Parameterize GitHub OAuth2 scopes.
If no scope provided, default will be used: scope=repo,repo:status,user:email.
This commit is contained in:
parent
671461dc00
commit
c2f3cf06ad
3 changed files with 39 additions and 1 deletions
|
@ -28,6 +28,7 @@ This section lists all connection options used in the connection string format.
|
||||||
|
|
||||||
* `client_id` oauth client id for registered application.
|
* `client_id` oauth client id for registered application.
|
||||||
* `client_secret` oauth client secret for registered application.
|
* `client_secret` oauth client secret for registered application.
|
||||||
|
* `scope=repo,repo:status,user:email` oauth scopes.
|
||||||
* `open=false` allows users to self-register. Defaults to false..
|
* `open=false` allows users to self-register. Defaults to false..
|
||||||
* `orgs=drone&orgs=docker` restricts access to these GitHub organizations. **Optional**
|
* `orgs=drone&orgs=docker` restricts access to these GitHub organizations. **Optional**
|
||||||
* `private_mode=false` indicates GitHub Enterprise is running in private mode.
|
* `private_mode=false` indicates GitHub Enterprise is running in private mode.
|
||||||
|
|
|
@ -30,6 +30,7 @@ type Github struct {
|
||||||
API string
|
API string
|
||||||
Client string
|
Client string
|
||||||
Secret string
|
Secret string
|
||||||
|
Scope string
|
||||||
MergeRef string
|
MergeRef string
|
||||||
Orgs []string
|
Orgs []string
|
||||||
Open bool
|
Open bool
|
||||||
|
@ -56,6 +57,7 @@ func Load(env envconfig.Env) *Github {
|
||||||
github.URL = url_.String()
|
github.URL = url_.String()
|
||||||
github.Client = params.Get("client_id")
|
github.Client = params.Get("client_id")
|
||||||
github.Secret = params.Get("client_secret")
|
github.Secret = params.Get("client_secret")
|
||||||
|
github.Scope = params.Get("scope")
|
||||||
github.Orgs = params["orgs"]
|
github.Orgs = params["orgs"]
|
||||||
github.PrivateMode, _ = strconv.ParseBool(params.Get("private_mode"))
|
github.PrivateMode, _ = strconv.ParseBool(params.Get("private_mode"))
|
||||||
github.SkipVerify, _ = strconv.ParseBool(params.Get("skip_verify"))
|
github.SkipVerify, _ = strconv.ParseBool(params.Get("skip_verify"))
|
||||||
|
@ -69,6 +71,10 @@ func Load(env envconfig.Env) *Github {
|
||||||
github.API = github.URL + "/api/v3/"
|
github.API = github.URL + "/api/v3/"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if github.Scope == "" {
|
||||||
|
github.Scope = DefaultScope
|
||||||
|
}
|
||||||
|
|
||||||
if github.MergeRef == "" {
|
if github.MergeRef == "" {
|
||||||
github.MergeRef = DefaultMergeRef
|
github.MergeRef = DefaultMergeRef
|
||||||
}
|
}
|
||||||
|
@ -83,7 +89,7 @@ func (g *Github) Login(res http.ResponseWriter, req *http.Request) (*model.User,
|
||||||
var config = &oauth2.Config{
|
var config = &oauth2.Config{
|
||||||
ClientId: g.Client,
|
ClientId: g.Client,
|
||||||
ClientSecret: g.Secret,
|
ClientSecret: g.Secret,
|
||||||
Scope: DefaultScope,
|
Scope: g.Scope,
|
||||||
AuthURL: fmt.Sprintf("%s/login/oauth/authorize", g.URL),
|
AuthURL: fmt.Sprintf("%s/login/oauth/authorize", g.URL),
|
||||||
TokenURL: fmt.Sprintf("%s/login/oauth/access_token", g.URL),
|
TokenURL: fmt.Sprintf("%s/login/oauth/access_token", g.URL),
|
||||||
RedirectURL: fmt.Sprintf("%s/authorize", httputil.GetURL(req)),
|
RedirectURL: fmt.Sprintf("%s/authorize", httputil.GetURL(req)),
|
||||||
|
|
|
@ -6,6 +6,7 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
"github.com/drone/drone/shared/envconfig"
|
||||||
"github.com/franela/goblin"
|
"github.com/franela/goblin"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -45,3 +46,33 @@ func TestHook(t *testing.T) {
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestLoad(t *testing.T) {
|
||||||
|
env := envconfig.Env{
|
||||||
|
"REMOTE_CONFIG": "https://github.com?client_id=client&client_secret=secret&scope=scope1,scope2",
|
||||||
|
}
|
||||||
|
g := Load(env)
|
||||||
|
if g.URL != "https://github.com" {
|
||||||
|
t.Errorf("g.URL = %q; want https://github.com")
|
||||||
|
}
|
||||||
|
if g.Client != "client" {
|
||||||
|
t.Errorf("g.Client = %q; want client", g.Client)
|
||||||
|
}
|
||||||
|
if g.Secret != "secret" {
|
||||||
|
t.Errorf("g.Secret = %q; want secret", g.Secret)
|
||||||
|
}
|
||||||
|
if g.Scope != "scope1,scope2" {
|
||||||
|
t.Errorf("g.Scope = %q; want scope1,scope2", g.Scope)
|
||||||
|
}
|
||||||
|
if g.API != DefaultAPI {
|
||||||
|
t.Errorf("g.API = %q; want %q", g.API, DefaultAPI)
|
||||||
|
}
|
||||||
|
if g.MergeRef != DefaultMergeRef {
|
||||||
|
t.Errorf("g.MergeRef = %q; want %q", g.MergeRef, DefaultMergeRef)
|
||||||
|
}
|
||||||
|
|
||||||
|
g = Load(envconfig.Env{})
|
||||||
|
if g.Scope != DefaultScope {
|
||||||
|
t.Errorf("g.Scope = %q; want %q", g.Scope, DefaultScope)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue