// GenerateToken generates a JWT token for the user session // that can be appended to the #access_token segment to // facilitate client-based OAuth2. func GenerateToken(c context.Context, r *http.Request, user *model.User) (string, error) { token := jwt.New(jwt.GetSigningMethod("HS256")) token.Claims["user_id"] = user.ID token.Claims["audience"] = httputil.GetURL(r) token.Claims["expires"] = time.Now().UTC().Add(time.Hour * 72).Unix() return token.SignedString([]byte(*secret)) }
// Authorize handles GitHub API Authorization. func (r *GitHub) Authorize(res http.ResponseWriter, req *http.Request) (*model.Login, error) { var config = &oauth.Config{ ClientId: r.Client, ClientSecret: r.Secret, Scope: DefaultScope, AuthURL: fmt.Sprintf("%s/login/oauth/authorize", r.URL), TokenURL: fmt.Sprintf("%s/login/oauth/access_token", r.URL), RedirectURL: fmt.Sprintf("%s/api/auth/%s", httputil.GetURL(req), r.GetKind()), } // get the OAuth code var code = req.FormValue("code") var state = req.FormValue("state") if len(code) == 0 { var random = GetRandom() httputil.SetCookie(res, req, "github_state", random) http.Redirect(res, req, config.AuthCodeURL(random), http.StatusSeeOther) return nil, nil } cookieState := httputil.GetCookie(req, "github_state") httputil.DelCookie(res, req, "github_state") if cookieState != state { return nil, fmt.Errorf("Error matching state in OAuth2 redirect") } var trans = &oauth.Transport{Config: config} var token, err = trans.Exchange(code) if err != nil { return nil, fmt.Errorf("Error exchanging token. %s", err) } var client = NewClient(r.API, token.AccessToken, r.SkipVerify) var useremail, errr = GetUserEmail(client) if errr != nil { return nil, fmt.Errorf("Error retrieving user or verified email. %s", errr) } if len(r.Orgs) > 0 { allowedOrg, err := UserBelongsToOrg(client, r.Orgs) if err != nil { return nil, fmt.Errorf("Could not check org membership. %s", err) } if !allowedOrg { return nil, fmt.Errorf("User does not belong to correct org. Must belong to %v", r.Orgs) } } var login = new(model.Login) login.ID = int64(*useremail.ID) login.Access = token.AccessToken login.Login = *useremail.Login login.Email = *useremail.Email if useremail.Name != nil { login.Name = *useremail.Name } return login, nil }
// PostHook accepts a post-commit hook and parses the payload // in order to trigger a build. The payload is specified to the // remote system (ie GitHub) and will therefore get parsed by // the appropriate remote plugin. // // POST /api/repos/{host}/{owner}/{name}/branches/{branch}/commits/{commit} // func PostCommit(c web.C, w http.ResponseWriter, r *http.Request) { var ctx = context.FromC(c) var ( branch = c.URLParams["branch"] hash = c.URLParams["commit"] host = c.URLParams["host"] repo = ToRepo(c) remote = remote.Lookup(host) ) commit, err := datastore.GetCommitSha(ctx, repo, branch, hash) if err != nil { w.WriteHeader(http.StatusNotFound) return } if commit.Status == model.StatusStarted || commit.Status == model.StatusEnqueue { w.WriteHeader(http.StatusConflict) return } commit.Status = model.StatusEnqueue commit.Started = 0 commit.Finished = 0 commit.Duration = 0 if err := datastore.PutCommit(ctx, commit); err != nil { w.WriteHeader(http.StatusInternalServerError) return } owner, err := datastore.GetUser(ctx, repo.UserID) if err != nil { w.WriteHeader(http.StatusBadRequest) return } // Request a new token and update user_token, err := remote.GetToken(owner) if user_token != nil { owner.Access = user_token.AccessToken owner.Secret = user_token.RefreshToken owner.TokenExpiry = user_token.Expiry datastore.PutUser(ctx, owner) } else if err != nil { w.WriteHeader(http.StatusBadRequest) return } // drop the items on the queue go worker.Do(ctx, &worker.Work{ User: owner, Repo: repo, Commit: commit, Host: httputil.GetURL(r), }) w.WriteHeader(http.StatusOK) }
// Authorize handles authentication with thrid party remote systems, // such as github or bitbucket, and returns user data. func (r *Gitlab) Authorize(res http.ResponseWriter, req *http.Request) (*model.Login, error) { host := httputil.GetURL(req) config := NewOauthConfig(r, host) var code = req.FormValue("code") var state = req.FormValue("state") if len(code) == 0 { var random = GetRandom() httputil.SetCookie(res, req, "gitlab_state", random) http.Redirect(res, req, config.AuthCodeURL(random), http.StatusSeeOther) return nil, nil } cookieState := httputil.GetCookie(req, "gitlab_state") httputil.DelCookie(res, req, "gitlab_state") if cookieState != state { return nil, fmt.Errorf("Error matching state in OAuth2 redirect") } var trans = &oauth.Transport{ Config: config, Transport: &http.Transport{ Proxy: http.ProxyFromEnvironment, TLSClientConfig: &tls.Config{InsecureSkipVerify: r.SkipVerify}, }, } var token, err = trans.Exchange(code) if err != nil { return nil, fmt.Errorf("Error exchanging token. %s", err) } var client = NewClient(r.url, token.AccessToken, r.SkipVerify) var user, errr = client.CurrentUser() if errr != nil { return nil, fmt.Errorf("Error retrieving current user. %s", errr) } var login = new(model.Login) login.ID = int64(user.Id) login.Access = token.AccessToken login.Secret = token.RefreshToken login.Login = user.Username login.Email = user.Email return login, nil }
// DelRepo accepts a request to delete the named // repository. // // DEL /api/repos/:host/:owner/:name // func DelRepo(c web.C, w http.ResponseWriter, r *http.Request) { var ctx = context.FromC(c) var repo = ToRepo(c) // completely remove the repository from the database var user = ToUser(c) var remote = remote.Lookup(repo.Host) if remote == nil { log.Printf("[ERROR] no remote for host '%s' found", repo.Host) } else { // Request a new token and update user_token, err := remote.GetToken(user) if err != nil { log.Printf("[ERROR] no token for user '%s' on remote '%s' ", user.Email, repo.Host) } else { if user_token != nil { user.Access = user_token.AccessToken user.Secret = user_token.RefreshToken user.TokenExpiry = user_token.Expiry datastore.PutUser(ctx, user) } // setup the post-commit hook with the remote system and // and deactiveate this hook/user on the remote system var hook = fmt.Sprintf("%s/api/hook/%s/%s", httputil.GetURL(r), repo.Remote, repo.Token) if err := remote.Deactivate(user, repo, hook); err != nil { log.Printf("[ERROR] deactivate on remote '%s' failed: %s", repo.Host, err) } } } // fail through: if any of the actions on the remote failed // we try to delete the repo in our datastore anyway if err := datastore.DelRepo(ctx, repo); err != nil { w.WriteHeader(http.StatusInternalServerError) } else { w.WriteHeader(http.StatusNoContent) } }
// PostHook accepts a post-commit hook and parses the payload // in order to trigger a build. The payload is specified to the // remote system (ie GitHub) and will therefore get parsed by // the appropriate remote plugin. // // GET /api/hook/:host // func PostHook(c web.C, w http.ResponseWriter, r *http.Request) { var ctx = context.FromC(c) var host = c.URLParams["host"] var token = c.URLParams["token"] var remote = remote.Lookup(host) if remote == nil { w.WriteHeader(http.StatusNotFound) return } // parse the hook payload hook, err := remote.ParseHook(r) if err != nil { log.Printf("Unable to parse hook. %s\n", err) w.WriteHeader(http.StatusBadRequest) return } // in some cases we have neither a hook nor error. An example // would be GitHub sending a ping request to the URL, in which // case we'll just exit quiely with an 'OK' shouldSkip, _ := regexp.MatchString(`\[(?i:ci *skip|skip *ci)\]`, hook.Message) if hook == nil || shouldSkip { w.WriteHeader(http.StatusOK) return } // fetch the repository from the database repo, err := datastore.GetRepoName(ctx, remote.GetHost(), hook.Owner, hook.Repo) if err != nil { w.WriteHeader(http.StatusNotFound) return } // each hook contains a token to verify the sender. If the token // is not provided or does not match, exit if len(repo.Token) == 0 || repo.Token != token { log.Printf("Rejected post commit hook for %s. Token mismatch\n", repo.Name) w.WriteHeader(http.StatusUnauthorized) return } if repo.Active == false || (repo.PostCommit == false && len(hook.PullRequest) == 0) || (repo.PullRequest == false && len(hook.PullRequest) != 0) { w.WriteHeader(http.StatusNotFound) return } // fetch the user from the database that owns this repo user, err := datastore.GetUser(ctx, repo.UserID) if err != nil { w.WriteHeader(http.StatusNotFound) return } // Request a new token and update user_token, err := remote.GetToken(user) if user_token != nil { user.Access = user_token.AccessToken user.Secret = user_token.RefreshToken user.TokenExpiry = user_token.Expiry datastore.PutUser(ctx, user) } else if err != nil { log.Printf("Unable to refresh token. %s\n", err) w.WriteHeader(http.StatusBadRequest) return } // fetch the .drone.yml file from the database yml, err := remote.GetScript(user, repo, hook) if err != nil { log.Printf("Unable to fetch .drone.yml file. %s\n", err) w.WriteHeader(http.StatusBadRequest) return } // verify the commit hooks branch matches the list of approved // branches (unless it is a pull request). Note that we don't really // care if parsing the yaml fails here. s, _ := script.ParseBuild(string(yml)) if len(hook.PullRequest) == 0 && !s.MatchBranch(hook.Branch) { w.WriteHeader(http.StatusOK) return } commit := model.Commit{ RepoID: repo.ID, Status: model.StatusEnqueue, Sha: hook.Sha, Branch: hook.Branch, PullRequest: hook.PullRequest, Timestamp: hook.Timestamp, Message: hook.Message, Config: string(yml), } commit.SetAuthor(hook.Author) // inserts the commit into the database if err := datastore.PostCommit(ctx, &commit); err != nil { log.Printf("Unable to persist commit %s@%s. %s\n", commit.Sha, commit.Branch, err) w.WriteHeader(http.StatusBadRequest) return } owner, err := datastore.GetUser(ctx, repo.UserID) if err != nil { log.Printf("Unable to retrieve repository owner. %s.\n", err) w.WriteHeader(http.StatusBadRequest) return } // drop the items on the queue go worker.Do(ctx, &worker.Work{ User: owner, Repo: repo, Commit: &commit, Host: httputil.GetURL(r), }) w.WriteHeader(http.StatusOK) }
// PostRepo accapets a request to activate the named repository // in the datastore. It returns a 201 status created if successful // // POST /api/repos/:host/:owner/:name // func PostRepo(c web.C, w http.ResponseWriter, r *http.Request) { var ctx = context.FromC(c) var repo = ToRepo(c) var user = ToUser(c) // update the repo active flag and fields repo.Active = true repo.PullRequest = true repo.PostCommit = true repo.UserID = user.ID repo.Timeout = 3600 // default to 1 hour // generate a secret key for post-commit hooks if len(repo.Token) == 0 { repo.Token = model.GenerateToken() } // generates the rsa key if len(repo.PublicKey) == 0 || len(repo.PrivateKey) == 0 { key, err := sshutil.GeneratePrivateKey() if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } repo.PublicKey = sshutil.MarshalPublicKey(&key.PublicKey) repo.PrivateKey = sshutil.MarshalPrivateKey(key) } var remote = remote.Lookup(repo.Host) if remote == nil { w.WriteHeader(http.StatusNotFound) return } // Request a new token and update user_token, err := remote.GetToken(user) if user_token != nil { user.Access = user_token.AccessToken user.Secret = user_token.RefreshToken user.TokenExpiry = user_token.Expiry datastore.PutUser(ctx, user) } else if err != nil { w.WriteHeader(http.StatusBadRequest) return } // setup the post-commit hook with the remote system and // if necessary, register the public key var hook = fmt.Sprintf("%s/api/hook/%s/%s", httputil.GetURL(r), repo.Remote, repo.Token) if err := remote.Activate(user, repo, hook); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } if err := datastore.PutRepo(ctx, repo); err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } w.WriteHeader(http.StatusCreated) json.NewEncoder(w).Encode(repo) }