From ec2d489d15580ba934f34d8cdf3d779e1d64374d Mon Sep 17 00:00:00 2001 From: techknowlogick Date: Thu, 25 Apr 2019 18:42:50 -0400 Subject: OAuth2 token can be used in basic auth (#6747) --- modules/auth/auth.go | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'modules') diff --git a/modules/auth/auth.go b/modules/auth/auth.go index 5f6ff75dd8..edb596c240 100644 --- a/modules/auth/auth.go +++ b/modules/auth/auth.go @@ -1,4 +1,5 @@ // Copyright 2014 The Gogs Authors. All rights reserved. +// Copyright 2019 The Gitea Authors. All rights reserved. // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. @@ -54,7 +55,7 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 { // Let's see if token is valid. if len(tokenSHA) > 0 { if strings.Contains(tokenSHA, ".") { - uid := checkOAuthAccessToken(tokenSHA) + uid := CheckOAuthAccessToken(tokenSHA) if uid != 0 { ctx.Data["IsApiToken"] = true } @@ -85,7 +86,8 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 { return 0 } -func checkOAuthAccessToken(accessToken string) int64 { +// CheckOAuthAccessToken returns uid of user from oauth token token +func CheckOAuthAccessToken(accessToken string) int64 { // JWT tokens require a "." if !strings.Contains(accessToken, ".") { return 0 @@ -178,6 +180,18 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool) // Assume password is token authToken = passwd } + + uid := CheckOAuthAccessToken(authToken) + if uid != 0 { + var err error + ctx.Data["IsApiToken"] = true + + u, err = models.GetUserByID(uid) + if err != nil { + log.Error("GetUserByID: %v", err) + return nil, false + } + } token, err := models.GetAccessTokenBySHA(authToken) if err == nil { if isUsernameToken { -- cgit v1.2.3