[Refactor] unexport config.Config var & move login tasks to task module (#288)

Unexport generateToken() move CreateLogin into task Create func config.SetDefaultLogin() Unexport loadConfig() & saveConfig unexport config var make SetDefaultLogin() case insensitive update func descriptions move FindSSHKey to task module Reviewed-on: https://gitea.com/gitea/tea/pulls/288 Reviewed-by: Norwin <noerw@noreply.gitea.io> Reviewed-by: Andrew Thornton <art27@cantab.net> Co-Authored-By: 6543 <6543@obermui.de> Co-Committed-By: 6543 <6543@obermui.de>
2025-09-02 01:48:30 +02:00 · 2020-12-12 21:28:37 +08:00
parent eeb9cbafe7
commit c063329e9a
12 changed files with 226 additions and 175 deletions
--- a/modules/task/login_create.go
+++ b/modules/task/login_create.go
@ -0,0 +1,142 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package task
+
+import (
+	"fmt"
+	"log"
+	"os"
+	"time"
+
+	"code.gitea.io/tea/modules/config"
+	"code.gitea.io/tea/modules/utils"
+
+	"code.gitea.io/sdk/gitea"
+)
+
+// CreateLogin create a login to be stored in config
+func CreateLogin(name, token, user, passwd, sshKey, giteaURL string, insecure bool) error {
+	// checks ...
+	// ... if we have a url
+	if len(giteaURL) == 0 {
+		log.Fatal("You have to input Gitea server URL")
+	}
+
+	// ... if there already exist a login with same name
+	if login := config.GetLoginByName(name); login != nil {
+		return fmt.Errorf("login name '%s' has already been used", login.Name)
+	}
+	// ... if we already use this token
+	if login := config.GetLoginByToken(token); login != nil {
+		return fmt.Errorf("token already been used, delete login '%s' first", login.Name)
+	}
+
+	// .. if we have enough information to authenticate
+	if len(token) == 0 && (len(user)+len(passwd)) == 0 {
+		log.Fatal("No token set")
+	} else if len(user) != 0 && len(passwd) == 0 {
+		log.Fatal("No password set")
+	} else if len(user) == 0 && len(passwd) != 0 {
+		log.Fatal("No user set")
+	}
+
+	// Normalize URL
+	serverURL, err := utils.NormalizeURL(giteaURL)
+	if err != nil {
+		log.Fatal("Unable to parse URL", err)
+	}
+
+	login := config.Login{
+		Name:     name,
+		URL:      serverURL.String(),
+		Token:    token,
+		Insecure: insecure,
+		SSHKey:   sshKey,
+		Created:  time.Now().Unix(),
+	}
+
+	client := login.Client()
+
+	if len(token) == 0 {
+		login.Token, err = generateToken(client, user, passwd)
+		if err != nil {
+			log.Fatal(err)
+		}
+	}
+
+	// Verify if authentication works and get user info
+	u, _, err := client.GetMyUserInfo()
+	if err != nil {
+		log.Fatal(err)
+	}
+	login.User = u.UserName
+
+	if len(login.Name) == 0 {
+		login.Name, err = GenerateLoginName(giteaURL, login.User)
+		if err != nil {
+			log.Fatal(err)
+		}
+	}
+
+	// we do not have a method to get SSH config from api,
+	// so we just use the hostname
+	login.SSHHost = serverURL.Hostname()
+
+	if len(sshKey) == 0 {
+		login.SSHKey, err = findSSHKey(client)
+		if err != nil {
+			fmt.Printf("Warning: problem while finding a SSH key: %s\n", err)
+		}
+	}
+
+	err = config.AddLogin(&login)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	fmt.Printf("Login as %s on %s successful. Added this login as %s\n", login.User, login.URL, login.Name)
+
+	return nil
+}
+
+// generateToken creates a new token when given BasicAuth credentials
+func generateToken(client *gitea.Client, user, pass string) (string, error) {
+	gitea.SetBasicAuth(user, pass)(client)
+
+	host, _ := os.Hostname()
+	tl, _, err := client.ListAccessTokens(gitea.ListAccessTokensOptions{})
+	if err != nil {
+		return "", err
+	}
+	tokenName := host + "-tea"
+
+	for i := range tl {
+		if tl[i].Name == tokenName {
+			tokenName += time.Now().Format("2006-01-02_15-04-05")
+			break
+		}
+	}
+
+	t, _, err := client.CreateAccessToken(gitea.CreateAccessTokenOption{Name: tokenName})
+	return t.Token, err
+}
+
+// GenerateLoginName generates a name string based on instance URL & adds username if the result is not unique
+func GenerateLoginName(url, user string) (string, error) {
+	parsedURL, err := utils.NormalizeURL(url)
+	if err != nil {
+		return "", err
+	}
+	name := parsedURL.Host
+
+	// append user name if login name already exists
+	if len(user) != 0 {
+		if login := config.GetLoginByName(name); login != nil {
+			return name + "_" + user, nil
+		}
+	}
+
+	return name, nil
+}
--- a/modules/task/login_ssh.go
+++ b/modules/task/login_ssh.go
@ -0,0 +1,79 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package task
+
+import (
+	"encoding/base64"
+	"io/ioutil"
+	"path/filepath"
+	"strings"
+
+	"code.gitea.io/tea/modules/utils"
+
+	"code.gitea.io/sdk/gitea"
+	"golang.org/x/crypto/ssh"
+)
+
+// findSSHKey retrieves the ssh keys registered in gitea, and tries to find
+// a matching private key in ~/.ssh/. If no match is found, path is empty.
+func findSSHKey(client *gitea.Client) (string, error) {
+	// get keys registered on gitea instance
+	keys, _, err := client.ListMyPublicKeys(gitea.ListPublicKeysOptions{})
+	if err != nil || len(keys) == 0 {
+		return "", err
+	}
+
+	// enumerate ~/.ssh/*.pub files
+	glob, err := utils.AbsPathWithExpansion("~/.ssh/*.pub")
+	if err != nil {
+		return "", err
+	}
+	localPubkeyPaths, err := filepath.Glob(glob)
+	if err != nil {
+		return "", err
+	}
+
+	// parse each local key with present privkey & compare fingerprints to online keys
+	for _, pubkeyPath := range localPubkeyPaths {
+		var pubkeyFile []byte
+		pubkeyFile, err = ioutil.ReadFile(pubkeyPath)
+		if err != nil {
+			continue
+		}
+		fields := strings.Split(string(pubkeyFile), " ")
+		if len(fields) < 2 { // first word is key type, second word is key material
+			continue
+		}
+
+		var keymaterial []byte
+		keymaterial, err = base64.StdEncoding.DecodeString(fields[1])
+		if err != nil {
+			continue
+		}
+
+		var pubkey ssh.PublicKey
+		pubkey, err = ssh.ParsePublicKey(keymaterial)
+		if err != nil {
+			continue
+		}
+
+		privkeyPath := strings.TrimSuffix(pubkeyPath, ".pub")
+		var exists bool
+		exists, err = utils.FileExist(privkeyPath)
+		if err != nil || !exists {
+			continue
+		}
+
+		// if pubkey fingerprints match, return path to corresponding privkey.
+		fingerprint := ssh.FingerprintSHA256(pubkey)
+		for _, key := range keys {
+			if fingerprint == key.Fingerprint {
+				return privkeyPath, nil
+			}
+		}
+	}
+
+	return "", err
+}