From 1f6cc72cab310b53d8eb60b86e4817b52976c6be Mon Sep 17 00:00:00 2001 From: M Hickford Date: Thu, 19 Oct 2023 21:51:41 +0100 Subject: [PATCH] use universal Gitea OAuth configuration https://docs.gitea.com/next/development/oauth2-provider?_highlight=oauth#pre-configured-applications --- .../Core.Tests/GenericOAuthConfigTests.cs | 12 +++++- src/shared/Core/GenericHostProvider.cs | 2 +- src/shared/Core/GenericOAuthConfig.cs | 42 ++++++++++++++----- 3 files changed, 43 insertions(+), 13 deletions(-) diff --git a/src/shared/Core.Tests/GenericOAuthConfigTests.cs b/src/shared/Core.Tests/GenericOAuthConfigTests.cs index 08dfacab4a..81da3938b9 100644 --- a/src/shared/Core.Tests/GenericOAuthConfigTests.cs +++ b/src/shared/Core.Tests/GenericOAuthConfigTests.cs @@ -1,4 +1,5 @@ using System; +using System.Collections.Generic; using GitCredentialManager.Tests.Objects; using Xunit; @@ -9,7 +10,9 @@ public class GenericOAuthConfigTests [Fact] public void GenericOAuthConfig_TryGet_Valid_ReturnsTrue() { - var remoteUri = new Uri("https://example.com"); + var protocol = "https"; + var host = "example.com"; + var remoteUri = new Uri($"{protocol}://{host}"); const string expectedClientId = "115845b0-77f8-4c06-a3dc-7d277381fad1"; const string expectedClientSecret = "4D35385D9F24"; const string expectedUserName = "TEST_USER"; @@ -44,7 +47,12 @@ public void GenericOAuthConfig_TryGet_Valid_ReturnsTrue() RemoteUri = remoteUri }; - bool result = GenericOAuthConfig.TryGet(trace, settings, remoteUri, out GenericOAuthConfig config); + var input = new InputArguments(new Dictionary { + {"protocol", protocol}, + {"host", host}, + }); + + bool result = GenericOAuthConfig.TryGet(trace, settings, input, out GenericOAuthConfig config); Assert.True(result); Assert.Equal(expectedClientId, config.ClientId); diff --git a/src/shared/Core/GenericHostProvider.cs b/src/shared/Core/GenericHostProvider.cs index cdba0ba8a5..447e465d57 100644 --- a/src/shared/Core/GenericHostProvider.cs +++ b/src/shared/Core/GenericHostProvider.cs @@ -63,7 +63,7 @@ public override async Task GenerateCredentialAsync(InputArguments i // Cannot check WIA or OAuth support for non-HTTP based protocols } // Check for an OAuth configuration for this remote - else if (GenericOAuthConfig.TryGet(Context.Trace, Context.Settings, uri, out GenericOAuthConfig oauthConfig)) + else if (GenericOAuthConfig.TryGet(Context.Trace, Context.Settings, input, out GenericOAuthConfig oauthConfig)) { Context.Trace.WriteLine($"Found generic OAuth configuration for '{uri}':"); Context.Trace.WriteLine($"\tAuthzEndpoint = {oauthConfig.Endpoints.AuthorizationEndpoint}"); diff --git a/src/shared/Core/GenericOAuthConfig.cs b/src/shared/Core/GenericOAuthConfig.cs index 0e2a74b755..be0014fe9b 100644 --- a/src/shared/Core/GenericOAuthConfig.cs +++ b/src/shared/Core/GenericOAuthConfig.cs @@ -1,32 +1,54 @@ using System; +using System.Collections.Generic; +using System.Linq; using GitCredentialManager.Authentication.OAuth; namespace GitCredentialManager { public class GenericOAuthConfig { - public static bool TryGet(ITrace trace, ISettings settings, Uri remoteUri, out GenericOAuthConfig config) + public static bool TryGet(ITrace trace, ISettings settings, InputArguments input, out GenericOAuthConfig config) { config = new GenericOAuthConfig(); + Uri authzEndpointUri = null; + Uri tokenEndpointUri = null; + var remoteUri = input.GetRemoteUri(); - if (!settings.TryGetSetting( + if (input.WwwAuth.Any(x => x.Contains("Basic realm=\"Gitea\""))) + { + trace.WriteLine($"Using universal Gitea OAuth configuration"); + Uri.TryCreate(remoteUri, "/login/oauth/authorize", out authzEndpointUri); + Uri.TryCreate(remoteUri, "/login/oauth/access_token", out tokenEndpointUri); + config.ClientId = "e90ee53c-94e2-48ac-9358-a874fb9e0662"; + config.RedirectUri = new Uri("http://127.0.0.1"); + } + + if (settings.TryGetSetting( Constants.EnvironmentVariables.OAuthAuthzEndpoint, Constants.GitConfiguration.Credential.SectionName, Constants.GitConfiguration.Credential.OAuthAuthzEndpoint, - out string authzEndpoint) || - !Uri.TryCreate(remoteUri, authzEndpoint, out Uri authzEndpointUri)) + out string authzEndpoint)) + { + Uri.TryCreate(remoteUri, authzEndpoint, out authzEndpointUri); + } + + if (authzEndpointUri == null) { trace.WriteLine($"Invalid OAuth configuration - missing/invalid authorize endpoint: {authzEndpoint}"); config = null; return false; } - if (!settings.TryGetSetting( + if (settings.TryGetSetting( Constants.EnvironmentVariables.OAuthTokenEndpoint, Constants.GitConfiguration.Credential.SectionName, Constants.GitConfiguration.Credential.OAuthTokenEndpoint, - out string tokenEndpoint) || - !Uri.TryCreate(remoteUri, tokenEndpoint, out Uri tokenEndpointUri)) + out string tokenEndpoint)) + { + Uri.TryCreate(remoteUri, tokenEndpoint, out tokenEndpointUri); + } + + if (tokenEndpointUri == null) { trace.WriteLine($"Invalid OAuth configuration - missing/invalid token endpoint: {tokenEndpoint}"); config = null; @@ -74,12 +96,12 @@ public static bool TryGet(ITrace trace, ISettings settings, Uri remoteUri, out G Constants.EnvironmentVariables.OAuthRedirectUri, Constants.GitConfiguration.Credential.SectionName, Constants.GitConfiguration.Credential.OAuthRedirectUri, - out string redirectUrl) && - Uri.TryCreate(redirectUrl, UriKind.Absolute, out Uri redirectUri)) + out string redirectUrl) && Uri.TryCreate(redirectUrl, UriKind.Absolute, out Uri redirectUri)) { config.RedirectUri = redirectUri; } - else + + if (config.RedirectUri == null) { trace.WriteLine($"Invalid OAuth configuration - missing/invalid redirect URI: {redirectUrl}"); config = null;