summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortechknowlogick <hello@techknowlogick.com>2019-04-25 18:42:50 -0400
committerGitHub <noreply@github.com>2019-04-25 18:42:50 -0400
commitec2d489d15580ba934f34d8cdf3d779e1d64374d (patch)
tree97b2a1453ad5b557fd7fb925102e4a63d9791667
parent199faadea3ff40880d70c8bc031aab800720330d (diff)
downloadgitea-ec2d489d15580ba934f34d8cdf3d779e1d64374d.tar.gz
gitea-ec2d489d15580ba934f34d8cdf3d779e1d64374d.zip
OAuth2 token can be used in basic auth (#6747)
-rw-r--r--modules/auth/auth.go18
-rw-r--r--routers/repo/http.go12
2 files changed, 28 insertions, 2 deletions
diff --git a/modules/auth/auth.go b/modules/auth/auth.go
index 5f6ff75dd8..edb596c240 100644
--- a/modules/auth/auth.go
+++ b/modules/auth/auth.go
@@ -1,4 +1,5 @@
// Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
@@ -54,7 +55,7 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
// Let's see if token is valid.
if len(tokenSHA) > 0 {
if strings.Contains(tokenSHA, ".") {
- uid := checkOAuthAccessToken(tokenSHA)
+ uid := CheckOAuthAccessToken(tokenSHA)
if uid != 0 {
ctx.Data["IsApiToken"] = true
}
@@ -85,7 +86,8 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
return 0
}
-func checkOAuthAccessToken(accessToken string) int64 {
+// CheckOAuthAccessToken returns uid of user from oauth token token
+func CheckOAuthAccessToken(accessToken string) int64 {
// JWT tokens require a "."
if !strings.Contains(accessToken, ".") {
return 0
@@ -178,6 +180,18 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool)
// Assume password is token
authToken = passwd
}
+
+ uid := CheckOAuthAccessToken(authToken)
+ if uid != 0 {
+ var err error
+ ctx.Data["IsApiToken"] = true
+
+ u, err = models.GetUserByID(uid)
+ if err != nil {
+ log.Error("GetUserByID: %v", err)
+ return nil, false
+ }
+ }
token, err := models.GetAccessTokenBySHA(authToken)
if err == nil {
if isUsernameToken {
diff --git a/routers/repo/http.go b/routers/repo/http.go
index 2bc50efd83..fccecfb71d 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -1,4 +1,5 @@
// Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
@@ -18,6 +19,7 @@ import (
"time"
"code.gitea.io/gitea/models"
+ "code.gitea.io/gitea/modules/auth"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
@@ -166,6 +168,16 @@ func HTTP(ctx *context.Context) {
// Assume password is token
authToken = authPasswd
}
+ uid := auth.CheckOAuthAccessToken(authToken)
+ if uid != 0 {
+ ctx.Data["IsApiToken"] = true
+
+ authUser, err = models.GetUserByID(uid)
+ if err != nil {
+ ctx.ServerError("GetUserByID", err)
+ return
+ }
+ }
// Assume password is a token.
token, err := models.GetAccessTokenBySHA(authToken)
if err == nil {