From b59d654f45706893dc754e5e7b25372902d70df8 Mon Sep 17 00:00:00 2001 From: qwerty287 <80460567+qwerty287@users.noreply.github.com> Date: Sat, 3 Jun 2023 03:03:06 +0200 Subject: [PATCH] Do not use oauth client without token (#1803) Closes https://github.com/woodpecker-ci/woodpecker/issues/1370 --- .../forge/bitbucketserver/bitbucketserver.go | 2 +- server/forge/common/utils.go | 27 +++++++++++++++++++ server/forge/gitea/gitea.go | 16 +++-------- server/forge/github/github.go | 15 +++-------- server/forge/gitlab/gitlab.go | 15 +++-------- 5 files changed, 37 insertions(+), 38 deletions(-) diff --git a/server/forge/bitbucketserver/bitbucketserver.go b/server/forge/bitbucketserver/bitbucketserver.go index 24c526fd7..80569bdf6 100644 --- a/server/forge/bitbucketserver/bitbucketserver.go +++ b/server/forge/bitbucketserver/bitbucketserver.go @@ -235,7 +235,7 @@ func (c *Config) Activate(ctx context.Context, u *model.User, r *model.Repo, lin // Branches returns the names of all branches for the named repository. func (c *Config) Branches(ctx context.Context, u *model.User, r *model.Repo, p *model.ListOptions) ([]string, error) { - bitbucketBranches, err := internal.NewClientWithToken(ctx, c.url, c.Consumer, u.Token).ListBranches(r.Owner, r.Name, p.Page, p.PerPage) + bitbucketBranches, err := internal.NewClientWithToken(ctx, c.url, c.Consumer, common.UserToken(ctx, r, u)).ListBranches(r.Owner, r.Name, p.Page, p.PerPage) if err != nil { return nil, err } diff --git a/server/forge/common/utils.go b/server/forge/common/utils.go index da3128f59..5067d3217 100644 --- a/server/forge/common/utils.go +++ b/server/forge/common/utils.go @@ -15,9 +15,15 @@ package common import ( + "context" "net" "net/url" "strings" + + "github.com/rs/zerolog/log" + + "github.com/woodpecker-ci/woodpecker/server/model" + "github.com/woodpecker-ci/woodpecker/server/store" ) func ExtractHostFromCloneURL(cloneURL string) (string, error) { @@ -37,3 +43,24 @@ func ExtractHostFromCloneURL(cloneURL string) (string, error) { return host, nil } + +func UserToken(ctx context.Context, r *model.Repo, u *model.User) string { + if u != nil { + return u.Token + } + + _store, ok := store.TryFromContext(ctx) + if !ok { + log.Error().Msg("could not get store from context") + return "" + } + if r == nil { + log.Error().Msg("can not get user token by empty repo") + return "" + } + user, err := _store.GetUser(r.UserID) + if err != nil { + return "" + } + return user.Token +} diff --git a/server/forge/gitea/gitea.go b/server/forge/gitea/gitea.go index 14378eef6..e0e4a6bcd 100644 --- a/server/forge/gitea/gitea.go +++ b/server/forge/gitea/gitea.go @@ -423,10 +423,7 @@ func (c *Gitea) Deactivate(ctx context.Context, u *model.User, r *model.Repo, li // Branches returns the names of all branches for the named repository. func (c *Gitea) Branches(ctx context.Context, u *model.User, r *model.Repo, p *model.ListOptions) ([]string, error) { - token := "" - if u != nil { - token = u.Token - } + token := common.UserToken(ctx, r, u) client, err := c.newClientToken(ctx, token) if err != nil { return nil, err @@ -446,11 +443,7 @@ func (c *Gitea) Branches(ctx context.Context, u *model.User, r *model.Repo, p *m // BranchHead returns the sha of the head (latest commit) of the specified branch func (c *Gitea) BranchHead(ctx context.Context, u *model.User, r *model.Repo, branch string) (string, error) { - token := "" - if u != nil { - token = u.Token - } - + token := common.UserToken(ctx, r, u) client, err := c.newClientToken(ctx, token) if err != nil { return "", err @@ -464,10 +457,7 @@ func (c *Gitea) BranchHead(ctx context.Context, u *model.User, r *model.Repo, br } func (c *Gitea) PullRequests(ctx context.Context, u *model.User, r *model.Repo, p *model.ListOptions) ([]*model.PullRequest, error) { - token := "" - if u != nil { - token = u.Token - } + token := common.UserToken(ctx, r, u) client, err := c.newClientToken(ctx, token) if err != nil { return nil, err diff --git a/server/forge/github/github.go b/server/forge/github/github.go index 40342e349..f4f742170 100644 --- a/server/forge/github/github.go +++ b/server/forge/github/github.go @@ -277,10 +277,7 @@ func (c *client) Dir(ctx context.Context, u *model.User, r *model.Repo, b *model } func (c *client) PullRequests(ctx context.Context, u *model.User, r *model.Repo, p *model.ListOptions) ([]*model.PullRequest, error) { - token := "" - if u != nil { - token = u.Token - } + token := common.UserToken(ctx, r, u) client := c.newClientToken(ctx, token) pullRequests, _, err := client.PullRequests.List(ctx, r.Owner, r.Name, &github.PullRequestListOptions{ @@ -511,10 +508,7 @@ func (c *client) Activate(ctx context.Context, u *model.User, r *model.Repo, lin // Branches returns the names of all branches for the named repository. func (c *client) Branches(ctx context.Context, u *model.User, r *model.Repo, p *model.ListOptions) ([]string, error) { - token := "" - if u != nil { - token = u.Token - } + token := common.UserToken(ctx, r, u) client := c.newClientToken(ctx, token) githubBranches, _, err := client.Repositories.ListBranches(ctx, r.Owner, r.Name, &github.BranchListOptions{ @@ -533,10 +527,7 @@ func (c *client) Branches(ctx context.Context, u *model.User, r *model.Repo, p * // BranchHead returns the sha of the head (latest commit) of the specified branch func (c *client) BranchHead(ctx context.Context, u *model.User, r *model.Repo, branch string) (string, error) { - token := "" - if u != nil { - token = u.Token - } + token := common.UserToken(ctx, r, u) b, _, err := c.newClientToken(ctx, token).Repositories.GetBranch(ctx, r.Owner, r.Name, branch, true) if err != nil { return "", err diff --git a/server/forge/gitlab/gitlab.go b/server/forge/gitlab/gitlab.go index db4ab20e2..f44b96f4e 100644 --- a/server/forge/gitlab/gitlab.go +++ b/server/forge/gitlab/gitlab.go @@ -308,10 +308,7 @@ func (g *GitLab) Repos(ctx context.Context, user *model.User) ([]*model.Repo, er } func (g *GitLab) PullRequests(ctx context.Context, u *model.User, r *model.Repo, p *model.ListOptions) ([]*model.PullRequest, error) { - token := "" - if u != nil { - token = u.Token - } + token := common.UserToken(ctx, r, u) client, err := newClient(g.url, token, g.SkipVerify) if err != nil { return nil, err @@ -550,10 +547,7 @@ func (g *GitLab) Deactivate(ctx context.Context, user *model.User, repo *model.R // Branches returns the names of all branches for the named repository. func (g *GitLab) Branches(ctx context.Context, user *model.User, repo *model.Repo, p *model.ListOptions) ([]string, error) { - token := "" - if user != nil { - token = user.Token - } + token := common.UserToken(ctx, repo, user) client, err := newClient(g.url, token, g.SkipVerify) if err != nil { return nil, err @@ -580,10 +574,7 @@ func (g *GitLab) Branches(ctx context.Context, user *model.User, repo *model.Rep // BranchHead returns the sha of the head (latest commit) of the specified branch func (g *GitLab) BranchHead(ctx context.Context, u *model.User, r *model.Repo, branch string) (string, error) { - token := "" - if u != nil { - token = u.Token - } + token := common.UserToken(ctx, r, u) client, err := newClient(g.url, token, g.SkipVerify) if err != nil { return "", err