mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11885 Commits
17 Branches
Tree: 2289580bb7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2289580bb7'
${ noResults }
gitea/routers/api/v1/user/app.go

app.go 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2018 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package user

  7. 

  8. import (

  9. 	"errors"

  10. 	"fmt"

  11. 	"net/http"

  12. 	"strconv"

  13. 

  14. 	"code.gitea.io/gitea/models"

  15. 	"code.gitea.io/gitea/modules/context"

  16. 	"code.gitea.io/gitea/modules/convert"

  17. 	api "code.gitea.io/gitea/modules/structs"

  18. 	"code.gitea.io/gitea/modules/web"

  19. 	"code.gitea.io/gitea/routers/api/v1/utils"

  20. )

  21. 

  22. // ListAccessTokens list all the access tokens

  23. func ListAccessTokens(ctx *context.APIContext) {

  24. 	// swagger:operation GET /users/{username}/tokens user userGetTokens

  25. 	// ---

  26. 	// summary: List the authenticated user's access tokens

  27. 	// produces:

  28. 	// - application/json

  29. 	// parameters:

  30. 	// - name: username

  31. 	//   in: path

  32. 	//   description: username of user

  33. 	//   type: string

  34. 	//   required: true

  35. 	// - name: page

  36. 	//   in: query

  37. 	//   description: page number of results to return (1-based)

  38. 	//   type: integer

  39. 	// - name: limit

  40. 	//   in: query

  41. 	//   description: page size of results

  42. 	//   type: integer

  43. 	// responses:

  44. 	//   "200":

  45. 	//     "$ref": "#/responses/AccessTokenList"

  46. 

  47. 	opts := models.ListAccessTokensOptions{UserID: ctx.User.ID, ListOptions: utils.GetListOptions(ctx)}

  48. 

  49. 	count, err := models.CountAccessTokens(opts)

  50. 	if err != nil {

  51. 		ctx.InternalServerError(err)

  52. 		return

  53. 	}

  54. 	tokens, err := models.ListAccessTokens(opts)

  55. 	if err != nil {

  56. 		ctx.InternalServerError(err)

  57. 		return

  58. 	}

  59. 

  60. 	apiTokens := make([]*api.AccessToken, len(tokens))

  61. 	for i := range tokens {

  62. 		apiTokens[i] = &api.AccessToken{

  63. 			ID:             tokens[i].ID,

  64. 			Name:           tokens[i].Name,

  65. 			TokenLastEight: tokens[i].TokenLastEight,

  66. 		}

  67. 	}

  68. 

  69. 	ctx.SetTotalCountHeader(count)

  70. 	ctx.JSON(http.StatusOK, &apiTokens)

  71. }

  72. 

  73. // CreateAccessToken create access tokens

  74. func CreateAccessToken(ctx *context.APIContext) {

  75. 	// swagger:operation POST /users/{username}/tokens user userCreateToken

  76. 	// ---

  77. 	// summary: Create an access token

  78. 	// consumes:

  79. 	// - application/json

  80. 	// produces:

  81. 	// - application/json

  82. 	// parameters:

  83. 	// - name: username

  84. 	//   in: path

  85. 	//   description: username of user

  86. 	//   type: string

  87. 	//   required: true

  88. 	// - name: userCreateToken

  89. 	//   in: body

  90. 	//   schema:

  91. 	//     "$ref": "#/definitions/CreateAccessTokenOption"

  92. 	// responses:

  93. 	//   "201":

  94. 	//     "$ref": "#/responses/AccessToken"

  95. 	//   "400":

  96. 	//     "$ref": "#/responses/error"

  97. 

  98. 	form := web.GetForm(ctx).(*api.CreateAccessTokenOption)

  99. 

  100. 	t := &models.AccessToken{

  101. 		UID:  ctx.User.ID,

  102. 		Name: form.Name,

  103. 	}

  104. 

  105. 	exist, err := models.AccessTokenByNameExists(t)

  106. 	if err != nil {

  107. 		ctx.InternalServerError(err)

  108. 		return

  109. 	}

  110. 	if exist {

  111. 		ctx.Error(http.StatusBadRequest, "AccessTokenByNameExists", errors.New("access token name has been used already"))

  112. 		return

  113. 	}

  114. 

  115. 	if err := models.NewAccessToken(t); err != nil {

  116. 		ctx.Error(http.StatusInternalServerError, "NewAccessToken", err)

  117. 		return

  118. 	}

  119. 	ctx.JSON(http.StatusCreated, &api.AccessToken{

  120. 		Name:           t.Name,

  121. 		Token:          t.Token,

  122. 		ID:             t.ID,

  123. 		TokenLastEight: t.TokenLastEight,

  124. 	})

  125. }

  126. 

  127. // DeleteAccessToken delete access tokens

  128. func DeleteAccessToken(ctx *context.APIContext) {

  129. 	// swagger:operation DELETE /users/{username}/tokens/{token} user userDeleteAccessToken

  130. 	// ---

  131. 	// summary: delete an access token

  132. 	// produces:

  133. 	// - application/json

  134. 	// parameters:

  135. 	// - name: username

  136. 	//   in: path

  137. 	//   description: username of user

  138. 	//   type: string

  139. 	//   required: true

  140. 	// - name: token

  141. 	//   in: path

  142. 	//   description: token to be deleted, identified by ID and if not available by name

  143. 	//   type: string

  144. 	//   required: true

  145. 	// responses:

  146. 	//   "204":

  147. 	//     "$ref": "#/responses/empty"

  148. 	//   "404":

  149. 	//     "$ref": "#/responses/notFound"

  150. 	//   "422":

  151. 	//     "$ref": "#/responses/error"

  152. 

  153. 	token := ctx.Params(":id")

  154. 	tokenID, _ := strconv.ParseInt(token, 0, 64)

  155. 

  156. 	if tokenID == 0 {

  157. 		tokens, err := models.ListAccessTokens(models.ListAccessTokensOptions{

  158. 			Name:   token,

  159. 			UserID: ctx.User.ID,

  160. 		})

  161. 		if err != nil {

  162. 			ctx.Error(http.StatusInternalServerError, "ListAccessTokens", err)

  163. 			return

  164. 		}

  165. 

  166. 		switch len(tokens) {

  167. 		case 0:

  168. 			ctx.NotFound()

  169. 			return

  170. 		case 1:

  171. 			tokenID = tokens[0].ID

  172. 		default:

  173. 			ctx.Error(http.StatusUnprocessableEntity, "DeleteAccessTokenByID", fmt.Errorf("multiple matches for token name '%s'", token))

  174. 			return

  175. 		}

  176. 	}

  177. 	if tokenID == 0 {

  178. 		ctx.Error(http.StatusInternalServerError, "Invalid TokenID", nil)

  179. 		return

  180. 	}

  181. 

  182. 	if err := models.DeleteAccessTokenByID(tokenID, ctx.User.ID); err != nil {

  183. 		if models.IsErrAccessTokenNotExist(err) {

  184. 			ctx.NotFound()

  185. 		} else {

  186. 			ctx.Error(http.StatusInternalServerError, "DeleteAccessTokenByID", err)

  187. 		}

  188. 		return

  189. 	}

  190. 

  191. 	ctx.Status(http.StatusNoContent)

  192. }

  193. 

  194. // CreateOauth2Application is the handler to create a new OAuth2 Application for the authenticated user

  195. func CreateOauth2Application(ctx *context.APIContext) {

  196. 	// swagger:operation POST /user/applications/oauth2 user userCreateOAuth2Application

  197. 	// ---

  198. 	// summary: creates a new OAuth2 application

  199. 	// produces:

  200. 	// - application/json

  201. 	// parameters:

  202. 	// - name: body

  203. 	//   in: body

  204. 	//   required: true

  205. 	//   schema:

  206. 	//     "$ref": "#/definitions/CreateOAuth2ApplicationOptions"

  207. 	// responses:

  208. 	//   "201":

  209. 	//     "$ref": "#/responses/OAuth2Application"

  210. 	//   "400":

  211. 	//     "$ref": "#/responses/error"

  212. 

  213. 	data := web.GetForm(ctx).(*api.CreateOAuth2ApplicationOptions)

  214. 

  215. 	app, err := models.CreateOAuth2Application(models.CreateOAuth2ApplicationOptions{

  216. 		Name:         data.Name,

  217. 		UserID:       ctx.User.ID,

  218. 		RedirectURIs: data.RedirectURIs,

  219. 	})

  220. 	if err != nil {

  221. 		ctx.Error(http.StatusBadRequest, "", "error creating oauth2 application")

  222. 		return

  223. 	}

  224. 	secret, err := app.GenerateClientSecret()

  225. 	if err != nil {

  226. 		ctx.Error(http.StatusBadRequest, "", "error creating application secret")

  227. 		return

  228. 	}

  229. 	app.ClientSecret = secret

  230. 

  231. 	ctx.JSON(http.StatusCreated, convert.ToOAuth2Application(app))

  232. }

  233. 

  234. // ListOauth2Applications list all the Oauth2 application

  235. func ListOauth2Applications(ctx *context.APIContext) {

  236. 	// swagger:operation GET /user/applications/oauth2 user userGetOauth2Application

  237. 	// ---

  238. 	// summary: List the authenticated user's oauth2 applications

  239. 	// produces:

  240. 	// - application/json

  241. 	// parameters:

  242. 	// - name: page

  243. 	//   in: query

  244. 	//   description: page number of results to return (1-based)

  245. 	//   type: integer

  246. 	// - name: limit

  247. 	//   in: query

  248. 	//   description: page size of results

  249. 	//   type: integer

  250. 	// responses:

  251. 	//   "200":

  252. 	//     "$ref": "#/responses/OAuth2ApplicationList"

  253. 

  254. 	apps, total, err := models.ListOAuth2Applications(ctx.User.ID, utils.GetListOptions(ctx))

  255. 	if err != nil {

  256. 		ctx.Error(http.StatusInternalServerError, "ListOAuth2Applications", err)

  257. 		return

  258. 	}

  259. 

  260. 	apiApps := make([]*api.OAuth2Application, len(apps))

  261. 	for i := range apps {

  262. 		apiApps[i] = convert.ToOAuth2Application(apps[i])

  263. 		apiApps[i].ClientSecret = "" // Hide secret on application list

  264. 	}

  265. 

  266. 	ctx.SetTotalCountHeader(total)

  267. 	ctx.JSON(http.StatusOK, &apiApps)

  268. }

  269. 

  270. // DeleteOauth2Application delete OAuth2 Application

  271. func DeleteOauth2Application(ctx *context.APIContext) {

  272. 	// swagger:operation DELETE /user/applications/oauth2/{id} user userDeleteOAuth2Application

  273. 	// ---

  274. 	// summary: delete an OAuth2 Application

  275. 	// produces:

  276. 	// - application/json

  277. 	// parameters:

  278. 	// - name: id

  279. 	//   in: path

  280. 	//   description: token to be deleted

  281. 	//   type: integer

  282. 	//   format: int64

  283. 	//   required: true

  284. 	// responses:

  285. 	//   "204":

  286. 	//     "$ref": "#/responses/empty"

  287. 	//   "404":

  288. 	//     "$ref": "#/responses/notFound"

  289. 	appID := ctx.ParamsInt64(":id")

  290. 	if err := models.DeleteOAuth2Application(appID, ctx.User.ID); err != nil {

  291. 		if models.IsErrOAuthApplicationNotFound(err) {

  292. 			ctx.NotFound()

  293. 		} else {

  294. 			ctx.Error(http.StatusInternalServerError, "DeleteOauth2ApplicationByID", err)

  295. 		}

  296. 		return

  297. 	}

  298. 

  299. 	ctx.Status(http.StatusNoContent)

  300. }

  301. 

  302. // GetOauth2Application get OAuth2 Application

  303. func GetOauth2Application(ctx *context.APIContext) {

  304. 	// swagger:operation GET /user/applications/oauth2/{id} user userGetOAuth2Application

  305. 	// ---

  306. 	// summary: get an OAuth2 Application

  307. 	// produces:

  308. 	// - application/json

  309. 	// parameters:

  310. 	// - name: id

  311. 	//   in: path

  312. 	//   description: Application ID to be found

  313. 	//   type: integer

  314. 	//   format: int64

  315. 	//   required: true

  316. 	// responses:

  317. 	//   "200":

  318. 	//     "$ref": "#/responses/OAuth2Application"

  319. 	//   "404":

  320. 	//     "$ref": "#/responses/notFound"

  321. 	appID := ctx.ParamsInt64(":id")

  322. 	app, err := models.GetOAuth2ApplicationByID(appID)

  323. 	if err != nil {

  324. 		if models.IsErrOauthClientIDInvalid(err) || models.IsErrOAuthApplicationNotFound(err) {

  325. 			ctx.NotFound()

  326. 		} else {

  327. 			ctx.Error(http.StatusInternalServerError, "GetOauth2ApplicationByID", err)

  328. 		}

  329. 		return

  330. 	}

  331. 

  332. 	app.ClientSecret = ""

  333. 

  334. 	ctx.JSON(http.StatusOK, convert.ToOAuth2Application(app))

  335. }

  336. 

  337. // UpdateOauth2Application update OAuth2 Application

  338. func UpdateOauth2Application(ctx *context.APIContext) {

  339. 	// swagger:operation PATCH /user/applications/oauth2/{id} user userUpdateOAuth2Application

  340. 	// ---

  341. 	// summary: update an OAuth2 Application, this includes regenerating the client secret

  342. 	// produces:

  343. 	// - application/json

  344. 	// parameters:

  345. 	// - name: id

  346. 	//   in: path

  347. 	//   description: application to be updated

  348. 	//   type: integer

  349. 	//   format: int64

  350. 	//   required: true

  351. 	// - name: body

  352. 	//   in: body

  353. 	//   required: true

  354. 	//   schema:

  355. 	//     "$ref": "#/definitions/CreateOAuth2ApplicationOptions"

  356. 	// responses:

  357. 	//   "200":

  358. 	//     "$ref": "#/responses/OAuth2Application"

  359. 	//   "404":

  360. 	//     "$ref": "#/responses/notFound"

  361. 	appID := ctx.ParamsInt64(":id")

  362. 

  363. 	data := web.GetForm(ctx).(*api.CreateOAuth2ApplicationOptions)

  364. 

  365. 	app, err := models.UpdateOAuth2Application(models.UpdateOAuth2ApplicationOptions{

  366. 		Name:         data.Name,

  367. 		UserID:       ctx.User.ID,

  368. 		ID:           appID,

  369. 		RedirectURIs: data.RedirectURIs,

  370. 	})

  371. 	if err != nil {

  372. 		if models.IsErrOauthClientIDInvalid(err) || models.IsErrOAuthApplicationNotFound(err) {

  373. 			ctx.NotFound()

  374. 		} else {

  375. 			ctx.Error(http.StatusInternalServerError, "UpdateOauth2ApplicationByID", err)

  376. 		}

  377. 		return

  378. 	}

  379. 	app.ClientSecret, err = app.GenerateClientSecret()

  380. 	if err != nil {

  381. 		ctx.Error(http.StatusBadRequest, "", "error updating application secret")

  382. 		return

  383. 	}

  384. 

  385. 	ctx.JSON(http.StatusOK, convert.ToOAuth2Application(app))

  386. }