aboutsummaryrefslogtreecommitdiff
path: root/internal/auth/github
diff options
context:
space:
mode:
Diffstat (limited to 'internal/auth/github')
-rw-r--r--internal/auth/github/config.go58
-rw-r--r--internal/auth/github/github.go50
-rw-r--r--internal/auth/github/provider.go57
3 files changed, 115 insertions, 50 deletions
diff --git a/internal/auth/github/config.go b/internal/auth/github/config.go
new file mode 100644
index 00000000..e4636743
--- /dev/null
+++ b/internal/auth/github/config.go
@@ -0,0 +1,58 @@
+// Copyright 2020 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+ "context"
+ "crypto/tls"
+ "net/http"
+ "strings"
+
+ "github.com/google/go-github/github"
+ "github.com/pkg/errors"
+)
+
+// Config contains configuration for GitHub authentication.
+//
+// ⚠️ WARNING: Change to the field name must preserve the INI key name for backward compatibility.
+type Config struct {
+ // the GitHub service endpoint, e.g. https://api.github.com/.
+ APIEndpoint string
+ SkipVerify bool
+}
+
+func (c *Config) doAuth(login, password string) (fullname, email, location, website string, err error) {
+ tp := github.BasicAuthTransport{
+ Username: strings.TrimSpace(login),
+ Password: strings.TrimSpace(password),
+ Transport: &http.Transport{
+ TLSClientConfig: &tls.Config{InsecureSkipVerify: c.SkipVerify},
+ },
+ }
+ client, err := github.NewEnterpriseClient(c.APIEndpoint, c.APIEndpoint, tp.Client())
+ if err != nil {
+ return "", "", "", "", errors.Wrap(err, "create new client")
+ }
+ user, _, err := client.Users.Get(context.Background(), "")
+ if err != nil {
+ return "", "", "", "", errors.Wrap(err, "get user info")
+ }
+
+ if user.Name != nil {
+ fullname = *user.Name
+ }
+ if user.Email != nil {
+ email = *user.Email
+ } else {
+ email = login + "+github@local"
+ }
+ if user.Location != nil {
+ location = strings.ToUpper(*user.Location)
+ }
+ if user.HTMLURL != nil {
+ website = strings.ToLower(*user.HTMLURL)
+ }
+ return fullname, email, location, website, nil
+}
diff --git a/internal/auth/github/github.go b/internal/auth/github/github.go
deleted file mode 100644
index a06608a3..00000000
--- a/internal/auth/github/github.go
+++ /dev/null
@@ -1,50 +0,0 @@
-// Copyright 2018 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
- "context"
- "crypto/tls"
- "fmt"
- "net/http"
- "strings"
-
- "github.com/google/go-github/github"
-)
-
-func Authenticate(apiEndpoint, login, passwd string) (name string, email string, website string, location string, _ error) {
- tp := github.BasicAuthTransport{
- Username: strings.TrimSpace(login),
- Password: strings.TrimSpace(passwd),
- Transport: &http.Transport{
- TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
- },
- }
- client, err := github.NewEnterpriseClient(apiEndpoint, apiEndpoint, tp.Client())
- if err != nil {
- return "", "", "", "", fmt.Errorf("create new client: %v", err)
- }
- user, _, err := client.Users.Get(context.Background(), "")
- if err != nil {
- return "", "", "", "", fmt.Errorf("get user info: %v", err)
- }
-
- if user.Name != nil {
- name = *user.Name
- }
- if user.Email != nil {
- email = *user.Email
- } else {
- email = login + "+github@local"
- }
- if user.HTMLURL != nil {
- website = strings.ToLower(*user.HTMLURL)
- }
- if user.Location != nil {
- location = strings.ToUpper(*user.Location)
- }
-
- return name, email, website, location, nil
-}
diff --git a/internal/auth/github/provider.go b/internal/auth/github/provider.go
new file mode 100644
index 00000000..4add2e54
--- /dev/null
+++ b/internal/auth/github/provider.go
@@ -0,0 +1,57 @@
+// Copyright 2020 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+ "strings"
+
+ "gogs.io/gogs/internal/auth"
+)
+
+// Provider contains configuration of a PAM authentication provider.
+type Provider struct {
+ config *Config
+}
+
+// NewProvider creates a new PAM authentication provider.
+func NewProvider(cfg *Config) auth.Provider {
+ return &Provider{
+ config: cfg,
+ }
+}
+
+func (p *Provider) Authenticate(login, password string) (*auth.ExternalAccount, error) {
+ fullname, email, website, location, err := p.config.doAuth(login, password)
+ if err != nil {
+ if strings.Contains(err.Error(), "401") {
+ return nil, auth.ErrBadCredentials{Args: map[string]interface{}{"login": login}}
+ }
+ return nil, err
+ }
+ return &auth.ExternalAccount{
+ Login: login,
+ Name: login,
+ FullName: fullname,
+ Email: email,
+ Location: location,
+ Website: website,
+ }, nil
+}
+
+func (p *Provider) Config() interface{} {
+ return p.config
+}
+
+func (p *Provider) HasTLS() bool {
+ return true
+}
+
+func (p *Provider) UseTLS() bool {
+ return true
+}
+
+func (p *Provider) SkipTLSVerify() bool {
+ return p.config.SkipVerify
+}
Powered by cgit, Themed by Ted Yin.