diff options
author | Wim <wim@42.be> | 2022-06-05 09:16:14 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-06-05 08:16:14 +0100 |
commit | e528e2b435466bd854b1f7a4619bdc16c058b8ba (patch) | |
tree | c1820465c45bffb3600f5c758da02fb4ffa1b046 /routers | |
parent | 48be5e77e502f88cae104735ee706c2fbeab8a2a (diff) | |
download | gitea-e528e2b435466bd854b1f7a4619bdc16c058b8ba.tar.gz gitea-e528e2b435466bd854b1f7a4619bdc16c058b8ba.zip |
Implement http signatures support for the API (#17565)
Fixes #12338
This allows use to talk to the API with our ssh certificate (and/or ssh-agent) without needing to fetch an API key or tokens.
It will just automatically work when users have added their ssh principal in gitea.
This needs client code in tea
Update: also support normal pubkeys
ref: https://tools.ietf.org/html/draft-cavage-http-signatures
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'routers')
-rw-r--r-- | routers/api/v1/api.go | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 1492ef07a7..03f7a57d5c 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -592,6 +592,7 @@ func bind(obj interface{}) http.HandlerFunc { func buildAuthGroup() *auth.Group { group := auth.NewGroup( &auth.OAuth2{}, + &auth.HTTPSign{}, &auth.Basic{}, // FIXME: this should be removed once we don't allow basic auth in API ) if setting.Service.EnableReverseProxyAuth { |