Home Explore Help
Sign In
akillibulut
/
porter
mirror of https://github.com/porter-dev/porter
2
0
Fork 0
Files Issues 0 Wiki
Branch: refactor/branch-deploys
Branches Tags
porter
/
api
/
server
/
handlers
/
gitinstallation
/
helpers.go

helpers.go 4.0 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 
  1. package gitinstallation
    2. 

  2. 

  3. import (
    4. 

  4. 	"context"
    5. 

  5. 	"net/http"
    6. 

  6. 

  7. 	ghinstallation "github.com/bradleyfalzon/ghinstallation/v2"
    8. 

  8. 	"github.com/google/go-github/v41/github"
    9. 

  9. 	"github.com/porter-dev/porter/api/server/shared/config"
    10. 

  10. 	"github.com/porter-dev/porter/api/types"
    11. 

  11. 	"github.com/porter-dev/porter/internal/models"
    12. 

  12. 	"github.com/porter-dev/porter/internal/models/integrations"
    13. 

  13. 	"github.com/porter-dev/porter/internal/oauth"
    14. 

  14. 	"golang.org/x/oauth2"
    15. 

  15. )
    16. 

  16. 

  17. // GetGithubAppOauthTokenFromRequest gets the GH oauth token from the request based on the currently
    18. 

  18. // logged in user
    19. 

  19. func GetGithubAppOauthTokenFromRequest(config *config.Config, r *http.Request) (*oauth2.Token, error) {
    20. 

  20. 	// read the user from context
    21. 

  21. 	user, _ := r.Context().Value(types.UserScope).(*models.User)
    22. 

  22. 

  23. 	getOAuthInt := config.Repo.GithubAppOAuthIntegration().ReadGithubAppOauthIntegration
    24. 

  24. 	oauthInt, err := getOAuthInt(user.GithubAppIntegrationID)
    25. 

  25. 

  26. 	if err != nil {
    27. 

  27. 		return nil, err
    28. 

  28. 	}
    29. 

  29. 

  30. 	_, _, err = oauth.GetAccessToken(oauthInt.SharedOAuthModel,
    31. 

  31. 		&config.GithubAppConf.Config,
    32. 

  32. 		oauth.MakeUpdateGithubAppOauthIntegrationFunction(oauthInt, config.Repo),
    33. 

  33. 	)
    34. 

  34. 

  35. 	if err != nil {
    36. 

  36. 		// try again, in case the token got updated
    37. 

  37. 		oauthInt2, err := getOAuthInt(user.GithubAppIntegrationID)
    38. 

  38. 

  39. 		if err != nil || oauthInt2.Expiry == oauthInt.Expiry {
    40. 

  40. 			return nil, err
    41. 

  41. 		}
    42. 

  42. 		oauthInt.AccessToken = oauthInt2.AccessToken
    43. 

  43. 		oauthInt.RefreshToken = oauthInt2.RefreshToken
    44. 

  44. 		oauthInt.Expiry = oauthInt2.Expiry
    45. 

  45. 	}
    46. 

  46. 

  47. 	return &oauth2.Token{
    48. 

  48. 		AccessToken:  string(oauthInt.AccessToken),
    49. 

  49. 		RefreshToken: string(oauthInt.RefreshToken),
    50. 

  50. 		Expiry:       oauthInt.Expiry,
    51. 

  51. 		TokenType:    "Bearer",
    52. 

  52. 	}, nil
    53. 

  53. }
    54. 

  54. 

  55. // GetGithubAppClientFromRequest gets the github app installation id from the request and authenticates
    56. 

  56. // using it and a private key file
    57. 

  57. func GetGithubAppClientFromRequest(config *config.Config, r *http.Request) (*github.Client, error) {
    58. 

  58. 	// get installation id from context
    59. 

  59. 	ga, _ := r.Context().Value(types.GitInstallationScope).(*integrations.GithubAppInstallation)
    60. 

  60. 

  61. 	itr, err := ghinstallation.NewKeyFromFile(
    62. 

  62. 		http.DefaultTransport,
    63. 

  63. 		config.GithubAppConf.AppID,
    64. 

  64. 		ga.InstallationID,
    65. 

  65. 		config.GithubAppConf.SecretPath,
    66. 

  66. 	)
    67. 

  67. 

  68. 	if err != nil {
    69. 

  69. 		return nil, err
    70. 

  70. 	}
    71. 

  71. 

  72. 	return github.NewClient(&http.Client{Transport: itr}), nil
    73. 

  73. }
    74. 

  74. 

  75. type GithubAppPermissions struct {
    76. 

  76. 	Actions           string
    77. 

  77. 	Administration    string
    78. 

  78. 	Contents          string
    79. 

  79. 	Deployments       string
    80. 

  80. 	Environments      string
    81. 

  81. 	Metadata          string
    82. 

  82. 	PullRequests      string
    83. 

  83. 	Secrets           string
    84. 

  84. 	Workflows         string
    85. 

  85. 	RepositoryWebhook string
    86. 

  86. }
    87. 

  87. 

  88. // GetGithubAppClientFromRequest gets the github app installation id from the request and authenticates
    89. 

  89. // using it and a private key file
    90. 

  90. func GetGithubAppPermissions(config *config.Config, r *http.Request) (*GithubAppPermissions, error) {
    91. 

  91. 	// get installation id from context
    92. 

  92. 	ga, _ := r.Context().Value(types.GitInstallationScope).(*integrations.GithubAppInstallation)
    93. 

  93. 

  94. 	itr, err := ghinstallation.NewKeyFromFile(
    95. 

  95. 		http.DefaultTransport,
    96. 

  96. 		config.GithubAppConf.AppID,
    97. 

  97. 		ga.InstallationID,
    98. 

  98. 		config.GithubAppConf.SecretPath,
    99. 

  99. 	)
    100. 

  100. 

  101. 	if err != nil {
    102. 

  102. 		return nil, err
    103. 

  103. 	}
    104. 

  104. 

  105. 	// need to request the token before permissions can be verified
    106. 

  106. 	_, err = itr.Token(context.Background())
    107. 

  107. 

  108. 	if err != nil {
    109. 

  109. 		return nil, err
    110. 

  110. 	}
    111. 

  111. 

  112. 	permissions, err := itr.Permissions()
    113. 

  113. 

  114. 	return &GithubAppPermissions{
    115. 

  115. 		Actions:           permissionToString(permissions.Actions),
    116. 

  116. 		Administration:    permissionToString(permissions.Administration),
    117. 

  117. 		Contents:          permissionToString(permissions.Contents),
    118. 

  118. 		Deployments:       permissionToString(permissions.Deployments),
    119. 

  119. 		Environments:      permissionToString(permissions.Environments),
    120. 

  120. 		Metadata:          permissionToString(permissions.Metadata),
    121. 

  121. 		PullRequests:      permissionToString(permissions.PullRequests),
    122. 

  122. 		Secrets:           permissionToString(permissions.Secrets),
    123. 

  123. 		Workflows:         permissionToString(permissions.Workflows),
    124. 

  124. 		RepositoryWebhook: permissionToString(permissions.RepositoryHooks),
    125. 

  125. 	}, err
    126. 

  126. }
    127. 

  127. 

  128. func permissionToString(permission *string) string {
    129. 

  129. 	if permission == nil {
    130. 

  130. 		return ""
    131. 

  131. 	}
    132. 

  132. 

  133. 	return *permission
    134. 

  134. }
    135.