diff options
Diffstat (limited to 'services/auth/basic.go')
| -rw-r--r-- | services/auth/basic.go | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/services/auth/basic.go b/services/auth/basic.go index 1184d12d1c..90bd642370 100644 --- a/services/auth/basic.go +++ b/services/auth/basic.go @@ -25,7 +25,12 @@ var ( ) // BasicMethodName is the constant name of the basic authentication method -const BasicMethodName = "basic" +const ( + BasicMethodName = "basic" + AccessTokenMethodName = "access_token" + OAuth2TokenMethodName = "oauth2_token" + ActionTokenMethodName = "action_token" +) // Basic implements the Auth interface and authenticates requests (API requests // only) by looking for Basic authentication data or "x-oauth-basic" token in the "Authorization" @@ -82,6 +87,7 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore return nil, err } + store.GetData()["LoginMethod"] = OAuth2TokenMethodName store.GetData()["IsApiToken"] = true return u, nil } @@ -101,6 +107,7 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore log.Error("UpdateAccessToken: %v", err) } + store.GetData()["LoginMethod"] = AccessTokenMethodName store.GetData()["IsApiToken"] = true store.GetData()["ApiTokenScope"] = token.Scope return u, nil @@ -113,6 +120,7 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore if err == nil && task != nil { log.Trace("Basic Authorization: Valid AccessToken for task[%d]", task.ID) + store.GetData()["LoginMethod"] = ActionTokenMethodName store.GetData()["IsActionsToken"] = true store.GetData()["ActionsTaskID"] = task.ID @@ -138,6 +146,7 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore } } + store.GetData()["LoginMethod"] = BasicMethodName log.Trace("Basic Authorization: Logged in user %-v", u) return u, nil @@ -159,3 +168,19 @@ func validateTOTP(req *http.Request, u *user_model.User) error { } return nil } + +func GetAccessScope(store DataStore) auth_model.AccessTokenScope { + if v, ok := store.GetData()["ApiTokenScope"]; ok { + return v.(auth_model.AccessTokenScope) + } + switch store.GetData()["LoginMethod"] { + case OAuth2TokenMethodName: + fallthrough + case BasicMethodName, AccessTokenMethodName: + return auth_model.AccessTokenScopeAll + case ActionTokenMethodName: + fallthrough + default: + return "" + } +} |