Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
akillibulut
/
porter
-ын хуулбар https://github.com/porter-dev/porter
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Салаа: env-group-touchup
Салаанууд Тагууд
porter
/
api
/
server
/
handlers
/
gitinstallation
/
helpers.go

helpers.go 4.0 KB
Байнгын холболт Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 
  1. package gitinstallation
    2. 

  2. 

  3. import (
    4. 

  4. 	"context"
    5. 

  5. 	"net/http"
    6. 

  6. 

  7. 	ghinstallation "github.com/bradleyfalzon/ghinstallation/v2"
    8. 

  8. 	"github.com/google/go-github/v41/github"
    9. 

  9. 	"github.com/porter-dev/porter/api/server/shared/config"
    10. 

  10. 	"github.com/porter-dev/porter/api/types"
    11. 

  11. 	"github.com/porter-dev/porter/internal/models"
    12. 

  12. 	"github.com/porter-dev/porter/internal/models/integrations"
    13. 

  13. 	"github.com/porter-dev/porter/internal/oauth"
    14. 

  14. 	"golang.org/x/oauth2"
    15. 

  15. )
    16. 

  16. 

  17. // GetGithubAppOauthTokenFromRequest gets the GH oauth token from the request based on the currently
    18. 

  18. // logged in user
    19. 

  19. func GetGithubAppOauthTokenFromRequest(config *config.Config, r *http.Request) (*oauth2.Token, error) {
    20. 

  20. 	// read the user from context
    21. 

  21. 	user, _ := r.Context().Value(types.UserScope).(*models.User)
    22. 

  22. 

  23. 	getOAuthInt := config.Repo.GithubAppOAuthIntegration().ReadGithubAppOauthIntegration
    24. 

  24. 	oauthInt, err := getOAuthInt(user.GithubAppIntegrationID)
    25. 

  25. 	if err != nil {
    26. 

  26. 		return nil, err
    27. 

  27. 	}
    28. 

  28. 

  29. 	_, _, err = oauth.GetAccessToken(oauthInt.SharedOAuthModel,
    30. 

  30. 		&config.GithubAppConf.Config,
    31. 

  31. 		oauth.MakeUpdateGithubAppOauthIntegrationFunction(oauthInt, config.Repo),
    32. 

  32. 	)
    33. 

  33. 

  34. 	if err != nil {
    35. 

  35. 		// try again, in case the token got updated
    36. 

  36. 		oauthInt2, err := getOAuthInt(user.GithubAppIntegrationID)
    37. 

  37. 

  38. 		if err != nil || oauthInt2.Expiry == oauthInt.Expiry {
    39. 

  39. 			return nil, err
    40. 

  40. 		}
    41. 

  41. 		oauthInt.AccessToken = oauthInt2.AccessToken
    42. 

  42. 		oauthInt.RefreshToken = oauthInt2.RefreshToken
    43. 

  43. 		oauthInt.Expiry = oauthInt2.Expiry
    44. 

  44. 	}
    45. 

  45. 

  46. 	return &oauth2.Token{
    47. 

  47. 		AccessToken:  string(oauthInt.AccessToken),
    48. 

  48. 		RefreshToken: string(oauthInt.RefreshToken),
    49. 

  49. 		Expiry:       oauthInt.Expiry,
    50. 

  50. 		TokenType:    "Bearer",
    51. 

  51. 	}, nil
    52. 

  52. }
    53. 

  53. 

  54. // GetGithubAppClientFromRequest gets the github app installation id from the request and authenticates
    55. 

  55. // using it and a private key file
    56. 

  56. func GetGithubAppClientFromRequest(config *config.Config, r *http.Request) (*github.Client, error) {
    57. 

  57. 	// get installation id from context
    58. 

  58. 	ga, _ := r.Context().Value(types.GitInstallationScope).(*integrations.GithubAppInstallation)
    59. 

  59. 

  60. 	itr, err := ghinstallation.NewKeyFromFile(
    61. 

  61. 		http.DefaultTransport,
    62. 

  62. 		config.GithubAppConf.AppID,
    63. 

  63. 		ga.InstallationID,
    64. 

  64. 		config.GithubAppConf.SecretPath,
    65. 

  65. 	)
    66. 

  66. 	if err != nil {
    67. 

  67. 		return nil, err
    68. 

  68. 	}
    69. 

  69. 

  70. 	return github.NewClient(&http.Client{Transport: itr}), nil
    71. 

  71. }
    72. 

  72. 

  73. type GithubAppPermissions struct {
    74. 

  74. 	Actions           string
    75. 

  75. 	Administration    string
    76. 

  76. 	Contents          string
    77. 

  77. 	Deployments       string
    78. 

  78. 	Environments      string
    79. 

  79. 	Metadata          string
    80. 

  80. 	PullRequests      string
    81. 

  81. 	Secrets           string
    82. 

  82. 	Workflows         string
    83. 

  83. 	RepositoryWebhook string
    84. 

  84. }
    85. 

  85. 

  86. // GetGithubAppClientFromRequest gets the github app installation id from the request and authenticates
    87. 

  87. // using it and a private key file
    88. 

  88. func GetGithubAppPermissions(config *config.Config, r *http.Request) (*GithubAppPermissions, error) {
    89. 

  89. 	// get installation id from context
    90. 

  90. 	ga, _ := r.Context().Value(types.GitInstallationScope).(*integrations.GithubAppInstallation)
    91. 

  91. 

  92. 	itr, err := ghinstallation.NewKeyFromFile(
    93. 

  93. 		http.DefaultTransport,
    94. 

  94. 		config.GithubAppConf.AppID,
    95. 

  95. 		ga.InstallationID,
    96. 

  96. 		config.GithubAppConf.SecretPath,
    97. 

  97. 	)
    98. 

  98. 	if err != nil {
    99. 

  99. 		return nil, err
    100. 

  100. 	}
    101. 

  101. 

  102. 	// need to request the token before permissions can be verified
    103. 

  103. 	_, err = itr.Token(context.Background())
    104. 

  104. 

  105. 	if err != nil {
    106. 

  106. 		return nil, err
    107. 

  107. 	}
    108. 

  108. 

  109. 	permissions, err := itr.Permissions()
    110. 

  110. 

  111. 	return &GithubAppPermissions{
    112. 

  112. 		Actions:           permissionToString(permissions.Actions),
    113. 

  113. 		Administration:    permissionToString(permissions.Administration),
    114. 

  114. 		Contents:          permissionToString(permissions.Contents),
    115. 

  115. 		Deployments:       permissionToString(permissions.Deployments),
    116. 

  116. 		Environments:      permissionToString(permissions.Environments),
    117. 

  117. 		Metadata:          permissionToString(permissions.Metadata),
    118. 

  118. 		PullRequests:      permissionToString(permissions.PullRequests),
    119. 

  119. 		Secrets:           permissionToString(permissions.Secrets),
    120. 

  120. 		Workflows:         permissionToString(permissions.Workflows),
    121. 

  121. 		RepositoryWebhook: permissionToString(permissions.RepositoryHooks),
    122. 

  122. 	}, err
    123. 

  123. }
    124. 

  124. 

  125. func permissionToString(permission *string) string {
    126. 

  126. 	if permission == nil {
    127. 

  127. 		return ""
    128. 

  128. 	}
    129. 

  129. 

  130. 	return *permission
    131. 

  131. }
    132.