Browse Source

Allow Git access with OAuth token

13.0
Maciej Wawro 5 years ago
parent
commit
1fa67868fb
  1. 2
      galicea_git/__manifest__.py
  2. 11
      galicea_git/controllers/main.py
  3. 1
      galicea_git_oauth/README.md
  4. 4
      galicea_git_oauth/__init__.py
  5. 21
      galicea_git_oauth/__manifest__.py
  6. 1
      galicea_git_oauth/controllers/__init__.py
  7. 14
      galicea_git_oauth/controllers/ext_git_main.py
  8. 1
      galicea_git_oauth/models/__init__.py
  9. 24
      galicea_git_oauth/models/ext_repository.py

2
galicea_git/__manifest__.py

@ -9,7 +9,7 @@
'website': "http://galicea.pl", 'website': "http://galicea.pl",
'category': 'Technical Settings', 'category': 'Technical Settings',
'version': '12.0.0.1',
'version': '12.0.0.2',
'depends': ['web', 'galicea_environment_checkup','galicea_base'], 'depends': ['web', 'galicea_environment_checkup','galicea_base'],

11
galicea_git/controllers/main.py

@ -9,6 +9,11 @@ import werkzeug
from ..http_chunked_fix import http_input_stream from ..http_chunked_fix import http_input_stream
class Main(http.Controller): class Main(http.Controller):
def authorize(self, request):
auth = request.httprequest.authorization
if auth:
request.session.authenticate(request.session.db, auth.username, auth.password)
@http.route( @http.route(
[ [
'/git/<repo>', '/git/<repo>',
@ -18,9 +23,7 @@ class Main(http.Controller):
csrf=False csrf=False
) )
def git(self, request, repo, **kw): def git(self, request, repo, **kw):
auth = request.httprequest.authorization
if auth:
request.session.authenticate(request.session.db, auth.username, auth.password)
self.authorize(request)
if not request.env.uid or request.env.user.login == 'public': if not request.env.uid or request.env.user.login == 'public':
return werkzeug.Response( return werkzeug.Response(
headers=[('WWW-Authenticate', 'Basic')], headers=[('WWW-Authenticate', 'Basic')],
@ -74,7 +77,7 @@ class Main(http.Controller):
if name == 'Status': if name == 'Status':
http_code = int(value.split(b' ')[0]) http_code = int(value.split(b' ')[0])
else: else:
headers.append((name, value))
headers.append((name.decode('ascii'), value.decode('ascii')))
return werkzeug.Response( return werkzeug.Response(
body, body,

1
galicea_git_oauth/README.md

@ -0,0 +1 @@
[See add-on page on odoo.com](https://apps.odoo.com/apps/modules/12.0/galicea_git_oauth/)

4
galicea_git_oauth/__init__.py

@ -0,0 +1,4 @@
# -*- coding: utf-8 -*-
from . import models
from . import controllers

21
galicea_git_oauth/__manifest__.py

@ -0,0 +1,21 @@
# -*- coding: utf-8 -*-
{
'name': "Galicea Git OAuth",
'summary': """
Enables Git auth via OAuth token""",
'author': "Maciej Wawro",
'maintainer': "Galicea",
'website': "http://galicea.pl",
'category': 'Technical Settings',
'version': '12.0.1.0',
'depends': ['galicea_git', 'galicea_openid_connect'],
'data': [
],
'installable': True
}

1
galicea_git_oauth/controllers/__init__.py

@ -0,0 +1 @@
from . import ext_git_main

14
galicea_git_oauth/controllers/ext_git_main.py

@ -0,0 +1,14 @@
from odoo.addons.galicea_git.controllers.main import Main
class ExtMain(Main):
def authorize(self, req):
auth = req.httprequest.authorization
if auth and auth.password == 'bearer':
access_token = req.httprequest.authorization.username
token = req.env['galicea_openid_connect.access_token'].sudo().search(
[('token', '=', access_token)]
)
if token:
req.uid = token.user_id.id
return
super(ExtMain, self).authorize(req)

1
galicea_git_oauth/models/__init__.py

@ -0,0 +1 @@
from . import ext_repository

24
galicea_git_oauth/models/ext_repository.py

@ -0,0 +1,24 @@
# -*- coding: utf-8 -*-
from urllib.parse import urlparse
from odoo import models
class Repository(models.Model):
_inherit = 'galicea_git.repository'
def authenticated_url(self, client):
"""
@param application galicea_openid.application"""
token = self.env['galicea_openid_connect.access_token'].sudo().retrieve_or_create(
self.env.user.id,
client.id
)
unauthenticated_url = self.url
url_parts = urlparse(unauthenticated_url)
return '{}://{}:bearer@{}{}'.format(
url_parts.scheme,
token.token,
url_parts.netloc,
url_parts.path,
)
Loading…
Cancel
Save