aboutsummaryrefslogtreecommitdiffstats
path: root/services/actions/auth.go
diff options
context:
space:
mode:
Diffstat (limited to 'services/actions/auth.go')
-rw-r--r--services/actions/auth.go25
1 files changed, 25 insertions, 0 deletions
diff --git a/services/actions/auth.go b/services/actions/auth.go
index e0f9a9015d..8e934d89a8 100644
--- a/services/actions/auth.go
+++ b/services/actions/auth.go
@@ -9,6 +9,7 @@ import (
"strings"
"time"
+ "code.gitea.io/gitea/modules/json"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
@@ -21,17 +22,41 @@ type actionsClaims struct {
TaskID int64
RunID int64
JobID int64
+ Ac string `json:"ac"`
}
+type actionsCacheScope struct {
+ Scope string
+ Permission actionsCachePermission
+}
+
+type actionsCachePermission int
+
+const (
+ actionsCachePermissionRead = 1 << iota
+ actionsCachePermissionWrite
+)
+
func CreateAuthorizationToken(taskID, runID, jobID int64) (string, error) {
now := time.Now()
+ ac, err := json.Marshal(&[]actionsCacheScope{
+ {
+ Scope: "",
+ Permission: actionsCachePermissionWrite,
+ },
+ })
+ if err != nil {
+ return "", err
+ }
+
claims := actionsClaims{
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(now.Add(24 * time.Hour)),
NotBefore: jwt.NewNumericDate(now),
},
Scp: fmt.Sprintf("Actions.Results:%d:%d", runID, jobID),
+ Ac: string(ac),
TaskID: taskID,
RunID: runID,
JobID: jobID,
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-26 03:25:23 +0000