Skip to content

fix .netrc authentication #2700

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Oct 15, 2017
Merged

fix .netrc authentication #2700

Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
bed668c
provide both possible authentication solutions
daviian Oct 14, 2017
3bede06
fix fmt errors
daviian Oct 14, 2017
1607b7c
Merge branch 'master' into bugfix/netrc-behaviour
lafriks Oct 15, 2017
693ae57
Add missing return and code cleanup
lafriks Oct 15, 2017
a187b5b
Merge branch 'master' into bugfix/netrc-behaviour
lunny Oct 15, 2017
d33ad7a
simplify if construct
daviian Oct 15, 2017
15998be
Merge branch 'master' into bugfix/netrc-behaviour
lafriks Oct 15, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 24 additions & 10 deletions routers/repo/http.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -139,19 +139,28 @@ func HTTP(ctx *context.Context) {
}

if authUser == nil {
authUser, err = models.GetUserByName(authUsername)
isUsernameToken := len(authPasswd) == 0 || authPasswd == "x-oauth-basic"

if err != nil {
if models.IsErrUserNotExist(err) {
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
} else {
ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
// Assume username is token
authToken := authUsername

if !isUsernameToken {
// Assume password is token
authToken = authPasswd

authUser, err = models.GetUserByName(authUsername)
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
} else {
ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
}
return
}
return
}

// Assume password is a token.
token, err := models.GetAccessTokenBySHA(authPasswd)
token, err := models.GetAccessTokenBySHA(authToken)
if err != nil {
if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
Expand All @@ -161,7 +170,13 @@ func HTTP(ctx *context.Context) {
return
}

if authUser.ID != token.UID {
if isUsernameToken {
authUser, err = models.GetUserByID(token.UID)
if err != nil {
ctx.Handle(http.StatusInternalServerError, "GetUserByID", err)
return
}
} else if authUser.ID != token.UID {
ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
return
}
Expand All @@ -170,7 +185,6 @@ func HTTP(ctx *context.Context) {
if err = models.UpdateAccessToken(token); err != nil {
ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)
}

} else {
_, err = models.GetTwoFactorByUID(authUser.ID)

Expand Down