From 901b450a6c4df7e3db353ca2ac443266c2f19ad6 Mon Sep 17 00:00:00 2001 From: daimond113 <72147841+daimond113@users.noreply.github.com> Date: Tue, 22 Oct 2024 17:58:31 +0200 Subject: [PATCH] refactor: GITHUB_AUTH -> GITHUB_CLIENT_SECRET for GitHub auth in registry --- fly.toml | 1 - registry/.env.example | 1 - registry/src/auth/mod.rs | 10 ++++------ registry/src/main.rs | 3 ++- 4 files changed, 6 insertions(+), 9 deletions(-) diff --git a/fly.toml b/fly.toml index 4b85bc4..b930aa6 100644 --- a/fly.toml +++ b/fly.toml @@ -11,7 +11,6 @@ PORT = '8080' COMMITTER_GIT_NAME = 'pesde index updater' COMMITTER_GIT_EMAIL = 'pesde@daimond113.com' INDEX_REPO_URL = 'https://github.com/daimond113/pesde-index' -GITHUB_AUTH = '1' [http_service] internal_port = 8080 diff --git a/registry/.env.example b/registry/.env.example index 7af3b7b..dc07e16 100644 --- a/registry/.env.example +++ b/registry/.env.example @@ -21,7 +21,6 @@ READ_ACCESS_TOKEN= # a token that is used to authenticate read requests WRITE_ACCESS_TOKEN= # a token that is used to authenticate write requests # GitHub -GITHUB_AUTH= # set to any value to enable GitHub authentication GITHUB_CLIENT_SECRET= # client secret of the GitHub OAuth app configured in the index's `config.toml` # If none of the above is set, no authentication is required, even for write requests diff --git a/registry/src/auth/mod.rs b/registry/src/auth/mod.rs index 1a5042f..2a4d19d 100644 --- a/registry/src/auth/mod.rs +++ b/registry/src/auth/mod.rs @@ -13,7 +13,7 @@ use actix_web::{ middleware::Next, web, HttpMessage, HttpResponse, }; -use pesde::{source::pesde::PesdePackageSource, Project}; +use pesde::source::pesde::IndexConfig; use sha2::{Digest, Sha256}; use std::fmt::Display; @@ -142,20 +142,18 @@ pub async fn read_mw( next.call(req).await.map(|res| res.map_into_left_body()) } -pub fn get_auth_from_env(index: &PesdePackageSource, project: &Project) -> Auth { +pub fn get_auth_from_env(config: IndexConfig) -> Auth { if let Ok(token) = benv!("ACCESS_TOKEN") { Auth::Token(token::TokenAuth { token: *Sha256::digest(token.as_bytes()).as_ref(), }) - } else if benv!("GITHUB_AUTH").is_ok() { - let config = index.config(project).expect("failed to get index config"); - + } else if let Ok(client_secret) = benv!("GITHUB_CLIENT_SECRET") { Auth::GitHub(github::GitHubAuth { reqwest_client: make_reqwest(), client_id: config .github_oauth_client_id .expect("index isn't configured for GitHub"), - client_secret: benv!(required "GITHUB_CLIENT_SECRET"), + client_secret, }) } else if let Ok((r, w)) = benv!("READ_ACCESS_TOKEN").and_then(|r| benv!("WRITE_ACCESS_TOKEN").map(|w| (r, w))) diff --git a/registry/src/main.rs b/registry/src/main.rs index 04884fd..7bf2b82 100644 --- a/registry/src/main.rs +++ b/registry/src/main.rs @@ -110,7 +110,8 @@ async fn run(with_sentry: bool) -> std::io::Result<()> { storage }, auth: { - let auth = get_auth_from_env(&source, &project); + let auth = + get_auth_from_env(source.config(&project).expect("failed to get index config")); info!("auth: {auth}"); auth },