Skip to content

[WIP] Authentication context (resolves #94) #97

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

[WIP] Authentication context (resolves #94) #97

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
3a1a04b
Bugfix: Fix logging on response streams.
willstott101 Jan 25, 2022
b671ef3
Auth context types sketched out - tests fail as not every request is …
willstott101 Jan 25, 2022
e71c370
Authenticate every request - and test authentication context
willstott101 Jan 25, 2022
76e478d
Update `authorization` docs - address simple PR feedback
willstott101 Jan 27, 2022
04709dc
Improve the `GitAuthenticateOptions` types
willstott101 Jan 28, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 16 additions & 12 deletions example/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,20 +24,19 @@ const port = process.env.PORT || 7005;

const repos = new Server(path.normalize(path.resolve(__dirname, 'tmp')), {
autoCreate: true,
authenticate: ({ type, repo, user, headers }, next) => {
authenticate: async ({ type, repo, getUser, headers }) => {
console.log(type, repo, headers); // eslint-disable-line
if (type == 'push') {
const [username, password] = await getUser();
// Decide if this user is allowed to perform this action against this repo.
user((username, password) => {
if (username === '42' && password === '42') {
next();
} else {
next('wrong password');
}
});
} else {
// Check these credentials are correct for this user.
next();
if (username === '42' && password === '42') {
// This return value can be whatever you want - it is accessible from events.
return {
protectedBranches: ["docs", "main"],
};
} else {
throw Error('wrong password');
}
}
},
});
Expand All @@ -55,7 +54,12 @@ repos.on('push', (push) => {
push.log(' ');
});

push.accept();
if (push.context.protectedBranches.indexOf(push.branch) !== -1) {
push.log('You do not have permission to write to this branch');
push.reject();
} else {
push.accept();
}
});

repos.on('fetch', (fetch) => {
Expand Down
73 changes: 38 additions & 35 deletions src/git.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import path from 'path';
import { spawn, exec, SpawnOptionsWithoutStdio } from 'child_process';
import http from 'http';

import { Git } from './git';
import { Git, GitAuthenticateOptions } from './git';

jest.setTimeout(15000);

Expand All @@ -15,7 +15,7 @@ const wrapCallback = (func: { (callback: any): void }) => {

describe('git', () => {
test('create, push to, and clone a repo', async () => {
expect.assertions(11);
expect.assertions(12);

let lastCommit: string;

Expand All @@ -29,8 +29,11 @@ describe('git', () => {
fs.mkdirSync(srcDir, '0700');
fs.mkdirSync(dstDir, '0700');

const repos = new Git(repoDir, {
const repos = new Git<string>(repoDir, {
autoCreate: true,
authenticate: (options: GitAuthenticateOptions) => {
return `my request context for repo: ${options.repo}`;
},
});
const port = Math.floor(Math.random() * ((1 << 16) - 1e4)) + 1e4;
const server = http
Expand All @@ -42,6 +45,8 @@ describe('git', () => {
process.chdir(srcDir);

repos.on('push', (push) => {
expect(push.context).toBe('my request context for repo: xyz/doom');

expect(push.repo).toBe('xyz/doom');
expect(push.commit).toBe(lastCommit);
expect(push.branch).toBe('master');
Expand Down Expand Up @@ -655,17 +660,16 @@ describe('git', () => {

const repos = new Git(repoDir, {
autoCreate: true,
authenticate: ({ type, repo, user }, next) => {
authenticate: async ({ type, repo, getUser }) => {
if (type === 'fetch' && repo === 'doom') {
user((username, password) => {
if (username == 'root' && password == 'root') {
next();
} else {
next(new Error('that is not the correct password'));
}
});
const [username, password] = await getUser();
if (username == 'root' && password == 'root') {
return;
} else {
throw new Error('that is not the correct password');
}
} else {
next(new Error('that is not the correct password'));
throw new Error('that is not the correct password');
}
},
});
Expand Down Expand Up @@ -721,25 +725,30 @@ describe('git', () => {
fs.mkdirSync(srcDir, '0700');
fs.mkdirSync(dstDir, '0700');

const repos = new Git(repoDir, {
interface Context {
username: string;
}

const repos = new Git<Context>(repoDir, {
autoCreate: true,
authenticate: ({ type, repo, user, headers }, next) => {
authenticate: async ({ type, repo, getUser, headers }) => {
if (type === 'fetch' && repo === 'doom') {
expect(headers['host']).toBeTruthy();
expect(headers['user-agent']).toBeTruthy();
expect(headers['accept']).toBeTruthy();
expect(headers['pragma']).toBeTruthy();
expect(headers['accept-encoding']).toBeTruthy();

user((username, password) => {
if (username == 'root' && password == 'root') {
next();
} else {
next(new Error('that is not the correct password'));
}
});
const [username, password] = await getUser();
if (username == 'root' && password == 'root') {
return {
username: username,
};
} else {
throw new Error('that is not the correct password');
}
} else {
next(new Error('that is not the correct password'));
throw new Error('that is not the correct password');
}
},
});
Expand Down Expand Up @@ -795,20 +804,14 @@ describe('git', () => {

const repos = new Git(repoDir, {
autoCreate: true,
authenticate: ({ type, repo, user }) => {
return new Promise(function (resolve, reject) {
if (type === 'fetch' && repo === 'doom') {
user((username, password) => {
if (username == 'root' && password == 'root') {
return resolve(void 0);
} else {
return reject('that is not the correct password');
}
});
} else {
return reject('that is not the correct password');
authenticate: async ({ type, repo, getUser }) => {
if (type === 'fetch' && repo === 'doom') {
const [username, password] = await getUser();
if (username == 'root' && password == 'root') {
return;
}
});
}
throw new Error('that is not the correct password');
},
});
const port = Math.floor(Math.random() * ((1 << 16) - 1e4)) + 1e4;
Expand Down
Loading