pesde-pkg/pesde
1
1
Fork 0
mirror of https://github.com/pesde-pkg/pesde.git synced 2024-12-12 11:00:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

refactor: GITHUB_AUTH -> GITHUB_CLIENT_SECRET for GitHub auth in registry

Browse source
This commit is contained in:
daimond113 2024-10-22 17:58:31 +02:00
parent d346fe1d34
commit 901b450a6c
No known key found for this signature in database
GPG key ID: 3A8ECE51328B513C
4 changed files with 6 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
fly.toml
View file

@ -11,7 +11,6 @@ PORT = '8080'
COMMITTER_GIT_NAME = 'pesde index updater' COMMITTER_GIT_NAME = 'pesde index updater'
COMMITTER_GIT_EMAIL = 'pesde@daimond113.com' COMMITTER_GIT_EMAIL = 'pesde@daimond113.com'
INDEX_REPO_URL = 'https://github.com/daimond113/pesde-index' INDEX_REPO_URL = 'https://github.com/daimond113/pesde-index'
GITHUB_AUTH = '1'
[http_service] [http_service]
internal_port = 8080 internal_port = 8080

1
registry/.env.example
View file

@ -21,7 +21,6 @@ READ_ACCESS_TOKEN= # a token that is used to authenticate read requests
WRITE_ACCESS_TOKEN= # a token that is used to authenticate write requests WRITE_ACCESS_TOKEN= # a token that is used to authenticate write requests
# GitHub # GitHub
GITHUB_AUTH= # set to any value to enable GitHub authentication
GITHUB_CLIENT_SECRET= # client secret of the GitHub OAuth app configured in the index's `config.toml` GITHUB_CLIENT_SECRET= # client secret of the GitHub OAuth app configured in the index's `config.toml`
# If none of the above is set, no authentication is required, even for write requests # If none of the above is set, no authentication is required, even for write requests

10
registry/src/auth/mod.rs
View file

@ -13,7 +13,7 @@ use actix_web::{
middleware::Next, middleware::Next,
web, HttpMessage, HttpResponse, web, HttpMessage, HttpResponse,
}; };
use pesde::{source::pesde::PesdePackageSource, Project}; use pesde::source::pesde::IndexConfig;
use sha2::{Digest, Sha256}; use sha2::{Digest, Sha256};
use std::fmt::Display; use std::fmt::Display;
@ -142,20 +142,18 @@ pub async fn read_mw(
next.call(req).await.map(|res| res.map_into_left_body()) next.call(req).await.map(|res| res.map_into_left_body())
} }
pub fn get_auth_from_env(index: &PesdePackageSource, project: &Project) -> Auth { pub fn get_auth_from_env(config: IndexConfig) -> Auth {
if let Ok(token) = benv!("ACCESS_TOKEN") { if let Ok(token) = benv!("ACCESS_TOKEN") {
Auth::Token(token::TokenAuth { Auth::Token(token::TokenAuth {
token: *Sha256::digest(token.as_bytes()).as_ref(), token: *Sha256::digest(token.as_bytes()).as_ref(),
}) })
} else if benv!("GITHUB_AUTH").is_ok() { } else if let Ok(client_secret) = benv!("GITHUB_CLIENT_SECRET") {
let config = index.config(project).expect("failed to get index config");
Auth::GitHub(github::GitHubAuth { Auth::GitHub(github::GitHubAuth {
reqwest_client: make_reqwest(), reqwest_client: make_reqwest(),
client_id: config client_id: config
.github_oauth_client_id .github_oauth_client_id
.expect("index isn't configured for GitHub"), .expect("index isn't configured for GitHub"),
client_secret: benv!(required "GITHUB_CLIENT_SECRET"), client_secret,
}) })
} else if let Ok((r, w)) = } else if let Ok((r, w)) =
benv!("READ_ACCESS_TOKEN").and_then(|r| benv!("WRITE_ACCESS_TOKEN").map(|w| (r, w))) benv!("READ_ACCESS_TOKEN").and_then(|r| benv!("WRITE_ACCESS_TOKEN").map(|w| (r, w)))

3
registry/src/main.rs
View file

@ -110,7 +110,8 @@ async fn run(with_sentry: bool) -> std::io::Result<()> {
storage storage
}, },
auth: { auth: {
let auth = get_auth_from_env(&source, &project); let auth =
get_auth_from_env(source.config(&project).expect("failed to get index config"));
info!("auth: {auth}"); info!("auth: {auth}");
auth auth
}, },