Merge branch 'gitea-auth-class' of https://github.com/youreadforme/buildbot-gitea into gitea-auth

2019-12-20 10:08:09 +01:00 · 2019-12-20 10:08:09 +01:00 · bc8f00a7e6
commit bc8f00a7e6
parent b8aa5dd740 d0b9f76be6
2 changed files with 41 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -129,3 +129,29 @@ The parameters are as follows:
 | `context_pr` | `Renderable` The context message to use, when building on a pull request, allowing to identify from which builder this came, defaults to `Interpolate('buildbot/pull_request/%(prop:buildername)s')` |
 | `warningAsSuccess` | Treat warnings as build as success to set in the build status of gitea. If false, warnings will be displayed as warnings. |
 | `verbose` | Perform verbose output |
+
+## Authentication
+
+Gitea supports OAuth2 authentication so it is possible to have buildbot communicate to Gitea to authenticate the user.
+
+`./master.cfg`
+
+```py
+from buildbot_gitea.auth import GiteaAuth
+c['www']['auth'] = GiteaAuth(
+    endpoint="https://your-gitea-host",
+    client_id 'oauth2-client-id',
+    client_secret='oauth2-client-secret')
+```
+
+| Parameter | Value |
+| --- | --- |
+| `endpoint` | The URL to your Gitea app. |
+| `client_id` | The OAuth2 Client ID |
+| `client_secret` | The OAuth2 Client Secret |
+
+Resources:
+
+ [Gitea OAuth2 Provider documentation](https://docs.gitea.io/en-us/oauth2-provider/)
+ [Buildbot OAuth2 documentation](https://docs.buildbot.net/current/developer/cls-auth.html?highlight=oauth2#buildbot.www.oauth2.OAuth2Auth)
+ [Buildbot OAuth2 source](https://github.com/buildbot/buildbot/blob/master/master/buildbot/www/oauth2.py)
--- a/buildbot_gitea/auth.py
+++ b/buildbot_gitea/auth.py
@ -0,0 +1,15 @@
+from buildbot.www.oauth2 import OAuth2Auth
+from urllib.parse import urljoin
+
+class GiteaAuth(OAuth2Auth):
+    name = 'Gitea'
+    faIcon = 'mug-tea'
+
+    def __init__(self, endpoint, client_id, client_secret):
+        super(__class__, self).__init__(client_id, client_secret)
+        self.resourceEndpoint = endpoint
+        self.authUri = urljoin(endpoint, 'login/oauth/authorize')
+        self.tokenUri = urljoin(endpoint, 'login/oauth/access_token')
+
+    def getUserInfoFromOAuthClient(self, c):
+        return self.get(c, '/api/v1/user')