harness-drone/cmd/drone-server/inject_login.go

178 lines
5.7 KiB
Go

// Copyright 2019 Drone IO, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package main
import (
"github.com/drone/drone/cmd/drone-server/config"
"github.com/drone/go-login/login"
"github.com/drone/go-login/login/bitbucket"
"github.com/drone/go-login/login/gitea"
"github.com/drone/go-login/login/github"
"github.com/drone/go-login/login/gitlab"
"github.com/drone/go-login/login/gogs"
"github.com/drone/go-login/login/stash"
"github.com/drone/go-scm/scm/transport/oauth2"
"github.com/google/wire"
"github.com/sirupsen/logrus"
)
// wire set for loading the authenticator.
var loginSet = wire.NewSet(
provideLogin,
provideRefresher,
)
// provideLogin is a Wire provider function that returns an
// authenticator based on the environment configuration.
func provideLogin(config config.Config) login.Middleware {
switch {
case config.Bitbucket.ClientID != "":
return provideBitbucketLogin(config)
case config.Github.ClientID != "":
return provideGithubLogin(config)
case config.Gitea.Server != "":
return provideGiteaLogin(config)
case config.GitLab.ClientID != "":
return provideGitlabLogin(config)
case config.Gogs.Server != "":
return provideGogsLogin(config)
case config.Stash.ConsumerKey != "":
return provideStashLogin(config)
}
logrus.Fatalln("main: source code management system not configured")
return nil
}
// provideBitbucketLogin is a Wire provider function that
// returns a Bitbucket Cloud authenticator based on the
// environment configuration.
func provideBitbucketLogin(config config.Config) login.Middleware {
if config.Bitbucket.ClientID == "" {
return nil
}
return &bitbucket.Config{
ClientID: config.Bitbucket.ClientID,
ClientSecret: config.Bitbucket.ClientSecret,
RedirectURL: config.Server.Addr + "/login",
}
}
// provideGithubLogin is a Wire provider function that returns
// a GitHub authenticator based on the environment configuration.
func provideGithubLogin(config config.Config) login.Middleware {
if config.Github.ClientID == "" {
return nil
}
return &github.Config{
ClientID: config.Github.ClientID,
ClientSecret: config.Github.ClientSecret,
Scope: config.Github.Scope,
Server: config.Github.Server,
Client: defaultClient(config.Github.SkipVerify),
Logger: logrus.StandardLogger(),
}
}
// provideGiteaLogin is a Wire provider function that returns
// a Gitea authenticator based on the environment configuration.
func provideGiteaLogin(config config.Config) login.Middleware {
if config.Gitea.Server == "" {
return nil
}
return &gitea.Config {
ClientID: config.Gitea.ClientID,
ClientSecret: config.Gitea.ClientSecret,
Server: config.Gitea.Server,
Client: defaultClient(config.Gitea.SkipVerify),
Logger: logrus.StandardLogger(),
RedirectURL: config.Server.Addr + "/login",
Scope: config.Gitea.Scope,
}
}
// provideGitlabLogin is a Wire provider function that returns
// a GitLab authenticator based on the environment configuration.
func provideGitlabLogin(config config.Config) login.Middleware {
if config.GitLab.ClientID == "" {
return nil
}
return &gitlab.Config{
ClientID: config.GitLab.ClientID,
ClientSecret: config.GitLab.ClientSecret,
RedirectURL: config.Server.Addr + "/login",
Server: config.GitLab.Server,
Client: defaultClient(config.GitLab.SkipVerify),
}
}
// provideGogsLogin is a Wire provider function that returns
// a Gogs authenticator based on the environment configuration.
func provideGogsLogin(config config.Config) login.Middleware {
if config.Gogs.Server == "" {
return nil
}
return &gogs.Config{
Label: "drone",
Login: "/login/form",
Server: config.Gogs.Server,
Client: defaultClient(config.Gogs.SkipVerify),
}
}
// provideStashLogin is a Wire provider function that returns
// a Stash authenticator based on the environment configuration.
func provideStashLogin(config config.Config) login.Middleware {
if config.Stash.ConsumerKey == "" {
return nil
}
privateKey, err := stash.ParsePrivateKeyFile(config.Stash.PrivateKey)
if err != nil {
logrus.WithError(err).
Fatalln("main: cannot parse Private Key file")
}
return &stash.Config{
Address: config.Stash.Server,
ConsumerKey: config.Stash.ConsumerKey,
ConsumerSecret: config.Stash.ConsumerSecret,
PrivateKey: privateKey,
CallbackURL: config.Server.Addr + "/login",
Client: defaultClient(config.Stash.SkipVerify),
}
}
// provideRefresher is a Wire provider function that returns
// an oauth token refresher for Bitbucket and Gitea
func provideRefresher(config config.Config) *oauth2.Refresher {
switch {
case config.Bitbucket.ClientID != "":
return &oauth2.Refresher{
ClientID: config.Bitbucket.ClientID,
ClientSecret: config.Bitbucket.ClientSecret,
Endpoint: "https://bitbucket.org/site/oauth2/access_token",
Source: oauth2.ContextTokenSource(),
Client: defaultClient(config.Bitbucket.SkipVerify),
}
case config.Gitea.ClientID != "":
return &oauth2.Refresher{
ClientID: config.Gitea.ClientID,
ClientSecret: config.Gitea.ClientSecret,
Endpoint: config.Gitea.Server + "/login/oauth/access_token",
Source: oauth2.ContextTokenSource(),
Client: defaultClient(config.Gitea.SkipVerify),
}
}
return nil
}