From c2f3cf06ad631f318bf0026452b219554f242b27 Mon Sep 17 00:00:00 2001 From: alex Date: Thu, 10 Mar 2016 19:30:14 +0000 Subject: [PATCH] Parameterize GitHub OAuth2 scopes. If no scope provided, default will be used: scope=repo,repo:status,user:email. --- docs/setup/github.md | 1 + remote/github/github.go | 8 +++++++- remote/github/github_test.go | 31 +++++++++++++++++++++++++++++++ 3 files changed, 39 insertions(+), 1 deletion(-) diff --git a/docs/setup/github.md b/docs/setup/github.md index 058eed37..abc26fdc 100644 --- a/docs/setup/github.md +++ b/docs/setup/github.md @@ -28,6 +28,7 @@ This section lists all connection options used in the connection string format. * `client_id` oauth client id for registered application. * `client_secret` oauth client secret for registered application. +* `scope=repo,repo:status,user:email` oauth scopes. * `open=false` allows users to self-register. Defaults to false.. * `orgs=drone&orgs=docker` restricts access to these GitHub organizations. **Optional** * `private_mode=false` indicates GitHub Enterprise is running in private mode. diff --git a/remote/github/github.go b/remote/github/github.go index 80883cf1..3e35ffeb 100644 --- a/remote/github/github.go +++ b/remote/github/github.go @@ -30,6 +30,7 @@ type Github struct { API string Client string Secret string + Scope string MergeRef string Orgs []string Open bool @@ -56,6 +57,7 @@ func Load(env envconfig.Env) *Github { github.URL = url_.String() github.Client = params.Get("client_id") github.Secret = params.Get("client_secret") + github.Scope = params.Get("scope") github.Orgs = params["orgs"] github.PrivateMode, _ = strconv.ParseBool(params.Get("private_mode")) github.SkipVerify, _ = strconv.ParseBool(params.Get("skip_verify")) @@ -69,6 +71,10 @@ func Load(env envconfig.Env) *Github { github.API = github.URL + "/api/v3/" } + if github.Scope == "" { + github.Scope = DefaultScope + } + if github.MergeRef == "" { github.MergeRef = DefaultMergeRef } @@ -83,7 +89,7 @@ func (g *Github) Login(res http.ResponseWriter, req *http.Request) (*model.User, var config = &oauth2.Config{ ClientId: g.Client, ClientSecret: g.Secret, - Scope: DefaultScope, + Scope: g.Scope, AuthURL: fmt.Sprintf("%s/login/oauth/authorize", g.URL), TokenURL: fmt.Sprintf("%s/login/oauth/access_token", g.URL), RedirectURL: fmt.Sprintf("%s/authorize", httputil.GetURL(req)), diff --git a/remote/github/github_test.go b/remote/github/github_test.go index b4c93087..50348e85 100644 --- a/remote/github/github_test.go +++ b/remote/github/github_test.go @@ -6,6 +6,7 @@ import ( "net/http" "testing" + "github.com/drone/drone/shared/envconfig" "github.com/franela/goblin" ) @@ -45,3 +46,33 @@ func TestHook(t *testing.T) { }) }) } + +func TestLoad(t *testing.T) { + env := envconfig.Env{ + "REMOTE_CONFIG": "https://github.com?client_id=client&client_secret=secret&scope=scope1,scope2", + } + g := Load(env) + if g.URL != "https://github.com" { + t.Errorf("g.URL = %q; want https://github.com") + } + if g.Client != "client" { + t.Errorf("g.Client = %q; want client", g.Client) + } + if g.Secret != "secret" { + t.Errorf("g.Secret = %q; want secret", g.Secret) + } + if g.Scope != "scope1,scope2" { + t.Errorf("g.Scope = %q; want scope1,scope2", g.Scope) + } + if g.API != DefaultAPI { + t.Errorf("g.API = %q; want %q", g.API, DefaultAPI) + } + if g.MergeRef != DefaultMergeRef { + t.Errorf("g.MergeRef = %q; want %q", g.MergeRef, DefaultMergeRef) + } + + g = Load(envconfig.Env{}) + if g.Scope != DefaultScope { + t.Errorf("g.Scope = %q; want %q", g.Scope, DefaultScope) + } +}