harness-drone/cmd/drone-server/inject_login.go

// Copyright 2019 Drone IO, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package main

import (
	"github.com/drone/drone/cmd/drone-server/config"
	"github.com/drone/go-login/login"
	"github.com/drone/go-login/login/bitbucket"
	"github.com/drone/go-login/login/gitea"
	"github.com/drone/go-login/login/gitee"
	"github.com/drone/go-login/login/github"
	"github.com/drone/go-login/login/gitlab"
	"github.com/drone/go-login/login/gogs"
	"github.com/drone/go-login/login/stash"
	"github.com/drone/go-scm/scm/transport/oauth2"
	"strings"

	"github.com/google/wire"
	"github.com/sirupsen/logrus"
)

// wire set for loading the authenticator.
var loginSet = wire.NewSet(
	provideLogin,
	provideRefresher,
)

// provideLogin is a Wire provider function that returns an
// authenticator based on the environment configuration.
func provideLogin(config config.Config) login.Middleware {
	switch {
	case config.Bitbucket.ClientID != "":
		return provideBitbucketLogin(config)
	case config.Github.ClientID != "":
		return provideGithubLogin(config)
	case config.Gitee.ClientID != "":
		return provideGiteeLogin(config)
	case config.Gitea.Server != "":
		return provideGiteaLogin(config)
	case config.GitLab.ClientID != "":
		return provideGitlabLogin(config)
	case config.Gogs.Server != "":
		return provideGogsLogin(config)
	case config.Stash.ConsumerKey != "":
		return provideStashLogin(config)
	}
	logrus.Fatalln("main: source code management system not configured")
	return nil
}

// provideBitbucketLogin is a Wire provider function that
// returns a Bitbucket Cloud authenticator based on the
// environment configuration.
func provideBitbucketLogin(config config.Config) login.Middleware {
	if config.Bitbucket.ClientID == "" {
		return nil
	}
	return &bitbucket.Config{
		ClientID:     config.Bitbucket.ClientID,
		ClientSecret: config.Bitbucket.ClientSecret,
		RedirectURL:  config.Server.Addr + "/login",
	}
}

// provideGithubLogin is a Wire provider function that returns
// a GitHub authenticator based on the environment configuration.
func provideGithubLogin(config config.Config) login.Middleware {
	if config.Github.ClientID == "" {
		return nil
	}
	return &github.Config{
		ClientID:     config.Github.ClientID,
		ClientSecret: config.Github.ClientSecret,
		Scope:        config.Github.Scope,
		Server:       config.Github.Server,
		Client:       defaultClient(config.Github.SkipVerify),
		Logger:       logrus.StandardLogger(),
	}
}

// provideGiteeLogin is a Wire provider function that returns
// a Gitee authenticator based on the environment configuration.
func provideGiteeLogin(config config.Config) login.Middleware {
	if config.Gitee.ClientID == "" {
		return nil
	}
	redirectURL := config.Gitee.RedirectURL
	if redirectURL == "" {
		redirectURL = config.Server.Addr + "/login"
	}
	return &gitee.Config{
		ClientID:     config.Gitee.ClientID,
		ClientSecret: config.Gitee.ClientSecret,
		RedirectURL:  redirectURL,
		Server:       config.Gitee.Server,
		Scope:        config.Gitee.Scope,
		Client:       defaultClient(config.Gitee.SkipVerify),
	}
}

// provideGiteaLogin is a Wire provider function that returns
// a Gitea authenticator based on the environment configuration.
func provideGiteaLogin(config config.Config) login.Middleware {
	if config.Gitea.Server == "" {
		return nil
	}
	return &gitea.Config{
		ClientID:     config.Gitea.ClientID,
		ClientSecret: config.Gitea.ClientSecret,
		Server:       config.Gitea.Server,
		Client:       defaultClient(config.Gitea.SkipVerify),
		Logger:       logrus.StandardLogger(),
		RedirectURL:  config.Server.Addr + "/login",
		Scope:        config.Gitea.Scope,
	}
}

// provideGitlabLogin is a Wire provider function that returns
// a GitLab authenticator based on the environment configuration.
func provideGitlabLogin(config config.Config) login.Middleware {
	if config.GitLab.ClientID == "" {
		return nil
	}
	return &gitlab.Config{
		ClientID:     config.GitLab.ClientID,
		ClientSecret: config.GitLab.ClientSecret,
		RedirectURL:  config.Server.Addr + "/login",
		Server:       config.GitLab.Server,
		Client:       defaultClient(config.GitLab.SkipVerify),
	}
}

// provideGogsLogin is a Wire provider function that returns
// a Gogs authenticator based on the environment configuration.
func provideGogsLogin(config config.Config) login.Middleware {
	if config.Gogs.Server == "" {
		return nil
	}
	return &gogs.Config{
		Label:  "drone",
		Login:  "/login/form",
		Server: config.Gogs.Server,
		Client: defaultClient(config.Gogs.SkipVerify),
	}
}

// provideStashLogin is a Wire provider function that returns
// a Stash authenticator based on the environment configuration.
func provideStashLogin(config config.Config) login.Middleware {
	if config.Stash.ConsumerKey == "" {
		return nil
	}
	privateKey, err := stash.ParsePrivateKeyFile(config.Stash.PrivateKey)
	if err != nil {
		logrus.WithError(err).
			Fatalln("main: cannot parse Private Key file")
	}
	return &stash.Config{
		Address:        config.Stash.Server,
		ConsumerKey:    config.Stash.ConsumerKey,
		ConsumerSecret: config.Stash.ConsumerSecret,
		PrivateKey:     privateKey,
		CallbackURL:    config.Server.Addr + "/login",
		Client:         defaultClient(config.Stash.SkipVerify),
	}
}

// provideRefresher is a Wire provider function that returns
// an oauth token refresher for Bitbucket and Gitea
func provideRefresher(config config.Config) *oauth2.Refresher {
	switch {
	case config.Bitbucket.ClientID != "":
		return &oauth2.Refresher{
			ClientID:     config.Bitbucket.ClientID,
			ClientSecret: config.Bitbucket.ClientSecret,
			Endpoint:     "https://bitbucket.org/site/oauth2/access_token",
			Source:       oauth2.ContextTokenSource(),
			Client:       defaultClient(config.Bitbucket.SkipVerify),
		}
	case config.Gitea.ClientID != "":
		return &oauth2.Refresher{
			ClientID:     config.Gitea.ClientID,
			ClientSecret: config.Gitea.ClientSecret,
			Endpoint:     strings.TrimSuffix(config.Gitea.Server, "/") + "/login/oauth/access_token",
			Source:       oauth2.ContextTokenSource(),
			Client:       defaultClient(config.Gitea.SkipVerify),
		}
	case config.GitLab.ClientID != "":
		return &oauth2.Refresher{
			ClientID:     config.GitLab.ClientID,
			ClientSecret: config.GitLab.ClientSecret,
			Endpoint:     strings.TrimSuffix(config.GitLab.Server, "/") + "/oauth/token",
			Source:       oauth2.ContextTokenSource(),
			Client:       defaultClient(config.GitLab.SkipVerify),
		}
	case config.Gitee.ClientID != "":
		return &oauth2.Refresher{
			ClientID:     config.Gitee.ClientID,
			ClientSecret: config.Gitee.ClientSecret,
			Endpoint:     strings.TrimSuffix(config.Gitee.Server, "/") + "/oauth/token",
			Source:       oauth2.ContextTokenSource(),
			Client:       defaultClient(config.Gitee.SkipVerify),
		}

	}
	return nil
}
squash and merge local branch 2019-02-19 23:56:41 +00:00			`// Copyright 2019 Drone IO, Inc.`
			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

			`package main`

			`import (`
			`"github.com/drone/drone/cmd/drone-server/config"`
			`"github.com/drone/go-login/login"`
			`"github.com/drone/go-login/login/bitbucket"`
Update inject_login.go 2019-03-08 18:38:20 +00:00			`"github.com/drone/go-login/login/gitea"`
Feat: implemented gitee client (#3156) * Feature: implemented gitee client implemented gitee client * update Gitee struct * inject netrc.Password when driver is gitee * auto genarate gitee redirectURL * update go-login and go-scm 2021-11-25 15:35:02 +00:00			`"github.com/drone/go-login/login/gitee"`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`"github.com/drone/go-login/login/github"`
			`"github.com/drone/go-login/login/gitlab"`
			`"github.com/drone/go-login/login/gogs"`
			`"github.com/drone/go-login/login/stash"`
			`"github.com/drone/go-scm/scm/transport/oauth2"`
Missing the strings library 2020-02-14 08:08:08 +00:00			`"strings"`
squash and merge local branch 2019-02-19 23:56:41 +00:00
			`"github.com/google/wire"`
			`"github.com/sirupsen/logrus"`
			`)`

			`// wire set for loading the authenticator.`
			`var loginSet = wire.NewSet(`
			`provideLogin,`
			`provideRefresher,`
			`)`

			`// provideLogin is a Wire provider function that returns an`
fix some typos 2019-04-16 01:55:38 +00:00			`// authenticator based on the environment configuration.`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`func provideLogin(config config.Config) login.Middleware {`
			`switch {`
			`case config.Bitbucket.ClientID != "":`
			`return provideBitbucketLogin(config)`
			`case config.Github.ClientID != "":`
			`return provideGithubLogin(config)`
Feat: implemented gitee client (#3156) * Feature: implemented gitee client implemented gitee client * update Gitee struct * inject netrc.Password when driver is gitee * auto genarate gitee redirectURL * update go-login and go-scm 2021-11-25 15:35:02 +00:00			`case config.Gitee.ClientID != "":`
			`return provideGiteeLogin(config)`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`case config.Gitea.Server != "":`
			`return provideGiteaLogin(config)`
			`case config.GitLab.ClientID != "":`
			`return provideGitlabLogin(config)`
			`case config.Gogs.Server != "":`
			`return provideGogsLogin(config)`
			`case config.Stash.ConsumerKey != "":`
			`return provideStashLogin(config)`
			`}`
			`logrus.Fatalln("main: source code management system not configured")`
			`return nil`
			`}`

			`// provideBitbucketLogin is a Wire provider function that`
fix some typos 2019-04-16 01:55:38 +00:00			`// returns a Bitbucket Cloud authenticator based on the`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`// environment configuration.`
			`func provideBitbucketLogin(config config.Config) login.Middleware {`
			`if config.Bitbucket.ClientID == "" {`
			`return nil`
			`}`
			`return &bitbucket.Config{`
			`ClientID: config.Bitbucket.ClientID,`
			`ClientSecret: config.Bitbucket.ClientSecret,`
			`RedirectURL: config.Server.Addr + "/login",`
			`}`
			`}`

			`// provideGithubLogin is a Wire provider function that returns`
fix some typos 2019-04-16 01:55:38 +00:00			`// a GitHub authenticator based on the environment configuration.`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`func provideGithubLogin(config config.Config) login.Middleware {`
			`if config.Github.ClientID == "" {`
			`return nil`
			`}`
			`return &github.Config{`
			`ClientID: config.Github.ClientID,`
			`ClientSecret: config.Github.ClientSecret,`
			`Scope: config.Github.Scope,`
			`Server: config.Github.Server,`
			`Client: defaultClient(config.Github.SkipVerify),`
			`Logger: logrus.StandardLogger(),`
			`}`
			`}`

Feat: implemented gitee client (#3156) * Feature: implemented gitee client implemented gitee client * update Gitee struct * inject netrc.Password when driver is gitee * auto genarate gitee redirectURL * update go-login and go-scm 2021-11-25 15:35:02 +00:00			`// provideGiteeLogin is a Wire provider function that returns`
			`// a Gitee authenticator based on the environment configuration.`
			`func provideGiteeLogin(config config.Config) login.Middleware {`
			`if config.Gitee.ClientID == "" {`
			`return nil`
			`}`
			`redirectURL := config.Gitee.RedirectURL`
			`if redirectURL == "" {`
			`redirectURL = config.Server.Addr + "/login"`
			`}`
			`return &gitee.Config{`
			`ClientID: config.Gitee.ClientID,`
			`ClientSecret: config.Gitee.ClientSecret,`
			`RedirectURL: redirectURL,`
			`Server: config.Gitee.Server,`
			`Scope: config.Gitee.Scope,`
			`Client: defaultClient(config.Gitee.SkipVerify),`
			`}`
			`}`

squash and merge local branch 2019-02-19 23:56:41 +00:00			`// provideGiteaLogin is a Wire provider function that returns`
fix some typos 2019-04-16 01:55:38 +00:00			`// a Gitea authenticator based on the environment configuration.`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`func provideGiteaLogin(config config.Config) login.Middleware {`
			`if config.Gitea.Server == "" {`
			`return nil`
			`}`
fixbug gitee provide refresher (#3168) 2021-12-19 12:45:19 +00:00			`return &gitea.Config{`
rm basic auth option from Gitea 2019-06-05 21:36:10 +00:00			`ClientID: config.Gitea.ClientID,`
			`ClientSecret: config.Gitea.ClientSecret,`
			`Server: config.Gitea.Server,`
			`Client: defaultClient(config.Gitea.SkipVerify),`
			`Logger: logrus.StandardLogger(),`
			`RedirectURL: config.Server.Addr + "/login",`
			`Scope: config.Gitea.Scope,`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`}`
			`}`

			`// provideGitlabLogin is a Wire provider function that returns`
fix some typos 2019-04-16 01:55:38 +00:00			`// a GitLab authenticator based on the environment configuration.`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`func provideGitlabLogin(config config.Config) login.Middleware {`
			`if config.GitLab.ClientID == "" {`
			`return nil`
			`}`
			`return &gitlab.Config{`
			`ClientID: config.GitLab.ClientID,`
			`ClientSecret: config.GitLab.ClientSecret,`
			`RedirectURL: config.Server.Addr + "/login",`
			`Server: config.GitLab.Server,`
			`Client: defaultClient(config.GitLab.SkipVerify),`
			`}`
			`}`

			`// provideGogsLogin is a Wire provider function that returns`
fix some typos 2019-04-16 01:55:38 +00:00			`// a Gogs authenticator based on the environment configuration.`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`func provideGogsLogin(config config.Config) login.Middleware {`
			`if config.Gogs.Server == "" {`
			`return nil`
			`}`
			`return &gogs.Config{`
			`Label: "drone",`
			`Login: "/login/form",`
			`Server: config.Gogs.Server,`
			`Client: defaultClient(config.Gogs.SkipVerify),`
			`}`
			`}`

			`// provideStashLogin is a Wire provider function that returns`
fix some typos 2019-04-16 01:55:38 +00:00			`// a Stash authenticator based on the environment configuration.`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`func provideStashLogin(config config.Config) login.Middleware {`
			`if config.Stash.ConsumerKey == "" {`
			`return nil`
			`}`
			`privateKey, err := stash.ParsePrivateKeyFile(config.Stash.PrivateKey)`
			`if err != nil {`
			`logrus.WithError(err).`
			`Fatalln("main: cannot parse Private Key file")`
			`}`
			`return &stash.Config{`
			`Address: config.Stash.Server,`
			`ConsumerKey: config.Stash.ConsumerKey,`
			`ConsumerSecret: config.Stash.ConsumerSecret,`
			`PrivateKey: privateKey,`
			`CallbackURL: config.Server.Addr + "/login",`
			`Client: defaultClient(config.Stash.SkipVerify),`
			`}`
			`}`

			`// provideRefresher is a Wire provider function that returns`
update docs per feedback 2019-04-22 23:52:37 +00:00			`// an oauth token refresher for Bitbucket and Gitea`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`func provideRefresher(config config.Config) *oauth2.Refresher {`
use switch case 2019-04-22 23:36:47 +00:00			`switch {`
			`case config.Bitbucket.ClientID != "":`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`return &oauth2.Refresher{`
			`ClientID: config.Bitbucket.ClientID,`
			`ClientSecret: config.Bitbucket.ClientSecret,`
			`Endpoint: "https://bitbucket.org/site/oauth2/access_token",`
			`Source: oauth2.ContextTokenSource(),`
add http.Client with skipverify option to oauth renew token method, fix #2876 2019-11-10 10:06:18 +00:00			`Client: defaultClient(config.Bitbucket.SkipVerify),`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`}`
update per feedback 2019-04-22 23:50:31 +00:00			`case config.Gitea.ClientID != "":`
Refresh Gitea Oauth2 token 2019-04-22 20:54:25 +00:00			`return &oauth2.Refresher{`
			`ClientID: config.Gitea.ClientID,`
			`ClientSecret: config.Gitea.ClientSecret,`
Fix bug when refresh gitea access token When the URI has extra '/' in DRONE_GITEA_SERVER, the drone will not pull the repo since it cannot refresh the access token. The log in gitea shows the drone try to access '//login/oauth/access_token' Related to commit 5414bb75f 2020-02-14 08:01:48 +00:00			`Endpoint: strings.TrimSuffix(config.Gitea.Server, "/") + "/login/oauth/access_token",`
Refresh Gitea Oauth2 token 2019-04-22 20:54:25 +00:00			`Source: oauth2.ContextTokenSource(),`
add http.Client with skipverify option to oauth renew token method, fix #2876 2019-11-10 10:06:18 +00:00			`Client: defaultClient(config.Gitea.SkipVerify),`
Refresh Gitea Oauth2 token 2019-04-22 20:54:25 +00:00			`}`
Added OAuth2 token refresher for Gitlab (#3215) 2022-06-14 09:46:35 +00:00			`case config.GitLab.ClientID != "":`
			`return &oauth2.Refresher{`
			`ClientID: config.GitLab.ClientID,`
			`ClientSecret: config.GitLab.ClientSecret,`
			`Endpoint: strings.TrimSuffix(config.GitLab.Server, "/") + "/oauth/token",`
			`Source: oauth2.ContextTokenSource(),`
			`Client: defaultClient(config.GitLab.SkipVerify),`
			`}`
fixbug gitee provide refresher (#3168) 2021-12-19 12:45:19 +00:00			`case config.Gitee.ClientID != "":`
			`return &oauth2.Refresher{`
			`ClientID: config.Gitee.ClientID,`
			`ClientSecret: config.Gitee.ClientSecret,`
			`Endpoint: strings.TrimSuffix(config.Gitee.Server, "/") + "/oauth/token",`
			`Source: oauth2.ContextTokenSource(),`
			`Client: defaultClient(config.Gitee.SkipVerify),`
			`}`

Refresh Gitea Oauth2 token 2019-04-22 20:54:25 +00:00			`}`
squash and merge local branch 2019-02-19 23:56:41 +00:00			`return nil`
			`}`