dbf55453fe1c92c67098c5..778dc0f5b854f984578c4b5f17d8610262cb2754 100644 (file)
--- a/modules/structs/repo.go
+++ b/modules/structs/repo.go
@@ -213,6 +213,7 @@ type MigrateRepoOption struct {
        CloneAddr    string `json:"clone_addr" binding:"Required"`
        AuthUsername string `json:"auth_username"`
        AuthPassword string `json:"auth_password"`
+       AuthToken    string `json:"auth_token"`
        // required: true
        UID int `json:"uid" binding:"Required"`
        // required: true