OAuth2 token can be used in basic auth (#6747)

2019-04-25 18:42:50 -04:00 · 2019-04-25 18:42:50 -04:00 · ec2d489d15
commit ec2d489d15
parent 199faadea3
2 changed files with 28 additions and 2 deletions
--- a/modules/auth/auth.go
+++ b/modules/auth/auth.go
@ -1,4 +1,5 @@
 // Copyright 2014 The Gogs Authors. All rights reserved.
+// Copyright 2019 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.

@ -54,7 +55,7 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
 		// Let's see if token is valid.
 		if len(tokenSHA) > 0 {
 			if strings.Contains(tokenSHA, ".") {
-				uid := checkOAuthAccessToken(tokenSHA)
+				uid := CheckOAuthAccessToken(tokenSHA)
 				if uid != 0 {
 					ctx.Data["IsApiToken"] = true
 				}
@ -85,7 +86,8 @@ func SignedInID(ctx *macaron.Context, sess session.Store) int64 {
 	return 0
 }

-func checkOAuthAccessToken(accessToken string) int64 {
+// CheckOAuthAccessToken returns uid of user from oauth token token
+func CheckOAuthAccessToken(accessToken string) int64 {
 	// JWT tokens require a "."
 	if !strings.Contains(accessToken, ".") {
 		return 0
@ -178,6 +180,18 @@ func SignedInUser(ctx *macaron.Context, sess session.Store) (*models.User, bool)
 				// Assume password is token
 				authToken = passwd
 			}
+
+			uid := CheckOAuthAccessToken(authToken)
+			if uid != 0 {
+				var err error
+				ctx.Data["IsApiToken"] = true
+
+				u, err = models.GetUserByID(uid)
+				if err != nil {
+					log.Error("GetUserByID:  %v", err)
+					return nil, false
+				}
+			}
 			token, err := models.GetAccessTokenBySHA(authToken)
 			if err == nil {
 				if isUsernameToken {