Git/gitea-tea
1
0
Fork 0
mirror of https://gitea.com/gitea/tea.git synced 2025-09-02 09:58:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add support for authentication via ssh certificates and pub/privatekey (#442)

Browse Source 
This adds support for authentication using a SSH certificate and normal public keys when you've got an ssh-agent running that has this certificate or your public key loaded.

First question when creating a new login is to ask about the ssh certificates or public keys, when the answer is yes, we don't need to ask about tokens/usernames anymore.

Co-authored-by: Wim <wim@42.be>
Reviewed-on: https://gitea.com/gitea/tea/pulls/442
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: 6543 <6543@obermui.de>
Co-authored-by: Wim <42wim@noreply.gitea.io>
Co-committed-by: Wim <42wim@noreply.gitea.io>
This commit is contained in:
Wim
2022-09-15 03:00:08 +08:00
committed by 6543
parent 4ee5ce4b52
commit 6a4ba6a689
6 changed files with 262 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
cmd/login/add.go
View File

@ -53,13 +53,23 @@ var CmdLoginAdd = cli.Command{
&cli.StringFlag{
Name: "ssh-key",
Aliases: []string{"s"},
Usage: "Path to a SSH key to use, overrides auto-discovery",
Usage: "Path to a SSH key/certificate to use, overrides auto-discovery",
},
&cli.BoolFlag{
Name: "insecure",
Aliases: []string{"i"},
Usage: "Disable TLS verification",
},
&cli.StringFlag{
Name: "ssh-agent-principal",
Aliases: []string{"c"},
Usage: "Use SSH certificate with specified principal to login (needs a running ssh-agent with certificate loaded)",
},
&cli.StringFlag{
Name: "ssh-agent-key",
Aliases: []string{"a"},
Usage: "Use SSH public key or SSH fingerprint to login (needs a running ssh-agent with ssh key loaded)",
},
},
Action: runLoginAdd,
}
@ -70,6 +80,11 @@ func runLoginAdd(ctx *cli.Context) error {
return interact.CreateLogin()
}
sshAgent := false
if ctx.String("ssh-agent-key") != "" || ctx.String("ssh-agent-principal") != "" {
sshAgent = true
}
// else use args to add login
return task.CreateLogin(
ctx.String("name"),
@ -78,5 +93,8 @@ func runLoginAdd(ctx *cli.Context) error {
ctx.String("password"),
ctx.String("ssh-key"),
ctx.String("url"),
ctx.Bool("insecure"))
ctx.String("ssh-agent-principal"),
ctx.String("ssh-agent-key"),
ctx.Bool("insecure"),
sshAgent)
}