use token auth for https remotes (#275)

use token for https auth instead of user name

also handle http urls

Co-authored-by: Norwin Roosen <git@nroo.de>
Reviewed-on: https://gitea.com/gitea/tea/pulls/275
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: 6543 <6543@obermui.de>
Co-Authored-By: Norwin <noerw@noreply.gitea.io>
Co-Committed-By: Norwin <noerw@noreply.gitea.io>
This commit is contained in:
Norwin 2020-12-07 22:14:56 +08:00 committed by 6543
parent 16133212fc
commit 9a3b54b9a3
3 changed files with 7 additions and 33 deletions

View File

@ -5,12 +5,9 @@
package git package git
import ( import (
"bufio"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"net/url" "net/url"
"os"
"strings"
"code.gitea.io/tea/modules/utils" "code.gitea.io/tea/modules/utils"
@ -24,31 +21,15 @@ import (
// GetAuthForURL returns the appropriate AuthMethod to be used in Push() / Pull() // GetAuthForURL returns the appropriate AuthMethod to be used in Push() / Pull()
// operations depending on the protocol, and prompts the user for credentials if // operations depending on the protocol, and prompts the user for credentials if
// necessary. // necessary.
func GetAuthForURL(remoteURL *url.URL, httpUser, keyFile string) (auth git_transport.AuthMethod, err error) { func GetAuthForURL(remoteURL *url.URL, authToken, keyFile string) (auth git_transport.AuthMethod, err error) {
user := remoteURL.User.Username()
switch remoteURL.Scheme { switch remoteURL.Scheme {
case "https": case "http", "https":
if httpUser != "" { // gitea supports push/pull via app token as username.
user = httpUser auth = &gogit_http.BasicAuth{Password: "", Username: authToken}
}
if user == "" {
user, err = promptUser(remoteURL.Host)
if err != nil {
return nil, err
}
}
pass, isSet := remoteURL.User.Password()
if !isSet {
pass, err = promptPass(remoteURL.Host)
if err != nil {
return nil, err
}
}
auth = &gogit_http.BasicAuth{Password: pass, Username: user}
case "ssh": case "ssh":
// try to select right key via ssh-agent. if it fails, try to read a key manually // try to select right key via ssh-agent. if it fails, try to read a key manually
user := remoteURL.User.Username()
auth, err = gogit_ssh.DefaultAuthBuilder(user) auth, err = gogit_ssh.DefaultAuthBuilder(user)
if err != nil { if err != nil {
signer, err := readSSHPrivKey(keyFile) signer, err := readSSHPrivKey(keyFile)
@ -92,13 +73,6 @@ func readSSHPrivKey(keyFile string) (sig ssh.Signer, err error) {
return sig, err return sig, err
} }
func promptUser(domain string) (string, error) {
reader := bufio.NewReader(os.Stdin)
fmt.Printf("%s username: ", domain)
username, err := reader.ReadString('\n')
return strings.TrimSpace(username), err
}
func promptPass(domain string) (string, error) { func promptPass(domain string) (string, error) {
fmt.Printf("%s password: ", domain) fmt.Printf("%s password: ", domain)
pass, err := terminal.ReadPassword(0) pass, err := terminal.ReadPassword(0)

View File

@ -60,7 +60,7 @@ func PullCheckout(login *config.Login, repoOwner, repoName string, index int64)
if err != nil { if err != nil {
return err return err
} }
auth, err := local_git.GetAuthForURL(url, login.User, login.SSHKey) auth, err := local_git.GetAuthForURL(url, login.Token, login.SSHKey)
if err != nil { if err != nil {
return err return err
} }

View File

@ -78,7 +78,7 @@ call me again with the --ignore-sha flag`, pr.Head.Ref)
if err != nil { if err != nil {
return err return err
} }
auth, err := local_git.GetAuthForURL(url, login.User, login.SSHKey) auth, err := local_git.GetAuthForURL(url, login.Token, login.SSHKey)
if err != nil { if err != nil {
return err return err
} }