Add api subcommand for arbitrary api calls not covered by existing subcommands (#879)

Reviewed-on: https://gitea.com/gitea/tea/pulls/879 Co-authored-by: techknowlogick <techknowlogick@gitea.com> Co-committed-by: techknowlogick <techknowlogick@gitea.com>
2026-02-21 22:03:32 +01:00 · 2026-02-03 20:24:21 +00:00
parent 6414a5e00e
commit 82d8a14c73
9 changed files with 540 additions and 133 deletions
--- a/modules/api/client.go
+++ b/modules/api/client.go
@@ -0,0 +1,105 @@
+// Copyright 2026 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package api
+
+import (
+	"crypto/tls"
+	"fmt"
+	"io"
+	"log"
+	"net/http"
+	"net/url"
+	"strings"
+
+	"code.gitea.io/tea/modules/config"
+)
+
+// Client provides direct HTTP access to Gitea API
+type Client struct {
+	baseURL    string
+	token      string
+	httpClient *http.Client
+}
+
+// NewClient creates a new API client from a Login config
+func NewClient(login *config.Login) *Client {
+	// Refresh OAuth token if expired or near expiry
+	if err := login.RefreshOAuthTokenIfNeeded(); err != nil {
+		log.Printf("Warning: failed to refresh OAuth token: %v", err)
+	}
+
+	httpClient := &http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: login.Insecure},
+		},
+	}
+
+	return &Client{
+		baseURL:    strings.TrimSuffix(login.URL, "/"),
+		token:      login.Token,
+		httpClient: httpClient,
+	}
+}
+
+// Do executes an HTTP request with authentication headers
+func (c *Client) Do(method, endpoint string, body io.Reader, headers map[string]string) (*http.Response, error) {
+	// Build the full URL
+	reqURL, err := c.buildURL(endpoint)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest(method, reqURL, body)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create request: %w", err)
+	}
+
+	// Set authentication header
+	if c.token != "" {
+		req.Header.Set("Authorization", "token "+c.token)
+	}
+
+	// Set default content type for requests with body
+	if body != nil {
+		req.Header.Set("Content-Type", "application/json")
+	}
+
+	// Apply custom headers (can override defaults)
+	for key, value := range headers {
+		req.Header.Set(key, value)
+	}
+
+	return c.httpClient.Do(req)
+}
+
+// buildURL constructs the full URL from an endpoint
+func (c *Client) buildURL(endpoint string) (string, error) {
+	// If endpoint is already a full URL, validate it matches the login's host
+	if strings.HasPrefix(endpoint, "http://") || strings.HasPrefix(endpoint, "https://") {
+		endpointURL, err := url.Parse(endpoint)
+		if err != nil {
+			return "", fmt.Errorf("invalid URL: %w", err)
+		}
+		baseURL, err := url.Parse(c.baseURL)
+		if err != nil {
+			return "", fmt.Errorf("invalid base URL: %w", err)
+		}
+		if endpointURL.Host != baseURL.Host {
+			return "", fmt.Errorf("URL host %q does not match login host %q (token would be sent to wrong server)", endpointURL.Host, baseURL.Host)
+		}
+		return endpoint, nil
+	}
+
+	// Ensure endpoint starts with /
+	if !strings.HasPrefix(endpoint, "/") {
+		endpoint = "/" + endpoint
+	}
+
+	// Auto-prefix /api/v1/ if not present
+	if !strings.HasPrefix(endpoint, "/api/") {
+		endpoint = "/api/v1" + endpoint
+	}
+
+	return c.baseURL + endpoint, nil
+}