diff --git a/galicea_git/__manifest__.py b/galicea_git/__manifest__.py index 95e98f5..d56301b 100644 --- a/galicea_git/__manifest__.py +++ b/galicea_git/__manifest__.py @@ -9,7 +9,7 @@ 'website': "http://galicea.pl", 'category': 'Technical Settings', - 'version': '12.0.0.1', + 'version': '12.0.0.2', 'depends': ['web', 'galicea_environment_checkup','galicea_base'], diff --git a/galicea_git/controllers/main.py b/galicea_git/controllers/main.py index 52f66c9..da0e59e 100644 --- a/galicea_git/controllers/main.py +++ b/galicea_git/controllers/main.py @@ -9,6 +9,11 @@ import werkzeug from ..http_chunked_fix import http_input_stream class Main(http.Controller): + def authorize(self, request): + auth = request.httprequest.authorization + if auth: + request.session.authenticate(request.session.db, auth.username, auth.password) + @http.route( [ '/git/', @@ -18,9 +23,7 @@ class Main(http.Controller): csrf=False ) def git(self, request, repo, **kw): - auth = request.httprequest.authorization - if auth: - request.session.authenticate(request.session.db, auth.username, auth.password) + self.authorize(request) if not request.env.uid or request.env.user.login == 'public': return werkzeug.Response( headers=[('WWW-Authenticate', 'Basic')], @@ -74,7 +77,7 @@ class Main(http.Controller): if name == 'Status': http_code = int(value.split(b' ')[0]) else: - headers.append((name, value)) + headers.append((name.decode('ascii'), value.decode('ascii'))) return werkzeug.Response( body, diff --git a/galicea_git_oauth/README.md b/galicea_git_oauth/README.md new file mode 100644 index 0000000..3d14563 --- /dev/null +++ b/galicea_git_oauth/README.md @@ -0,0 +1 @@ +[See add-on page on odoo.com](https://apps.odoo.com/apps/modules/12.0/galicea_git_oauth/) diff --git a/galicea_git_oauth/__init__.py b/galicea_git_oauth/__init__.py new file mode 100644 index 0000000..c3d410e --- /dev/null +++ b/galicea_git_oauth/__init__.py @@ -0,0 +1,4 @@ +# -*- coding: utf-8 -*- + +from . import models +from . import controllers diff --git a/galicea_git_oauth/__manifest__.py b/galicea_git_oauth/__manifest__.py new file mode 100644 index 0000000..c25da4d --- /dev/null +++ b/galicea_git_oauth/__manifest__.py @@ -0,0 +1,21 @@ +# -*- coding: utf-8 -*- +{ + 'name': "Galicea Git OAuth", + + 'summary': """ + Enables Git auth via OAuth token""", + + 'author': "Maciej Wawro", + 'maintainer': "Galicea", + 'website': "http://galicea.pl", + + 'category': 'Technical Settings', + 'version': '12.0.1.0', + + 'depends': ['galicea_git', 'galicea_openid_connect'], + + 'data': [ + ], + + 'installable': True +} diff --git a/galicea_git_oauth/controllers/__init__.py b/galicea_git_oauth/controllers/__init__.py new file mode 100644 index 0000000..38afdf2 --- /dev/null +++ b/galicea_git_oauth/controllers/__init__.py @@ -0,0 +1 @@ +from . import ext_git_main diff --git a/galicea_git_oauth/controllers/ext_git_main.py b/galicea_git_oauth/controllers/ext_git_main.py new file mode 100644 index 0000000..0476a47 --- /dev/null +++ b/galicea_git_oauth/controllers/ext_git_main.py @@ -0,0 +1,14 @@ +from odoo.addons.galicea_git.controllers.main import Main + +class ExtMain(Main): + def authorize(self, req): + auth = req.httprequest.authorization + if auth and auth.password == 'bearer': + access_token = req.httprequest.authorization.username + token = req.env['galicea_openid_connect.access_token'].sudo().search( + [('token', '=', access_token)] + ) + if token: + req.uid = token.user_id.id + return + super(ExtMain, self).authorize(req) diff --git a/galicea_git_oauth/models/__init__.py b/galicea_git_oauth/models/__init__.py new file mode 100644 index 0000000..846b239 --- /dev/null +++ b/galicea_git_oauth/models/__init__.py @@ -0,0 +1 @@ +from . import ext_repository diff --git a/galicea_git_oauth/models/ext_repository.py b/galicea_git_oauth/models/ext_repository.py new file mode 100644 index 0000000..b4ca168 --- /dev/null +++ b/galicea_git_oauth/models/ext_repository.py @@ -0,0 +1,24 @@ +# -*- coding: utf-8 -*- + +from urllib.parse import urlparse +from odoo import models + +class Repository(models.Model): + _inherit = 'galicea_git.repository' + + def authenticated_url(self, client): + """ + @param application galicea_openid.application""" + + token = self.env['galicea_openid_connect.access_token'].sudo().retrieve_or_create( + self.env.user.id, + client.id + ) + unauthenticated_url = self.url + url_parts = urlparse(unauthenticated_url) + return '{}://{}:bearer@{}{}'.format( + url_parts.scheme, + token.token, + url_parts.netloc, + url_parts.path, + )